Introduction

This is the NetFoundry identity service

Overview

HTTP verbs

NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP verbs.

Verb Usage

GET

Used to retrieve a resource

POST

Used to create a new resource

PUT

Used to update an existing resource, full updates only

DELETE

Used to delete an existing resource
The PATCH method is not used (yet).

HTTP status codes

NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP status codes.

Status code Usage

200 OK

The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request, the response will contain an entity describing or containing the result of the action.

201 Created

The request has been fulfilled and resulted in a new resource being created.

202 Accepted

The request has been accepted and is being processed asynchronously Standard response for successful HTTP requests which invoke back-end services.

204 No Content

The server successfully processed the request, but is not returning any content.

400 Bad Request

The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing).

401 Unauthorized

The request lacks valid authentication credentials for the target resource.

403 Forbidden

The request is authenticated with valid credentials however that set of credentials is not authorized to access this resource.

404 Not Found

The requested resource could not be found but may be available again in the future. Subsequent requests by the client are permissible.

Resources

Organization

Find Organizations

GET /organizations

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

name

String

true

active

Boolean

true

mfaProviders

Object

true

includeDeleted

Boolean

true

Default value: 'false'.

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

true

name

String

true

Used for display purposes. Not unique or private.

label

String

true

A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label.

identityProviders

Array[Object]

true

The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly.

identityProviders[].id

String

true

identityProviders[].organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

identityProviders[].auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

identityProviders[].name

String

true

Used for display purposes. Not unique or private.

identityProviders[].auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

identityProviders[].active

Boolean

true

identityProviders[].createdAt

Object

true

identityProviders[].updatedAt

Object

true

identityProviders[].deletedAt

Object

true

active

Boolean

true

mfaProvider

String

true

Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA.

Must be one of [None, GoogleAuthenticator].

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deleted

Boolean

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organizations' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4dkFzOEljQlZDTDVJempnd0xIQWVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk4LCJleHAiOjE2ODU1NDc5OTgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.qR3eHNa_dhgeHkodhPUxsbUS71OyAFAhZT_fyzuCU4jbLtkeu1P1BezxOYV0Q-kvHZD_UyGRaV4NKP0SSMKPBqDxDdwxAdl3lRPujWcseP1rfw3i2wYFKuj-FPC1nr8B8ouXdNEPkSUYBXGfjCmlu_0yWHz66gKUf5m_4xM0aY4YC0H8hAjwPz7BimF1c9hR1vJ06n5cghIazRR9wQp-DzbPc2wH4Nusxuts3bVlOotCu84N_FPgTq2uHchZK13qsgyaTpKgXVNyuLoRjVJzjMx5pml78VVWkItfGKs7nccKhsorZbd_dHT7LlJh3IkeSBv1CVmEHLO3t-LVHXtJTg'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1851

[ {
  "id" : "18f6ae62-37e8-43df-92f5-e432ffd8e52e",
  "name" : "Newer Faster Name",
  "label" : "WW-Imports-64",
  "identityProviders" : [ {
    "id" : "413aec26-a5f3-49ad-ae51-8ed04af467ce",
    "organizationId" : "18f6ae62-37e8-43df-92f5-e432ffd8e52e",
    "auth0ConnectionId" : "auth0-opaque-connectionId-65",
    "name" : "Username/Password",
    "auth0ConnectionType" : "Database",
    "active" : true,
    "createdAt" : {
      "nano" : 25308000,
      "epochSecond" : 1685544399
    },
    "updatedAt" : null,
    "deletedAt" : null
  } ],
  "active" : true,
  "mfaProvider" : "GoogleAuthenticator",
  "createdAt" : {
    "nano" : 24515000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : {
    "nano" : 49152000,
    "epochSecond" : 1685544399
  },
  "deletedAt" : null,
  "deleted" : false
}, {
  "id" : "1b8fbb20-f999-49aa-bcde-d08aadb93e4a",
  "name" : "Best Corp.",
  "label" : "BEST-CORP",
  "identityProviders" : [ {
    "id" : "306c4663-dd09-4587-8705-e30f19b782d5",
    "organizationId" : "1b8fbb20-f999-49aa-bcde-d08aadb93e4a",
    "auth0ConnectionId" : "auth0-opaque-connection",
    "name" : "Best Corp.",
    "auth0ConnectionType" : "Enterprise",
    "active" : true,
    "createdAt" : {
      "nano" : 887941000,
      "epochSecond" : 1685544398
    },
    "updatedAt" : null,
    "deletedAt" : null
  } ],
  "active" : true,
  "mfaProvider" : null,
  "createdAt" : {
    "nano" : 887211000,
    "epochSecond" : 1685544398
  },
  "updatedAt" : null,
  "deletedAt" : null,
  "deleted" : false
}, {
  "id" : "1d659d09-728a-44c8-b44e-99c4b0c20c76",
  "name" : "World Wide Imports",
  "label" : "WW-Imports-37",
  "identityProviders" : [ ],
  "active" : true,
  "mfaProvider" : null,
  "createdAt" : {
    "nano" : 214682000,
    "epochSecond" : 1685544396
  },
  "updatedAt" : null,
  "deletedAt" : null,
  "deleted" : false
} ]

Get Organization By Id

GET /organizations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

name

String

true

Used for display purposes. Not unique or private.

label

String

true

A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label.

identityProviders

Array[Object]

true

The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly.

identityProviders[].id

String

true

identityProviders[].organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

identityProviders[].auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

identityProviders[].name

String

true

Used for display purposes. Not unique or private.

identityProviders[].auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

identityProviders[].active

Boolean

true

identityProviders[].createdAt

Object

true

identityProviders[].updatedAt

Object

true

identityProviders[].deletedAt

Object

true

active

Boolean

true

mfaProvider

String

true

Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA.

Must be one of [None, GoogleAuthenticator].

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deleted

Boolean

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/3fbd9e8f-f03c-42db-b027-de8221496b53' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4dkFzOEljQlZDTDVJempnd0xIQWVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk4LCJleHAiOjE2ODU1NDc5OTgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.qR3eHNa_dhgeHkodhPUxsbUS71OyAFAhZT_fyzuCU4jbLtkeu1P1BezxOYV0Q-kvHZD_UyGRaV4NKP0SSMKPBqDxDdwxAdl3lRPujWcseP1rfw3i2wYFKuj-FPC1nr8B8ouXdNEPkSUYBXGfjCmlu_0yWHz66gKUf5m_4xM0aY4YC0H8hAjwPz7BimF1c9hR1vJ06n5cghIazRR9wQp-DzbPc2wH4Nusxuts3bVlOotCu84N_FPgTq2uHchZK13qsgyaTpKgXVNyuLoRjVJzjMx5pml78VVWkItfGKs7nccKhsorZbd_dHT7LlJh3IkeSBv1CVmEHLO3t-LVHXtJTg'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1149

{
  "id" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "name" : "ACME International, Inc.",
  "label" : "ACME-0",
  "identityProviders" : [ {
    "id" : "0682f5e6-4104-4b75-aa33-4b8d3a7a892c",
    "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
    "auth0ConnectionId" : "auth0-opaque-connectionId-1",
    "name" : "ACME Federated Active Directory",
    "auth0ConnectionType" : "Enterprise",
    "active" : true,
    "createdAt" : {
      "nano" : 765893000,
      "epochSecond" : 1685544395
    },
    "updatedAt" : null,
    "deletedAt" : null
  }, {
    "id" : "2d19ea2b-a332-4990-b629-e347e3d7d559",
    "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
    "auth0ConnectionId" : "auth0-opaque-connectionId-2",
    "name" : "Google-Account",
    "auth0ConnectionType" : "Social",
    "active" : true,
    "createdAt" : {
      "nano" : 768632000,
      "epochSecond" : 1685544395
    },
    "updatedAt" : null,
    "deletedAt" : null
  } ],
  "active" : true,
  "mfaProvider" : null,
  "createdAt" : {
    "nano" : 764271000,
    "epochSecond" : 1685544395
  },
  "updatedAt" : null,
  "deletedAt" : null,
  "deleted" : false
}

Get Organization By Label

GET /organizations/label/{label:[-a-zA-Z0-9]{1,63}}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

label

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

name

String

true

Used for display purposes. Not unique or private.

label

String

true

A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label.

identityProviders

Array[Object]

true

The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly.

identityProviders[].id

String

true

identityProviders[].organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

identityProviders[].auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

identityProviders[].name

String

true

Used for display purposes. Not unique or private.

identityProviders[].auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

identityProviders[].active

Boolean

true

identityProviders[].createdAt

Object

true

identityProviders[].updatedAt

Object

true

identityProviders[].deletedAt

Object

true

active

Boolean

true

mfaProvider

String

true

Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA.

