diff --git a/bin/check-operations.sh b/bin/check-operations.sh
index 7877ec77b..873b40821 100755
--- a/bin/check-operations.sh
+++ b/bin/check-operations.sh
@@ -7,7 +7,7 @@ DIRECTORY="src/main/api/"
 OPERATIONS=("create" "update" "delete" "retrieve" "patch")
 
 # Entities/ops to exclude from validation
-EXCLUDE_ENTITIES_OPS=("UserConsent-delete" "ApplicationRole-retrieve" "Family-delete" "Family-patch" "Family-retrieve" "EntityTypePermission-retrieve" "ApplicationRole-retrieve" "GroupMembers-retrieve" "GroupMembers-patch" "UserLink-patch" "UserLink-update" "AuditLog-delete" "AuditLog-patch" "AuditLog-update") 
+EXCLUDE_ENTITIES_OPS=("UserConsent-delete" "ApplicationRole-retrieve" "Family-delete" "Family-patch" "Family-retrieve" "EntityTypePermission-retrieve" "ApplicationRole-retrieve" "GroupMembers-retrieve" "GroupMembers-patch" "UserLink-patch" "UserLink-update" "AuditLog-delete" "AuditLog-patch" "AuditLog-update" "TenantManagerIdentityProviderTypeConfiguration-retrieve")
 
 
 # Function to check if an entity is in the exclude list
diff --git a/src/main/api/createTenantManagerIdentityProviderTypeConfiguration.json b/src/main/api/createTenantManagerIdentityProviderTypeConfiguration.json
new file mode 100644
index 000000000..af67f9b5a
--- /dev/null
+++ b/src/main/api/createTenantManagerIdentityProviderTypeConfiguration.json
@@ -0,0 +1,28 @@
+{
+  "uri": "/api/tenant-manager/identity-provider",
+  "comments": [
+    "Creates a tenant manager identity provider type configuration for the given identity provider type."
+  ],
+  "method": "post",
+  "methodName": "createTenantManagerIdentityProviderTypeConfiguration",
+  "successResponse": "TenantManagerIdentityProviderTypeConfigurationResponse",
+  "errorResponse": "Errors",
+  "params": [
+    {
+      "name": "type",
+      "comments": [
+        "The type of the identity provider."
+      ],
+      "type": "urlSegment",
+      "javaType": "IdentityProviderType"
+    },
+    {
+      "name": "request",
+      "comments": [
+        "The request object that contains all the information used to create the tenant manager identity provider type configuration."
+      ],
+      "type": "body",
+      "javaType": "TenantManagerIdentityProviderTypeConfigurationRequest"
+    }
+  ]
+}
diff --git a/src/main/api/deleteTenantManagerIdentityProviderTypeConfiguration.json b/src/main/api/deleteTenantManagerIdentityProviderTypeConfiguration.json
new file mode 100644
index 000000000..7fc3c09a8
--- /dev/null
+++ b/src/main/api/deleteTenantManagerIdentityProviderTypeConfiguration.json
@@ -0,0 +1,20 @@
+{
+  "uri": "/api/tenant-manager/identity-provider",
+  "comments": [
+    "Deletes the tenant manager identity provider type configuration for the given identity provider type."
+  ],
+  "method": "delete",
+  "methodName": "deleteTenantManagerIdentityProviderTypeConfiguration",
+  "successResponse": "Void",
+  "errorResponse": "Errors",
+  "params": [
+    {
+      "name": "type",
+      "comments": [
+        "The type of the identity provider."
+      ],
+      "type": "urlSegment",
+      "javaType": "IdentityProviderType"
+    }
+  ]
+}
diff --git a/src/main/api/patchTenantManagerIdentityProviderTypeConfiguration.json b/src/main/api/patchTenantManagerIdentityProviderTypeConfiguration.json
new file mode 100644
index 000000000..8617a709b
--- /dev/null
+++ b/src/main/api/patchTenantManagerIdentityProviderTypeConfiguration.json
@@ -0,0 +1,28 @@
+{
+  "uri": "/api/tenant-manager/identity-provider",
+  "comments": [
+    "Patches the tenant manager identity provider type configuration for the given identity provider type."
