Introduction
This is the NetFoundry identity service
Overview
HTTP verbs
NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP verbs.
Verb | Usage |
---|---|
|
Used to retrieve a resource |
|
Used to create a new resource |
|
Used to update an existing resource, full updates only |
|
Used to delete an existing resource |
The PATCH method is not used (yet).
|
HTTP status codes
NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP status codes.
Status code | Usage |
---|---|
|
The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request, the response will contain an entity describing or containing the result of the action. |
|
The request has been fulfilled and resulted in a new resource being created. |
|
The request has been accepted and is being processed asynchronously Standard response for successful HTTP requests which invoke back-end services. |
|
The server successfully processed the request, but is not returning any content. |
|
The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). |
|
The request lacks valid authentication credentials for the target resource. |
|
The request is authenticated with valid credentials however that set of credentials is not authorized to access this resource. |
|
The requested resource could not be found but may be available again in the future. Subsequent requests by the client are permissible. |
Resources
Organization
Find Organizations
GET /organizations
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
|
active |
Boolean |
true |
|
mfaProviders |
Object |
true |
|
includeDeleted |
Boolean |
true |
Default value: 'false'. |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
name |
String |
true |
Used for display purposes. Not unique or private. |
label |
String |
true |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. |
identityProviders |
Array[Object] |
true |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
true |
|
identityProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
identityProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
identityProviders[].auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
true |
|
identityProviders[].updatedAt |
Object |
true |
|
identityProviders[].deletedAt |
Object |
true |
|
defaultRoles |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
defaultRoles[].id |
String |
true |
|
defaultRoles[].organizationId |
String |
true |
The id of the {@link Organization} that this default role applies to. All User and API Account Identities that are created in the organization without explicit permissions at the time of creation, will be granted this role and any other default roles that apply to the organization. |
defaultRoles[].name |
String |
true |
Used for display purposes. Not unique or private. |
defaultRoles[].roleType |
String |
true |
The type of the role identified by the {@link #roleId roleId}. Must be one of [Standard, Custom]. |
defaultRoles[].roleId |
String |
true |
The id of the role as defined by the authorization service. |
defaultRoles[].createdBy |
String |
true |
|
defaultRoles[].createdAt |
Object |
true |
|
defaultRoles[].deletedAt |
Object |
true |
|
defaultRoles[].deletedBy |
String |
true |
|
defaultRoles[].deleted |
Boolean |
true |
|
openIdProviders |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
openIdProviders[].id |
String |
true |
|
openIdProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
openIdProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
openIdProviders[].clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
openIdProviders[].issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
openIdProviders[].authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
openIdProviders[].active |
Boolean |
true |
|
openIdProviders[].createdBy |
String |
true |
|
openIdProviders[].createdAt |
Object |
true |
|
openIdProviders[].deletedAt |
Object |
true |
|
openIdProviders[].deletedBy |
String |
true |
|
openIdProviders[].deleted |
Boolean |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTelZDQVdnai1EbWtsTWdPbHRZVmlBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTczLCJleHAiOjE3MTIyMjQ1NzMsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.tc5hKOhYzAS_FFAXNOEwpA1UkGIFMuTZJmtOd_q7YScFf_eH9TEZ7DvLolEUtefyxchwQ7jDovFifiU37f59PB5kJc8dXoRg5W2UtcozZe3O9s36bVptHQSlr2T0tChBFQZyjsTAzGRCN-rRkBARvr6Foz9QACw2T2fPs9gyaUW6Q2Iag-lOwlRhKHj7Ux-siPhiK2nl0TfEuGnwCX5psYz3h6lmAbjeEhx3OjFrUq5fY-kWDE8WvgSXeUCc2W5V6w0PdjdGLItcxXudSG2B4Y6FOP3u6siltEKAoslBCqaNOvvtsGQDfxGX3KMyvU9YVKQipOGHSdBzto-jYYeKtg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 4386
[ {
"id" : "0668aa24-15e5-4158-8ba9-50f00d2a566b",
"name" : "World Wide Imports",
"label" : "WW-Imports-11",
"identityProviders" : [ {
"id" : "58af862f-4ff6-47c1-85cc-ece5d8756d7c",
"organizationId" : "0668aa24-15e5-4158-8ba9-50f00d2a566b",
"auth0ConnectionId" : "auth0-opaque-connectionId-12",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 28375000,
"epochSecond" : 1712220972
},
"updatedAt" : null,
"deletedAt" : null
} ],
"defaultRoles" : [ ],
"openIdProviders" : [ ],
"active" : true,
"mfaProvider" : null,
"createdAt" : {
"nano" : 26311000,
"epochSecond" : 1712220972
},
"updatedAt" : null,
"deletedAt" : null,
"deleted" : false
}, {
"id" : "64132b58-11c4-4d07-a79e-304ccda453c4",
"name" : "World Wide Imports",
"label" : "WW-Imports-7",
"identityProviders" : [ {
"id" : "d2819c4f-e03e-48b8-94d8-f09cef5eca2b",
"organizationId" : "64132b58-11c4-4d07-a79e-304ccda453c4",
"auth0ConnectionId" : "auth0-opaque-connectionId-8",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 665765000,
"epochSecond" : 1712220971
},
"updatedAt" : null,
"deletedAt" : null
} ],
"defaultRoles" : [ ],
"openIdProviders" : [ {
"id" : "45843cdc-cfa9-4dd7-9b2b-01ec11f39500",
"organizationId" : "64132b58-11c4-4d07-a79e-304ccda453c4",
"name" : "OIDC Provider-9",
"clientId" : "clientId-10",
"issuer" : "https://auth",
"authorizationEndpoint" : "https://token",
"tokenEndpoint" : "https://user",
"userInfoEndpoint" : "https://jwks",
"jwksUri" : "https://iss",
"active" : false,
"createdBy" : "54f1ccf8-a4e9-4ecd-873e-65fb477726ed",
"createdAt" : {
"nano" : 689744000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
} ],
"active" : true,
"mfaProvider" : null,
"createdAt" : {
"nano" : 663701000,
"epochSecond" : 1712220971
},
"updatedAt" : null,
"deletedAt" : null,
"deleted" : false
}, {
"id" : "95068bb0-864b-4930-b06e-9acf4957c826",
"name" : "Cloud Engineering",
"label" : "CLDENG",
"identityProviders" : [ {
"id" : "38bff360-ebe7-4e80-9e93-bc3fb58bd74a",
"organizationId" : "95068bb0-864b-4930-b06e-9acf4957c826",
"auth0ConnectionId" : "google-oauth2",
"name" : "NetFoundry Google Account",
"auth0ConnectionType" : "Social",
"active" : true,
"createdAt" : {
"nano" : 319612000,
"epochSecond" : 1712220969
},
"updatedAt" : null,
"deletedAt" : null
} ],
"defaultRoles" : [ {
"id" : "ee6cd29a-ea07-4840-8cb6-d1e9834fcace",
"organizationId" : "95068bb0-864b-4930-b06e-9acf4957c826",
"name" : "Standard Role Admin - Network Group Admin - Cloud Engineering",
"roleType" : "Standard",
"roleId" : "2854b8f9-6538-11ea-98de-128b2daaf7e4",
"createdBy" : "2b6f496d-36f1-4e66-a205-8abcf1d41d74",
"createdAt" : {
"nano" : 320893000,
"epochSecond" : 1712220969
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}, {
"id" : "8c091908-5019-4861-8e6b-c11f3b539e30",
"organizationId" : "95068bb0-864b-4930-b06e-9acf4957c826",
"name" : "Cloud Engineering",
"roleType" : "Custom",
"roleId" : "8f1493a4-29ca-4b34-8d04-b6ef954b097c",
"createdBy" : "2b6f496d-36f1-4e66-a205-8abcf1d41d74",
"createdAt" : {
"nano" : 320211000,
"epochSecond" : 1712220969
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}, {
"id" : "f498aee9-5525-4573-a837-1cbcac23c268",
"organizationId" : "95068bb0-864b-4930-b06e-9acf4957c826",
"name" : "Network Group Admin - Cloud Engineering Network Group",
"roleType" : "Standard",
"roleId" : "b75be358-a3f9-40a5-972d-a804c4758041",
"createdBy" : "2b6f496d-36f1-4e66-a205-8abcf1d41d74",
"createdAt" : {
"nano" : 320893000,
"epochSecond" : 1712220969
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
} ],
"openIdProviders" : [ ],
"active" : true,
"mfaProvider" : null,
"createdAt" : {
"nano" : 319418000,
"epochSecond" : 1712220969
},
"updatedAt" : null,
"deletedAt" : null,
"deleted" : false
} ]
Get Organization By Id
GET /organizations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
name |
String |
true |
Used for display purposes. Not unique or private. |
label |
String |
true |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. |
identityProviders |
Array[Object] |
true |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
true |
|
identityProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
identityProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
identityProviders[].auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
true |
|
identityProviders[].updatedAt |
Object |
true |
|
identityProviders[].deletedAt |
Object |
true |
|
defaultRoles |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
defaultRoles[].id |
String |
true |
|
defaultRoles[].organizationId |
String |
true |
The id of the {@link Organization} that this default role applies to. All User and API Account Identities that are created in the organization without explicit permissions at the time of creation, will be granted this role and any other default roles that apply to the organization. |
defaultRoles[].name |
String |
true |
Used for display purposes. Not unique or private. |
defaultRoles[].roleType |
String |
true |
The type of the role identified by the {@link #roleId roleId}. Must be one of [Standard, Custom]. |
defaultRoles[].roleId |
String |
true |
The id of the role as defined by the authorization service. |
defaultRoles[].createdBy |
String |
true |
|
defaultRoles[].createdAt |
Object |
true |
|
defaultRoles[].deletedAt |
Object |
true |
|
defaultRoles[].deletedBy |
String |
true |
|
defaultRoles[].deleted |
Boolean |
true |
|
openIdProviders |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
openIdProviders[].id |
String |
true |
|
openIdProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
openIdProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
openIdProviders[].clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
openIdProviders[].issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
openIdProviders[].authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
openIdProviders[].active |
Boolean |
true |
|
openIdProviders[].createdBy |
String |
true |
|
openIdProviders[].createdAt |
Object |
true |
|
openIdProviders[].deletedAt |
Object |
true |
|
openIdProviders[].deletedBy |
String |
true |
|
openIdProviders[].deleted |
Boolean |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/c0048cf7-0785-4a55-87d3-25ac18cc6632' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTelZDQVdnai1EbWtsTWdPbHRZVmlBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTczLCJleHAiOjE3MTIyMjQ1NzMsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.tc5hKOhYzAS_FFAXNOEwpA1UkGIFMuTZJmtOd_q7YScFf_eH9TEZ7DvLolEUtefyxchwQ7jDovFifiU37f59PB5kJc8dXoRg5W2UtcozZe3O9s36bVptHQSlr2T0tChBFQZyjsTAzGRCN-rRkBARvr6Foz9QACw2T2fPs9gyaUW6Q2Iag-lOwlRhKHj7Ux-siPhiK2nl0TfEuGnwCX5psYz3h6lmAbjeEhx3OjFrUq5fY-kWDE8WvgSXeUCc2W5V6w0PdjdGLItcxXudSG2B4Y6FOP3u6siltEKAoslBCqaNOvvtsGQDfxGX3KMyvU9YVKQipOGHSdBzto-jYYeKtg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 3315
{
"id" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "ACME International, Inc.",
"label" : "ACME-0",
"identityProviders" : [ {
"id" : "ef1a5b8c-7c6e-497f-8e98-ba0fa25f7b73",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ConnectionId" : "auth0-opaque-connectionId-1",
"name" : "ACME Federated Active Directory",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 19301000,
"epochSecond" : 1712220971
},
"updatedAt" : null,
"deletedAt" : null
}, {
"id" : "6d852113-b070-4a97-a5ae-0cf84e943a6c",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ConnectionId" : "auth0-opaque-connectionId-2",
"name" : "Google-Account",
"auth0ConnectionType" : "Social",
"active" : true,
"createdAt" : {
"nano" : 24136000,
"epochSecond" : 1712220971
},
"updatedAt" : null,
"deletedAt" : null
} ],
"defaultRoles" : [ {
"id" : "a50115a7-5254-45e9-8687-ea62de3465ba",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "Test Std Role",
"roleType" : "Standard",
"roleId" : "811628f2-cbaf-47ee-8a18-bdacce3908e5",
"createdBy" : "2e7dac30-3fe1-4ed9-9d1c-74d6b144b381",
"createdAt" : {
"nano" : 26410000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}, {
"id" : "fb0107dc-f06a-455d-ba63-c0389ba36b74",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "Test Custom Role",
"roleType" : "Custom",
"roleId" : "3af8093f-e108-4355-9e90-bfbabe540a76",
"createdBy" : "141a3c5d-3413-48fe-8ea5-67f0db4e2db9",
"createdAt" : {
"nano" : 32715000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
} ],
"openIdProviders" : [ {
"id" : "d796d506-42e9-4af0-9897-f46c40e3bfe7",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "ACME OIDC Provider New",
"clientId" : "clientId2",
"issuer" : "https://auth",
"authorizationEndpoint" : "https://token",
"tokenEndpoint" : "https://user",
"userInfoEndpoint" : "https://jwks",
"jwksUri" : "https://iss",
"active" : true,
"createdBy" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"createdAt" : {
"nano" : 931030000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}, {
"id" : "d8bb5d41-2bd9-40cf-bbac-029bac91d718",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "ACME OIDC Provider 1",
"clientId" : "clientId1",
"issuer" : "https://auth",
"authorizationEndpoint" : "https://token",
"tokenEndpoint" : "https://user",
"userInfoEndpoint" : "https://jwks",
"jwksUri" : "https://iss",
"active" : true,
"createdBy" : "4918adbe-2b6d-48ea-b898-48473f04fdf0",
"createdAt" : {
"nano" : 46686000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
} ],
"active" : true,
"mfaProvider" : null,
"createdAt" : {
"nano" : 13417000,
"epochSecond" : 1712220971
},
"updatedAt" : null,
"deletedAt" : null,
"deleted" : false
}
Get Organization By Label
GET /organizations/label/{label:[-a-zA-Z0-9]{1,63}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
label |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
name |
String |
true |
Used for display purposes. Not unique or private. |
label |
String |
true |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. |
identityProviders |
Array[Object] |
true |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
true |
|
identityProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
identityProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
identityProviders[].auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
true |
|
identityProviders[].updatedAt |
Object |
true |
|
identityProviders[].deletedAt |
Object |
true |
|
defaultRoles |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
defaultRoles[].id |
String |
true |
|
defaultRoles[].organizationId |
String |
true |
The id of the {@link Organization} that this default role applies to. All User and API Account Identities that are created in the organization without explicit permissions at the time of creation, will be granted this role and any other default roles that apply to the organization. |
defaultRoles[].name |
String |
true |
Used for display purposes. Not unique or private. |
defaultRoles[].roleType |
String |
true |
The type of the role identified by the {@link #roleId roleId}. Must be one of [Standard, Custom]. |
defaultRoles[].roleId |
String |
true |
The id of the role as defined by the authorization service. |
defaultRoles[].createdBy |
String |
true |
|
defaultRoles[].createdAt |
Object |
true |
|
defaultRoles[].deletedAt |
Object |
true |
|
defaultRoles[].deletedBy |
String |
true |
|
defaultRoles[].deleted |
Boolean |
true |
|
openIdProviders |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
openIdProviders[].id |
String |
true |
|
openIdProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
openIdProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
openIdProviders[].clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
openIdProviders[].issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
openIdProviders[].authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
openIdProviders[].active |
Boolean |
true |
|
openIdProviders[].createdBy |
String |
true |
|
openIdProviders[].createdAt |
Object |
true |
|
openIdProviders[].deletedAt |
Object |
true |
|
openIdProviders[].deletedBy |
String |
true |
|
openIdProviders[].deleted |
Boolean |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/label/ACME-0' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTelZDQVdnai1EbWtsTWdPbHRZVmlBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTczLCJleHAiOjE3MTIyMjQ1NzMsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.tc5hKOhYzAS_FFAXNOEwpA1UkGIFMuTZJmtOd_q7YScFf_eH9TEZ7DvLolEUtefyxchwQ7jDovFifiU37f59PB5kJc8dXoRg5W2UtcozZe3O9s36bVptHQSlr2T0tChBFQZyjsTAzGRCN-rRkBARvr6Foz9QACw2T2fPs9gyaUW6Q2Iag-lOwlRhKHj7Ux-siPhiK2nl0TfEuGnwCX5psYz3h6lmAbjeEhx3OjFrUq5fY-kWDE8WvgSXeUCc2W5V6w0PdjdGLItcxXudSG2B4Y6FOP3u6siltEKAoslBCqaNOvvtsGQDfxGX3KMyvU9YVKQipOGHSdBzto-jYYeKtg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 3315
{
"id" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "ACME International, Inc.",