Must be one of [None, GoogleAuthenticator].

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deleted

Boolean

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/label/ACME-0' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4dkFzOEljQlZDTDVJempnd0xIQWVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk4LCJleHAiOjE2ODU1NDc5OTgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.qR3eHNa_dhgeHkodhPUxsbUS71OyAFAhZT_fyzuCU4jbLtkeu1P1BezxOYV0Q-kvHZD_UyGRaV4NKP0SSMKPBqDxDdwxAdl3lRPujWcseP1rfw3i2wYFKuj-FPC1nr8B8ouXdNEPkSUYBXGfjCmlu_0yWHz66gKUf5m_4xM0aY4YC0H8hAjwPz7BimF1c9hR1vJ06n5cghIazRR9wQp-DzbPc2wH4Nusxuts3bVlOotCu84N_FPgTq2uHchZK13qsgyaTpKgXVNyuLoRjVJzjMx5pml78VVWkItfGKs7nccKhsorZbd_dHT7LlJh3IkeSBv1CVmEHLO3t-LVHXtJTg'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1149

{
  "id" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "name" : "ACME International, Inc.",
  "label" : "ACME-0",
  "identityProviders" : [ {
    "id" : "0682f5e6-4104-4b75-aa33-4b8d3a7a892c",
    "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
    "auth0ConnectionId" : "auth0-opaque-connectionId-1",
    "name" : "ACME Federated Active Directory",
    "auth0ConnectionType" : "Enterprise",
    "active" : true,
    "createdAt" : {
      "nano" : 765893000,
      "epochSecond" : 1685544395
    },
    "updatedAt" : null,
    "deletedAt" : null
  }, {
    "id" : "2d19ea2b-a332-4990-b629-e347e3d7d559",
    "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
    "auth0ConnectionId" : "auth0-opaque-connectionId-2",
    "name" : "Google-Account",
    "auth0ConnectionType" : "Social",
    "active" : true,
    "createdAt" : {
      "nano" : 768632000,
      "epochSecond" : 1685544395
    },
    "updatedAt" : null,
    "deletedAt" : null
  } ],
  "active" : true,
  "mfaProvider" : null,
  "createdAt" : {
    "nano" : 764271000,
    "epochSecond" : 1685544395
  },
  "updatedAt" : null,
  "deletedAt" : null,
  "deleted" : false
}

Create Organization

POST /organizations

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

name

String

true

label

String

true

auth0ConnectionId

String

true

identityProviderName

String

true

auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

Response fields

Path Type Optional Description

id

String

true

name

String

true

Used for display purposes. Not unique or private.

label

String

true

A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label.

identityProviders

Array[Object]

true

The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly.

identityProviders[].id

String

true

identityProviders[].organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

identityProviders[].auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

identityProviders[].name

String

true

Used for display purposes. Not unique or private.

identityProviders[].auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

identityProviders[].active

Boolean

true

identityProviders[].createdAt

Object

true

identityProviders[].updatedAt

Object

true

identityProviders[].deletedAt

Object

true

active

Boolean

true

mfaProvider

String

true

Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA.

Must be one of [None, GoogleAuthenticator].

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deleted

Boolean

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organizations' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4dkFzOEljQlZDTDVJempnd0xIQWVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk4LCJleHAiOjE2ODU1NDc5OTgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.qR3eHNa_dhgeHkodhPUxsbUS71OyAFAhZT_fyzuCU4jbLtkeu1P1BezxOYV0Q-kvHZD_UyGRaV4NKP0SSMKPBqDxDdwxAdl3lRPujWcseP1rfw3i2wYFKuj-FPC1nr8B8ouXdNEPkSUYBXGfjCmlu_0yWHz66gKUf5m_4xM0aY4YC0H8hAjwPz7BimF1c9hR1vJ06n5cghIazRR9wQp-DzbPc2wH4Nusxuts3bVlOotCu84N_FPgTq2uHchZK13qsgyaTpKgXVNyuLoRjVJzjMx5pml78VVWkItfGKs7nccKhsorZbd_dHT7LlJh3IkeSBv1CVmEHLO3t-LVHXtJTg' \
    -d '{"name":"Best Corp.","label":"BEST-CORP","auth0ConnectionId":"auth0-opaque-connection","identityProviderName":"Corp SAML","auth0ConnectionType":"Enterprise"}'

Example response

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 712

{
  "id" : "1b8fbb20-f999-49aa-bcde-d08aadb93e4a",
  "name" : "Best Corp.",
  "label" : "BEST-CORP",
  "identityProviders" : [ {
    "id" : "306c4663-dd09-4587-8705-e30f19b782d5",
    "organizationId" : "1b8fbb20-f999-49aa-bcde-d08aadb93e4a",
    "auth0ConnectionId" : "auth0-opaque-connection",
    "name" : "Best Corp.",
    "auth0ConnectionType" : "Enterprise",
    "active" : true,
    "createdAt" : {
      "nano" : 887941000,
      "epochSecond" : 1685544398
    },
    "updatedAt" : null,
    "deletedAt" : null
  } ],
  "active" : true,
  "mfaProvider" : null,
  "createdAt" : {
    "nano" : 887211000,
    "epochSecond" : 1685544398
  },
  "updatedAt" : null,
  "deletedAt" : null,
  "deleted" : false
}

Activate Or Deactivate Organization

PUT /organizations/{id}/{action:activate|deactivate}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

action

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

name

String

true

Used for display purposes. Not unique or private.

label

String

true

A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label.

identityProviders

Array[Object]

true

The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly.

identityProviders[].id

String

true

identityProviders[].organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

identityProviders[].auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

identityProviders[].name

String

true

Used for display purposes. Not unique or private.

identityProviders[].auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

identityProviders[].active

Boolean

true

identityProviders[].createdAt

Object

true

identityProviders[].updatedAt

Object

true

identityProviders[].deletedAt

Object

true

active

Boolean

true

mfaProvider

String

true

Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA.

Must be one of [None, GoogleAuthenticator].

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deleted

Boolean

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/471b4e6d-dbad-43ff-9c89-3ca2c345b11d/deactivate' -i -X PUT \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4dkFzOEljQlZDTDVJempnd0xIQWVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk4LCJleHAiOjE2ODU1NDc5OTgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.qR3eHNa_dhgeHkodhPUxsbUS71OyAFAhZT_fyzuCU4jbLtkeu1P1BezxOYV0Q-kvHZD_UyGRaV4NKP0SSMKPBqDxDdwxAdl3lRPujWcseP1rfw3i2wYFKuj-FPC1nr8B8ouXdNEPkSUYBXGfjCmlu_0yWHz66gKUf5m_4xM0aY4YC0H8hAjwPz7BimF1c9hR1vJ06n5cghIazRR9wQp-DzbPc2wH4Nusxuts3bVlOotCu84N_FPgTq2uHchZK13qsgyaTpKgXVNyuLoRjVJzjMx5pml78VVWkItfGKs7nccKhsorZbd_dHT7LlJh3IkeSBv1CVmEHLO3t-LVHXtJTg'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 791

{
  "id" : "471b4e6d-dbad-43ff-9c89-3ca2c345b11d",
  "name" : "World Wide Imports",
  "label" : "WW-Imports-70",
  "identityProviders" : [ {
    "id" : "70f3d820-6dbc-45f8-91eb-c46066adaf2d",
    "organizationId" : "471b4e6d-dbad-43ff-9c89-3ca2c345b11d",
    "auth0ConnectionId" : "auth0-opaque-connectionId-71",
    "name" : "Username/Password",
    "auth0ConnectionType" : "Database",
    "active" : true,
    "createdAt" : {
      "nano" : 270415000,
      "epochSecond" : 1685544399
    },
    "updatedAt" : null,
    "deletedAt" : null
  } ],
  "active" : false,
  "mfaProvider" : null,
  "createdAt" : {
    "nano" : 269638000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : {
    "nano" : 282853000,
    "epochSecond" : 1685544399
  },
  "deletedAt" : null,
  "deleted" : false
}

Add Identity Provider (deprecated)

POST /organizations/{id}/identity-providers

Deprecated.