+  ],
+  "method": "patch",
+  "methodName": "patchTenantManagerIdentityProviderTypeConfiguration",
+  "successResponse": "TenantManagerIdentityProviderTypeConfigurationResponse",
+  "errorResponse": "Errors",
+  "params": [
+    {
+      "name": "type",
+      "comments": [
+        "The type of the identity provider."
+      ],
+      "type": "urlSegment",
+      "javaType": "IdentityProviderType"
+    },
+    {
+      "name": "request",
+      "comments": [
+        "The request object that contains the new tenant manager identity provider type configuration information."
+      ],
+      "type": "body",
+      "javaType": "TenantManagerIdentityProviderTypeConfigurationRequest"
+    }
+  ]
+}
diff --git a/src/main/api/updateTenantManagerIdentityProviderTypeConfiguration.json b/src/main/api/updateTenantManagerIdentityProviderTypeConfiguration.json
new file mode 100644
index 000000000..d53c17590
--- /dev/null
+++ b/src/main/api/updateTenantManagerIdentityProviderTypeConfiguration.json
@@ -0,0 +1,28 @@
+{
+  "uri": "/api/tenant-manager/identity-provider",
+  "comments": [
+    "Updates the tenant manager identity provider type configuration for the given identity provider type."
+  ],
+  "method": "put",
+  "methodName": "updateTenantManagerIdentityProviderTypeConfiguration",
+  "successResponse": "TenantManagerIdentityProviderTypeConfigurationResponse",
+  "errorResponse": "Errors",
+  "params": [
+    {
+      "name": "type",
+      "comments": [
+        "The type of the identity provider."
+      ],
+      "type": "urlSegment",
+      "javaType": "IdentityProviderType"
+    },
+    {
+      "name": "request",
+      "comments": [
+        "The request object that contains the updated tenant manager identity provider type configuration."
+      ],
+      "type": "body",
+      "javaType": "TenantManagerIdentityProviderTypeConfigurationRequest"
+    }
+  ]
+}
diff --git a/src/main/client/go.client.ftl b/src/main/client/go.client.ftl
index 6aecd5e9f..a5b7be942 100644
--- a/src/main/client/go.client.ftl
+++ b/src/main/client/go.client.ftl
@@ -263,14 +263,16 @@ func (c *FusionAuthClient) ${api.methodName?cap_first}WithContext(ctx context.Co
              WithAuthorization(${api.authorization}).
   [/#if]
   [#list api.params![] as param]
+    [#if param.javaType??][#assign goType = global.convertType(param.javaType, "go")/][/#if]
     [#if param.type == "urlSegment"]
       [#if !param.constant?? && param.javaType == "Integer"]
         WithUriSegment(strconv.Itoa(${(param.constant?? && param.constant)?then(param.value, global.convertValue(param.name, "go"))})).
+      [#elseif !param.constant?? && goType != "string"]
+       WithUriSegment(string(${(param.constant?? && param.constant)?then(param.value,  global.convertValue(param.name, "go"))})).
       [#else]
        WithUriSegment(${(param.constant?? && param.constant)?then(param.value,  global.convertValue(param.name, "go"))}).
       [/#if]
     [#elseif param.type == "urlParameter"]
-      [#if param.javaType??][#assign goType = global.convertType(param.javaType, "go")/][/#if]
       [#if param.value?? && param.value == "true"]
         WithParameter("${param.parameterName}", strconv.FormatBool(true)).