"label" : "ACME-0",
"identityProviders" : [ {
"id" : "ef1a5b8c-7c6e-497f-8e98-ba0fa25f7b73",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ConnectionId" : "auth0-opaque-connectionId-1",
"name" : "ACME Federated Active Directory",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 19301000,
"epochSecond" : 1712220971
},
"updatedAt" : null,
"deletedAt" : null
}, {
"id" : "6d852113-b070-4a97-a5ae-0cf84e943a6c",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ConnectionId" : "auth0-opaque-connectionId-2",
"name" : "Google-Account",
"auth0ConnectionType" : "Social",
"active" : true,
"createdAt" : {
"nano" : 24136000,
"epochSecond" : 1712220971
},
"updatedAt" : null,
"deletedAt" : null
} ],
"defaultRoles" : [ {
"id" : "a50115a7-5254-45e9-8687-ea62de3465ba",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "Test Std Role",
"roleType" : "Standard",
"roleId" : "811628f2-cbaf-47ee-8a18-bdacce3908e5",
"createdBy" : "2e7dac30-3fe1-4ed9-9d1c-74d6b144b381",
"createdAt" : {
"nano" : 26410000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}, {
"id" : "fb0107dc-f06a-455d-ba63-c0389ba36b74",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "Test Custom Role",
"roleType" : "Custom",
"roleId" : "3af8093f-e108-4355-9e90-bfbabe540a76",
"createdBy" : "141a3c5d-3413-48fe-8ea5-67f0db4e2db9",
"createdAt" : {
"nano" : 32715000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
} ],
"openIdProviders" : [ {
"id" : "d796d506-42e9-4af0-9897-f46c40e3bfe7",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "ACME OIDC Provider New",
"clientId" : "clientId2",
"issuer" : "https://auth",
"authorizationEndpoint" : "https://token",
"tokenEndpoint" : "https://user",
"userInfoEndpoint" : "https://jwks",
"jwksUri" : "https://iss",
"active" : true,
"createdBy" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"createdAt" : {
"nano" : 931030000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}, {
"id" : "d8bb5d41-2bd9-40cf-bbac-029bac91d718",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "ACME OIDC Provider 1",
"clientId" : "clientId1",
"issuer" : "https://auth",
"authorizationEndpoint" : "https://token",
"tokenEndpoint" : "https://user",
"userInfoEndpoint" : "https://jwks",
"jwksUri" : "https://iss",
"active" : true,
"createdBy" : "4918adbe-2b6d-48ea-b898-48473f04fdf0",
"createdAt" : {
"nano" : 46686000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
} ],
"active" : true,
"mfaProvider" : null,
"createdAt" : {
"nano" : 13417000,
"epochSecond" : 1712220971
},
"updatedAt" : null,
"deletedAt" : null,
"deleted" : false
}
Create Organization
POST /organizations
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
|
label |
String |
true |
|
auth0ConnectionId |
String |
true |
|
identityProviderName |
String |
true |
|
auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
name |
String |
true |
Used for display purposes. Not unique or private. |
label |
String |
true |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. |
identityProviders |
Array[Object] |
true |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
true |
|
identityProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
identityProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
identityProviders[].auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
true |
|
identityProviders[].updatedAt |
Object |
true |
|
identityProviders[].deletedAt |
Object |
true |
|
defaultRoles |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
defaultRoles[].id |
String |
true |
|
defaultRoles[].organizationId |
String |
true |
The id of the {@link Organization} that this default role applies to. All User and API Account Identities that are created in the organization without explicit permissions at the time of creation, will be granted this role and any other default roles that apply to the organization. |
defaultRoles[].name |
String |
true |
Used for display purposes. Not unique or private. |
defaultRoles[].roleType |
String |
true |
The type of the role identified by the {@link #roleId roleId}. Must be one of [Standard, Custom]. |
defaultRoles[].roleId |
String |
true |
The id of the role as defined by the authorization service. |
defaultRoles[].createdBy |
String |
true |
|
defaultRoles[].createdAt |
Object |
true |
|
defaultRoles[].deletedAt |
Object |
true |
|
defaultRoles[].deletedBy |
String |
true |
|
defaultRoles[].deleted |
Boolean |
true |
|
openIdProviders |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
openIdProviders[].id |
String |
true |
|
openIdProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
openIdProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
openIdProviders[].clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
openIdProviders[].issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
openIdProviders[].authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
openIdProviders[].active |
Boolean |
true |
|
openIdProviders[].createdBy |
String |
true |
|
openIdProviders[].createdAt |
Object |
true |
|
openIdProviders[].deletedAt |
Object |
true |
|
openIdProviders[].deletedBy |
String |
true |
|
openIdProviders[].deleted |
Boolean |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTelZDQVdnai1EbWtsTWdPbHRZVmlBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTczLCJleHAiOjE3MTIyMjQ1NzMsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.tc5hKOhYzAS_FFAXNOEwpA1UkGIFMuTZJmtOd_q7YScFf_eH9TEZ7DvLolEUtefyxchwQ7jDovFifiU37f59PB5kJc8dXoRg5W2UtcozZe3O9s36bVptHQSlr2T0tChBFQZyjsTAzGRCN-rRkBARvr6Foz9QACw2T2fPs9gyaUW6Q2Iag-lOwlRhKHj7Ux-siPhiK2nl0TfEuGnwCX5psYz3h6lmAbjeEhx3OjFrUq5fY-kWDE8WvgSXeUCc2W5V6w0PdjdGLItcxXudSG2B4Y6FOP3u6siltEKAoslBCqaNOvvtsGQDfxGX3KMyvU9YVKQipOGHSdBzto-jYYeKtg' \
-d '{"name":"Best Corp.","label":"BEST-CORP","auth0ConnectionId":"auth0-opaque-connection","identityProviderName":"Corp SAML","auth0ConnectionType":"Enterprise"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 763
{
"id" : "e6f64641-caa9-4f18-9fdc-3111fa91efb7",
"name" : "Best Corp.",
"label" : "BEST-CORP",
"identityProviders" : [ {
"id" : "6c581be4-a66b-46aa-b879-e3a6d3c109bc",
"organizationId" : "e6f64641-caa9-4f18-9fdc-3111fa91efb7",
"auth0ConnectionId" : "auth0-opaque-connection",
"name" : "Best Corp.",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 494309000,
"epochSecond" : 1712220973
},
"updatedAt" : null,
"deletedAt" : null
} ],
"defaultRoles" : [ ],
"openIdProviders" : [ ],
"active" : true,
"mfaProvider" : null,
"createdAt" : {
"nano" : 493270000,
"epochSecond" : 1712220973
},
"updatedAt" : null,
"deletedAt" : null,
"deleted" : false
}
Activate Or Deactivate Organization
PUT /organizations/{id}/{action:activate|deactivate}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
|
action |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
name |
String |
true |
Used for display purposes. Not unique or private. |
label |
String |
true |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. |
identityProviders |
Array[Object] |
true |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
true |
|
identityProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
identityProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
identityProviders[].auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
true |
|
identityProviders[].updatedAt |
Object |
true |
|
identityProviders[].deletedAt |
Object |
true |
|
defaultRoles |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
defaultRoles[].id |
String |
true |
|
defaultRoles[].organizationId |
String |
true |
The id of the {@link Organization} that this default role applies to. All User and API Account Identities that are created in the organization without explicit permissions at the time of creation, will be granted this role and any other default roles that apply to the organization. |
defaultRoles[].name |
String |
true |
Used for display purposes. Not unique or private. |
defaultRoles[].roleType |
String |
true |
The type of the role identified by the {@link #roleId roleId}. Must be one of [Standard, Custom]. |
defaultRoles[].roleId |
String |
true |
The id of the role as defined by the authorization service. |
defaultRoles[].createdBy |
String |
true |
|
defaultRoles[].createdAt |
Object |
true |
|
defaultRoles[].deletedAt |
Object |
true |
|
defaultRoles[].deletedBy |
String |
true |
|
defaultRoles[].deleted |
Boolean |
true |
|
openIdProviders |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
openIdProviders[].id |
String |
true |
|
openIdProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
openIdProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
openIdProviders[].clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
openIdProviders[].issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
openIdProviders[].authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
openIdProviders[].active |
Boolean |
true |
|
openIdProviders[].createdBy |
String |
true |
|
openIdProviders[].createdAt |
Object |
true |
|
openIdProviders[].deletedAt |
Object |
true |
|
openIdProviders[].deletedBy |
String |
true |
|
openIdProviders[].deleted |
Boolean |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/e3823fc9-dff5-4a77-9df7-e98eff1b658e/deactivate' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTelZDQVdnai1EbWtsTWdPbHRZVmlBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTczLCJleHAiOjE3MTIyMjQ1NzMsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.tc5hKOhYzAS_FFAXNOEwpA1UkGIFMuTZJmtOd_q7YScFf_eH9TEZ7DvLolEUtefyxchwQ7jDovFifiU37f59PB5kJc8dXoRg5W2UtcozZe3O9s36bVptHQSlr2T0tChBFQZyjsTAzGRCN-rRkBARvr6Foz9QACw2T2fPs9gyaUW6Q2Iag-lOwlRhKHj7Ux-siPhiK2nl0TfEuGnwCX5psYz3h6lmAbjeEhx3OjFrUq5fY-kWDE8WvgSXeUCc2W5V6w0PdjdGLItcxXudSG2B4Y6FOP3u6siltEKAoslBCqaNOvvtsGQDfxGX3KMyvU9YVKQipOGHSdBzto-jYYeKtg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 842
{
"id" : "e3823fc9-dff5-4a77-9df7-e98eff1b658e",
"name" : "World Wide Imports",
"label" : "WW-Imports-27",
"identityProviders" : [ {
"id" : "6d5215c3-41f0-44c9-8827-f3db5be4be33",
"organizationId" : "e3823fc9-dff5-4a77-9df7-e98eff1b658e",
"auth0ConnectionId" : "auth0-opaque-connectionId-28",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 801447000,
"epochSecond" : 1712220974
},
"updatedAt" : null,
"deletedAt" : null
} ],
"defaultRoles" : [ ],
"openIdProviders" : [ ],
"active" : false,
"mfaProvider" : null,
"createdAt" : {
"nano" : 799615000,
"epochSecond" : 1712220974
},
"updatedAt" : {
"nano" : 836674000,
"epochSecond" : 1712220974
},
"deletedAt" : null,
"deleted" : false
}
Add Identity Provider (deprecated)
POST /organizations/{id}/identity-providers
Deprecated.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
auth0ConnectionId |
String |
true |
|
identityProviderName |
String |
true |
|
auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
name |
String |
true |
Used for display purposes. Not unique or private. |
label |
String |
true |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. |
identityProviders |
Array[Object] |
true |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
true |
|
identityProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
identityProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
identityProviders[].auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
true |
|
identityProviders[].updatedAt |
Object |
true |
|
identityProviders[].deletedAt |
Object |
true |
|
defaultRoles |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
defaultRoles[].id |
String |
true |
|
defaultRoles[].organizationId |
String |
true |
The id of the {@link Organization} that this default role applies to. All User and API Account Identities that are created in the organization without explicit permissions at the time of creation, will be granted this role and any other default roles that apply to the organization. |
defaultRoles[].name |
String |
true |
Used for display purposes. Not unique or private. |
defaultRoles[].roleType |
String |
true |
The type of the role identified by the {@link #roleId roleId}. Must be one of [Standard, Custom]. |
defaultRoles[].roleId |
String |
true |
The id of the role as defined by the authorization service. |
defaultRoles[].createdBy |
String |
true |
|
defaultRoles[].createdAt |
Object |
true |
|
defaultRoles[].deletedAt |
Object |
true |
|
defaultRoles[].deletedBy |
String |
true |
|
defaultRoles[].deleted |
Boolean |
true |
|
openIdProviders |
Array[Object] |
true |
The set of {@link DefaultRole}s assigned to this Organization. |
openIdProviders[].id |
String |
true |
|
openIdProviders[].organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
openIdProviders[].name |
String |
true |
Used for display purposes. Not unique or private. |
openIdProviders[].clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
openIdProviders[].issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
openIdProviders[].authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
openIdProviders[].jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
openIdProviders[].active |
Boolean |
true |
|
openIdProviders[].createdBy |
String |
true |
|
openIdProviders[].createdAt |
Object |
true |
|
openIdProviders[].deletedAt |
Object |
true |
|
openIdProviders[].deletedBy |
String |
true |
|
openIdProviders[].deleted |
Boolean |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/00f54f34-4413-4ec1-809b-50b9d76cef5b/identity-providers' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTelZDQVdnai1EbWtsTWdPbHRZVmlBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTczLCJleHAiOjE3MTIyMjQ1NzMsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.tc5hKOhYzAS_FFAXNOEwpA1UkGIFMuTZJmtOd_q7YScFf_eH9TEZ7DvLolEUtefyxchwQ7jDovFifiU37f59PB5kJc8dXoRg5W2UtcozZe3O9s36bVptHQSlr2T0tChBFQZyjsTAzGRCN-rRkBARvr6Foz9QACw2T2fPs9gyaUW6Q2Iag-lOwlRhKHj7Ux-siPhiK2nl0TfEuGnwCX5psYz3h6lmAbjeEhx3OjFrUq5fY-kWDE8WvgSXeUCc2W5V6w0PdjdGLItcxXudSG2B4Y6FOP3u6siltEKAoslBCqaNOvvtsGQDfxGX3KMyvU9YVKQipOGHSdBzto-jYYeKtg' \
-d '{"auth0ConnectionId":"auth0-opaque-connection","identityProviderName":"Corp SAML","auth0ConnectionType":"Enterprise"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 1181
{
"id" : "00f54f34-4413-4ec1-809b-50b9d76cef5b",
"name" : "World Wide Imports",
"label" : "WW-Imports-25",
"identityProviders" : [ {
"id" : "3ccb5d17-2c96-4ba8-bbd0-b049c51cb325",
"organizationId" : "00f54f34-4413-4ec1-809b-50b9d76cef5b",
"auth0ConnectionId" : "auth0-opaque-connectionId-26",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 397469000,
"epochSecond" : 1712220974
},
"updatedAt" : null,
"deletedAt" : null
}, {
"id" : "7c5f0a17-f04f-47e4-9d90-c8026f67da75",
"organizationId" : "00f54f34-4413-4ec1-809b-50b9d76cef5b",
"auth0ConnectionId" : "auth0-opaque-connection",
"name" : "Corp SAML",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 467979000,
"epochSecond" : 1712220974
},
"updatedAt" : null,
"deletedAt" : null
} ],
"defaultRoles" : [ ],
"openIdProviders" : [ ],
"active" : true,
"mfaProvider" : null,
"createdAt" : {
"nano" : 394742000,
"epochSecond" : 1712220974
},
"updatedAt" : null,
"deletedAt" : null,
"deleted" : false
}
Identity Providers
Find Identity Providers
GET /identity-providers
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
|
organizationId |
Object |
true |
|
auth0ConnectionId |
Object |
true |
|
auth0ConnectionType |
Object |
true |
|
active |
Boolean |
true |
|
deleted |
Object |
true |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
name |
String |
true |
Used for display purposes. Not unique or private. |
auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIxOURWOEJrT3EyYy1fQ1ViMnNadHlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIxMDE3LCJleHAiOjE3MTIyMjQ2MTcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCIzNWQ1N2YxOS04MjJjLTRjMjktOTkyMS0zODUxNWQ5ODU1MjNcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTd9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.RiBcgwXqNiTEBZrRhTIxicG8XT5SgSJnL3M90OYzxpyvvwE1bEzugdrFP5-q3gxhXW7cjWWIFdSFa5wOSD9oHTodHfWS-ywmPg5bvlh15N0yxe7dVgxVqvjzcgTqD28g_GQDW_zH3lILAXGQbdCGfcYDuCdnCi7G0HgvPETVo5kOD1cayXkLy4zzBn5WFW583bAQtw6ieUqUKBUBKFRIlnY3zAfuXd_fOLUrIvra-sPh06mXLYx9CnRlLzQKxPWTsYm5biKkhwQ2pP2qEg7mWOAflJ6mxQbwG9aJrgukfBpcP1bm3wbmyDfguJZhxDO89Ut3DhM1qQppgk84kgFkEg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1147
[ {
"id" : "082d5bdf-cb9f-49be-a67f-e61845323a32",
"organizationId" : "a2b2d8dc-1fe1-4f26-bec6-c359b15d8c1a",
"auth0ConnectionId" : "auth0-opaque-connectionId-107",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 615539000,
"epochSecond" : 1712220977
},
"updatedAt" : null,
"deletedAt" : null
}, {
"id" : "29b1aa86-554e-4f10-a441-e67c4e8ae267",
"organizationId" : "e2891c59-87c1-4580-99ec-2fe648b77f98",
"auth0ConnectionId" : "auth0-opaque-connectionId-24",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 934173000,
"epochSecond" : 1712220973
},
"updatedAt" : null,
"deletedAt" : null
}, {
"id" : "2aa39b1d-4bd7-466a-9c0a-bd11d82b1850",
"organizationId" : "ef7162e8-816f-4798-8da7-3ff6a4cf4589",
"auth0ConnectionId" : "auth0-opaque-connectionId-172",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 777148000,
"epochSecond" : 1712221017
},
"updatedAt" : null,
"deletedAt" : null
} ]
Get Identity Provider
GET /identity-providers/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
name |
String |
true |
Used for display purposes. Not unique or private. |
auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/ef1a5b8c-7c6e-497f-8e98-ba0fa25f7b73' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIxOURWOEJrT3EyYy1fQ1ViMnNadHlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIxMDE3LCJleHAiOjE3MTIyMjQ2MTcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCIzNWQ1N2YxOS04MjJjLTRjMjktOTkyMS0zODUxNWQ5ODU1MjNcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTd9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.RiBcgwXqNiTEBZrRhTIxicG8XT5SgSJnL3M90OYzxpyvvwE1bEzugdrFP5-q3gxhXW7cjWWIFdSFa5wOSD9oHTodHfWS-ywmPg5bvlh15N0yxe7dVgxVqvjzcgTqD28g_GQDW_zH3lILAXGQbdCGfcYDuCdnCi7G0HgvPETVo5kOD1cayXkLy4zzBn5WFW583bAQtw6ieUqUKBUBKFRIlnY3zAfuXd_fOLUrIvra-sPh06mXLYx9CnRlLzQKxPWTsYm5biKkhwQ2pP2qEg7mWOAflJ6mxQbwG9aJrgukfBpcP1bm3wbmyDfguJZhxDO89Ut3DhM1qQppgk84kgFkEg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 393
{
"id" : "ef1a5b8c-7c6e-497f-8e98-ba0fa25f7b73",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ConnectionId" : "auth0-opaque-connectionId-1",
"name" : "ACME Federated Active Directory",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 19301000,
"epochSecond" : 1712220971
},
"updatedAt" : null,
"deletedAt" : null
}
Create Identity Provider
POST /identity-providers
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
|
auth0ConnectionId |
String |
true |
|
name |
String |
true |
|
auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
name |
String |
true |
Used for display purposes. Not unique or private. |
auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIxOURWOEJrT3EyYy1fQ1ViMnNadHlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIxMDE3LCJleHAiOjE3MTIyMjQ2MTcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCIzNWQ1N2YxOS04MjJjLTRjMjktOTkyMS0zODUxNWQ5ODU1MjNcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTd9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.RiBcgwXqNiTEBZrRhTIxicG8XT5SgSJnL3M90OYzxpyvvwE1bEzugdrFP5-q3gxhXW7cjWWIFdSFa5wOSD9oHTodHfWS-ywmPg5bvlh15N0yxe7dVgxVqvjzcgTqD28g_GQDW_zH3lILAXGQbdCGfcYDuCdnCi7G0HgvPETVo5kOD1cayXkLy4zzBn5WFW583bAQtw6ieUqUKBUBKFRIlnY3zAfuXd_fOLUrIvra-sPh06mXLYx9CnRlLzQKxPWTsYm5biKkhwQ2pP2qEg7mWOAflJ6mxQbwG9aJrgukfBpcP1bm3wbmyDfguJZhxDO89Ut3DhM1qQppgk84kgFkEg' \
-d '{"organizationId":"ef7162e8-816f-4798-8da7-3ff6a4cf4589","auth0ConnectionId":"auth0-opaque-connection","name":"Corp SAML","auth0ConnectionType":"Enterprise"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 368
{
"id" : "3cdb777f-1173-486d-bf7a-92868a83ea60",
"organizationId" : "ef7162e8-816f-4798-8da7-3ff6a4cf4589",
"auth0ConnectionId" : "auth0-opaque-connection",
"name" : "Corp SAML",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 794917000,
"epochSecond" : 1712221017
},
"updatedAt" : null,
"deletedAt" : null
}
Update Identity Provider
PUT /identity-providers/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
name |
String |
true |
Used for display purposes. Not unique or private. |
auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/9231458e-4026-4b49-bde0-46fde942d637' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIxOURWOEJrT3EyYy1fQ1ViMnNadHlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIxMDE3LCJleHAiOjE3MTIyMjQ2MTcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCIzNWQ1N2YxOS04MjJjLTRjMjktOTkyMS0zODUxNWQ5ODU1MjNcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTd9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.RiBcgwXqNiTEBZrRhTIxicG8XT5SgSJnL3M90OYzxpyvvwE1bEzugdrFP5-q3gxhXW7cjWWIFdSFa5wOSD9oHTodHfWS-ywmPg5bvlh15N0yxe7dVgxVqvjzcgTqD28g_GQDW_zH3lILAXGQbdCGfcYDuCdnCi7G0HgvPETVo5kOD1cayXkLy4zzBn5WFW583bAQtw6ieUqUKBUBKFRIlnY3zAfuXd_fOLUrIvra-sPh06mXLYx9CnRlLzQKxPWTsYm5biKkhwQ2pP2qEg7mWOAflJ6mxQbwG9aJrgukfBpcP1bm3wbmyDfguJZhxDO89Ut3DhM1qQppgk84kgFkEg' \
-d '{"name":"New IdP Name"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 429
{
"id" : "9231458e-4026-4b49-bde0-46fde942d637",
"organizationId" : "0d119176-f7b6-4ec8-9e60-b92081f4c463",
"auth0ConnectionId" : "auth0-opaque-connectionId-178",
"name" : "New IdP Name",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 21862000,
"epochSecond" : 1712221018
},
"updatedAt" : {
"nano" : 36321000,
"epochSecond" : 1712221018
},
"deletedAt" : null
}
Activate Or Deactivate Identity Provider
PUT /identity-providers/{id}/{action:activate|deactivate}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
|
action |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
name |
String |
true |
Used for display purposes. Not unique or private. |
auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/405ed443-0d5c-4023-9465-f038f3650129/activate' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIxOURWOEJrT3EyYy1fQ1ViMnNadHlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIxMDE3LCJleHAiOjE3MTIyMjQ2MTcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCIzNWQ1N2YxOS04MjJjLTRjMjktOTkyMS0zODUxNWQ5ODU1MjNcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTd9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.RiBcgwXqNiTEBZrRhTIxicG8XT5SgSJnL3M90OYzxpyvvwE1bEzugdrFP5-q3gxhXW7cjWWIFdSFa5wOSD9oHTodHfWS-ywmPg5bvlh15N0yxe7dVgxVqvjzcgTqD28g_GQDW_zH3lILAXGQbdCGfcYDuCdnCi7G0HgvPETVo5kOD1cayXkLy4zzBn5WFW583bAQtw6ieUqUKBUBKFRIlnY3zAfuXd_fOLUrIvra-sPh06mXLYx9CnRlLzQKxPWTsYm5biKkhwQ2pP2qEg7mWOAflJ6mxQbwG9aJrgukfBpcP1bm3wbmyDfguJZhxDO89Ut3DhM1qQppgk84kgFkEg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 380
{
"id" : "405ed443-0d5c-4023-9465-f038f3650129",
"organizationId" : "d3c1ce7f-ce86-4839-94a6-611081989aed",
"auth0ConnectionId" : "auth0-opaque-connectionId-174",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 848952000,
"epochSecond" : 1712221017
},
"updatedAt" : null,
"deletedAt" : null
}
Delete Identity Provider
DELETE /identity-providers/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
true |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. |
name |
String |
true |
Used for display purposes. Not unique or private. |
auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/55321c39-600e-44d6-a66a-7598eea7c4cc' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIxOURWOEJrT3EyYy1fQ1ViMnNadHlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIxMDE3LCJleHAiOjE3MTIyMjQ2MTcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCIzNWQ1N2YxOS04MjJjLTRjMjktOTkyMS0zODUxNWQ5ODU1MjNcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTd9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.RiBcgwXqNiTEBZrRhTIxicG8XT5SgSJnL3M90OYzxpyvvwE1bEzugdrFP5-q3gxhXW7cjWWIFdSFa5wOSD9oHTodHfWS-ywmPg5bvlh15N0yxe7dVgxVqvjzcgTqD28g_GQDW_zH3lILAXGQbdCGfcYDuCdnCi7G0HgvPETVo5kOD1cayXkLy4zzBn5WFW583bAQtw6ieUqUKBUBKFRIlnY3zAfuXd_fOLUrIvra-sPh06mXLYx9CnRlLzQKxPWTsYm5biKkhwQ2pP2qEg7mWOAflJ6mxQbwG9aJrgukfBpcP1bm3wbmyDfguJZhxDO89Ut3DhM1qQppgk84kgFkEg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492
{
"id" : "55321c39-600e-44d6-a66a-7598eea7c4cc",
"organizationId" : "7ea561c8-b66e-4c84-97ca-ba30da23011e",
"auth0ConnectionId" : "auth0-opaque-connectionId-176",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 949166000,
"epochSecond" : 1712221017
},
"updatedAt" : {
"nano" : 977640000,
"epochSecond" : 1712221017
},
"deletedAt" : {
"nano" : 977000000,
"epochSecond" : 1712221017
}
}
Default Roles
Find Default Roles
GET /default-roles
Search for existing default roles. Results are automatically limited to the subset of instances that the API client has permission to read and which are not marked as deleted. An API client may override the default deleted filter by passing a 'deleted' query parameter with value of 'true' (just those marked deleted) or a value of 'true,false' for all otherwise matching default roles regardless of their marked-deleted state.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this default role applies to. All User and API Account Identities that are created in the organization without explicit permissions at the time of creation, will be granted this role and any other default roles that apply to the organization. |
name |
String |
true |
Used for display purposes. Not unique or private. |
roleType |
String |
true |
The type of the role identified by the {@link #roleId roleId}. Must be one of [Standard, Custom]. |
roleId |
String |
true |
The id of the role as defined by the authorization service. |
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/default-roles' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIyQk1PSXA2VEVnbUNLSi1zU3FzbERnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc1LCJleHAiOjE3MTIyMjQ1NzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KYeiIwra0k5n_sDngHeRmSylG7i4BX8kbsBH9cGLw0vH8052ifspJ2ti_xAWu2TF63tMmOYM-80N8MdK_lPT0WL4ERjaIW2MBhWp2V0RrEraHb134HOgnNihG0k4zhAT79VaRj8Hrm1fOxoKKJRox3w_4T9BKi1PFR9RVrRfLSwxA9PDbrhjkrVonCbatdQVZv2v-jUvqRdh4y6mBRRY6INCZikpZf5r9hE3Wu6sk8ZqJpjO8SrZomYDE2NbydGBbWl8uj_hvnzOmv1c4drVpe7x7x0DBZfy8VFL820oCEg8VxhEA_BFUF5iQgJi6OV7Hl_2QE6r01ckkVh5pQGpYA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1358
[ {
"id" : "2b3f8621-f3d7-4ba9-a7c3-91211f1ae845",
"organizationId" : "f86122fb-316b-4427-8c38-248165bf4504",
"name" : "Standard Role Admin - Network Group Admin of NF Support (NFSUP)",
"roleType" : "Standard",
"roleId" : "ddd39147-0ce2-473d-93c7-25b1b404433d",
"createdBy" : "2b6f496d-36f1-4e66-a205-8abcf1d41d74",
"createdAt" : {
"nano" : 299872000,
"epochSecond" : 1712220969
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}, {
"id" : "5e21b202-6cd7-417c-96cd-d3c079e65ded",
"organizationId" : "f86122fb-316b-4427-8c38-248165bf4504",
"name" : "Network Group Admin - NF Support (NFSUP) Network Group",
"roleType" : "Standard",
"roleId" : "cf53e966-a3ad-4e80-a5fc-380fe8d48e57",
"createdBy" : "2b6f496d-36f1-4e66-a205-8abcf1d41d74",
"createdAt" : {
"nano" : 299872000,
"epochSecond" : 1712220969
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}, {
"id" : "8c091908-5019-4861-8e6b-c11f3b539e30",
"organizationId" : "95068bb0-864b-4930-b06e-9acf4957c826",
"name" : "Cloud Engineering",
"roleType" : "Custom",
"roleId" : "8f1493a4-29ca-4b34-8d04-b6ef954b097c",
"createdBy" : "2b6f496d-36f1-4e66-a205-8abcf1d41d74",
"createdAt" : {
"nano" : 320211000,
"epochSecond" : 1712220969
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
} ]
Get Default Role
GET /default-roles/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this default role applies to. All User and API Account Identities that are created in the organization without explicit permissions at the time of creation, will be granted this role and any other default roles that apply to the organization. |
name |
String |
true |
Used for display purposes. Not unique or private. |
roleType |
String |
true |
The type of the role identified by the {@link #roleId roleId}. Must be one of [Standard, Custom]. |
roleId |
String |
true |
The id of the role as defined by the authorization service. |
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/default-roles/a50115a7-5254-45e9-8687-ea62de3465ba' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIyQk1PSXA2VEVnbUNLSi1zU3FzbERnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc1LCJleHAiOjE3MTIyMjQ1NzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KYeiIwra0k5n_sDngHeRmSylG7i4BX8kbsBH9cGLw0vH8052ifspJ2ti_xAWu2TF63tMmOYM-80N8MdK_lPT0WL4ERjaIW2MBhWp2V0RrEraHb134HOgnNihG0k4zhAT79VaRj8Hrm1fOxoKKJRox3w_4T9BKi1PFR9RVrRfLSwxA9PDbrhjkrVonCbatdQVZv2v-jUvqRdh4y6mBRRY6INCZikpZf5r9hE3Wu6sk8ZqJpjO8SrZomYDE2NbydGBbWl8uj_hvnzOmv1c4drVpe7x7x0DBZfy8VFL820oCEg8VxhEA_BFUF5iQgJi6OV7Hl_2QE6r01ckkVh5pQGpYA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 418
{
"id" : "a50115a7-5254-45e9-8687-ea62de3465ba",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "Test Std Role",
"roleType" : "Standard",
"roleId" : "811628f2-cbaf-47ee-8a18-bdacce3908e5",
"createdBy" : "2e7dac30-3fe1-4ed9-9d1c-74d6b144b381",
"createdAt" : {
"nano" : 26410000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}
Create Default Role
POST /default-roles
Creates a new Default Role on the indicated Organization. The name of the Default Role will be computed based on the title of the role as defined in the authorization service. Note, the API client must have permission in the authorization service to grant the indicated role. This authorization check is above and beyond the local permission to create a default role. API Clients should be cautious in their use of Default Roles as they create an automated grant of permissions that will occur whenever a user is invited to the Organization with default permissions. Thus, any user able to create an invitation to the organization is effectively able to grant the default roles. Only one default role instance is permitted per authorization role id and organization.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
The id of the {@link Organization} that this default role applies to. All User and API Account Identities that are created in the organization without explicit permissions at the time of creation, will be granted this role and any other default roles that apply to the organization. The client must have permission to create default roles in the organization, and permission to update the specified organization. Additional authorization constraints may apply. |
roleType |
String |
true |
Default roles can be based on standard roles or custom roles. Must be one of [Standard, Custom]. |
roleId |
String |
true |
The id of the role, as defined by the authorization service, to grant as a default role. The role, ie the role type and role id tuple, must be unique within the organization. An API client MUST have permission to perform this role in order to add it to an organization’s default roles. This is enforced by the {@link CanGrantRole} annotation on this type. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this default role applies to. All User and API Account Identities that are created in the organization without explicit permissions at the time of creation, will be granted this role and any other default roles that apply to the organization. |
name |
String |
true |
Used for display purposes. Not unique or private. |
roleType |
String |
true |
The type of the role identified by the {@link #roleId roleId}. Must be one of [Standard, Custom]. |
roleId |
String |
true |
The id of the role as defined by the authorization service. |
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/default-roles' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIyQk1PSXA2VEVnbUNLSi1zU3FzbERnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc1LCJleHAiOjE3MTIyMjQ1NzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KYeiIwra0k5n_sDngHeRmSylG7i4BX8kbsBH9cGLw0vH8052ifspJ2ti_xAWu2TF63tMmOYM-80N8MdK_lPT0WL4ERjaIW2MBhWp2V0RrEraHb134HOgnNihG0k4zhAT79VaRj8Hrm1fOxoKKJRox3w_4T9BKi1PFR9RVrRfLSwxA9PDbrhjkrVonCbatdQVZv2v-jUvqRdh4y6mBRRY6INCZikpZf5r9hE3Wu6sk8ZqJpjO8SrZomYDE2NbydGBbWl8uj_hvnzOmv1c4drVpe7x7x0DBZfy8VFL820oCEg8VxhEA_BFUF5iQgJi6OV7Hl_2QE6r01ckkVh5pQGpYA' \
-d '{"organizationId":"d4fb0348-8470-4e63-9548-1fb6825da708","roleType":"Standard","roleId":"736c9dd0-fd32-4c78-a40f-fee07eadb137"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 458
{
"id" : "dbbb26ac-01e9-4d91-ba69-bfe51a9f3cfe",
"organizationId" : "d4fb0348-8470-4e63-9548-1fb6825da708",
"name" : "Standard Role - 736c9dd0-fd32-4c78-a40f-fee07eadb137",
"roleType" : "Standard",
"roleId" : "736c9dd0-fd32-4c78-a40f-fee07eadb137",
"createdBy" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"createdAt" : {
"nano" : 781732000,
"epochSecond" : 1712220975
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}
Delete Default Role
DELETE /default-roles/{id}
Mark an existing default role as deleted.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this default role applies to. All User and API Account Identities that are created in the organization without explicit permissions at the time of creation, will be granted this role and any other default roles that apply to the organization. |
name |
String |
true |
Used for display purposes. Not unique or private. |
roleType |
String |
true |
The type of the role identified by the {@link #roleId roleId}. Must be one of [Standard, Custom]. |
roleId |
String |
true |
The id of the role as defined by the authorization service. |
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/default-roles/e977ff20-b124-4f22-b07c-9265b1162b0e' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIyQk1PSXA2VEVnbUNLSi1zU3FzbERnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc1LCJleHAiOjE3MTIyMjQ1NzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KYeiIwra0k5n_sDngHeRmSylG7i4BX8kbsBH9cGLw0vH8052ifspJ2ti_xAWu2TF63tMmOYM-80N8MdK_lPT0WL4ERjaIW2MBhWp2V0RrEraHb134HOgnNihG0k4zhAT79VaRj8Hrm1fOxoKKJRox3w_4T9BKi1PFR9RVrRfLSwxA9PDbrhjkrVonCbatdQVZv2v-jUvqRdh4y6mBRRY6INCZikpZf5r9hE3Wu6sk8ZqJpjO8SrZomYDE2NbydGBbWl8uj_hvnzOmv1c4drVpe7x7x0DBZfy8VFL820oCEg8VxhEA_BFUF5iQgJi6OV7Hl_2QE6r01ckkVh5pQGpYA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 508
{
"id" : "e977ff20-b124-4f22-b07c-9265b1162b0e",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "Test Deletion",
"roleType" : "Standard",
"roleId" : "84dd9133-934a-4400-818f-8efeb477820a",
"createdBy" : "d80fe653-40ce-413d-976c-7d3d59461a0c",
"createdAt" : {
"nano" : 470838000,
"epochSecond" : 1712220975
},
"deletedAt" : {
"nano" : 487000000,
"epochSecond" : 1712220975
},