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

Path Type Optional Description

auth0ConnectionId

String

true

identityProviderName

String

true

auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

Response fields

Path Type Optional Description

id

String

true

name

String

true

Used for display purposes. Not unique or private.

label

String

true

A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label.

identityProviders

Array[Object]

true

The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly.

identityProviders[].id

String

true

identityProviders[].organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

identityProviders[].auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

identityProviders[].name

String

true

Used for display purposes. Not unique or private.

identityProviders[].auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

identityProviders[].active

Boolean

true

identityProviders[].createdAt

Object

true

identityProviders[].updatedAt

Object

true

identityProviders[].deletedAt

Object

true

active

Boolean

true

mfaProvider

String

true

Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA.

Must be one of [None, GoogleAuthenticator].

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deleted

Boolean

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/26833d7a-3814-44c5-afc3-eefa53f76145/identity-providers' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4dkFzOEljQlZDTDVJempnd0xIQWVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk4LCJleHAiOjE2ODU1NDc5OTgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.qR3eHNa_dhgeHkodhPUxsbUS71OyAFAhZT_fyzuCU4jbLtkeu1P1BezxOYV0Q-kvHZD_UyGRaV4NKP0SSMKPBqDxDdwxAdl3lRPujWcseP1rfw3i2wYFKuj-FPC1nr8B8ouXdNEPkSUYBXGfjCmlu_0yWHz66gKUf5m_4xM0aY4YC0H8hAjwPz7BimF1c9hR1vJ06n5cghIazRR9wQp-DzbPc2wH4Nusxuts3bVlOotCu84N_FPgTq2uHchZK13qsgyaTpKgXVNyuLoRjVJzjMx5pml78VVWkItfGKs7nccKhsorZbd_dHT7LlJh3IkeSBv1CVmEHLO3t-LVHXtJTg' \
    -d '{"auth0ConnectionId":"auth0-opaque-connection","identityProviderName":"Corp SAML","auth0ConnectionType":"Enterprise"}'

Example response

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 1130

{
  "id" : "26833d7a-3814-44c5-afc3-eefa53f76145",
  "name" : "World Wide Imports",
  "label" : "WW-Imports-66",
  "identityProviders" : [ {
    "id" : "52b00510-a816-4f33-aeee-0787bc56e547",
    "organizationId" : "26833d7a-3814-44c5-afc3-eefa53f76145",
    "auth0ConnectionId" : "auth0-opaque-connectionId-67",
    "name" : "Username/Password",
    "auth0ConnectionType" : "Database",
    "active" : true,
    "createdAt" : {
      "nano" : 176316000,
      "epochSecond" : 1685544399
    },
    "updatedAt" : null,
    "deletedAt" : null
  }, {
    "id" : "74c784c6-8474-4653-a92b-d6c0446a1d29",
    "organizationId" : "26833d7a-3814-44c5-afc3-eefa53f76145",
    "auth0ConnectionId" : "auth0-opaque-connection",
    "name" : "Corp SAML",
    "auth0ConnectionType" : "Enterprise",
    "active" : true,
    "createdAt" : {
      "nano" : 195501000,
      "epochSecond" : 1685544399
    },
    "updatedAt" : null,
    "deletedAt" : null
  } ],
  "active" : true,
  "mfaProvider" : null,
  "createdAt" : {
    "nano" : 175214000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : null,
  "deletedAt" : null,
  "deleted" : false
}

Identity Providers

Find Identity Providers

GET /identity-providers

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

name

String

true

organizationId

Object

true

auth0ConnectionId

Object

true

auth0ConnectionType

Object

true

active

Boolean

true

deleted

Object

true

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

true

organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

name

String

true

Used for display purposes. Not unique or private.

auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

active

Boolean

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJOQm9XdndOWWNuOEJNNVF0LVBobWpRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCJmNmJhYjI4MS0yYTE4LTRlMjYtYWNhYy1hYWQ5Y2Q2OGQ0ZmJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.u20LICb2n7MlIZVHCAKOgkBYaWFcl5ifVGTUNdFtzjyFv-bKpU4BeZV3lDL-UBmv2KClHzZ3ZVPCeOkBRKACeisD_IdM7zQoGixiMQWNr4AZhPyXM2xzAs-VEkATuVkUKpn5NAUWlWn451sHUceh_SQBDivofBUaMlE524dYBPaT0ohXff9EcuI8TGUs10DNNbxDsyuI-KKjcNfcxmkawjVpdQwKsJjqBHfBEwvl97Vt0p84tiENeUPBCbtMQ4d16a3I6y9ec07lbg86wRZcMHw9TdNFKFNlpfIA8vgqMrmAcv1n3IGiYWhX_fpKR4k_oOtAG-SACdGESU2gjCgs7A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1160

[ {
  "id" : "00ac0264-234d-4f92-83dc-434118be057f",
  "organizationId" : "43d8a228-b4ff-4bbc-92cd-dd6cf135cc76",
  "auth0ConnectionId" : "auth0-opaque-connectionId-104",
  "name" : "Username/Password",
  "auth0ConnectionType" : "Database",
  "active" : true,
  "createdAt" : {
    "nano" : 61457000,
    "epochSecond" : 1685544400
  },
  "updatedAt" : null,
  "deletedAt" : null
}, {
  "id" : "0682f5e6-4104-4b75-aa33-4b8d3a7a892c",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "auth0ConnectionId" : "auth0-opaque-connectionId-1",
  "name" : "ACME Federated Active Directory",
  "auth0ConnectionType" : "Enterprise",
  "active" : true,
  "createdAt" : {
    "nano" : 765893000,
    "epochSecond" : 1685544395
  },
  "updatedAt" : null,
  "deletedAt" : null
}, {
  "id" : "0d6fae55-143c-4aa0-a863-0b049c0e2b73",
  "organizationId" : "f5a87b71-4469-43cd-81d9-ccb7bf1b56fc",
  "auth0ConnectionId" : "auth0-opaque-connectionId-28",
  "name" : "Username/Password",
  "auth0ConnectionType" : "Database",
  "active" : true,
  "createdAt" : {
    "nano" : 152916000,
    "epochSecond" : 1685544396
  },
  "updatedAt" : null,
  "deletedAt" : null
} ]

Get Identity Provider

GET /identity-providers/{id}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

name

String

true

Used for display purposes. Not unique or private.

auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

active

Boolean

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/0682f5e6-4104-4b75-aa33-4b8d3a7a892c' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJOQm9XdndOWWNuOEJNNVF0LVBobWpRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCJmNmJhYjI4MS0yYTE4LTRlMjYtYWNhYy1hYWQ5Y2Q2OGQ0ZmJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.u20LICb2n7MlIZVHCAKOgkBYaWFcl5ifVGTUNdFtzjyFv-bKpU4BeZV3lDL-UBmv2KClHzZ3ZVPCeOkBRKACeisD_IdM7zQoGixiMQWNr4AZhPyXM2xzAs-VEkATuVkUKpn5NAUWlWn451sHUceh_SQBDivofBUaMlE524dYBPaT0ohXff9EcuI8TGUs10DNNbxDsyuI-KKjcNfcxmkawjVpdQwKsJjqBHfBEwvl97Vt0p84tiENeUPBCbtMQ4d16a3I6y9ec07lbg86wRZcMHw9TdNFKFNlpfIA8vgqMrmAcv1n3IGiYWhX_fpKR4k_oOtAG-SACdGESU2gjCgs7A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 394

{
  "id" : "0682f5e6-4104-4b75-aa33-4b8d3a7a892c",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "auth0ConnectionId" : "auth0-opaque-connectionId-1",
  "name" : "ACME Federated Active Directory",
  "auth0ConnectionType" : "Enterprise",
  "active" : true,
  "createdAt" : {
    "nano" : 765893000,
    "epochSecond" : 1685544395
  },
  "updatedAt" : null,
  "deletedAt" : null
}