       [#elseif param.value?? && param.value == "false"]
diff --git a/src/main/client/java.client.ftl b/src/main/client/java.client.ftl
index 9e50cb3c9..1ac1b60b6 100644
--- a/src/main/client/java.client.ftl
+++ b/src/main/client/java.client.ftl
@@ -213,6 +213,8 @@ import io.fusionauth.domain.api.report.LoginReportResponse;
 import io.fusionauth.domain.api.report.MonthlyActiveUserReportResponse;
 import io.fusionauth.domain.api.report.RegistrationReportResponse;
 import io.fusionauth.domain.api.report.TotalsReportResponse;
+import io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationRequest;
+import io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationResponse;
 import io.fusionauth.domain.api.twoFactor.SecretResponse;
 import io.fusionauth.domain.api.twoFactor.TwoFactorLoginRequest;
 import io.fusionauth.domain.api.twoFactor.TwoFactorSendRequest;
diff --git a/src/main/client/netcore.client.ftl b/src/main/client/netcore.client.ftl
index b0eadac30..5cbf55ccf 100644
--- a/src/main/client/netcore.client.ftl
+++ b/src/main/client/netcore.client.ftl
@@ -27,6 +27,7 @@ using io.fusionauth.domain.api.identityProvider;
 using io.fusionauth.domain.api.jwt;
 using io.fusionauth.domain.api.passwordless;
 using io.fusionauth.domain.api.report;
+using io.fusionauth.domain.api.tenantManager;
 using io.fusionauth.domain.api.twoFactor;
 using io.fusionauth.domain.api.user;
 using io.fusionauth.domain.oauth2;
diff --git a/src/main/client/netcore.client.interface.ftl b/src/main/client/netcore.client.interface.ftl
index 09be1fccf..26c8e10a4 100644
--- a/src/main/client/netcore.client.interface.ftl
+++ b/src/main/client/netcore.client.interface.ftl
@@ -26,6 +26,7 @@ using io.fusionauth.domain.api.identityProvider;
 using io.fusionauth.domain.api.jwt;
 using io.fusionauth.domain.api.passwordless;
 using io.fusionauth.domain.api.report;
+using io.fusionauth.domain.api.tenantManager;
 using io.fusionauth.domain.api.twoFactor;
 using io.fusionauth.domain.api.user;
 using io.fusionauth.domain.oauth2;
diff --git a/src/main/client/netcore.client.sync.ftl b/src/main/client/netcore.client.sync.ftl
index 90df895a3..d3587764d 100644
--- a/src/main/client/netcore.client.sync.ftl
+++ b/src/main/client/netcore.client.sync.ftl
@@ -41,6 +41,7 @@ using io.fusionauth.domain.api.identityProvider;
 using io.fusionauth.domain.api.jwt;
 using io.fusionauth.domain.api.passwordless;
 using io.fusionauth.domain.api.report;
+using io.fusionauth.domain.api.tenantManager;
 using io.fusionauth.domain.api.twoFactor;
 using io.fusionauth.domain.api.user;
 using io.fusionauth.domain.oauth2;
diff --git a/src/main/client/netcore.domain.ftl b/src/main/client/netcore.domain.ftl
index 60a456a4a..0522f353f 100644
--- a/src/main/client/netcore.domain.ftl
+++ b/src/main/client/netcore.domain.ftl
@@ -56,7 +56,7 @@
 using ${replaceKeywords(package)};
   [/#if]
 [/#list]
-[#if ["DeviceUserCodeResponse", "IdentityProviderLink", "IdentityProviderPendingLinkResponse", "IdentityProviderSearchCriteria", "SAMLv2Configuration"]?seq_contains(domain_item.type)]
+[#if ["DeviceUserCodeResponse", "IdentityProviderLink", "IdentityProviderPendingLinkResponse", "IdentityProviderSearchCriteria", "SAMLv2Configuration", "TenantManagerIdentityProviderTypeConfiguration"]?seq_contains(domain_item.type)]
 using io.fusionauth.domain.provider;
 [/#if]
 [#if domain_item.enum?? && (global.needsConverter(domain_item) || global.needsConverterNoArgs(domain_item))]
diff --git a/src/main/domain/io.fusionauth.domain.SystemConfiguration$TenantManagerConfiguration.json b/src/main/domain/io.fusionauth.domain.SystemConfiguration$TenantManagerConfiguration.json
index 84581f84d..6c9175682 100644
--- a/src/main/domain/io.fusionauth.domain.SystemConfiguration$TenantManagerConfiguration.json
+++ b/src/main/domain/io.fusionauth.domain.SystemConfiguration$TenantManagerConfiguration.json
@@ -13,6 +13,14 @@
     },
     "brandName" : {
       "type" : "String"
+    },
+    "identityProviderTypeConfigurations" : {
+      "type" : "Map",
+      "typeArguments" : [ {
+        "type" : "String"
+      }, {
+        "type" : "TenantManagerIdentityProviderTypeConfiguration"
+      } ]
     }
   }
 }
\ No newline at end of file
diff --git a/src/main/domain/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationRequest.json b/src/main/domain/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationRequest.json