"deletedBy" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"deleted" : true
}
Grant Default Role
POST /default-roles/{id}/grant
Grants this default role to all identities in the organization (the org that this default role belongs to.) This is a utility action which can be used to reset or reapply a default role that has been added or modified after identities were added to the organization (when default roles are traditionally auto-granted.) This will not create duplicate grants, but this will grant this default role to any identity in the organization that lacks it. The requesting client must have permission to read the default role and permission to create invitations in the organization. The latter is the minimum requires to trigger default role granting to the invitations 'target' identity, and is therefore the transitive authorization requirement here.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/default-roles/ba511c66-2f44-4c6d-91ab-8b8ffcf2cfc7/grant' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiIyQk1PSXA2VEVnbUNLSi1zU3FzbERnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc1LCJleHAiOjE3MTIyMjQ1NzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KYeiIwra0k5n_sDngHeRmSylG7i4BX8kbsBH9cGLw0vH8052ifspJ2ti_xAWu2TF63tMmOYM-80N8MdK_lPT0WL4ERjaIW2MBhWp2V0RrEraHb134HOgnNihG0k4zhAT79VaRj8Hrm1fOxoKKJRox3w_4T9BKi1PFR9RVrRfLSwxA9PDbrhjkrVonCbatdQVZv2v-jUvqRdh4y6mBRRY6INCZikpZf5r9hE3Wu6sk8ZqJpjO8SrZomYDE2NbydGBbWl8uj_hvnzOmv1c4drVpe7x7x0DBZfy8VFL820oCEg8VxhEA_BFUF5iQgJi6OV7Hl_2QE6r01ckkVh5pQGpYA' \
-d '{"includeIdentityIds":["2cb5a6c6-103c-45f1-81d1-4f68a44c35f9","69792946-0905-4f09-b4de-66b64df6bb9d","539538d0-1ae5-4bd7-82c4-50bf50400794"],"excludeIdentityIds":["69792946-0905-4f09-b4de-66b64df6bb9d","5844ebe4-72fe-4e46-88e1-6ca720a257a4","2cb5a6c6-103c-45f1-81d1-4f68a44c35f9"]}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 51
{
"539538d0-1ae5-4bd7-82c4-50bf50400794" : true
}
Default Roles
Find Open Id Providers
GET /open-id-providers
Search for existing Open Id Providers. Results are automatically limited to the subset of instances that the API client has permission to read and which are not marked as deleted. An API client may override the default deleted filter by passing a 'deleted' query parameter with value of 'true' (just those marked deleted) or a value of 'true,false' for all otherwise matching default roles regardless of their marked-deleted state.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
name |
String |
true |
Used for display purposes. Not unique or private. |
clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
active |
Boolean |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/open-id-providers' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTXzJvZHJDZGV6d0xRenpYR04tcGJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTcxLCJleHAiOjE3MTIyMjQ1NzEsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rMwVgEpsHi0fMnj7LtGrkCM_ZTncIN_P2rMGeKv1KAtCrouxxm7yXNM-4bUgJFoTVYN1x_r0rNjzQs4KY9ZjVniP_ERerHtFizyC3w0o5Ketr6FtSJgMl17SY6r72H5aYHGAgWplAXOP4SnCZ10mpAv1llU3pgkl4iAmSSDsve2ItBVlSI--JTItUKhbS06fFyqmBa5sA8N4rgNyBoizbTb__6BvjLDjWvUFz5Y1AbzDZKLibcLLVXr3wxGCZLH5-m9TaV59h5hJ7zJV0cpuFCCUj6b-CspXr7QS6XGls-vam8RoNsuCBZLMI8Eo0BDiz_6A68bAummMf0xdUAOAng'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 574
[ {
"id" : "d8bb5d41-2bd9-40cf-bbac-029bac91d718",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "ACME OIDC Provider 1",
"clientId" : "clientId1",
"issuer" : "https://auth",
"authorizationEndpoint" : "https://token",
"tokenEndpoint" : "https://user",
"userInfoEndpoint" : "https://jwks",
"jwksUri" : "https://iss",
"active" : true,
"createdBy" : "4918adbe-2b6d-48ea-b898-48473f04fdf0",
"createdAt" : {
"nano" : 46686000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
} ]
Get Open Id Provider
GET /open-id-providers/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
name |
String |
true |
Used for display purposes. Not unique or private. |
clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
active |
Boolean |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/open-id-providers/d8bb5d41-2bd9-40cf-bbac-029bac91d718' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTXzJvZHJDZGV6d0xRenpYR04tcGJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTcxLCJleHAiOjE3MTIyMjQ1NzEsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rMwVgEpsHi0fMnj7LtGrkCM_ZTncIN_P2rMGeKv1KAtCrouxxm7yXNM-4bUgJFoTVYN1x_r0rNjzQs4KY9ZjVniP_ERerHtFizyC3w0o5Ketr6FtSJgMl17SY6r72H5aYHGAgWplAXOP4SnCZ10mpAv1llU3pgkl4iAmSSDsve2ItBVlSI--JTItUKhbS06fFyqmBa5sA8N4rgNyBoizbTb__6BvjLDjWvUFz5Y1AbzDZKLibcLLVXr3wxGCZLH5-m9TaV59h5hJ7zJV0cpuFCCUj6b-CspXr7QS6XGls-vam8RoNsuCBZLMI8Eo0BDiz_6A68bAummMf0xdUAOAng'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 570
{
"id" : "d8bb5d41-2bd9-40cf-bbac-029bac91d718",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "ACME OIDC Provider 1",
"clientId" : "clientId1",
"issuer" : "https://auth",
"authorizationEndpoint" : "https://token",
"tokenEndpoint" : "https://user",
"userInfoEndpoint" : "https://jwks",
"jwksUri" : "https://iss",
"active" : true,
"createdBy" : "4918adbe-2b6d-48ea-b898-48473f04fdf0",
"createdAt" : {
"nano" : 46686000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}
Create Open Id Provider
POST /open-id-providers
Creates a new Open Id Provider on the indicated Organization.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
The id of the {@link Organization} that this OpenIdProvider applies to. |
name |
String |
true |
Used for display purposes. Not unique or private. |
clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
active |
Boolean |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
name |
String |
true |
Used for display purposes. Not unique or private. |
clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
active |
Boolean |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/open-id-providers' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTXzJvZHJDZGV6d0xRenpYR04tcGJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTcxLCJleHAiOjE3MTIyMjQ1NzEsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rMwVgEpsHi0fMnj7LtGrkCM_ZTncIN_P2rMGeKv1KAtCrouxxm7yXNM-4bUgJFoTVYN1x_r0rNjzQs4KY9ZjVniP_ERerHtFizyC3w0o5Ketr6FtSJgMl17SY6r72H5aYHGAgWplAXOP4SnCZ10mpAv1llU3pgkl4iAmSSDsve2ItBVlSI--JTItUKhbS06fFyqmBa5sA8N4rgNyBoizbTb__6BvjLDjWvUFz5Y1AbzDZKLibcLLVXr3wxGCZLH5-m9TaV59h5hJ7zJV0cpuFCCUj6b-CspXr7QS6XGls-vam8RoNsuCBZLMI8Eo0BDiz_6A68bAummMf0xdUAOAng' \
-d '{"organizationId":"c0048cf7-0785-4a55-87d3-25ac18cc6632","name":"ACME OIDC Provider New","clientId":"clientId2","issuer":"https://auth","authorizationEndpoint":"https://token","tokenEndpoint":"https://user","userInfoEndpoint":"https://jwks","jwksUri":"https://iss","active":true}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 573
{
"id" : "d796d506-42e9-4af0-9897-f46c40e3bfe7",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "ACME OIDC Provider New",
"clientId" : "clientId2",
"issuer" : "https://auth",
"authorizationEndpoint" : "https://token",
"tokenEndpoint" : "https://user",
"userInfoEndpoint" : "https://jwks",
"jwksUri" : "https://iss",
"active" : true,
"createdBy" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"createdAt" : {
"nano" : 931030000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}
Update Open Id Provider
PATCH /open-id-providers/{id}
Creates a new Open Id Provider on the indicated Organization.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
|
active |
Boolean |
true |
|
empty |
Boolean |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
name |
String |
true |
Used for display purposes. Not unique or private. |
clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
active |
Boolean |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/open-id-providers/45843cdc-cfa9-4dd7-9b2b-01ec11f39500' -i -X PATCH \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTXzJvZHJDZGV6d0xRenpYR04tcGJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTcxLCJleHAiOjE3MTIyMjQ1NzEsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rMwVgEpsHi0fMnj7LtGrkCM_ZTncIN_P2rMGeKv1KAtCrouxxm7yXNM-4bUgJFoTVYN1x_r0rNjzQs4KY9ZjVniP_ERerHtFizyC3w0o5Ketr6FtSJgMl17SY6r72H5aYHGAgWplAXOP4SnCZ10mpAv1llU3pgkl4iAmSSDsve2ItBVlSI--JTItUKhbS06fFyqmBa5sA8N4rgNyBoizbTb__6BvjLDjWvUFz5Y1AbzDZKLibcLLVXr3wxGCZLH5-m9TaV59h5hJ7zJV0cpuFCCUj6b-CspXr7QS6XGls-vam8RoNsuCBZLMI8Eo0BDiz_6A68bAummMf0xdUAOAng' \
-d '{"name":null,"active":false,"empty":false}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 569
{
"id" : "45843cdc-cfa9-4dd7-9b2b-01ec11f39500",
"organizationId" : "64132b58-11c4-4d07-a79e-304ccda453c4",
"name" : "OIDC Provider-9",
"clientId" : "clientId-10",
"issuer" : "https://auth",
"authorizationEndpoint" : "https://token",
"tokenEndpoint" : "https://user",
"userInfoEndpoint" : "https://jwks",
"jwksUri" : "https://iss",
"active" : false,
"createdBy" : "54f1ccf8-a4e9-4ecd-873e-65fb477726ed",
"createdAt" : {
"nano" : 689744000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"deletedBy" : null,
"deleted" : false
}
Delete Open Id Provider
DELETE /open-id-providers/{id}
Mark an existing Open Id Provider as deleted.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
The id of the {@link Organization} that this provider will authenticate users into. |
name |
String |
true |
Used for display purposes. Not unique or private. |
clientId |
String |
true |
An Open Id Provider / OAuth 2.0 Authorization Server issues a "clientId", which is "a unique string representing the registration information provided by the client." - OAuth 2.0 spec, sec 2.2 Required, never null or empty. While the specification does not limit the size of this property, this service sets a max size of 256 characters. |
issuer |
String |
true |
This MUST be identical to the iss Claim value in ID Tokens issued from this Issuer, and should be a URL. |
authorizationEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Authorization Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
tokenEndpoint |
String |
true |
URL of the Open Id Provider’s OAuth 2.0 Token Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
userInfoEndpoint |
String |
true |
URL of the Open Id Provider’s UserInfo Endpoint. This URL MUST use the https scheme and MAY contain port, path, and query parameter components. |
jwksUri |
String |
true |
URL of the Open Id Provider’s JWK Set document, which MUST use the https scheme. This contains the signing key(s) which can be used to validate token signatures of tokens issued by this Open Id Provider. |
active |
Boolean |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/open-id-providers/3c2d506d-f20b-4230-8495-4c2ee75f80ad' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJTXzJvZHJDZGV6d0xRenpYR04tcGJ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTcxLCJleHAiOjE3MTIyMjQ1NzEsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rMwVgEpsHi0fMnj7LtGrkCM_ZTncIN_P2rMGeKv1KAtCrouxxm7yXNM-4bUgJFoTVYN1x_r0rNjzQs4KY9ZjVniP_ERerHtFizyC3w0o5Ketr6FtSJgMl17SY6r72H5aYHGAgWplAXOP4SnCZ10mpAv1llU3pgkl4iAmSSDsve2ItBVlSI--JTItUKhbS06fFyqmBa5sA8N4rgNyBoizbTb__6BvjLDjWvUFz5Y1AbzDZKLibcLLVXr3wxGCZLH5-m9TaV59h5hJ7zJV0cpuFCCUj6b-CspXr7QS6XGls-vam8RoNsuCBZLMI8Eo0BDiz_6A68bAummMf0xdUAOAng'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 656
{
"id" : "3c2d506d-f20b-4230-8495-4c2ee75f80ad",
"organizationId" : "0668aa24-15e5-4158-8ba9-50f00d2a566b",
"name" : "OIDC Provider-13",
"clientId" : "clientId-14",
"issuer" : "https://auth",
"authorizationEndpoint" : "https://token",
"tokenEndpoint" : "https://user",
"userInfoEndpoint" : "https://jwks",
"jwksUri" : "https://iss",
"active" : true,
"createdBy" : "d6f17caf-ae6a-45a6-9b13-3e565f816e0e",
"createdAt" : {
"nano" : 53924000,
"epochSecond" : 1712220972
},
"deletedAt" : {
"nano" : 82000000,
"epochSecond" : 1712220972
},
"deletedBy" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"deleted" : true
}
User Identity
Get Identity
GET /identities/self
Get an Identity (regardless of type) by its id.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
active |
Boolean |
true |
|
organizationId |
String |
true |
|
tenantId |
String |
true |
Deprecated.. |
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
String |
true |
||
name |
String |
true |
|
id |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identities/self' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3bElNWU5XTXFoa2ZrREUwYXAyWjRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc4LCJleHAiOjE3MTIyMjQ1NzgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rkOcrCbXH9ZIx2a-IuubKoM2PthFDl-d-66ifdlDC0u9l62wqN4dzGp0MdgYxQc6kSOE3-xp_q_cxh5eDjZHioGNTrOGXnf78p0FQjIyo40yfWFjuD0BRf0dwtEWrltZb_ybhCe2Z-4C_hwx75a8xRhduk4XfPlkZqhAV-vy4dHRPjxF9MhXxacB4_085RmG50rB1AiRJHZq7sR6FC_bP5i0vAJELpAJjTAQSAvYXxpvXVVC9UbVgV7P_n0s6iGh_r0D2psRzFDaJZ9_7CsKtJJjwjl6odFqbr3L4QSImddVg25GlsFa9z88hYmgTcckKC-EqP0N57EVtX21Z6JzzA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 690
{
"id" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"firstName" : "TESTING",
"lastName" : "CLIENT",
"email" : "test.client@server.com",
"identityMappings" : [ {
"id" : "a3ef29fe-92a0-4e3c-8019-328849dab1be",
"auth0UserId" : "auth0-opaque-userId-6",
"identityProviderId" : "ef1a5b8c-7c6e-497f-8e98-ba0fa25f7b73",
"userIdentityId" : "c768f676-8528-488b-b410-6dbeb99c9bb4"
} ],
"active" : true,
"createdAt" : {
"nano" : 99171000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "TESTING CLIENT",
"type" : "UserIdentity"
}
Get Identity
GET /identities/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Get an Identity (regardless of type) by its id.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
The id of the desired Identity. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
active |
Boolean |
true |
|
organizationId |
String |
true |
|
tenantId |
String |
true |
Deprecated.. |
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
String |
true |
||
name |
String |
true |
|
id |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identities/3aef28b5-2297-42d1-ac8c-a774b46f7299' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3bElNWU5XTXFoa2ZrREUwYXAyWjRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc4LCJleHAiOjE3MTIyMjQ1NzgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rkOcrCbXH9ZIx2a-IuubKoM2PthFDl-d-66ifdlDC0u9l62wqN4dzGp0MdgYxQc6kSOE3-xp_q_cxh5eDjZHioGNTrOGXnf78p0FQjIyo40yfWFjuD0BRf0dwtEWrltZb_ybhCe2Z-4C_hwx75a8xRhduk4XfPlkZqhAV-vy4dHRPjxF9MhXxacB4_085RmG50rB1AiRJHZq7sR6FC_bP5i0vAJELpAJjTAQSAvYXxpvXVVC9UbVgV7P_n0s6iGh_r0D2psRzFDaJZ9_7CsKtJJjwjl6odFqbr3L4QSImddVg25GlsFa9z88hYmgTcckKC-EqP0N57EVtX21Z6JzzA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 673
{
"id" : "3aef28b5-2297-42d1-ac8c-a774b46f7299",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"firstName" : "John",
"lastName" : "Doe",
"email" : "john.doe@acme.com",
"identityMappings" : [ {
"id" : "60fc62f7-08a5-4829-b170-084006338f8f",
"auth0UserId" : "auth0-opaque-userId-3",
"identityProviderId" : "ef1a5b8c-7c6e-497f-8e98-ba0fa25f7b73",
"userIdentityId" : "3aef28b5-2297-42d1-ac8c-a774b46f7299"
} ],
"active" : true,
"createdAt" : {
"nano" : 90389000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "John Doe",
"type" : "UserIdentity"
}
Find User Identities
GET /user-identities
Returns a set of {@link UserIdentity}s that are visible to the requesting client and optionally filtered based on the submitted request parameters. optionally filtered based on the submitted request parameters.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
tenantId |
Object |
true |
Deprecated.. |
organizationId |
Object |
true |
Restricts results to Identities in the specified Organization (by Organization’s id.). |
identityProviderId |
Object |
true |
|
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
||
active |
Boolean |
true |
Restricts results to Identities with a matching active status. |
includeDeleted |
Boolean |
true |
Default value: 'false'. |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
||
identityMappings |
Array[Object] |
true |
|
identityMappings[].id |
String |
true |
|
identityMappings[].auth0UserId |
String |
true |
|
identityMappings[].identityProviderId |
String |
true |
|
identityMappings[].userIdentityId |
String |
true |
|
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3bElNWU5XTXFoa2ZrREUwYXAyWjRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc4LCJleHAiOjE3MTIyMjQ1NzgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rkOcrCbXH9ZIx2a-IuubKoM2PthFDl-d-66ifdlDC0u9l62wqN4dzGp0MdgYxQc6kSOE3-xp_q_cxh5eDjZHioGNTrOGXnf78p0FQjIyo40yfWFjuD0BRf0dwtEWrltZb_ybhCe2Z-4C_hwx75a8xRhduk4XfPlkZqhAV-vy4dHRPjxF9MhXxacB4_085RmG50rB1AiRJHZq7sR6FC_bP5i0vAJELpAJjTAQSAvYXxpvXVVC9UbVgV7P_n0s6iGh_r0D2psRzFDaJZ9_7CsKtJJjwjl6odFqbr3L4QSImddVg25GlsFa9z88hYmgTcckKC-EqP0N57EVtX21Z6JzzA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2054
[ {
"id" : "030d57a7-8530-4f0c-9e2d-78ab7ba606e5",
"organizationId" : "a2b2d8dc-1fe1-4f26-bec6-c359b15d8c1a",
"firstName" : "First",
"lastName" : "Last",
"email" : "noreply@netfoundry.io",
"identityMappings" : [ {
"id" : "328d7363-6a24-4cc7-92fb-602cc9ca93bf",
"auth0UserId" : "auth0-opaque-userId-108",
"identityProviderId" : "082d5bdf-cb9f-49be-a67f-e61845323a32",
"userIdentityId" : "030d57a7-8530-4f0c-9e2d-78ab7ba606e5"
} ],
"active" : true,
"createdAt" : {
"nano" : 634555000,
"epochSecond" : 1712220977