Create Identity Provider

POST /identity-providers

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

organizationId

String

true

auth0ConnectionId

String

true

name

String

true

auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

name

String

true

Used for display purposes. Not unique or private.

auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

active

Boolean

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJOQm9XdndOWWNuOEJNNVF0LVBobWpRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCJmNmJhYjI4MS0yYTE4LTRlMjYtYWNhYy1hYWQ5Y2Q2OGQ0ZmJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.u20LICb2n7MlIZVHCAKOgkBYaWFcl5ifVGTUNdFtzjyFv-bKpU4BeZV3lDL-UBmv2KClHzZ3ZVPCeOkBRKACeisD_IdM7zQoGixiMQWNr4AZhPyXM2xzAs-VEkATuVkUKpn5NAUWlWn451sHUceh_SQBDivofBUaMlE524dYBPaT0ohXff9EcuI8TGUs10DNNbxDsyuI-KKjcNfcxmkawjVpdQwKsJjqBHfBEwvl97Vt0p84tiENeUPBCbtMQ4d16a3I6y9ec07lbg86wRZcMHw9TdNFKFNlpfIA8vgqMrmAcv1n3IGiYWhX_fpKR4k_oOtAG-SACdGESU2gjCgs7A' \
    -d '{"organizationId":"d9b069a9-d0ae-4156-a24c-1f02c655d8bc","auth0ConnectionId":"auth0-opaque-connection","name":"Corp SAML","auth0ConnectionType":"Enterprise"}'

Example response

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 368

{
  "id" : "26b8d787-8a84-41d6-bb48-31fbbda1cec8",
  "organizationId" : "d9b069a9-d0ae-4156-a24c-1f02c655d8bc",
  "auth0ConnectionId" : "auth0-opaque-connection",
  "name" : "Corp SAML",
  "auth0ConnectionType" : "Enterprise",
  "active" : true,
  "createdAt" : {
    "nano" : 541017000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : null,
  "deletedAt" : null
}

Update Identity Provider

PUT /identity-providers/{id}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

Path Type Optional Description

name

String

true

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

name

String

true

Used for display purposes. Not unique or private.

auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

active

Boolean

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/b7119de2-ffe3-4916-ba7c-e0a036899ce3' -i -X PUT \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJOQm9XdndOWWNuOEJNNVF0LVBobWpRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCJmNmJhYjI4MS0yYTE4LTRlMjYtYWNhYy1hYWQ5Y2Q2OGQ0ZmJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.u20LICb2n7MlIZVHCAKOgkBYaWFcl5ifVGTUNdFtzjyFv-bKpU4BeZV3lDL-UBmv2KClHzZ3ZVPCeOkBRKACeisD_IdM7zQoGixiMQWNr4AZhPyXM2xzAs-VEkATuVkUKpn5NAUWlWn451sHUceh_SQBDivofBUaMlE524dYBPaT0ohXff9EcuI8TGUs10DNNbxDsyuI-KKjcNfcxmkawjVpdQwKsJjqBHfBEwvl97Vt0p84tiENeUPBCbtMQ4d16a3I6y9ec07lbg86wRZcMHw9TdNFKFNlpfIA8vgqMrmAcv1n3IGiYWhX_fpKR4k_oOtAG-SACdGESU2gjCgs7A' \
    -d '{"name":"New IdP Name"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 431

{
  "id" : "b7119de2-ffe3-4916-ba7c-e0a036899ce3",
  "organizationId" : "353b1293-c1e9-47b4-8b65-370674901eab",
  "auth0ConnectionId" : "auth0-opaque-connectionId-185",
  "name" : "New IdP Name",
  "auth0ConnectionType" : "Database",
  "active" : true,
  "createdAt" : {
    "nano" : 652231000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : {
    "nano" : 662475000,
    "epochSecond" : 1685544435
  },
  "deletedAt" : null
}

Activate Or Deactivate Identity Provider

PUT /identity-providers/{id}/{action:activate|deactivate}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

action

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

name

String

true

Used for display purposes. Not unique or private.

auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

active

Boolean

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/8d081305-c93b-4dc1-a71c-0124f8611215/activate' -i -X PUT \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJOQm9XdndOWWNuOEJNNVF0LVBobWpRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCJmNmJhYjI4MS0yYTE4LTRlMjYtYWNhYy1hYWQ5Y2Q2OGQ0ZmJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.u20LICb2n7MlIZVHCAKOgkBYaWFcl5ifVGTUNdFtzjyFv-bKpU4BeZV3lDL-UBmv2KClHzZ3ZVPCeOkBRKACeisD_IdM7zQoGixiMQWNr4AZhPyXM2xzAs-VEkATuVkUKpn5NAUWlWn451sHUceh_SQBDivofBUaMlE524dYBPaT0ohXff9EcuI8TGUs10DNNbxDsyuI-KKjcNfcxmkawjVpdQwKsJjqBHfBEwvl97Vt0p84tiENeUPBCbtMQ4d16a3I6y9ec07lbg86wRZcMHw9TdNFKFNlpfIA8vgqMrmAcv1n3IGiYWhX_fpKR4k_oOtAG-SACdGESU2gjCgs7A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 380

{
  "id" : "8d081305-c93b-4dc1-a71c-0124f8611215",
  "organizationId" : "5929a7bd-cecc-45f5-a730-bac55a6be58c",
  "auth0ConnectionId" : "auth0-opaque-connectionId-181",
  "name" : "Username/Password",
  "auth0ConnectionType" : "Database",
  "active" : true,
  "createdAt" : {
    "nano" : 580780000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : null,
  "deletedAt" : null
}

Delete Identity Provider

DELETE /identity-providers/{id}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

The id of the {@link Organization} that this provider will authenticate users into.

auth0ConnectionId

String

true

The auth0 generated id of the auth0 connection that this IdentityProvider represents.

name

String

true

Used for display purposes. Not unique or private.

auth0ConnectionType

String

true

Must be one of [Database, Social, Enterprise, Passwordless].

active

Boolean

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/7cec6790-9d4c-4d74-a73e-5ce46fd43888' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJOQm9XdndOWWNuOEJNNVF0LVBobWpRIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCJmNmJhYjI4MS0yYTE4LTRlMjYtYWNhYy1hYWQ5Y2Q2OGQ0ZmJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.u20LICb2n7MlIZVHCAKOgkBYaWFcl5ifVGTUNdFtzjyFv-bKpU4BeZV3lDL-UBmv2KClHzZ3ZVPCeOkBRKACeisD_IdM7zQoGixiMQWNr4AZhPyXM2xzAs-VEkATuVkUKpn5NAUWlWn451sHUceh_SQBDivofBUaMlE524dYBPaT0ohXff9EcuI8TGUs10DNNbxDsyuI-KKjcNfcxmkawjVpdQwKsJjqBHfBEwvl97Vt0p84tiENeUPBCbtMQ4d16a3I6y9ec07lbg86wRZcMHw9TdNFKFNlpfIA8vgqMrmAcv1n3IGiYWhX_fpKR4k_oOtAG-SACdGESU2gjCgs7A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492

{
  "id" : "7cec6790-9d4c-4d74-a73e-5ce46fd43888",
  "organizationId" : "3dd9ec85-358e-4643-88bb-1439437109fc",
  "auth0ConnectionId" : "auth0-opaque-connectionId-183",
  "name" : "Username/Password",
  "auth0ConnectionType" : "Database",
  "active" : true,
  "createdAt" : {
    "nano" : 626417000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : {
    "nano" : 634858000,
    "epochSecond" : 1685544435
  },
  "deletedAt" : {
    "nano" : 634000000,
    "epochSecond" : 1685544435
  }
}

User Identity

Get Identity

GET /identities/self

Get an Identity (regardless of type) by its id.

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

name

String

true

id

String

true

type

String

true

active

Boolean

true

email

String

true

createdAt

Object

true

organizationId

String

true

tenantId

String

true

Deprecated..

