> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cantina.xyz/llms.txt
> Use this file to discover all available pages before exploring further.

# List SSO enforcement rules for a company.

> Returns all configured SSO enforcement rules including their domains and metadata.

# Access Control Rules

- Company manager of the company OR admin with `read_all_companies` permissions.



## OpenAPI

````yaml GET /api/v0/companies/{company_id}/sso-enforcement-rules
openapi: 3.1.0
info:
  title: Cantina Client API
  description: >-
    Endpoints available to client organizations. For an overview and
    authentication, see
    https://docs.cantina.xyz/for-organizations/getting-started/api-access.
  license:
    name: Cantina
    identifier: Cantina
  version: 0.1.0
servers: []
security: []
paths:
  /api/v0/companies/{company_id}/sso-enforcement-rules:
    get:
      tags:
        - companies
      summary: List SSO enforcement rules for a company.
      description: >-
        Returns all configured SSO enforcement rules including their domains and
        metadata.


        # Access Control Rules


        - Company manager of the company OR admin with `read_all_companies`
        permissions.
      operationId: list_company_sso_enforcement_rules
      parameters:
        - name: company_id
          in: path
          required: true
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Company SSO enforcement rules
          content:
            application/json:
              schema:
                type: array
                items:
                  $ref: '#/components/schemas/CompanySsoEnforcementRule'
        '400':
          description: Bad request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CantinaError'
        '401':
          description: Access not authorised
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CantinaError'
        '403':
          description: Access forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CantinaError'
        '404':
          description: Not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CantinaError'
        '500':
          description: Server error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CantinaError'
components:
  schemas:
    CompanySsoEnforcementRule:
      type: object
      description: >-
        Ensures that company users can't sign in with email+password auth with
        email

        from a specified domain. Such users can sign in through a Google SSO
        only.
      required:
        - id
        - companyId
        - domain
        - createdAt
        - createdBy
      properties:
        id:
          type: string
          format: uuid
        companyId:
          type: string
          format: uuid
        domain:
          type: string
          description: >-
            Users with emails registered on those domains will be forced to
            authenticate

            with Google SSO.
        createdAt:
          type: string
          format: date-time
        createdBy:
          $ref: '#/components/schemas/UserProfile'
    CantinaError:
      type: object
      description: Error returned by the Cantina API.
      required:
        - type
        - msg
      properties:
        type:
          $ref: '#/components/schemas/ErrorType'
        msg:
          type: string
          description: Error message for the user.
    UserProfile:
      type: object
      description: Profile info of a user.
      required:
        - userId
        - name
        - username
        - avatar
      properties:
        userId:
          type: string
          format: uuid
        name:
          type: string
        username:
          type: string
        avatar:
          type: string
        disabledAt:
          type:
            - string
            - 'null'
          format: date-time
    ErrorType:
      type: string
      description: Type of error.
      enum:
        - email_not_verified
        - auth_invalid
        - auth_expired
        - auth_token_missing
        - auth_id_missing
        - invalid_password
        - disabled_user
        - tc_not_accepted
        - evicted
        - unauthorized
        - bad_request
        - not_found
        - forbidden
        - gone
        - payload_too_large
        - service_unavailable
        - internal_error

````