new file mode 100644
index 000000000..6d4aad14a
--- /dev/null
+++ b/src/main/domain/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationRequest.json
@@ -0,0 +1,10 @@
+{
+  "packageName" : "io.fusionauth.domain.api.tenantManager",
+  "type" : "TenantManagerIdentityProviderTypeConfigurationRequest",
+  "description" : "/**\n * The Tenant Manager IdP type configuration request object\n */\n",
+  "fields" : {
+    "typeConfiguration" : {
+      "type" : "TenantManagerIdentityProviderTypeConfiguration"
+    }
+  }
+}
\ No newline at end of file
diff --git a/src/main/domain/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationResponse.json b/src/main/domain/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationResponse.json
new file mode 100644
index 000000000..06cf2dac6
--- /dev/null
+++ b/src/main/domain/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationResponse.json
@@ -0,0 +1,10 @@
+{
+  "packageName" : "io.fusionauth.domain.api.tenantManager",
+  "type" : "TenantManagerIdentityProviderTypeConfigurationResponse",
+  "description" : "/**\n * The Tenant Manager IdP type configuration response object\n */\n",
+  "fields" : {
+    "typeConfiguration" : {
+      "type" : "TenantManagerIdentityProviderTypeConfiguration"
+    }
+  }
+}
\ No newline at end of file
diff --git a/src/main/domain/io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration.json b/src/main/domain/io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration.json
new file mode 100644
index 000000000..2a3c1631a
--- /dev/null
+++ b/src/main/domain/io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration.json
@@ -0,0 +1,38 @@
+{
+  "packageName" : "io.fusionauth.domain.tenantManager",
+  "type" : "TenantManagerIdentityProviderTypeConfiguration",
+  "description" : "/**\n * Configuration object for identity provider types allowed in Tenant Manager\n */\n",
+  "extends" : [ {
+    "type" : "Enableable"
+  } ],
+  "implements" : [ {
+    "type" : "Buildable",
+    "typeArguments" : [ {
+      "type" : "TenantManagerIdentityProviderTypeConfiguration"
+    } ]
+  }, {
+    "type" : "JSONColumnable"
+  } ],
+  "fields" : {
+    "defaultAttributeMappings" : {
+      "type" : "Map",
+      "typeArguments" : [ {
+        "type" : "String"
+      }, {
+        "type" : "String"
+      } ]
+    },
+    "insertInstant" : {
+      "type" : "ZonedDateTime"
+    },
+    "lastUpdateInstant" : {
+      "type" : "ZonedDateTime"
+    },
+    "linkingStrategy" : {
+      "type" : "IdentityProviderLinkingStrategy"
+    },
+    "type" : {
+      "type" : "IdentityProviderType"
+    }
+  }
+}
\ No newline at end of file
diff --git a/src/main/domainNG/io.fusionauth.domain.SystemConfiguration$TenantManagerConfiguration.json b/src/main/domainNG/io.fusionauth.domain.SystemConfiguration$TenantManagerConfiguration.json
index 67414f418..541d1b796 100644
--- a/src/main/domainNG/io.fusionauth.domain.SystemConfiguration$TenantManagerConfiguration.json
+++ b/src/main/domainNG/io.fusionauth.domain.SystemConfiguration$TenantManagerConfiguration.json
@@ -12,9 +12,20 @@
     "brandName" : {
       "className" : "java.lang.String",
       "type" : "String"
+    },
+    "identityProviderTypeConfigurations" : {
+      "className" : "java.util.Map",
+      "type" : "Map",
+      "typeArguments" : [ {
+        "className" : "java.lang.String",
+        "type" : "String"
+      }, {
+        "className" : "io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration",
+        "type" : "TenantManagerIdentityProviderTypeConfiguration"
+      } ]
     }
   },
-  "imports" : [ "io.fusionauth.domain.Buildable", "java.util.UUID", "java.lang.String" ],
+  "imports" : [ "io.fusionauth.domain.Buildable", "java.util.UUID", "java.lang.String", "java.util.Map", "io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration" ],
   "interfaces" : [ {
     "className" : "io.fusionauth.domain.Buildable",
     "type" : "Buildable",
diff --git a/src/main/domainNG/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationRequest.json b/src/main/domainNG/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationRequest.json
new file mode 100644
index 000000000..932dd7b62
--- /dev/null