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identities/self' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJqVjBJVjNMWHBRSjQycmRHVHBwWVV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.is-YgUFckhUO_Kf4iuYesFdBlKVbxG35DMJt4sqbQo7BoANGYq3wy9s8yo3WdRqIG-Oy6QxWjenecmiYSVjMkml94Hb1owmeQXRvrqAw0yvx_TeY4VNPdRKM7nPcwP1yyVz-BoMS6gdex59D-xTWViBNaU1s0IEi7jSWH2RSVpyRYZ70wPWjc21cVKltRwV-NVTIuzVk_MXgFrsN2ifbYrJg3KZi2IujZVqL2zyNjMjFH1pQ7qADNdcbiG7AQm-r1MtcxW2bCAMkcyaopAQl1hQs3QLUg0qmJ6ksrnDJaUAXrBrkSoSJVGsYy0A27_W0ZEcSkFA6r0Sy7ImmKQR27Q'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 691

{
  "id" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "firstName" : "TESTING",
  "lastName" : "CLIENT",
  "email" : "test.client@server.com",
  "identityMappings" : [ {
    "id" : "0edb46bd-9ea0-4078-a5ca-3028c4c25049",
    "auth0UserId" : "auth0-opaque-userId-6",
    "identityProviderId" : "0682f5e6-4104-4b75-aa33-4b8d3a7a892c",
    "userIdentityId" : "3b47b144-3b46-471f-9b3a-34daaf752e7c"
  } ],
  "active" : true,
  "createdAt" : {
    "nano" : 776541000,
    "epochSecond" : 1685544395
  },
  "deletedAt" : null,
  "name" : "TESTING CLIENT",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "UserIdentity"
}

Get Identity

GET /identities/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}

Get an Identity (regardless of type) by its id.

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

The id of the desired Identity.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

name

String

true

id

String

true

type

String

true

active

Boolean

true

email

String

true

createdAt

Object

true

organizationId

String

true

tenantId

String

true

Deprecated..

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identities/62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJqVjBJVjNMWHBRSjQycmRHVHBwWVV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.is-YgUFckhUO_Kf4iuYesFdBlKVbxG35DMJt4sqbQo7BoANGYq3wy9s8yo3WdRqIG-Oy6QxWjenecmiYSVjMkml94Hb1owmeQXRvrqAw0yvx_TeY4VNPdRKM7nPcwP1yyVz-BoMS6gdex59D-xTWViBNaU1s0IEi7jSWH2RSVpyRYZ70wPWjc21cVKltRwV-NVTIuzVk_MXgFrsN2ifbYrJg3KZi2IujZVqL2zyNjMjFH1pQ7qADNdcbiG7AQm-r1MtcxW2bCAMkcyaopAQl1hQs3QLUg0qmJ6ksrnDJaUAXrBrkSoSJVGsYy0A27_W0ZEcSkFA6r0Sy7ImmKQR27Q'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 674

{
  "id" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "firstName" : "John",
  "lastName" : "Doe",
  "email" : "john.doe@acme.com",
  "identityMappings" : [ {
    "id" : "c8db65d9-0fad-4a7c-9fc5-85c6d986c48b",
    "auth0UserId" : "auth0-opaque-userId-3",
    "identityProviderId" : "0682f5e6-4104-4b75-aa33-4b8d3a7a892c",
    "userIdentityId" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b"
  } ],
  "active" : true,
  "createdAt" : {
    "nano" : 771825000,
    "epochSecond" : 1685544395
  },
  "deletedAt" : null,
  "name" : "John Doe",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "UserIdentity"
}

Find User Identities

GET /user-identities

Returns a set of {@link UserIdentity}s that are visible to the requesting client and optionally filtered based on the submitted request parameters. optionally filtered based on the submitted request parameters.

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

tenantId

Object

true

Deprecated..

organizationId

Object

true

Restricts results to Identities in the specified Organization (by Organization’s id.).

identityProviderId

Object

true

firstName

String

true

lastName

String

true

email

String

true

active

Boolean

true

Restricts results to Identities with a matching active status.

includeDeleted

Boolean

true

Default value: 'false'.

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

true

organizationId

String

true

firstName

String

true

lastName

String

true

email

String

true

identityMappings

Array[Object]

true

identityMappings[].id

String

true

identityMappings[].auth0UserId

String

true

identityMappings[].identityProviderId

String

true

identityMappings[].userIdentityId

String

true

active

Boolean

true

createdAt

Object

true

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

name

String

true

tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

type

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJqVjBJVjNMWHBRSjQycmRHVHBwWVV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.is-YgUFckhUO_Kf4iuYesFdBlKVbxG35DMJt4sqbQo7BoANGYq3wy9s8yo3WdRqIG-Oy6QxWjenecmiYSVjMkml94Hb1owmeQXRvrqAw0yvx_TeY4VNPdRKM7nPcwP1yyVz-BoMS6gdex59D-xTWViBNaU1s0IEi7jSWH2RSVpyRYZ70wPWjc21cVKltRwV-NVTIuzVk_MXgFrsN2ifbYrJg3KZi2IujZVqL2zyNjMjFH1pQ7qADNdcbiG7AQm-r1MtcxW2bCAMkcyaopAQl1hQs3QLUg0qmJ6ksrnDJaUAXrBrkSoSJVGsYy0A27_W0ZEcSkFA6r0Sy7ImmKQR27Q'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2051

[ {
  "id" : "0a598323-f002-4428-9ab6-021de2df5ae1",
  "organizationId" : "d5ba435b-749b-45b4-bbc7-0443947da465",
  "firstName" : "First",
  "lastName" : "Last",
  "email" : "random-43@acme.com",
  "identityMappings" : [ {
    "id" : "2b147612-8005-42f2-bca9-7f0b924b6133",
    "auth0UserId" : "auth0-opaque-userId-44",
    "identityProviderId" : "574617e4-56a1-481a-8b8e-8215fb0a3810",
    "userIdentityId" : "0a598323-f002-4428-9ab6-021de2df5ae1"
  } ],
  "active" : true,
  "createdAt" : {
    "nano" : 238508000,
    "epochSecond" : 1685544396
  },
  "deletedAt" : null,
  "name" : "First Last",
  "tenantId" : "d5ba435b-749b-45b4-bbc7-0443947da465",
  "type" : "UserIdentity"
}, {
  "id" : "1e205e51-5882-49e6-87f8-67124e0c60b6",
  "organizationId" : "22aca6a6-4627-40da-a53d-f8a1ff884ebb",
  "firstName" : "First",
  "lastName" : "Last",
  "email" : "random-99@acme.com",
  "identityMappings" : [ {
    "id" : "765434f0-d455-4ded-8c6a-49f5094c11f4",
    "auth0UserId" : "auth0-opaque-userId-100",
    "identityProviderId" : "d6e25c15-2276-4cee-82f1-adb88e1c6442",
    "userIdentityId" : "1e205e51-5882-49e6-87f8-67124e0c60b6"
  } ],
  "active" : true,
  "createdAt" : {
    "nano" : 924039000,
    "epochSecond" : 1685544399
  },
  "deletedAt" : null,
  "name" : "First Last",
  "tenantId" : "22aca6a6-4627-40da-a53d-f8a1ff884ebb",
  "type" : "UserIdentity"
}, {
  "id" : "1f89679f-b163-4540-bea2-af3afb113251",
  "organizationId" : "370c0905-0999-4f8a-ba76-2b847d7e561f",
  "firstName" : "First",
  "lastName" : "Last",
  "email" : "random-117@acme.com",
  "identityMappings" : [ {
    "id" : "20e56eba-d142-48f9-8241-d9071193c30b",
    "auth0UserId" : "auth0-opaque-userId-118",
    "identityProviderId" : "60694f4c-aa9e-4221-8219-c89dce8fedb7",
    "userIdentityId" : "1f89679f-b163-4540-bea2-af3afb113251"
  } ],
  "active" : true,
  "createdAt" : {
    "nano" : 207390000,
    "epochSecond" : 1685544400
  },
  "deletedAt" : null,
  "name" : "First Last",
  "tenantId" : "370c0905-0999-4f8a-ba76-2b847d7e561f",
  "type" : "UserIdentity"
} ]

Get User Identity

GET /user-identities/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}

Get an User Identity by its id.