},
"deletedAt" : null,
"tenantId" : "a2b2d8dc-1fe1-4f26-bec6-c359b15d8c1a",
"name" : "First Last",
"type" : "UserIdentity"
}, {
"id" : "0ffd617a-32e5-4769-9f56-a4db19d1909a",
"organizationId" : "b7a5a6e0-c8d5-40ce-98b7-563350937de7",
"firstName" : "First",
"lastName" : "Last",
"email" : "random-58@acme.com",
"identityMappings" : [ {
"id" : "7ada097f-6e4b-4c1c-b381-e178ed91d779",
"auth0UserId" : "auth0-opaque-userId-59",
"identityProviderId" : "ef13d9eb-de0a-4bc3-8377-5f469bcc4c3f",
"userIdentityId" : "0ffd617a-32e5-4769-9f56-a4db19d1909a"
} ],
"active" : true,
"createdAt" : {
"nano" : 567244000,
"epochSecond" : 1712220975
},
"deletedAt" : null,
"tenantId" : "b7a5a6e0-c8d5-40ce-98b7-563350937de7",
"name" : "First Last",
"type" : "UserIdentity"
}, {
"id" : "2064e681-3610-48a5-80de-6cd04d94a5e2",
"organizationId" : "6ac91123-3a30-44b8-bffe-e3c6752efbb7",
"firstName" : "First",
"lastName" : "Last",
"email" : "random-104@acme.com",
"identityMappings" : [ {
"id" : "11c554ca-8af7-453a-a7dc-96e20961f84f",
"auth0UserId" : "auth0-opaque-userId-105",
"identityProviderId" : "eed43c1a-761e-4c86-81c0-122164797b3a",
"userIdentityId" : "2064e681-3610-48a5-80de-6cd04d94a5e2"
} ],
"active" : true,
"createdAt" : {
"nano" : 544308000,
"epochSecond" : 1712220977
},
"deletedAt" : null,
"tenantId" : "6ac91123-3a30-44b8-bffe-e3c6752efbb7",
"name" : "First Last",
"type" : "UserIdentity"
} ]
Get User Identity
GET /user-identities/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Get an User Identity by its id.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
The id of the desired Identity. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
||
identityMappings |
Array[Object] |
true |
|
identityMappings[].id |
String |
true |
|
identityMappings[].auth0UserId |
String |
true |
|
identityMappings[].identityProviderId |
String |
true |
|
identityMappings[].userIdentityId |
String |
true |
|
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/3aef28b5-2297-42d1-ac8c-a774b46f7299' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3bElNWU5XTXFoa2ZrREUwYXAyWjRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc4LCJleHAiOjE3MTIyMjQ1NzgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rkOcrCbXH9ZIx2a-IuubKoM2PthFDl-d-66ifdlDC0u9l62wqN4dzGp0MdgYxQc6kSOE3-xp_q_cxh5eDjZHioGNTrOGXnf78p0FQjIyo40yfWFjuD0BRf0dwtEWrltZb_ybhCe2Z-4C_hwx75a8xRhduk4XfPlkZqhAV-vy4dHRPjxF9MhXxacB4_085RmG50rB1AiRJHZq7sR6FC_bP5i0vAJELpAJjTAQSAvYXxpvXVVC9UbVgV7P_n0s6iGh_r0D2psRzFDaJZ9_7CsKtJJjwjl6odFqbr3L4QSImddVg25GlsFa9z88hYmgTcckKC-EqP0N57EVtX21Z6JzzA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 673
{
"id" : "3aef28b5-2297-42d1-ac8c-a774b46f7299",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"firstName" : "John",
"lastName" : "Doe",
"email" : "john.doe@acme.com",
"identityMappings" : [ {
"id" : "60fc62f7-08a5-4829-b170-084006338f8f",
"auth0UserId" : "auth0-opaque-userId-3",
"identityProviderId" : "ef1a5b8c-7c6e-497f-8e98-ba0fa25f7b73",
"userIdentityId" : "3aef28b5-2297-42d1-ac8c-a774b46f7299"
} ],
"active" : true,
"createdAt" : {
"nano" : 90389000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "John Doe",
"type" : "UserIdentity"
}
Get User Identity By Mapping
GET /user-identities/mapping/{auth0UserId}/{identityProviderId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
auth0UserId |
String |
false |
|
identityProviderId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
||
identityMappings |
Array[Object] |
true |
|
identityMappings[].id |
String |
true |
|
identityMappings[].auth0UserId |
String |
true |
|
identityMappings[].identityProviderId |
String |
true |
|
identityMappings[].userIdentityId |
String |
true |
|
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/mapping/auth0-opaque-userId-3/ef1a5b8c-7c6e-497f-8e98-ba0fa25f7b73' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3bElNWU5XTXFoa2ZrREUwYXAyWjRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc4LCJleHAiOjE3MTIyMjQ1NzgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rkOcrCbXH9ZIx2a-IuubKoM2PthFDl-d-66ifdlDC0u9l62wqN4dzGp0MdgYxQc6kSOE3-xp_q_cxh5eDjZHioGNTrOGXnf78p0FQjIyo40yfWFjuD0BRf0dwtEWrltZb_ybhCe2Z-4C_hwx75a8xRhduk4XfPlkZqhAV-vy4dHRPjxF9MhXxacB4_085RmG50rB1AiRJHZq7sR6FC_bP5i0vAJELpAJjTAQSAvYXxpvXVVC9UbVgV7P_n0s6iGh_r0D2psRzFDaJZ9_7CsKtJJjwjl6odFqbr3L4QSImddVg25GlsFa9z88hYmgTcckKC-EqP0N57EVtX21Z6JzzA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 673
{
"id" : "3aef28b5-2297-42d1-ac8c-a774b46f7299",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"firstName" : "John",
"lastName" : "Doe",
"email" : "john.doe@acme.com",
"identityMappings" : [ {
"id" : "60fc62f7-08a5-4829-b170-084006338f8f",
"auth0UserId" : "auth0-opaque-userId-3",
"identityProviderId" : "ef1a5b8c-7c6e-497f-8e98-ba0fa25f7b73",
"userIdentityId" : "3aef28b5-2297-42d1-ac8c-a774b46f7299"
} ],
"active" : true,
"createdAt" : {
"nano" : 90389000,
"epochSecond" : 1712220971
},
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "John Doe",
"type" : "UserIdentity"
}
Create Identity
POST /user-identities
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
|
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
||
identityMappings |
Array[Object] |
true |
|
identityMappings[].id |
String |
true |
|
identityMappings[].auth0UserId |
String |
true |
|
identityMappings[].identityProviderId |
String |
true |
|
identityMappings[].userIdentityId |
String |
true |
|
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3bElNWU5XTXFoa2ZrREUwYXAyWjRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc4LCJleHAiOjE3MTIyMjQ1NzgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rkOcrCbXH9ZIx2a-IuubKoM2PthFDl-d-66ifdlDC0u9l62wqN4dzGp0MdgYxQc6kSOE3-xp_q_cxh5eDjZHioGNTrOGXnf78p0FQjIyo40yfWFjuD0BRf0dwtEWrltZb_ybhCe2Z-4C_hwx75a8xRhduk4XfPlkZqhAV-vy4dHRPjxF9MhXxacB4_085RmG50rB1AiRJHZq7sR6FC_bP5i0vAJELpAJjTAQSAvYXxpvXVVC9UbVgV7P_n0s6iGh_r0D2psRzFDaJZ9_7CsKtJJjwjl6odFqbr3L4QSImddVg25GlsFa9z88hYmgTcckKC-EqP0N57EVtX21Z6JzzA' \
-d '{"organizationId":"c0048cf7-0785-4a55-87d3-25ac18cc6632","firstName":"Jane","lastName":"Doe","email":"jane.doe@acme.com"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 443
{
"id" : "d650f165-8754-40e7-911e-606e2ac05aab",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"firstName" : "Jane",
"lastName" : "Doe",
"email" : "jane.doe@acme.com",
"identityMappings" : [ ],
"active" : true,
"createdAt" : {
"nano" : 491020000,
"epochSecond" : 1712220979
},
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "Jane Doe",
"type" : "UserIdentity"
}
Update Identity Info
PUT /user-identities/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
||
identityMappings |
Array[Object] |
true |
|
identityMappings[].id |
String |
true |
|
identityMappings[].auth0UserId |
String |
true |
|
identityMappings[].identityProviderId |
String |
true |
|
identityMappings[].userIdentityId |
String |
true |
|
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/2217fd04-5395-461e-b492-fd0a2fa13065' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3bElNWU5XTXFoa2ZrREUwYXAyWjRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc4LCJleHAiOjE3MTIyMjQ1NzgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rkOcrCbXH9ZIx2a-IuubKoM2PthFDl-d-66ifdlDC0u9l62wqN4dzGp0MdgYxQc6kSOE3-xp_q_cxh5eDjZHioGNTrOGXnf78p0FQjIyo40yfWFjuD0BRf0dwtEWrltZb_ybhCe2Z-4C_hwx75a8xRhduk4XfPlkZqhAV-vy4dHRPjxF9MhXxacB4_085RmG50rB1AiRJHZq7sR6FC_bP5i0vAJELpAJjTAQSAvYXxpvXVVC9UbVgV7P_n0s6iGh_r0D2psRzFDaJZ9_7CsKtJJjwjl6odFqbr3L4QSImddVg25GlsFa9z88hYmgTcckKC-EqP0N57EVtX21Z6JzzA' \
-d '{"firstName":"Bobby","lastName":"White","email":"bobby.white@acme.com"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 685
{
"id" : "2217fd04-5395-461e-b492-fd0a2fa13065",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"firstName" : "Bobby",
"lastName" : "White",
"email" : "bobby.white@acme.com",
"identityMappings" : [ {
"id" : "c0224587-7673-4662-9392-1d8537230f0b",
"auth0UserId" : "auth0-opaque-userId-136",
"identityProviderId" : "ef1a5b8c-7c6e-497f-8e98-ba0fa25f7b73",
"userIdentityId" : "2217fd04-5395-461e-b492-fd0a2fa13065"
} ],
"active" : true,
"createdAt" : {
"nano" : 717361000,
"epochSecond" : 1712220978
},
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "Bobby White",
"type" : "UserIdentity"
}
Activate Or Deactivate User Identity
PUT /user-identities/{id}/{action:activate|deactivate}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
|
action |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
||
identityMappings |
Array[Object] |
true |
|
identityMappings[].id |
String |
true |
|
identityMappings[].auth0UserId |
String |
true |
|
identityMappings[].identityProviderId |
String |
true |
|
identityMappings[].userIdentityId |
String |
true |
|
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/3095e3cf-6f19-46c5-a99d-490be36dc6a7/deactivate' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3bElNWU5XTXFoa2ZrREUwYXAyWjRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc4LCJleHAiOjE3MTIyMjQ1NzgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rkOcrCbXH9ZIx2a-IuubKoM2PthFDl-d-66ifdlDC0u9l62wqN4dzGp0MdgYxQc6kSOE3-xp_q_cxh5eDjZHioGNTrOGXnf78p0FQjIyo40yfWFjuD0BRf0dwtEWrltZb_ybhCe2Z-4C_hwx75a8xRhduk4XfPlkZqhAV-vy4dHRPjxF9MhXxacB4_085RmG50rB1AiRJHZq7sR6FC_bP5i0vAJELpAJjTAQSAvYXxpvXVVC9UbVgV7P_n0s6iGh_r0D2psRzFDaJZ9_7CsKtJJjwjl6odFqbr3L4QSImddVg25GlsFa9z88hYmgTcckKC-EqP0N57EVtX21Z6JzzA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 683
{
"id" : "3095e3cf-6f19-46c5-a99d-490be36dc6a7",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"firstName" : "First",
"lastName" : "Last",
"email" : "random-137@acme.com",
"identityMappings" : [ {
"id" : "364c2adb-3dcb-4fc3-8d17-f686609a7a1d",
"auth0UserId" : "auth0-opaque-userId-138",
"identityProviderId" : "ef1a5b8c-7c6e-497f-8e98-ba0fa25f7b73",
"userIdentityId" : "3095e3cf-6f19-46c5-a99d-490be36dc6a7"
} ],
"active" : false,
"createdAt" : {
"nano" : 767875000,
"epochSecond" : 1712220978
},
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"name" : "First Last",
"type" : "UserIdentity"
}
Reset User Identity Mfa Settings
PUT /user-identities/{id}/reset-mfa
Calling this service will reset the user’s MFA settings. On their next login attempt, they will be required to setup their MFA settings again. This is useful if, for example, the user has replaced their phone and can no longer access their secondary authentication.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
The id of the user identity to reset. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/13c546bd-3ae6-4ab2-854e-655d54f0983e/reset-mfa' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3bElNWU5XTXFoa2ZrREUwYXAyWjRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc4LCJleHAiOjE3MTIyMjQ1NzgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rkOcrCbXH9ZIx2a-IuubKoM2PthFDl-d-66ifdlDC0u9l62wqN4dzGp0MdgYxQc6kSOE3-xp_q_cxh5eDjZHioGNTrOGXnf78p0FQjIyo40yfWFjuD0BRf0dwtEWrltZb_ybhCe2Z-4C_hwx75a8xRhduk4XfPlkZqhAV-vy4dHRPjxF9MhXxacB4_085RmG50rB1AiRJHZq7sR6FC_bP5i0vAJELpAJjTAQSAvYXxpvXVVC9UbVgV7P_n0s6iGh_r0D2psRzFDaJZ9_7CsKtJJjwjl6odFqbr3L4QSImddVg25GlsFa9z88hYmgTcckKC-EqP0N57EVtX21Z6JzzA'
Example response
HTTP/1.1 200 OK
Map Identity
POST /user-identities/{id}/mapping
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
auth0UserId |
String |
true |
|
identityProviderId |
String |
true |
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/9cf7bebc-444f-422f-a4e8-de6ea2cd0721/mapping' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI3bElNWU5XTXFoa2ZrREUwYXAyWjRRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc4LCJleHAiOjE3MTIyMjQ1NzgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.rkOcrCbXH9ZIx2a-IuubKoM2PthFDl-d-66ifdlDC0u9l62wqN4dzGp0MdgYxQc6kSOE3-xp_q_cxh5eDjZHioGNTrOGXnf78p0FQjIyo40yfWFjuD0BRf0dwtEWrltZb_ybhCe2Z-4C_hwx75a8xRhduk4XfPlkZqhAV-vy4dHRPjxF9MhXxacB4_085RmG50rB1AiRJHZq7sR6FC_bP5i0vAJELpAJjTAQSAvYXxpvXVVC9UbVgV7P_n0s6iGh_r0D2psRzFDaJZ9_7CsKtJJjwjl6odFqbr3L4QSImddVg25GlsFa9z88hYmgTcckKC-EqP0N57EVtX21Z6JzzA' \
-d '{"auth0UserId":"new-auth0-userId:5628c487-4a80-4fb2-828e-57b717e38ff9","identityProviderId":"6d852113-b070-4a97-a5ae-0cf84e943a6c"}'
Example response
HTTP/1.1 200 OK
API Account Identity
Find Api Account Identities
GET /api-account-identities
Returns a set of {@link ApiAccountIdentity}s that are visible to the requesting client and optionally filtered based on the submitted request parameters. optionally filtered based on the submitted request parameters.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
tenantId |
Object |
true |
Deprecated.. |
organizationId |
Object |
true |
Restricts results to Identities in the specified Organization (by Organization’s id.). |
name |
String |
true |
|
contactEmail |
String |
true |
|
active |
Boolean |
true |
Restricts results to Identities with a matching active status. |
includeDeleted |
Boolean |
true |
Default value: 'false'. |
provider |
String |
true |
Must be one of [Auth0, Cognito]. |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
auth0ClientId |
String |
true |
|
awsCognitoClientId |
String |
true |
|
authenticationUrl |
String |
true |
The OAuth2 url where a client credentials grant flow should be performed. |
name |
String |
true |
|
contactEmail |
String |
true |
|
description |
String |
true |
|
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
String |
true |
||
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJKWWY3S1A1WFpTR1A1M2lJVEJsZVpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc5LCJleHAiOjE3MTIyMjQ1NzksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.WAdfA43tXK5D1TlqI1DFFBkaskcZCsDaJaHJvLSE4mBGlD-lShl_g1zI6e7qhoU_27ZLyysNV5n7nnVqubk-4RqYQ4iJOPLVAXw-PDrYJ_eFyLljZt0wt39nNQ7vEfSXR7ZmNbv3oW0DaNjIbrxCkNnGmx7DbEQn3ZzHwBIv8GpkFhLng4XyiotxGj_t5wRKp4Gblq7xb1P5yJV4JnnTf_wzbLNDDHwdzHu-XZlvSQCeAIurShjDNlmlGeC-PBXhq7g_QHv60teNXglTcZIAy4nixI7TedN7rfTrMQA_nLB-_rEaNui-ldQ41oQxoYtFb5IFdzEuxEtJxIRFczvZ5A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2006
[ {
"id" : "007d31d9-cacf-4bd8-b96c-c3f97c30c72c",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ClientId" : null,
"awsCognitoClientId" : "6cd3654c-abcc-4eb9-a13c-768e814c7d5f|tsyqviha",
"authenticationUrl" : "https://netfoundry-test-qhmtps.auth.us-east-1.amazoncognito.com/oauth2/token",
"name" : "Testing Limits",
"contactEmail" : "a@acme.com",
"description" : "description",
"active" : true,
"createdAt" : {
"nano" : 819632000,
"epochSecond" : 1712220986
},
"updatedAt" : null,
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"email" : "a@acme.com",
"type" : "ApiAccountIdentity"
}, {
"id" : "12edb230-b7f2-4c72-b971-d25c54edbb75",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ClientId" : null,
"awsCognitoClientId" : "ef536da8-c45b-42f6-ba3d-e51ca8f37552|klsmwkqm",
"authenticationUrl" : "https://netfoundry-test-fdxdhd.auth.us-east-1.amazoncognito.com/oauth2/token",
"name" : "Testing Limits",
"contactEmail" : "a@acme.com",
"description" : "description",
"active" : true,
"createdAt" : {
"nano" : 236916000,
"epochSecond" : 1712221003
},
"updatedAt" : null,
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"email" : "a@acme.com",
"type" : "ApiAccountIdentity"
}, {
"id" : "145dd670-d726-42ba-8ccd-a7ca59db6834",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ClientId" : null,
"awsCognitoClientId" : "9e876f7c-858e-4391-8f78-6af7042f00cb|fbxbkbfo",
"authenticationUrl" : "https://netfoundry-test-hflcgl.auth.us-east-1.amazoncognito.com/oauth2/token",
"name" : "Testing Limits",
"contactEmail" : "a@acme.com",
"description" : "description",
"active" : true,
"createdAt" : {
"nano" : 497954000,
"epochSecond" : 1712220984
},
"updatedAt" : null,
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"email" : "a@acme.com",
"type" : "ApiAccountIdentity"
} ]
Get Api Account Identity
GET /api-account-identities/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Get an API Account Identity by its id.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
The id of the desired Identity. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
auth0ClientId |
String |
true |
|
awsCognitoClientId |
String |
true |
|
authenticationUrl |
String |
true |
The OAuth2 url where a client credentials grant flow should be performed. |
name |
String |
true |
|
contactEmail |
String |
true |
|
description |
String |
true |
|
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
String |
true |
||
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/5fd2ac6d-770e-464f-95b0-71d9a93ce82d' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJKWWY3S1A1WFpTR1A1M2lJVEJsZVpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc5LCJleHAiOjE3MTIyMjQ1NzksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.WAdfA43tXK5D1TlqI1DFFBkaskcZCsDaJaHJvLSE4mBGlD-lShl_g1zI6e7qhoU_27ZLyysNV5n7nnVqubk-4RqYQ4iJOPLVAXw-PDrYJ_eFyLljZt0wt39nNQ7vEfSXR7ZmNbv3oW0DaNjIbrxCkNnGmx7DbEQn3ZzHwBIv8GpkFhLng4XyiotxGj_t5wRKp4Gblq7xb1P5yJV4JnnTf_wzbLNDDHwdzHu-XZlvSQCeAIurShjDNlmlGeC-PBXhq7g_QHv60teNXglTcZIAy4nixI7TedN7rfTrMQA_nLB-_rEaNui-ldQ41oQxoYtFb5IFdzEuxEtJxIRFczvZ5A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 717
{
"id" : "5fd2ac6d-770e-464f-95b0-71d9a93ce82d",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ClientId" : "72437aab-6df7-4fb6-bb60-fb96da3d560f",
"awsCognitoClientId" : null,
"authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
"name" : "api-account",
