> ## Documentation Index > Fetch the complete documentation index at: https://www.c1.ai/docs/llms.txt > Use this file to discover all available pages before exploring further. # Test > Test validates an SSF receiver stream's configuration by checking JWKS reachability, identity resolution, and action preview without processing real events. ## OpenAPI ````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples post /api/v1/ssf-receiver-streams/{id}/test openapi: 3.1.0 info: description: The C1 API is a HTTP API for managing C1 resources. title: C1 API version: 0.1.0-alpha servers: - description: The C1 API server for the current tenant. url: https://{tenantDomain}.conductor.one variables: tenantDomain: default: example description: The domain of the tenant to use for this request. security: - bearerAuth: [] oauth: [] paths: /api/v1/ssf-receiver-streams/{id}/test: post: tags: - SSF Receiver summary: Test description: >- Test validates an SSF receiver stream's configuration by checking JWKS reachability, identity resolution, and action preview without processing real events. operationId: c1.api.ssf_receiver.v1.SSFReceiverStreamService.Test parameters: - in: path name: id required: true schema: description: The ID of the SSF receiver stream to test. readOnly: false type: string requestBody: content: application/json: schema: $ref: >- #/components/schemas/c1.api.ssf_receiver.v1.SSFReceiverStreamServiceTestRequestInput responses: '200': content: application/json: schema: $ref: >- #/components/schemas/c1.api.ssf_receiver.v1.SSFReceiverStreamServiceTestResponse description: >- SSFReceiverStreamServiceTestResponse reports the results of the stream configuration test across JWKS, identity, and action readiness checks. x-codeSamples: - lang: go label: Test source: "package main\n\nimport(\n\t\"context\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/shared\"\n\tconductoronesdkgo \"github.com/conductorone/conductorone-sdk-go\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/operations\"\n\t\"log\"\n)\n\nfunc main() {\n ctx := context.Background()\n\n s := conductoronesdkgo.New(\n conductoronesdkgo.WithSecurity(shared.Security{\n BearerAuth: \"\",\n Oauth: \"\",\n }),\n )\n\n res, err := s.SSFReceiverStream.Test(ctx, operations.C1APISSFReceiverV1SSFReceiverStreamServiceTestRequest{\n ID: \"\",\n })\n if err != nil {\n log.Fatal(err)\n }\n if res.SSFReceiverStreamServiceTestResponse != nil {\n // handle response\n }\n}" - lang: typescript label: Typescript (SDK) source: >- import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript"; const conductoroneSDKTypescript = new ConductoroneSDKTypescript({ security: { bearerAuth: "", oauth: "", }, }); async function run() { const result = await conductoroneSDKTypescript.ssfReceiverStream.test({ id: "", }); console.log(result); } run(); components: schemas: c1.api.ssf_receiver.v1.SSFReceiverStreamServiceTestRequestInput: description: >- SSFReceiverStreamServiceTestRequest identifies the stream to test and an optional subject for identity resolution validation. properties: testSubject: description: >- The upstream identifier to test resolution with. Typically an email address (e.g., "alice@company.com") — the same value the IdP would send in a SET subject. The Test RPC runs resolveSubject on this to verify the identity mapping works. Optional: upstream identifier (email) to test identity resolution. If empty, only JWKS reachability is tested. readOnly: false type: string title: Ssf Receiver Stream Service Test Request type: object x-speakeasy-name-override: SSFReceiverStreamServiceTestRequest c1.api.ssf_receiver.v1.SSFReceiverStreamServiceTestResponse: description: >- SSFReceiverStreamServiceTestResponse reports the results of the stream configuration test across JWKS, identity, and action readiness checks. properties: activeRefreshTokenCount: description: >- Number of active refresh tokens for the matched user that would be affected. format: int32 readOnly: false type: integer activeSessionCount: description: >- Number of active sessions for the matched user that would be affected. format: int32 readOnly: false type: integer configuredSessionRevokedAction: description: |- Step 3: Action preview. The action configured for session-revoked events on this stream. enum: - SSF_REVOCATION_ACTION_UNSPECIFIED - SSF_REVOCATION_ACTION_REVOKE_ALL - SSF_REVOCATION_ACTION_LOG_ONLY readOnly: false type: string x-speakeasy-unknown-values: allow identityLinkFound: description: |- Step 2: Identity mapping. Whether the test subject was resolved to a ConductorOne user. readOnly: false type: boolean jwksError: description: >- Error message if the JWKS endpoint could not be reached or returned invalid data. readOnly: false type: string jwksKeyCount: description: Number of signing keys found at the JWKS endpoint. format: int32 readOnly: false type: integer jwksReachable: description: |- Step 1: JWKS reachability. Whether the JWKS endpoint was reachable and returned valid keys. readOnly: false type: boolean matchedUserId: description: >- The ConductorOne user ID the test subject maps to, if an identity link was found. readOnly: false type: string ready: description: |- Overall readiness. Whether the stream passed all test checks and is ready to process events. readOnly: false type: boolean upstreamSubject: description: >- The upstream IdP subject identifier (e.g., Okta user ID "00u1234") resolved from the test subject. readOnly: false type: string title: Ssf Receiver Stream Service Test Response type: object x-speakeasy-name-override: SSFReceiverStreamServiceTestResponse securitySchemes: bearerAuth: scheme: bearer type: http oauth: description: >- This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187) function. flows: clientCredentials: scopes: {} tokenUrl: /auth/v1/token type: oauth2 ````