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

The id of the desired Identity.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

firstName

String

true

lastName

String

true

email

String

true

identityMappings

Array[Object]

true

identityMappings[].id

String

true

identityMappings[].auth0UserId

String

true

identityMappings[].identityProviderId

String

true

identityMappings[].userIdentityId

String

true

active

Boolean

true

createdAt

Object

true

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

name

String

true

tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

type

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJqVjBJVjNMWHBRSjQycmRHVHBwWVV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.is-YgUFckhUO_Kf4iuYesFdBlKVbxG35DMJt4sqbQo7BoANGYq3wy9s8yo3WdRqIG-Oy6QxWjenecmiYSVjMkml94Hb1owmeQXRvrqAw0yvx_TeY4VNPdRKM7nPcwP1yyVz-BoMS6gdex59D-xTWViBNaU1s0IEi7jSWH2RSVpyRYZ70wPWjc21cVKltRwV-NVTIuzVk_MXgFrsN2ifbYrJg3KZi2IujZVqL2zyNjMjFH1pQ7qADNdcbiG7AQm-r1MtcxW2bCAMkcyaopAQl1hQs3QLUg0qmJ6ksrnDJaUAXrBrkSoSJVGsYy0A27_W0ZEcSkFA6r0Sy7ImmKQR27Q'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 674

{
  "id" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "firstName" : "John",
  "lastName" : "Doe",
  "email" : "john.doe@acme.com",
  "identityMappings" : [ {
    "id" : "c8db65d9-0fad-4a7c-9fc5-85c6d986c48b",
    "auth0UserId" : "auth0-opaque-userId-3",
    "identityProviderId" : "0682f5e6-4104-4b75-aa33-4b8d3a7a892c",
    "userIdentityId" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b"
  } ],
  "active" : true,
  "createdAt" : {
    "nano" : 771825000,
    "epochSecond" : 1685544395
  },
  "deletedAt" : null,
  "name" : "John Doe",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "UserIdentity"
}

Get User Identity By Mapping

GET /user-identities/mapping/{auth0UserId}/{identityProviderId}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

auth0UserId

String

false

identityProviderId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

firstName

String

true

lastName

String

true

email

String

true

identityMappings

Array[Object]

true

identityMappings[].id

String

true

identityMappings[].auth0UserId

String

true

identityMappings[].identityProviderId

String

true

identityMappings[].userIdentityId

String

true

active

Boolean

true

createdAt

Object

true

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

name

String

true

tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

type

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/mapping/auth0-opaque-userId-3/0682f5e6-4104-4b75-aa33-4b8d3a7a892c' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJqVjBJVjNMWHBRSjQycmRHVHBwWVV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.is-YgUFckhUO_Kf4iuYesFdBlKVbxG35DMJt4sqbQo7BoANGYq3wy9s8yo3WdRqIG-Oy6QxWjenecmiYSVjMkml94Hb1owmeQXRvrqAw0yvx_TeY4VNPdRKM7nPcwP1yyVz-BoMS6gdex59D-xTWViBNaU1s0IEi7jSWH2RSVpyRYZ70wPWjc21cVKltRwV-NVTIuzVk_MXgFrsN2ifbYrJg3KZi2IujZVqL2zyNjMjFH1pQ7qADNdcbiG7AQm-r1MtcxW2bCAMkcyaopAQl1hQs3QLUg0qmJ6ksrnDJaUAXrBrkSoSJVGsYy0A27_W0ZEcSkFA6r0Sy7ImmKQR27Q'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 674

{
  "id" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "firstName" : "John",
  "lastName" : "Doe",
  "email" : "john.doe@acme.com",
  "identityMappings" : [ {
    "id" : "c8db65d9-0fad-4a7c-9fc5-85c6d986c48b",
    "auth0UserId" : "auth0-opaque-userId-3",
    "identityProviderId" : "0682f5e6-4104-4b75-aa33-4b8d3a7a892c",
    "userIdentityId" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b"
  } ],
  "active" : true,
  "createdAt" : {
    "nano" : 771825000,
    "epochSecond" : 1685544395
  },
  "deletedAt" : null,
  "name" : "John Doe",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "UserIdentity"
}

Create Identity

POST /user-identities

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

organizationId

String

true

firstName

String

true

lastName

String

true

email

String

true

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

firstName

String

true

lastName

String

true

email

String

true

identityMappings

Array[Object]

true

identityMappings[].id

String

true

identityMappings[].auth0UserId

String

true

identityMappings[].identityProviderId

String

true

identityMappings[].userIdentityId

String

true

active

Boolean

true

createdAt

Object

true

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

name

String

true

tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

type

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJqVjBJVjNMWHBRSjQycmRHVHBwWVV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.is-YgUFckhUO_Kf4iuYesFdBlKVbxG35DMJt4sqbQo7BoANGYq3wy9s8yo3WdRqIG-Oy6QxWjenecmiYSVjMkml94Hb1owmeQXRvrqAw0yvx_TeY4VNPdRKM7nPcwP1yyVz-BoMS6gdex59D-xTWViBNaU1s0IEi7jSWH2RSVpyRYZ70wPWjc21cVKltRwV-NVTIuzVk_MXgFrsN2ifbYrJg3KZi2IujZVqL2zyNjMjFH1pQ7qADNdcbiG7AQm-r1MtcxW2bCAMkcyaopAQl1hQs3QLUg0qmJ6ksrnDJaUAXrBrkSoSJVGsYy0A27_W0ZEcSkFA6r0Sy7ImmKQR27Q' \
    -d '{"organizationId":"3fbd9e8f-f03c-42db-b027-de8221496b53","firstName":"Jane","lastName":"Doe","email":"jane.doe@acme.com"}'

Example response

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 443

{
  "id" : "8ac1116e-9e00-4847-87fb-5a50c528d04c",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "firstName" : "Jane",
  "lastName" : "Doe",
  "email" : "jane.doe@acme.com",
  "identityMappings" : [ ],
  "active" : true,
  "createdAt" : {
    "nano" : 448779000,
    "epochSecond" : 1685544400
  },
  "deletedAt" : null,
  "name" : "Jane Doe",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "UserIdentity"
}

Update Identity Info

PUT /user-identities/{id}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

Path Type Optional Description

firstName

String

true

lastName

String

true

email

String

true

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

firstName

String

true

lastName

String

true

email

String

true

identityMappings

Array[Object]

true

identityMappings[].id

String

true

identityMappings[].auth0UserId

String

true

identityMappings[].identityProviderId

String

true

identityMappings[].userIdentityId

String

true

active

Boolean

true

createdAt

Object

true

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

name

String

true

tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

type

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/e6beeccc-1a77-43d5-82f2-b3cd2be5d71d' -i -X PUT \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJqVjBJVjNMWHBRSjQycmRHVHBwWVV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.is-YgUFckhUO_Kf4iuYesFdBlKVbxG35DMJt4sqbQo7BoANGYq3wy9s8yo3WdRqIG-Oy6QxWjenecmiYSVjMkml94Hb1owmeQXRvrqAw0yvx_TeY4VNPdRKM7nPcwP1yyVz-BoMS6gdex59D-xTWViBNaU1s0IEi7jSWH2RSVpyRYZ70wPWjc21cVKltRwV-NVTIuzVk_MXgFrsN2ifbYrJg3KZi2IujZVqL2zyNjMjFH1pQ7qADNdcbiG7AQm-r1MtcxW2bCAMkcyaopAQl1hQs3QLUg0qmJ6ksrnDJaUAXrBrkSoSJVGsYy0A27_W0ZEcSkFA6r0Sy7ImmKQR27Q' \
    -d '{"firstName":"Bobby","lastName":"White","email":"bobby.white@acme.com"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 685

{
  "id" : "e6beeccc-1a77-43d5-82f2-b3cd2be5d71d",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "firstName" : "Bobby",
  "lastName" : "White",
  "email" : "bobby.white@acme.com",
  "identityMappings" : [ {
    "id" : "84bd5432-efab-4251-b239-b3b94d9ba60f",
    "auth0UserId" : "auth0-opaque-userId-122",
    "identityProviderId" : "0682f5e6-4104-4b75-aa33-4b8d3a7a892c",
    "userIdentityId" : "e6beeccc-1a77-43d5-82f2-b3cd2be5d71d"
  } ],
  "active" : true,
  "createdAt" : {
    "nano" : 285936000,
    "epochSecond" : 1685544400
  },
  "deletedAt" : null,
  "name" : "Bobby White",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "UserIdentity"
}