"contactEmail" : "no-reply@acme.com",
"description" : "This is an ACME non-interactive API client.",
"active" : true,
"createdAt" : {
"nano" : 95595000,
"epochSecond" : 1712220971
},
"updatedAt" : {
"nano" : 182498000,
"epochSecond" : 1712220980
},
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"email" : "no-reply@acme.com",
"type" : "ApiAccountIdentity"
}
Get Api Account Identity By Mapping
GET /api-account-identities/mapping/{clientId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
clientId |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
auth0ClientId |
String |
true |
|
awsCognitoClientId |
String |
true |
|
authenticationUrl |
String |
true |
The OAuth2 url where a client credentials grant flow should be performed. |
name |
String |
true |
|
contactEmail |
String |
true |
|
description |
String |
true |
|
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
String |
true |
||
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/mapping/7abfcac2-53e0-4357-bb85-dac4d507df9f' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJKWWY3S1A1WFpTR1A1M2lJVEJsZVpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc5LCJleHAiOjE3MTIyMjQ1NzksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.WAdfA43tXK5D1TlqI1DFFBkaskcZCsDaJaHJvLSE4mBGlD-lShl_g1zI6e7qhoU_27ZLyysNV5n7nnVqubk-4RqYQ4iJOPLVAXw-PDrYJ_eFyLljZt0wt39nNQ7vEfSXR7ZmNbv3oW0DaNjIbrxCkNnGmx7DbEQn3ZzHwBIv8GpkFhLng4XyiotxGj_t5wRKp4Gblq7xb1P5yJV4JnnTf_wzbLNDDHwdzHu-XZlvSQCeAIurShjDNlmlGeC-PBXhq7g_QHv60teNXglTcZIAy4nixI7TedN7rfTrMQA_nLB-_rEaNui-ldQ41oQxoYtFb5IFdzEuxEtJxIRFczvZ5A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 686
{
"id" : "14895c5c-9982-4d58-84f5-2964b2d62f58",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ClientId" : "7abfcac2-53e0-4357-bb85-dac4d507df9f",
"awsCognitoClientId" : null,
"authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
"name" : "ACME Internal Service-165",
"contactEmail" : "service.admin-166@foo.com",
"description" : "updatable API Account description-167",
"active" : true,
"createdAt" : {
"nano" : 435157000,
"epochSecond" : 1712221017
},
"updatedAt" : null,
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"email" : "service.admin-166@foo.com",
"type" : "ApiAccountIdentity"
}
Create Api Account Identity
POST /api-account-identities
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
The id of the Organization within which this API Account should be created. |
name |
String |
true |
The user friendly name to assign to the API Account Identity. This value is for ease of administration. |
contactEmail |
String |
true |
An arbitrary email address to associate to the API Account Identity. This value is mainly for administrative purposes, to provide a point of contact for someone that presumably is knowledgeable about the usage of this API Account Identity. |
description |
String |
true |
A free form description. |
grantDefaultRoles |
Boolean |
true |
Optional flag that when true will result in the API Account Identity being granted the 'default' roles (Organization and Network Group Admin, at this time.) When false, no authorization, roles or otherwise, will be configured, and it is assumed that the caller has permission to manage permissions of this API Account Identity after the fact. This defaults to true if not specified in the request. |
provider |
String |
true |
The authorization provider that should be used. Either Auth0 or Cognito. Auth0 is deprecated, and Cognito should be used moving forward. Support for Auth0 will be dropped at a future point in time. Must be one of [Auth0, Cognito]. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
apiAccountIdentity |
Object |
true |
|
apiAccountIdentity.id |
String |
true |
|
apiAccountIdentity.organizationId |
String |
true |
|
apiAccountIdentity.auth0ClientId |
String |
true |
|
apiAccountIdentity.awsCognitoClientId |
String |
true |
|
apiAccountIdentity.authenticationUrl |
String |
true |
The OAuth2 url where a client credentials grant flow should be performed. |
apiAccountIdentity.name |
String |
true |
|
apiAccountIdentity.contactEmail |
String |
true |
|
apiAccountIdentity.description |
String |
true |
|
apiAccountIdentity.active |
Boolean |
true |
|
apiAccountIdentity.createdAt |
Object |
true |
|
apiAccountIdentity.updatedAt |
Object |
true |
|
apiAccountIdentity.deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
apiAccountIdentity.tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
apiAccountIdentity.email |
String |
true |
|
apiAccountIdentity.type |
String |
true |
|
clientId |
String |
true |
The OAuth2 client id which must be passed to the OAuth2 provider at the specified authenticationUrl. |
password |
String |
true |
The OAuth2 client secret which must be passed to the OAuth2 provider at the specified authenticationUrl. |
authenticationUrl |
String |
true |
The url where the created client should authenticate, using a standard OAuth2 Client Credentials Grant Flow. |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJKWWY3S1A1WFpTR1A1M2lJVEJsZVpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc5LCJleHAiOjE3MTIyMjQ1NzksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.WAdfA43tXK5D1TlqI1DFFBkaskcZCsDaJaHJvLSE4mBGlD-lShl_g1zI6e7qhoU_27ZLyysNV5n7nnVqubk-4RqYQ4iJOPLVAXw-PDrYJ_eFyLljZt0wt39nNQ7vEfSXR7ZmNbv3oW0DaNjIbrxCkNnGmx7DbEQn3ZzHwBIv8GpkFhLng4XyiotxGj_t5wRKp4Gblq7xb1P5yJV4JnnTf_wzbLNDDHwdzHu-XZlvSQCeAIurShjDNlmlGeC-PBXhq7g_QHv60teNXglTcZIAy4nixI7TedN7rfTrMQA_nLB-_rEaNui-ldQ41oQxoYtFb5IFdzEuxEtJxIRFczvZ5A' \
-d '{"organizationId":"c0048cf7-0785-4a55-87d3-25ac18cc6632","name":"HR Bridge Service","contactEmail":"hr.director@acme.com","description":"description goes here","grantDefaultRoles":true,"provider":"Cognito"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 940
{
"apiAccountIdentity" : {
"id" : "f5808380-fd09-4049-96e2-f3b25762fdcd",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ClientId" : null,
"awsCognitoClientId" : "9e876f7c-858e-4391-8f78-6af7042f00cb|sercfbnf",
"authenticationUrl" : "https://netfoundry-test-hflcgl.auth.us-east-1.amazoncognito.com/oauth2/token",
"name" : "HR Bridge Service",
"contactEmail" : "hr.director@acme.com",
"description" : "description goes here",
"active" : true,
"createdAt" : {
"nano" : 343534000,
"epochSecond" : 1712220984
},
"updatedAt" : null,
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"email" : "hr.director@acme.com",
"type" : "ApiAccountIdentity"
},
"clientId" : "sercfbnf",
"password" : "nqtjmbhqybuoisnlphofmkkw",
"authenticationUrl" : "https://netfoundry-test-hflcgl.auth.us-east-1.amazoncognito.com/oauth2/token"
}
Update Identity Info
PUT /api-account-identities/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
|
contactEmail |
String |
true |
|
description |
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
auth0ClientId |
String |
true |
|
awsCognitoClientId |
String |
true |
|
authenticationUrl |
String |
true |
The OAuth2 url where a client credentials grant flow should be performed. |
name |
String |
true |
|
contactEmail |
String |
true |
|
description |
String |
true |
|
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
String |
true |
||
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/777db3d8-da82-475f-aebf-ea49a0b8187d' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJKWWY3S1A1WFpTR1A1M2lJVEJsZVpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc5LCJleHAiOjE3MTIyMjQ1NzksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.WAdfA43tXK5D1TlqI1DFFBkaskcZCsDaJaHJvLSE4mBGlD-lShl_g1zI6e7qhoU_27ZLyysNV5n7nnVqubk-4RqYQ4iJOPLVAXw-PDrYJ_eFyLljZt0wt39nNQ7vEfSXR7ZmNbv3oW0DaNjIbrxCkNnGmx7DbEQn3ZzHwBIv8GpkFhLng4XyiotxGj_t5wRKp4Gblq7xb1P5yJV4JnnTf_wzbLNDDHwdzHu-XZlvSQCeAIurShjDNlmlGeC-PBXhq7g_QHv60teNXglTcZIAy4nixI7TedN7rfTrMQA_nLB-_rEaNui-ldQ41oQxoYtFb5IFdzEuxEtJxIRFczvZ5A' \
-d '{"name":"Robot","contactEmail":"robot@acme.com","description":"description here."}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 680
{
"id" : "777db3d8-da82-475f-aebf-ea49a0b8187d",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ClientId" : "f73f0b78-2e9f-40cd-946a-da2bd88a748b",
"awsCognitoClientId" : null,
"authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
"name" : "Robot",
"contactEmail" : "robot@acme.com",
"description" : "description here.",
"active" : true,
"createdAt" : {
"nano" : 655409000,
"epochSecond" : 1712220979
},
"updatedAt" : {
"nano" : 694953000,
"epochSecond" : 1712220979
},
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"email" : "robot@acme.com",
"type" : "ApiAccountIdentity"
}
Activate Or Deactivate Api Account Identity
PUT /api-account-identities/{id}/{action:activate|deactivate}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
|
action |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
auth0ClientId |
String |
true |
|
awsCognitoClientId |
String |
true |
|
authenticationUrl |
String |
true |
The OAuth2 url where a client credentials grant flow should be performed. |
name |
String |
true |
|
contactEmail |
String |
true |
|
description |
String |
true |
|
active |
Boolean |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
String |
true |
||
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/818f5271-1062-44e6-ad7d-f26caca720fb/deactivate' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJKWWY3S1A1WFpTR1A1M2lJVEJsZVpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc5LCJleHAiOjE3MTIyMjQ1NzksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.WAdfA43tXK5D1TlqI1DFFBkaskcZCsDaJaHJvLSE4mBGlD-lShl_g1zI6e7qhoU_27ZLyysNV5n7nnVqubk-4RqYQ4iJOPLVAXw-PDrYJ_eFyLljZt0wt39nNQ7vEfSXR7ZmNbv3oW0DaNjIbrxCkNnGmx7DbEQn3ZzHwBIv8GpkFhLng4XyiotxGj_t5wRKp4Gblq7xb1P5yJV4JnnTf_wzbLNDDHwdzHu-XZlvSQCeAIurShjDNlmlGeC-PBXhq7g_QHv60teNXglTcZIAy4nixI7TedN7rfTrMQA_nLB-_rEaNui-ldQ41oQxoYtFb5IFdzEuxEtJxIRFczvZ5A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 743
{
"id" : "818f5271-1062-44e6-ad7d-f26caca720fb",
"organizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"auth0ClientId" : "2fe10940-0ef2-46af-a865-267f5d0e061b",
"awsCognitoClientId" : null,
"authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
"name" : "ACME Internal Service-159",
"contactEmail" : "service.admin-160@foo.com",
"description" : "updatable API Account description-161",
"active" : false,
"createdAt" : {
"nano" : 303677000,
"epochSecond" : 1712221017
},
"updatedAt" : {
"nano" : 359171000,
"epochSecond" : 1712221017
},
"deletedAt" : null,
"tenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"email" : "service.admin-160@foo.com",
"type" : "ApiAccountIdentity"
}
Invitation
Find Invitations
GET /invitations
Returns a set of Invitation instances based on the optional query parameters. The results will be constrained to the invitations that the client has authorization to view. Results may be further constrained by the setting any combination of query parameter values, which will logically AND’d together to form a filter for matching invitations. The states query parameter, unlike others, supports multiple values. For example, to retrieve a list of active invitations, specify states=Open,Declined,Expired.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
fromIdentityId |
Object |
true |
The id of the identity that created the target invitation(s). |
toTenantId |
Object |
true |
Deprecated.. |
toOrganizationId |
Object |
true |
The id of the organization that the resulting invitations are inviting into. |
invitedEmailAddress |
String |
true |
A full (no partial match support) email address to match against. |
targetIdentityId |
Object |
true |
The id of the identity that the invitation will/has assumed. |
states |
Object |
true |
One or more ,{@link State}, names to restrict the invitations returned. |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
fromIdentityId |
String |
true |
|
toOrganizationId |
String |
true |
|
invitedEmailAddress |
String |
true |
|
expiration |
Object |
true |
|
targetUserIdentityId |
String |
true |
Optional. The identity id that the invited party will be mapped to should they accept the invite. |
accepted |
Boolean |
true |
|
revokedAt |
Object |
true |
The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken. |
responseReceivedAt |
Object |
true |
The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation. |
toTenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId(). Returns the id of the {@link Organization} that the recipient is being invited to join. |
state |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJyLWFIOTB5U2FkcnpRb2FKZXFvT2F3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIxMDE4LCJleHAiOjE3MTIyMjQ2MTgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCIyN2NlOTBlNy0xNTc2LTQ5NWMtOWNjMy00OGYyYTJkNDdiODRcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCIzNWQ1N2YxOS04MjJjLTRjMjktOTkyMS0zODUxNWQ5ODU1MjNcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTd9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.IxiQ4XKWuLFvnT14Z1GEcGlOO0EVR_pxC0OqFqE6NtLi4LrfQDuZSZ3rtV1Wfr5wIf_ylB9m95FuFiFeUzmrAVPb8F6sp5hdbJPPbKo_SXLCbEMwF7NzaN06qyI9boWGMz_TcIC_NpCfnAWioL2TBcaxZqnn_6LbGh9FWfIn3UmYajMul2O8mN44QXTPVtfLyCxYGrS3PDFkMszKeNkNu97ybqspb57Gp5taAaOin9kdEW9tZYR-ncgFUWp9-Ni5roIU9qXhcnkvtaSif-s0lSm86ePNV7PZNyBetUGcgUUuxkeJdonUUNM__aOomGUocgusNX8qxiS8YgPUQYTmoA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 527
[ {
"id" : "9bc99743-7bde-4637-8055-ade4dc1927eb",
"fromIdentityId" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"toOrganizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"invitedEmailAddress" : "new.employee@acme.com",
"expiration" : {
"nano" : 151908000,
"epochSecond" : 1712825818
},
"targetUserIdentityId" : "262b55a7-1ba2-49d3-b8a7-81c52dca59e5",
"accepted" : null,
"revokedAt" : null,
"responseReceivedAt" : null,
"toTenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"state" : "Open"
} ]
Get Invitation By Id
GET /invitations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
fromIdentityId |
String |
true |
|
toOrganizationId |
String |
true |
|
invitedEmailAddress |
String |
true |
|
expiration |
Object |
true |
|
targetUserIdentityId |
String |
true |
Optional. The identity id that the invited party will be mapped to should they accept the invite. |
accepted |
Boolean |
true |
|
revokedAt |
Object |
true |
The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken. |
responseReceivedAt |
Object |
true |
The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation. |
toTenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId(). Returns the id of the {@link Organization} that the recipient is being invited to join. |
state |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/d037f924-4102-41dd-8f6a-43be58f950af' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJyLWFIOTB5U2FkcnpRb2FKZXFvT2F3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIxMDE4LCJleHAiOjE3MTIyMjQ2MTgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCIyN2NlOTBlNy0xNTc2LTQ5NWMtOWNjMy00OGYyYTJkNDdiODRcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCIzNWQ1N2YxOS04MjJjLTRjMjktOTkyMS0zODUxNWQ5ODU1MjNcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTd9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.IxiQ4XKWuLFvnT14Z1GEcGlOO0EVR_pxC0OqFqE6NtLi4LrfQDuZSZ3rtV1Wfr5wIf_ylB9m95FuFiFeUzmrAVPb8F6sp5hdbJPPbKo_SXLCbEMwF7NzaN06qyI9boWGMz_TcIC_NpCfnAWioL2TBcaxZqnn_6LbGh9FWfIn3UmYajMul2O8mN44QXTPVtfLyCxYGrS3PDFkMszKeNkNu97ybqspb57Gp5taAaOin9kdEW9tZYR-ncgFUWp9-Ni5roIU9qXhcnkvtaSif-s0lSm86ePNV7PZNyBetUGcgUUuxkeJdonUUNM__aOomGUocgusNX8qxiS8YgPUQYTmoA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 527
{
"id" : "d037f924-4102-41dd-8f6a-43be58f950af",
"fromIdentityId" : "3aef28b5-2297-42d1-ac8c-a774b46f7299",
"toOrganizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"invitedEmailAddress" : "new.employee-186@acme.com",
"expiration" : {
"nano" : 302708000,
"epochSecond" : 1712825818
},
"targetUserIdentityId" : "cc25726b-88d5-4313-bd20-1f19c6cfee02",
"accepted" : null,
"revokedAt" : null,
"responseReceivedAt" : null,
"toTenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"state" : "Open"
}
Create Invitation
POST /invitations
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
toOrganizationId |
String |
true |
|
invitedEmailAddress |
String |
true |
|
invitationUrl |
String |
true |
|
targetUserIdentityId |
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
fromIdentityId |
String |
true |
|
toOrganizationId |
String |
true |
|
invitedEmailAddress |
String |
true |
|
expiration |
Object |
true |
|
targetUserIdentityId |
String |
true |
Optional. The identity id that the invited party will be mapped to should they accept the invite. |
accepted |
Boolean |
true |
|
revokedAt |
Object |
true |
The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken. |
responseReceivedAt |
Object |
true |
The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation. |
toTenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId(). Returns the id of the {@link Organization} that the recipient is being invited to join. |