+++ b/src/main/domainNG/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationRequest.json
@@ -0,0 +1,15 @@
+{
+  "className" : "io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationRequest",
+  "extends" : { },
+  "fields" : {
+    "typeConfiguration" : {
+      "className" : "io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration",
+      "type" : "TenantManagerIdentityProviderTypeConfiguration"
+    }
+  },
+  "imports" : [ "io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration" ],
+  "interfaces" : [ ],
+  "objectType" : "Object",
+  "packageName" : "io.fusionauth.domain.api.tenantManager",
+  "type" : "TenantManagerIdentityProviderTypeConfigurationRequest"
+}
\ No newline at end of file
diff --git a/src/main/domainNG/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationResponse.json b/src/main/domainNG/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationResponse.json
new file mode 100644
index 000000000..c4f6585ec
--- /dev/null
+++ b/src/main/domainNG/io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationResponse.json
@@ -0,0 +1,15 @@
+{
+  "className" : "io.fusionauth.domain.api.tenantManager.TenantManagerIdentityProviderTypeConfigurationResponse",
+  "extends" : { },
+  "fields" : {
+    "typeConfiguration" : {
+      "className" : "io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration",
+      "type" : "TenantManagerIdentityProviderTypeConfiguration"
+    }
+  },
+  "imports" : [ "io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration" ],
+  "interfaces" : [ ],
+  "objectType" : "Object",
+  "packageName" : "io.fusionauth.domain.api.tenantManager",
+  "type" : "TenantManagerIdentityProviderTypeConfigurationResponse"
+}
\ No newline at end of file
diff --git a/src/main/domainNG/io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration.json b/src/main/domainNG/io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration.json
new file mode 100644
index 000000000..381e62df2
--- /dev/null
+++ b/src/main/domainNG/io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration.json
@@ -0,0 +1,62 @@
+{
+  "className" : "io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration",
+  "extends" : {
+    "className" : "io.fusionauth.domain.Enableable",
+    "type" : "Enableable"
+  },
+  "fields" : {
+    "data" : {
+      "className" : "java.util.Map",
+      "type" : "Map",
+      "typeArguments" : [ {
+        "className" : "java.lang.String",
+        "type" : "String"
+      }, {
+        "className" : "java.lang.Object",
+        "type" : "Object"
+      } ]
+    },
+    "defaultAttributeMappings" : {
+      "className" : "java.util.Map",
+      "type" : "Map",
+      "typeArguments" : [ {
+        "className" : "java.lang.String",
+        "type" : "String"
+      }, {
+        "className" : "java.lang.String",
+        "type" : "String"
+      } ]
+    },
+    "insertInstant" : {
+      "className" : "java.time.ZonedDateTime",
+      "type" : "ZonedDateTime"
+    },
+    "lastUpdateInstant" : {
+      "className" : "java.time.ZonedDateTime",
+      "type" : "ZonedDateTime"
+    },
+    "linkingStrategy" : {
+      "className" : "io.fusionauth.domain.provider.IdentityProviderLinkingStrategy",
+      "type" : "IdentityProviderLinkingStrategy"
+    },
+    "type" : {
+      "className" : "io.fusionauth.domain.provider.IdentityProviderType",
+      "type" : "IdentityProviderType"
+    }
+  },
+  "imports" : [ "io.fusionauth.domain.Enableable", "io.fusionauth.domain.Buildable", "com.inversoft.mybatis.JSONColumnable", "java.util.Map", "java.lang.String", "java.time.ZonedDateTime", "io.fusionauth.domain.provider.IdentityProviderLinkingStrategy", "io.fusionauth.domain.provider.IdentityProviderType" ],
+  "interfaces" : [ {
+    "className" : "io.fusionauth.domain.Buildable",
+    "type" : "Buildable",
+    "typeArguments" : [ {
+      "className" : "io.fusionauth.domain.tenantManager.TenantManagerIdentityProviderTypeConfiguration",
+      "type" : "TenantManagerIdentityProviderTypeConfiguration"
+    } ]
+  }, {
+    "className" : "com.inversoft.mybatis.JSONColumnable",
+    "type" : "JSONColumnable"
+  } ],
+  "objectType" : "Object",
+  "packageName" : "io.fusionauth.domain.tenantManager",
+  "type" : "TenantManagerIdentityProviderTypeConfiguration"
+}
\ No newline at end of file