Activate Or Deactivate User Identity

PUT /user-identities/{id}/{action:activate|deactivate}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

action

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

firstName

String

true

lastName

String

true

email

String

true

identityMappings

Array[Object]

true

identityMappings[].id

String

true

identityMappings[].auth0UserId

String

true

identityMappings[].identityProviderId

String

true

identityMappings[].userIdentityId

String

true

active

Boolean

true

createdAt

Object

true

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

name

String

true

tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

type

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/679b5bbc-7562-4e44-902d-ca789f4f6938/deactivate' -i -X PUT \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJqVjBJVjNMWHBRSjQycmRHVHBwWVV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.is-YgUFckhUO_Kf4iuYesFdBlKVbxG35DMJt4sqbQo7BoANGYq3wy9s8yo3WdRqIG-Oy6QxWjenecmiYSVjMkml94Hb1owmeQXRvrqAw0yvx_TeY4VNPdRKM7nPcwP1yyVz-BoMS6gdex59D-xTWViBNaU1s0IEi7jSWH2RSVpyRYZ70wPWjc21cVKltRwV-NVTIuzVk_MXgFrsN2ifbYrJg3KZi2IujZVqL2zyNjMjFH1pQ7qADNdcbiG7AQm-r1MtcxW2bCAMkcyaopAQl1hQs3QLUg0qmJ6ksrnDJaUAXrBrkSoSJVGsYy0A27_W0ZEcSkFA6r0Sy7ImmKQR27Q'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 683

{
  "id" : "679b5bbc-7562-4e44-902d-ca789f4f6938",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "firstName" : "First",
  "lastName" : "Last",
  "email" : "random-123@acme.com",
  "identityMappings" : [ {
    "id" : "c7994a1d-2a6f-4ad6-b1b4-160bb75b0098",
    "auth0UserId" : "auth0-opaque-userId-124",
    "identityProviderId" : "0682f5e6-4104-4b75-aa33-4b8d3a7a892c",
    "userIdentityId" : "679b5bbc-7562-4e44-902d-ca789f4f6938"
  } ],
  "active" : false,
  "createdAt" : {
    "nano" : 312994000,
    "epochSecond" : 1685544400
  },
  "deletedAt" : null,
  "name" : "First Last",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "UserIdentity"
}

Reset User Identity Mfa Settings

PUT /user-identities/{id}/reset-mfa

Calling this service will reset the user’s MFA settings. On their next login attempt, they will be required to setup their MFA settings again. This is useful if, for example, the user has replaced their phone and can no longer access their secondary authentication.

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

The id of the user identity to reset.

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/9497bf51-993d-4035-8ff0-1326182d7372/reset-mfa' -i -X PUT \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJqVjBJVjNMWHBRSjQycmRHVHBwWVV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.is-YgUFckhUO_Kf4iuYesFdBlKVbxG35DMJt4sqbQo7BoANGYq3wy9s8yo3WdRqIG-Oy6QxWjenecmiYSVjMkml94Hb1owmeQXRvrqAw0yvx_TeY4VNPdRKM7nPcwP1yyVz-BoMS6gdex59D-xTWViBNaU1s0IEi7jSWH2RSVpyRYZ70wPWjc21cVKltRwV-NVTIuzVk_MXgFrsN2ifbYrJg3KZi2IujZVqL2zyNjMjFH1pQ7qADNdcbiG7AQm-r1MtcxW2bCAMkcyaopAQl1hQs3QLUg0qmJ6ksrnDJaUAXrBrkSoSJVGsYy0A27_W0ZEcSkFA6r0Sy7ImmKQR27Q'

Example response

HTTP/1.1 200 OK

Map Identity

POST /user-identities/{id}/mapping

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

Path Type Optional Description

auth0UserId

String

true

identityProviderId

String

true

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/b92863a9-82e7-443a-b18d-7b75dd69fd68/mapping' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJqVjBJVjNMWHBRSjQycmRHVHBwWVV3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.is-YgUFckhUO_Kf4iuYesFdBlKVbxG35DMJt4sqbQo7BoANGYq3wy9s8yo3WdRqIG-Oy6QxWjenecmiYSVjMkml94Hb1owmeQXRvrqAw0yvx_TeY4VNPdRKM7nPcwP1yyVz-BoMS6gdex59D-xTWViBNaU1s0IEi7jSWH2RSVpyRYZ70wPWjc21cVKltRwV-NVTIuzVk_MXgFrsN2ifbYrJg3KZi2IujZVqL2zyNjMjFH1pQ7qADNdcbiG7AQm-r1MtcxW2bCAMkcyaopAQl1hQs3QLUg0qmJ6ksrnDJaUAXrBrkSoSJVGsYy0A27_W0ZEcSkFA6r0Sy7ImmKQR27Q' \
    -d '{"auth0UserId":"new-auth0-userId:d07f697a-c7b6-45d1-b8a7-6eeac0cb3e99","identityProviderId":"2d19ea2b-a332-4990-b629-e347e3d7d559"}'

Example response

HTTP/1.1 200 OK

Identity Session

Find Identity Sessions

GET /identity-sessions

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

organizationId

Object

true

userIdentityId

Object

true

active

Boolean

true

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

true

Id of this {@link IdentitySession}.

userIdentityId

String

true

The id of the {@link UserIdentity} who’s API activity this session tracks.

idleSessionTimeoutSeconds

Integer

true

The {@link SessionConfiguration#getIdleSessionTimeoutSeconds()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is no longer an active session. See {@link SessionConfiguration} documentation for the meaning of edge values like 0, -1, etc. Note, an identity can explicitly logout a session regardless of this configuration.

autoLogoutIdleSession

Boolean

true

The {@link SessionConfiguration#isAutoLogoutIdleSession()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is in a Logout state. As a result, as long as this is the current session (not active, but current), the client will not be able to make API requests using a token which was created before the logout at timestamp. Note, an identity can explicitly logout a session regardless of this configuration.

firstApiRequestAt

Object

true

The time at which the first API request that triggered the creation of this session occurred. This value never changes after session creation.

lastApiRequestAt

Object

true

The most recent API request time for requests associated to this session. This value is updated as this session is actively used. Once this session becomes non-active, this value is no longer changes.

terminalState

String

true

The terminal state of this session. This will be null if this snapshot of the session was read while the session’s logical state was Active or the session record has not been processed into its logical terminal state. Once set, this value is the immutable persistent state of this session. ie: the session will never have a different state after this is set. See {@link IdentitySession#getState()} to determine the logical state, regardless of whether this session has been processed.

Must be one of [Active, IdleTimeout, Logout, Terminated].

terminatedAt

Object

true

Initially null, and set only at the moment that this session was processed from an active state to a terminal state. This will never change once set. This may not precisely equal the session’s configured time to live. Sessions may be terminated early by administrative action, such as when a new session configuration should be applied. Also, server processing time may result in some amount of drift from the configured session time to live. It is possible to read a session instance during this time, when it is logically terminated but has yet to be processed as such.

terminatedBy

String

true

Only set if the session is in a terminal state; this will hold the identity id that initiated the state transition. In case of auto-logout, this will be set to an internal service identifier which detected the sessions idle state and enforced the configured auto logout configuration. In cases of a user explicitly logging out or an administrator forcing a logout of another user, this will contain that identity id that made the logout request. This is set as part of processing the termination of the session, which can lag behind the logical point in time when the session was terminated.

asOf

Object

true

An ephemeral computed property; the point in time that this snapshot of the IdentitySession was read.