state |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJyLWFIOTB5U2FkcnpRb2FKZXFvT2F3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIxMDE4LCJleHAiOjE3MTIyMjQ2MTgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCIyN2NlOTBlNy0xNTc2LTQ5NWMtOWNjMy00OGYyYTJkNDdiODRcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCIzNWQ1N2YxOS04MjJjLTRjMjktOTkyMS0zODUxNWQ5ODU1MjNcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTd9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.IxiQ4XKWuLFvnT14Z1GEcGlOO0EVR_pxC0OqFqE6NtLi4LrfQDuZSZ3rtV1Wfr5wIf_ylB9m95FuFiFeUzmrAVPb8F6sp5hdbJPPbKo_SXLCbEMwF7NzaN06qyI9boWGMz_TcIC_NpCfnAWioL2TBcaxZqnn_6LbGh9FWfIn3UmYajMul2O8mN44QXTPVtfLyCxYGrS3PDFkMszKeNkNu97ybqspb57Gp5taAaOin9kdEW9tZYR-ncgFUWp9-Ni5roIU9qXhcnkvtaSif-s0lSm86ePNV7PZNyBetUGcgUUuxkeJdonUUNM__aOomGUocgusNX8qxiS8YgPUQYTmoA' \
-d '{"toOrganizationId":"c0048cf7-0785-4a55-87d3-25ac18cc6632","invitedEmailAddress":"new.employee@acme.com","invitationUrl":"http://acme.console.netfoundry.io/invitation","targetUserIdentityId":"262b55a7-1ba2-49d3-b8a7-81c52dca59e5"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 523
{
"id" : "9bc99743-7bde-4637-8055-ade4dc1927eb",
"fromIdentityId" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"toOrganizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"invitedEmailAddress" : "new.employee@acme.com",
"expiration" : {
"nano" : 151908000,
"epochSecond" : 1712825818
},
"targetUserIdentityId" : "262b55a7-1ba2-49d3-b8a7-81c52dca59e5",
"accepted" : null,
"revokedAt" : null,
"responseReceivedAt" : null,
"toTenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"state" : "Open"
}
Respond To Invitation
PUT /invitations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}/{action:accept|decline}
This is not the typical way to accept or decline an invitation. See {@link InvitationFlowController}. This service is a straight update of the Invitation. It does not map the calling user, nor any other related activity. It simply updates the state of the Invitation.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
|
action |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
fromIdentityId |
String |
true |
|
toOrganizationId |
String |
true |
|
invitedEmailAddress |
String |
true |
|
expiration |
Object |
true |
|
targetUserIdentityId |
String |
true |
Optional. The identity id that the invited party will be mapped to should they accept the invite. |
accepted |
Boolean |
true |
|
revokedAt |
Object |
true |
The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken. |
responseReceivedAt |
Object |
true |
The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation. |
toTenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId(). Returns the id of the {@link Organization} that the recipient is being invited to join. |
state |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/36522a1b-9e23-458f-9101-12543cf0349a/decline' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJyLWFIOTB5U2FkcnpRb2FKZXFvT2F3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIxMDE4LCJleHAiOjE3MTIyMjQ2MTgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCIyN2NlOTBlNy0xNTc2LTQ5NWMtOWNjMy00OGYyYTJkNDdiODRcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCIzNWQ1N2YxOS04MjJjLTRjMjktOTkyMS0zODUxNWQ5ODU1MjNcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTd9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.IxiQ4XKWuLFvnT14Z1GEcGlOO0EVR_pxC0OqFqE6NtLi4LrfQDuZSZ3rtV1Wfr5wIf_ylB9m95FuFiFeUzmrAVPb8F6sp5hdbJPPbKo_SXLCbEMwF7NzaN06qyI9boWGMz_TcIC_NpCfnAWioL2TBcaxZqnn_6LbGh9FWfIn3UmYajMul2O8mN44QXTPVtfLyCxYGrS3PDFkMszKeNkNu97ybqspb57Gp5taAaOin9kdEW9tZYR-ncgFUWp9-Ni5roIU9qXhcnkvtaSif-s0lSm86ePNV7PZNyBetUGcgUUuxkeJdonUUNM__aOomGUocgusNX8qxiS8YgPUQYTmoA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 588
{
"id" : "36522a1b-9e23-458f-9101-12543cf0349a",
"fromIdentityId" : "3aef28b5-2297-42d1-ac8c-a774b46f7299",
"toOrganizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"invitedEmailAddress" : "new.employee-183@acme.com",
"expiration" : {
"nano" : 269481000,
"epochSecond" : 1712825818
},
"targetUserIdentityId" : "06899969-2bd0-4a85-95ba-75989c6ee535",
"accepted" : false,
"revokedAt" : null,
"responseReceivedAt" : {
"nano" : 275935000,
"epochSecond" : 1712221018
},
"toTenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"state" : "Declined"
}
Revoke Invitation
PUT /invitations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}/revoke
This service will revoke the specified invitation if it is in a state that permits revoke.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
fromIdentityId |
String |
true |
|
toOrganizationId |
String |
true |
|
invitedEmailAddress |
String |
true |
|
expiration |
Object |
true |
|
targetUserIdentityId |
String |
true |
Optional. The identity id that the invited party will be mapped to should they accept the invite. |
accepted |
Boolean |
true |
|
revokedAt |
Object |
true |
The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken. |
responseReceivedAt |
Object |
true |
The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation. |
toTenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId(). Returns the id of the {@link Organization} that the recipient is being invited to join. |
state |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/b012e060-f3cc-444c-8ea8-70d41872513e/revoke' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJyLWFIOTB5U2FkcnpRb2FKZXFvT2F3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIxMDE4LCJleHAiOjE3MTIyMjQ2MTgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI1NmMyY2UzNS1iMDEwLTQzNzQtOTNkNi0wOGRiMjAwODVlZDdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzh9LHtcImlkXCI6XCIyN2NlOTBlNy0xNTc2LTQ5NWMtOWNjMy00OGYyYTJkNDdiODRcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTh9LHtcImlkXCI6XCI1MmRlZjUzNy01NTE4LTQwYWMtOTYzMi1hZDBiNzU4NjM3ZDhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzl9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCIzNWQ1N2YxOS04MjJjLTRjMjktOTkyMS0zODUxNWQ5ODU1MjNcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjEwMTd9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.IxiQ4XKWuLFvnT14Z1GEcGlOO0EVR_pxC0OqFqE6NtLi4LrfQDuZSZ3rtV1Wfr5wIf_ylB9m95FuFiFeUzmrAVPb8F6sp5hdbJPPbKo_SXLCbEMwF7NzaN06qyI9boWGMz_TcIC_NpCfnAWioL2TBcaxZqnn_6LbGh9FWfIn3UmYajMul2O8mN44QXTPVtfLyCxYGrS3PDFkMszKeNkNu97ybqspb57Gp5taAaOin9kdEW9tZYR-ncgFUWp9-Ni5roIU9qXhcnkvtaSif-s0lSm86ePNV7PZNyBetUGcgUUuxkeJdonUUNM__aOomGUocgusNX8qxiS8YgPUQYTmoA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 642
{
"id" : "b012e060-f3cc-444c-8ea8-70d41872513e",
"fromIdentityId" : "3aef28b5-2297-42d1-ac8c-a774b46f7299",
"toOrganizationId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"invitedEmailAddress" : "new.employee-189@acme.com",
"expiration" : {
"nano" : 335024000,
"epochSecond" : 1712825818
},
"targetUserIdentityId" : "e8e83c42-2e63-4f04-92bf-251e31bc8d0e",
"accepted" : null,
"revokedAt" : {
"nano" : 341065000,
"epochSecond" : 1712221018
},
"responseReceivedAt" : {
"nano" : 341068000,
"epochSecond" : 1712221018
},
"toTenantId" : "c0048cf7-0785-4a55-87d3-25ac18cc6632",
"state" : "Revoked"
}
Support
Create Support Request
POST /nfconsole/support/requests
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
The name of the user. This is a required value if the request is submitted by a client that is not currently authenticated. In this unauthenticated case, this name is used in the support request ticket that is created. If the request comes from an authenticated client, then this property should be ignored (not sent), as the API will overwrite it with the name of the authenticated identity. |
String |
true |
The email of the user. This is a required value if the request is submitted by a client that is not currently authenticated. In this unauthenticated case, this email is used in the support request ticket that is created. If the request comes from an authenticated client, then this property should be ignored (not sent), as the API will overwrite it with the email of the authenticated identity. |
|
selectedOrganizationId |
String |
true |
The id of an organization which the current user has selected as his working context at the time that this support request is being generated. This value may be null in most cases as it only applies to users with access to more than one organization. This value is ignored if the support request comes from a user that is not logged in. |
selectedNetworkId |
String |
true |
The id of a network which the current user has selected as his working context at the time that this support request is being generated. This value may be null, particularly if the client is submitting the support request from a context that is not network specific. However, if the user is working in a context (ie, a 'page' that lists AppWans) that is network specific, then this value can help support agents when reviewing the support request. This value is ignored if the support request comes from a user that is not logged in. |
subject |
String |
true |
The support request subject. This value is required and can not be empty. |
comment |
String |
true |
The support request message. This value is required and can not be empty. |
type |
String |
true |
The type of the support request. If not specified, the type will default to "question". Must be one of [problem, incident, question, task]. |
priority |
String |
true |
The priority of the support request. If not specified, the type will default to "normal". Must be one of [urgent, high, normal, low]. |
severity |
String |
true |
The Severity of the support request. Severity 1, 2, 3 If not specificed: default to "Severity3". Must be one of [Severity1, Severity2, Severity3]. |
recentErrorMessages |
Array[String] |
true |
An optional list of error messages received from the API by the client. These should be in order from most recent to oldest. These provide contextual information for the agent handling the support request. These are not required, but clients are encouraged to track and supply such error messages to aid in support. Note, an interactive user (ie human) should not provide this information; it should be tracked and added by the client agent on their behalf. |
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/nfconsole/support/requests' -i -X POST \
-H 'Content-Type: application/json' \
-d '{"name":"Curious George","email":"george@curious-client.com","selectedOrganizationId":null,"selectedNetworkId":null,"subject":"Sales Contact Request","comment":"This looks great! I'd like a sales rep to contact me.","type":"question","priority":"high","severity":"Severity3","recentErrorMessages":null}'
Example response
HTTP/1.1 200 OK
Invitation Flow
Get Invitation By Key
GET /invitations/key/{key:[\p{Alnum}]{36}}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
key |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
fromIdentity |
Object |
true |
|
fromIdentity.name |
String |
true |
|
fromIdentity.email |
String |
true |
|
targetIdentity |
Object |
true |
|
targetIdentity.name |
String |
true |
|
targetIdentity.email |
String |
true |
|
invitedEmailAddress |
String |
true |
|
toOrganizationName |
String |
true |
|
toOrganizationLabel |
String |
true |
|
expiration |
Object |
true |
|
accepted |
Boolean |
true |
|
state |
String |
true |
Must be one of [Open, Accepted, Declined, Expired, Revoked]. |
toTenantName |
String |
true |
Deprecated.. |
toTenantLabel |
String |
true |
Deprecated.. |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/key/PCalZwvAsOqo0dBY8Z36ubjRNQqc7pjYurGB' -i -X GET
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 519
{
"fromIdentity" : {
"name" : "John Doe",
"email" : "john.doe@acme.com"
},
"targetIdentity" : {
"name" : "First Last",
"email" : "random-196@acme.com"
},
"invitedEmailAddress" : "new.employee-198@acme.com",
"toOrganizationName" : "ACME International, Inc.",
"toOrganizationLabel" : "ACME-0",
"expiration" : {
"nano" : 571979000,
"epochSecond" : 1712825818
},
"accepted" : null,
"state" : "Open",
"toTenantName" : "ACME International, Inc.",
"toTenantLabel" : "ACME-0"
}
Decline Invitation
PUT /invitations/key/{key:[\p{Alnum}]{36}}/decline
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
key |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
fromIdentity |
Object |
true |
|
fromIdentity.name |
String |
true |
|
fromIdentity.email |
String |
true |
|
targetIdentity |
Object |
true |
|
targetIdentity.name |
String |
true |
|
targetIdentity.email |
String |
true |
|
invitedEmailAddress |
String |
true |
|
toOrganizationName |
String |
true |
|
toOrganizationLabel |
String |
true |
|
expiration |
Object |
true |
|
accepted |
Boolean |
true |
|
state |
String |
true |
Must be one of [Open, Accepted, Declined, Expired, Revoked]. |
toTenantName |
String |
true |
Deprecated.. |
toTenantLabel |
String |
true |
Deprecated.. |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/key/pCZkh2dD7tOehN3lkXr7k0eswaFEeg6jPOBD/decline' -i -X PUT
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 524
{
"fromIdentity" : {
"name" : "John Doe",
"email" : "john.doe@acme.com"
},
"targetIdentity" : {
"name" : "First Last",
"email" : "random-193@acme.com"
},
"invitedEmailAddress" : "new.employee-195@acme.com",
"toOrganizationName" : "ACME International, Inc.",
"toOrganizationLabel" : "ACME-0",
"expiration" : {
"nano" : 527880000,
"epochSecond" : 1712825818
},
"accepted" : false,
"state" : "Declined",
"toTenantName" : "ACME International, Inc.",
"toTenantLabel" : "ACME-0"
}
Initiate Accept Invitation
POST /invitations/key/{key:[\p{Alnum}]{36}}/accept-initiate
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
key |
String |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
intermediateReturnUrl |
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
nfToken |
String |
true |
|
auth0ConnectionIds |
Array[String] |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/key/3sApRXLUI0cbPQribWg55E0tKxoGtgLCvyuW/accept-initiate' -i -X POST \
-H 'Content-Type: application/json' \
-d '{"intermediateReturnUrl":"http://console.nfadmin.netfoundry.io/invitation"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 981
{
"nfToken" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3MTIyMjEwMTgsImV4cCI6MTcxMjIyMTkxOCwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2lkZW50aXR5L3YxIiwiYXVkIjoiaHR0cHM6Ly9uZXRmb3VuZHJ5LXNhbmRib3guYXV0aDAuY29tLyIsImZsb3ciOiJpbnZpdGF0aW9uIiwiaW52aXRhdGlvbklkIjoiYWYzZjE2MjktYTRjYy00NjUxLWIxM2YtMTJhMWM3MzlhZTUyIiwidGVuYW50TGFiZWwiOiJBQ01FLTAiLCJhdXRoMENvbm5lY3Rpb25JZHMiOlsiYXV0aDAtb3BhcXVlLWNvbm5lY3Rpb25JZC0xIiwiYXV0aDAtb3BhcXVlLWNvbm5lY3Rpb25JZC0yIl0sInJlZGlyZWN0VXJsIjoiaHR0cDovL2NvbnNvbGUubmZhZG1pbi5uZXRmb3VuZHJ5LmlvL2ludml0YXRpb24ifQ.QY_uRwv7yniaf2cNs1MIKFZzjRJVIJCbOh7l7Yoz3ReCe41iVSxbtXVRCdXlPulTAyb4wAc9nJ76vk8fneBgLKb0yjvX0JrJjQ3ZUta4v7-Dlb_YCvOzVpSthAeDVqLxSqbQ015fIUYqbPTRphhV6kQiJgzpMvHDNq5Q4Hyj4lvtVijb24bMeNuMW-Nc7g7r57UpvoDDjl_4qBYeRPOyJfDblojbA4ybOhRVzyFhdyO0R8lUmQjEy3Iyr6VcgGJmXswp9uCg5OaMNJD20iAvKO0n-RaGhmXo6mT3jlF3LQnakrwkn7ZfdAq_qyjIhhaDcaAFYKfRUitJXbFnFHUxaA",
"auth0ConnectionIds" : [ "auth0-opaque-connectionId-1", "auth0-opaque-connectionId-2" ]
}
Login Flow
Initiate Interactive Authorization
POST /organizations/authorize-initiate
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
label |
String |
true |
|
intermediateReturnUrl |
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
nfToken |
String |
true |
|
auth0ConnectionIds |
Array[String] |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/authorize-initiate' -i -X POST \
-H 'Content-Type: application/json' \
-d '{"label":"ACME-0","intermediateReturnUrl":"http://console.nfadmin.netfoundry.io/invitation"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 902
{
"nfToken" : "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE3MTIyMjEwMTgsImV4cCI6MTcxMjIyMTkxOCwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2lkZW50aXR5L3YxIiwiYXVkIjoiaHR0cHM6Ly9uZXRmb3VuZHJ5LXNhbmRib3guYXV0aDAuY29tLyIsImZsb3ciOiJsb2dpbiIsInRlbmFudExhYmVsIjoiQUNNRS0wIiwiYXV0aDBDb25uZWN0aW9uSWRzIjpbImF1dGgwLW9wYXF1ZS1jb25uZWN0aW9uSWQtMSIsImF1dGgwLW9wYXF1ZS1jb25uZWN0aW9uSWQtMiJdLCJyZWRpcmVjdFVybCI6Imh0dHA6Ly9jb25zb2xlLm5mYWRtaW4ubmV0Zm91bmRyeS5pby9pbnZpdGF0aW9uIn0.da_R7EQxLj1QOoWp_bNX8hbtwsO5kEbamJJWkrSDreSgyciPwZcQRa16hPJPmFF7BCZRRXoxutTdKSgpg3iBJ9-2yHl0YKWZ7oM8PazhY5W1dbGB6TXHq1pbLftg90bRit26qCsWDnC3IQYCIRZUlVAKjGcnC-Cm3Xao8NPdjx7w8noLygPqhSOvySBQO2TrinVwQ1vqSwuVe2m_sdOfaJi8ZpqIlJV0tYEb3ZCQQ_Uptd3Mi3brjO7LtSUifmpXrxjK37GexGhLQNZSztFzr37zvJeao3EKxDnA2sEukc69a79ertAyfV-8IS0IhsMbe-iiJa2d_K31xN-lyRYGAw",
"auth0ConnectionIds" : [ "auth0-opaque-connectionId-1", "auth0-opaque-connectionId-2" ]
}
Identity Preference Flow
Find Identity Preferences
GET /identity-preferences
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
userIdentityId |
String |
true |
|
preferences |
Object |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVR29mU21PNGhyODlFNDl0MEJkd1BBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc3LCJleHAiOjE3MTIyMjQ1NzcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.nIe-JpLAkYgGxCGAO7dC65tagZ9vu0t4YrBPSIqgcvwo8AcnRg1fzsHeHw5haOgb2cMheDOWm2xktAeM8n9f8DJYhjxLbZ2zbS84e7X0BcuyR5PYS0lTmRSA3C8cghh_tKuGYSS_tqmWWKqy60kXH2NFiHxlmWorVMT3foaONCFPwy7lbu9gBMobWU721jqZqKYTG1wSTfyti_DVTT5t3gPnANNJJREjjkjuT33GfvDx2XuXHpi9j1kXufb12qcWUR5UFQsSayZ5LKWjuMUv4jIeEJs7PaN60kTdEgLGEOcdKvNZFt8G2hmL5tVW9wGHOA7KDBTN36JYkh1DO7lpQg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 434
[ {
"id" : "abf87ae1-eda2-475d-9b92-3a50db78153a",
"userIdentityId" : "2064e681-3610-48a5-80de-6cd04d94a5e2",
"preferences" : {
"first" : "my first preference."
},
"createdBy" : "2064e681-3610-48a5-80de-6cd04d94a5e2",
"createdAt" : {
"nano" : 565730000,
"epochSecond" : 1712220977
},
"updatedAt" : {
"nano" : 565730000,
"epochSecond" : 1712220977
},
"deletedBy" : null,
"deletedAt" : null
} ]
Get Identity Preference
GET /identity-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
userIdentityId |
String |
true |
|
preferences |
Object |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences/d7a2bc06-c9dd-4a0a-9542-50f8f4563c79' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVR29mU21PNGhyODlFNDl0MEJkd1BBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc3LCJleHAiOjE3MTIyMjQ1NzcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.nIe-JpLAkYgGxCGAO7dC65tagZ9vu0t4YrBPSIqgcvwo8AcnRg1fzsHeHw5haOgb2cMheDOWm2xktAeM8n9f8DJYhjxLbZ2zbS84e7X0BcuyR5PYS0lTmRSA3C8cghh_tKuGYSS_tqmWWKqy60kXH2NFiHxlmWorVMT3foaONCFPwy7lbu9gBMobWU721jqZqKYTG1wSTfyti_DVTT5t3gPnANNJJREjjkjuT33GfvDx2XuXHpi9j1kXufb12qcWUR5UFQsSayZ5LKWjuMUv4jIeEJs7PaN60kTdEgLGEOcdKvNZFt8G2hmL5tVW9wGHOA7KDBTN36JYkh1DO7lpQg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 415
{
"id" : "d7a2bc06-c9dd-4a0a-9542-50f8f4563c79",
"userIdentityId" : "c2529837-e17d-4dde-8fcd-cfdcb31c6d73",
"preferences" : {
"hello" : "world"
},
"createdBy" : "c2529837-e17d-4dde-8fcd-cfdcb31c6d73",
"createdAt" : {
"nano" : 238128000,
"epochSecond" : 1712220978
},
"updatedAt" : {
"nano" : 238128000,
"epochSecond" : 1712220978
},
"deletedBy" : null,
"deletedAt" : null
}
Create Identity Preference
POST /identity-preferences
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
userIdentityId |
String |
true |
Passing null will result in the creation of the Identity Preferences on the authenticated identity making the create API request. |
preferences |
Object |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
userIdentityId |
String |
true |
|
preferences |
Object |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVR29mU21PNGhyODlFNDl0MEJkd1BBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc3LCJleHAiOjE3MTIyMjQ1NzcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.nIe-JpLAkYgGxCGAO7dC65tagZ9vu0t4YrBPSIqgcvwo8AcnRg1fzsHeHw5haOgb2cMheDOWm2xktAeM8n9f8DJYhjxLbZ2zbS84e7X0BcuyR5PYS0lTmRSA3C8cghh_tKuGYSS_tqmWWKqy60kXH2NFiHxlmWorVMT3foaONCFPwy7lbu9gBMobWU721jqZqKYTG1wSTfyti_DVTT5t3gPnANNJJREjjkjuT33GfvDx2XuXHpi9j1kXufb12qcWUR5UFQsSayZ5LKWjuMUv4jIeEJs7PaN60kTdEgLGEOcdKvNZFt8G2hmL5tVW9wGHOA7KDBTN36JYkh1DO7lpQg' \
-d '{"userIdentityId":"6d9655cb-49b6-4103-ae31-16d72339d72e","preferences":{"first":"my first preference."}}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 430
{
"id" : "4094cfe4-32cb-4a03-b0c7-9af35d7d1a86",
"userIdentityId" : "6d9655cb-49b6-4103-ae31-16d72339d72e",
"preferences" : {
"first" : "my first preference."
},
"createdBy" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"createdAt" : {
"nano" : 866661000,
"epochSecond" : 1712220977
},
"updatedAt" : {
"nano" : 866661000,
"epochSecond" : 1712220977
},
"deletedBy" : null,
"deletedAt" : null
}
Update Identity Preference
PUT /identity-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
preferences |
Object |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
userIdentityId |
String |
true |
|
preferences |
Object |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences/f0c63f44-4511-4a18-bc12-9de6032b3147' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVR29mU21PNGhyODlFNDl0MEJkd1BBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc3LCJleHAiOjE3MTIyMjQ1NzcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.nIe-JpLAkYgGxCGAO7dC65tagZ9vu0t4YrBPSIqgcvwo8AcnRg1fzsHeHw5haOgb2cMheDOWm2xktAeM8n9f8DJYhjxLbZ2zbS84e7X0BcuyR5PYS0lTmRSA3C8cghh_tKuGYSS_tqmWWKqy60kXH2NFiHxlmWorVMT3foaONCFPwy7lbu9gBMobWU721jqZqKYTG1wSTfyti_DVTT5t3gPnANNJJREjjkjuT33GfvDx2XuXHpi9j1kXufb12qcWUR5UFQsSayZ5LKWjuMUv4jIeEJs7PaN60kTdEgLGEOcdKvNZFt8G2hmL5tVW9wGHOA7KDBTN36JYkh1DO7lpQg' \
-d '{"preferences":{"updated":"my second preference."}}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 433
{
"id" : "f0c63f44-4511-4a18-bc12-9de6032b3147",
"userIdentityId" : "fa49bd7f-92ae-4591-8dc2-af0d29093dd0",
"preferences" : {
"updated" : "my second preference."
},
"createdBy" : "fa49bd7f-92ae-4591-8dc2-af0d29093dd0",
"createdAt" : {
"nano" : 350496000,
"epochSecond" : 1712220978
},
"updatedAt" : {
"nano" : 370662000,
"epochSecond" : 1712220978
},
"deletedBy" : null,
"deletedAt" : null
}
Delete Identity Preference
DELETE /identity-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
userIdentityId |
String |
true |
|
preferences |
Object |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences/3d32dcf1-b43b-450f-8b1e-2e3c80da6466' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVR29mU21PNGhyODlFNDl0MEJkd1BBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc3LCJleHAiOjE3MTIyMjQ1NzcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCIwNDM0MDFjNi03YjY5LTQwN2MtYjk5OC1hZTA5ZTI5OTU0MzhcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5Nzd9LHtcImlkXCI6XCIxODJkOGIxMC05N2U5LTRjNjAtYjJlOC1iYjVkYjM3MGM2MGJcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.nIe-JpLAkYgGxCGAO7dC65tagZ9vu0t4YrBPSIqgcvwo8AcnRg1fzsHeHw5haOgb2cMheDOWm2xktAeM8n9f8DJYhjxLbZ2zbS84e7X0BcuyR5PYS0lTmRSA3C8cghh_tKuGYSS_tqmWWKqy60kXH2NFiHxlmWorVMT3foaONCFPwy7lbu9gBMobWU721jqZqKYTG1wSTfyti_DVTT5t3gPnANNJJREjjkjuT33GfvDx2XuXHpi9j1kXufb12qcWUR5UFQsSayZ5LKWjuMUv4jIeEJs7PaN60kTdEgLGEOcdKvNZFt8G2hmL5tVW9wGHOA7KDBTN36JYkh1DO7lpQg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 505
{
"id" : "3d32dcf1-b43b-450f-8b1e-2e3c80da6466",
"userIdentityId" : "2c7644de-abb2-4710-9c04-43686d140be5",
"preferences" : {
"hello" : "world"
},
"createdBy" : "2c7644de-abb2-4710-9c04-43686d140be5",
"createdAt" : {
"nano" : 173082000,
"epochSecond" : 1712220978
},
"updatedAt" : {
"nano" : 191269000,
"epochSecond" : 1712220978
},
"deletedBy" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"deletedAt" : {
"nano" : 191000000,
"epochSecond" : 1712220978
}
}
Organization Preference Flow
Find Organization Preferences
GET /organization-preferences
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
preferences |
Object |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJRa28ya19LR2tJbW1vT1pvQlJYX19RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc2LCJleHAiOjE3MTIyMjQ1NzYsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.jvEGxV3hxkDdhYZg-4A68-DuHivqMPuS0yXvYDdsC_9o1SfXbzxmUSK_EdkEP_lX8Bq6yyCqFuD0wmEWwondYDKTI7LA9gc9l6cmxq2M_SlAqqKCBsGkm2O257wIVvF1rBRNWLSFcD_17c5rUIrm11oROYds9dxzl_mvsGiE2znzfc1TCxyA2BHTw_vwL57PUOeTxJ62-Pr5LoY9xvGizZWZapx_j1rsvqQJA6BrTCCwrGHmY002Byum2u6ibvbZQY-1I5fZn78NvJCWhOjfmw9aawycP7lVIiZHxn3UzCuqIdF05Hhn0vl1fPUNKLGYZqw7tHqDAtHv6tll2yZklA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1268
[ {
"id" : "3d4d5ff4-39f7-4ead-acba-c48fe3e9bb07",
"organizationId" : "c8e8a4a8-877c-45fa-acfa-cd20592355f2",
"preferences" : {
"hello" : "world"
},
"createdBy" : "e9aa3a99-be8a-45e7-b542-67cb2ab3dd89",
"createdAt" : {
"nano" : 413841000,
"epochSecond" : 1712220976
},
"updatedAt" : {
"nano" : 413841000,
"epochSecond" : 1712220976
},
"deletedBy" : null,
"deletedAt" : null
}, {
"id" : "a8894945-16f5-470a-b875-10882a5855da",
"organizationId" : "eb71d28f-e620-42ee-b95e-67791e72de15",
"preferences" : {
"first" : "my first preference."
},
"createdBy" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"createdAt" : {
"nano" : 308625000,
"epochSecond" : 1712220976
},
"updatedAt" : {
"nano" : 308625000,
"epochSecond" : 1712220976
},
"deletedBy" : null,
"deletedAt" : null
}, {
"id" : "dcd16627-0f31-45b2-8ca5-893c6732ef66",
"organizationId" : "0409ebb0-47d5-4900-bf9a-1a5ab1e384d9",
"preferences" : {
"hello" : "world"
},
"createdBy" : "6334b567-5093-45a0-a8c5-ff8b92ae30c5",
"createdAt" : {
"nano" : 108109000,
"epochSecond" : 1712220976
},
"updatedAt" : {
"nano" : 108109000,
"epochSecond" : 1712220976
},
"deletedBy" : null,
"deletedAt" : null
} ]
Get Organization Preference
GET /organization-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
preferences |
Object |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences/3d4d5ff4-39f7-4ead-acba-c48fe3e9bb07' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJRa28ya19LR2tJbW1vT1pvQlJYX19RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc2LCJleHAiOjE3MTIyMjQ1NzYsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.jvEGxV3hxkDdhYZg-4A68-DuHivqMPuS0yXvYDdsC_9o1SfXbzxmUSK_EdkEP_lX8Bq6yyCqFuD0wmEWwondYDKTI7LA9gc9l6cmxq2M_SlAqqKCBsGkm2O257wIVvF1rBRNWLSFcD_17c5rUIrm11oROYds9dxzl_mvsGiE2znzfc1TCxyA2BHTw_vwL57PUOeTxJ62-Pr5LoY9xvGizZWZapx_j1rsvqQJA6BrTCCwrGHmY002Byum2u6ibvbZQY-1I5fZn78NvJCWhOjfmw9aawycP7lVIiZHxn3UzCuqIdF05Hhn0vl1fPUNKLGYZqw7tHqDAtHv6tll2yZklA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 415
{
"id" : "3d4d5ff4-39f7-4ead-acba-c48fe3e9bb07",
"organizationId" : "c8e8a4a8-877c-45fa-acfa-cd20592355f2",
"preferences" : {
"hello" : "world"
},
"createdBy" : "e9aa3a99-be8a-45e7-b542-67cb2ab3dd89",
"createdAt" : {
"nano" : 413841000,
"epochSecond" : 1712220976
},
"updatedAt" : {
"nano" : 413841000,
"epochSecond" : 1712220976
},
"deletedBy" : null,
"deletedAt" : null
}
Create Organization Preference
POST /organization-preferences
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
|
preferences |
Object |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
preferences |
Object |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJRa28ya19LR2tJbW1vT1pvQlJYX19RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc2LCJleHAiOjE3MTIyMjQ1NzYsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.jvEGxV3hxkDdhYZg-4A68-DuHivqMPuS0yXvYDdsC_9o1SfXbzxmUSK_EdkEP_lX8Bq6yyCqFuD0wmEWwondYDKTI7LA9gc9l6cmxq2M_SlAqqKCBsGkm2O257wIVvF1rBRNWLSFcD_17c5rUIrm11oROYds9dxzl_mvsGiE2znzfc1TCxyA2BHTw_vwL57PUOeTxJ62-Pr5LoY9xvGizZWZapx_j1rsvqQJA6BrTCCwrGHmY002Byum2u6ibvbZQY-1I5fZn78NvJCWhOjfmw9aawycP7lVIiZHxn3UzCuqIdF05Hhn0vl1fPUNKLGYZqw7tHqDAtHv6tll2yZklA' \
-d '{"organizationId":"eb71d28f-e620-42ee-b95e-67791e72de15","preferences":{"first":"my first preference."}}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 430
{
"id" : "a8894945-16f5-470a-b875-10882a5855da",
"organizationId" : "eb71d28f-e620-42ee-b95e-67791e72de15",
"preferences" : {
"first" : "my first preference."
},
"createdBy" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"createdAt" : {
"nano" : 308625000,
"epochSecond" : 1712220976
},
"updatedAt" : {
"nano" : 308625000,
"epochSecond" : 1712220976
},
"deletedBy" : null,
"deletedAt" : null
}
Update Organization Preference
PUT /organization-preferences/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
preferences |
Object |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
preferences |
Object |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences/70968cc3-5768-4a4a-8564-ce34b1c9a8fc' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJRa28ya19LR2tJbW1vT1pvQlJYX19RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc2LCJleHAiOjE3MTIyMjQ1NzYsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.jvEGxV3hxkDdhYZg-4A68-DuHivqMPuS0yXvYDdsC_9o1SfXbzxmUSK_EdkEP_lX8Bq6yyCqFuD0wmEWwondYDKTI7LA9gc9l6cmxq2M_SlAqqKCBsGkm2O257wIVvF1rBRNWLSFcD_17c5rUIrm11oROYds9dxzl_mvsGiE2znzfc1TCxyA2BHTw_vwL57PUOeTxJ62-Pr5LoY9xvGizZWZapx_j1rsvqQJA6BrTCCwrGHmY002Byum2u6ibvbZQY-1I5fZn78NvJCWhOjfmw9aawycP7lVIiZHxn3UzCuqIdF05Hhn0vl1fPUNKLGYZqw7tHqDAtHv6tll2yZklA' \
-d '{"preferences":{"updated":"my second preference."}}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 433
{
"id" : "70968cc3-5768-4a4a-8564-ce34b1c9a8fc",
"organizationId" : "f6a34ec8-b034-4c35-878d-016f9796f126",
"preferences" : {
"updated" : "my second preference."
},
"createdBy" : "8b7cf742-fd6b-4bc1-9984-d1ce746eb12d",
"createdAt" : {
"nano" : 593790000,
"epochSecond" : 1712220976
},
"updatedAt" : {
"nano" : 611256000,
"epochSecond" : 1712220976
},
"deletedBy" : null,
"deletedAt" : null
}
Delete Organization Preference
DELETE /organization-preferences/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
true |
|
organizationId |
String |
true |
|
preferences |
Object |
true |
|
createdBy |
String |
true |
|
createdAt |
Object |
true |
|
updatedAt |
Object |
true |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences/37ccff15-1180-4e31-8d2a-7607e9bff95e' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJRa28ya19LR2tJbW1vT1pvQlJYX19RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6ImM3NjhmNjc2LTg1MjgtNDg4Yi1iNDEwLTZkYmViOTljOWJiNCIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNzEyMjIwOTc2LCJleHAiOjE3MTIyMjQ1NzYsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI0MTZlMDA0Yi04NTcxLTRmOWQtOTY2Zi01YzQzMDYyODA0MjdcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzZ9LHtcImlkXCI6XCJlZWZmN2VhMi04NDY4LTQyNDQtOGZkYi0wYTUyYWQ5MGMwMTFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzF9LHtcImlkXCI6XCJlMzZlMzNiMC05NWEzLTQ3NDEtYmY4OS1mNTQ0OGFlMmU2YTBcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzV9LHtcImlkXCI6XCI0ZWVlNjU1Ny1kMDViLTQ0NTQtYjhlMi0zMDIxYWY0ZGE3NjFcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzJ9LHtcImlkXCI6XCJkYjA4MGQ0NC0zZjE0LTQwODAtYmVkYy0wMTc2NDE4ZjlhNTZcIixcImxhc3RNb2RpZmllZFwiOjE3MTIyMjA5NzN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.jvEGxV3hxkDdhYZg-4A68-DuHivqMPuS0yXvYDdsC_9o1SfXbzxmUSK_EdkEP_lX8Bq6yyCqFuD0wmEWwondYDKTI7LA9gc9l6cmxq2M_SlAqqKCBsGkm2O257wIVvF1rBRNWLSFcD_17c5rUIrm11oROYds9dxzl_mvsGiE2znzfc1TCxyA2BHTw_vwL57PUOeTxJ62-Pr5LoY9xvGizZWZapx_j1rsvqQJA6BrTCCwrGHmY002Byum2u6ibvbZQY-1I5fZn78NvJCWhOjfmw9aawycP7lVIiZHxn3UzCuqIdF05Hhn0vl1fPUNKLGYZqw7tHqDAtHv6tll2yZklA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 505
{
"id" : "37ccff15-1180-4e31-8d2a-7607e9bff95e",
"organizationId" : "e4614407-fee0-46fd-9f57-de39d18d659c",
"preferences" : {
"hello" : "world"
},
"createdBy" : "a000fbd1-1520-445e-bce0-b4518d4afc9e",
"createdAt" : {
"nano" : 352711000,
"epochSecond" : 1712220976
},
"updatedAt" : {
"nano" : 367945000,
"epochSecond" : 1712220976
},
"deletedBy" : "c768f676-8528-488b-b410-6dbeb99c9bb4",
"deletedAt" : {
"nano" : 367000000,
"epochSecond" : 1712220976
}
}