state

String

true

The logical state of this IdentitySession as of the point in time that it was read from the session persistent store. This will always reflect the logical state, regardless of whether this session has been processed or not. For example, if this session exceeded its idle TTL 3 seconds before reading it but the system had not yet processed it into its final terminated state …​ this computed property will still return the state as IdleTimeout even though the terminalState property is still null.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-sessions' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4Q0w5TlFiQWZfblB5amNJSzVVQk1RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.krM7YC2FyNfeYf4fY64K-m5OgYEo7946sV0rii3U30JwwpCbJhkemZY2GkQmV_LF6iW_hSqpXzpIrNQNirim09Xg2S1gMd-dZjhKbcfACfD4E4huzQJKqzaQM_aR4i8OsXa7Tgucwm5KgJGOnv1pQkCT1T6oelOQOQrdrwuRc1I9KFUIflwnt0MYyW42xulUCfi3UendNxKhryZF07dgV-JdY8SFNoWp5g_238K4FiRw3504u2qlgCKTBragyhPgg-kwBbVnDKzsI1JibF1yZTkYlhDHxtVJPjMk70m78mZ8DXLPIocSQT0CXIm-nk-Anz-N8XNDOD86bv7xoHb_lQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1772

[ {
  "id" : "0f9afe5c-cebc-4e8f-8c97-5767e46ad6e5",
  "userIdentityId" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "idleSessionTimeoutSeconds" : 321,
  "autoLogoutIdleSession" : true,
  "firstApiRequestAt" : {
    "nano" : 361381000,
    "epochSecond" : 1685544435
  },
  "lastApiRequestAt" : {
    "nano" : 412432000,
    "epochSecond" : 1685544435
  },
  "terminalState" : "Logout",
  "terminatedAt" : {
    "nano" : 414878000,
    "epochSecond" : 1685544435
  },
  "terminatedBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "asOf" : {
    "nano" : 457572000,
    "epochSecond" : 1685544435
  },
  "state" : "Logout"
}, {
  "id" : "36e51849-cb11-4e3e-a26c-c44dcb9d135a",
  "userIdentityId" : "768c4baa-f0cd-4811-bfe6-ff95959d3223",
  "idleSessionTimeoutSeconds" : 321,
  "autoLogoutIdleSession" : true,
  "firstApiRequestAt" : {
    "nano" : 430285000,
    "epochSecond" : 1685544435
  },
  "lastApiRequestAt" : {
    "nano" : 430285000,
    "epochSecond" : 1685544435
  },
  "terminalState" : null,
  "terminatedAt" : null,
  "terminatedBy" : null,
  "asOf" : {
    "nano" : 457572000,
    "epochSecond" : 1685544435
  },
  "state" : "Active"
}, {
  "id" : "4af2b6a1-d301-4b5f-9da6-89fadfd58719",
  "userIdentityId" : "25b9df14-95e4-4aaf-97d6-2862d1df887e",
  "idleSessionTimeoutSeconds" : 300,
  "autoLogoutIdleSession" : false,
  "firstApiRequestAt" : {
    "nano" : 279010000,
    "epochSecond" : 1685544396
  },
  "lastApiRequestAt" : {
    "nano" : 279010000,
    "epochSecond" : 1685544396
  },
  "terminalState" : "Logout",
  "terminatedAt" : {
    "nano" : 279837000,
    "epochSecond" : 1685544396
  },
  "terminatedBy" : "95e60d1d-3939-4000-9f23-b0609df6a196",
  "asOf" : {
    "nano" : 457572000,
    "epochSecond" : 1685544435
  },
  "state" : "Logout"
} ]

Get Identity Session

GET /identity-sessions/{id}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

Id of this {@link IdentitySession}.

userIdentityId

String

true

The id of the {@link UserIdentity} who’s API activity this session tracks.

idleSessionTimeoutSeconds

Integer

true

The {@link SessionConfiguration#getIdleSessionTimeoutSeconds()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is no longer an active session. See {@link SessionConfiguration} documentation for the meaning of edge values like 0, -1, etc. Note, an identity can explicitly logout a session regardless of this configuration.

autoLogoutIdleSession

Boolean

true

The {@link SessionConfiguration#isAutoLogoutIdleSession()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is in a Logout state. As a result, as long as this is the current session (not active, but current), the client will not be able to make API requests using a token which was created before the logout at timestamp. Note, an identity can explicitly logout a session regardless of this configuration.

firstApiRequestAt

Object

true

The time at which the first API request that triggered the creation of this session occurred. This value never changes after session creation.

lastApiRequestAt

Object

true

The most recent API request time for requests associated to this session. This value is updated as this session is actively used. Once this session becomes non-active, this value is no longer changes.

terminalState

String

true

The terminal state of this session. This will be null if this snapshot of the session was read while the session’s logical state was Active or the session record has not been processed into its logical terminal state. Once set, this value is the immutable persistent state of this session. ie: the session will never have a different state after this is set. See {@link IdentitySession#getState()} to determine the logical state, regardless of whether this session has been processed.

Must be one of [Active, IdleTimeout, Logout, Terminated].

terminatedAt

Object

true

Initially null, and set only at the moment that this session was processed from an active state to a terminal state. This will never change once set. This may not precisely equal the session’s configured time to live. Sessions may be terminated early by administrative action, such as when a new session configuration should be applied. Also, server processing time may result in some amount of drift from the configured session time to live. It is possible to read a session instance during this time, when it is logically terminated but has yet to be processed as such.

terminatedBy

String

true

Only set if the session is in a terminal state; this will hold the identity id that initiated the state transition. In case of auto-logout, this will be set to an internal service identifier which detected the sessions idle state and enforced the configured auto logout configuration. In cases of a user explicitly logging out or an administrator forcing a logout of another user, this will contain that identity id that made the logout request. This is set as part of processing the termination of the session, which can lag behind the logical point in time when the session was terminated.

asOf

Object

true

An ephemeral computed property; the point in time that this snapshot of the IdentitySession was read.

state

String

true

The logical state of this IdentitySession as of the point in time that it was read from the session persistent store. This will always reflect the logical state, regardless of whether this session has been processed or not. For example, if this session exceeded its idle TTL 3 seconds before reading it but the system had not yet processed it into its final terminated state …​ this computed property will still return the state as IdleTimeout even though the terminalState property is still null.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-sessions/36e51849-cb11-4e3e-a26c-c44dcb9d135a' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4Q0w5TlFiQWZfblB5amNJSzVVQk1RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.krM7YC2FyNfeYf4fY64K-m5OgYEo7946sV0rii3U30JwwpCbJhkemZY2GkQmV_LF6iW_hSqpXzpIrNQNirim09Xg2S1gMd-dZjhKbcfACfD4E4huzQJKqzaQM_aR4i8OsXa7Tgucwm5KgJGOnv1pQkCT1T6oelOQOQrdrwuRc1I9KFUIflwnt0MYyW42xulUCfi3UendNxKhryZF07dgV-JdY8SFNoWp5g_238K4FiRw3504u2qlgCKTBragyhPgg-kwBbVnDKzsI1JibF1yZTkYlhDHxtVJPjMk70m78mZ8DXLPIocSQT0CXIm-nk-Anz-N8XNDOD86bv7xoHb_lQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 525

{
  "id" : "36e51849-cb11-4e3e-a26c-c44dcb9d135a",
  "userIdentityId" : "768c4baa-f0cd-4811-bfe6-ff95959d3223",
  "idleSessionTimeoutSeconds" : 321,
  "autoLogoutIdleSession" : true,
  "firstApiRequestAt" : {
    "nano" : 430285000,
    "epochSecond" : 1685544435
  },
  "lastApiRequestAt" : {
    "nano" : 430285000,
    "epochSecond" : 1685544435
  },
  "terminalState" : null,
  "terminatedAt" : null,
  "terminatedBy" : null,
  "asOf" : {
    "nano" : 436786000,
    "epochSecond" : 1685544435
  },
  "state" : "Active"
}

Get Identity Session

GET /identity-sessions/self

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

Id of this {@link IdentitySession}.

userIdentityId

String

true

The id of the {@link UserIdentity} who’s API activity this session tracks.

idleSessionTimeoutSeconds

Integer

true

The {@link SessionConfiguration#getIdleSessionTimeoutSeconds()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is no longer an active session. See {@link SessionConfiguration} documentation for the meaning of edge values like 0, -1, etc. Note, an identity can explicitly logout a session regardless of this configuration.

autoLogoutIdleSession

Boolean

true

The {@link SessionConfiguration#isAutoLogoutIdleSession()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is in a Logout state. As a result, as long as this is the current session (not active, but current), the client will not be able to make API requests using a token which was created before the logout at timestamp. Note, an identity can explicitly logout a session regardless of this configuration.

firstApiRequestAt

Object

true

The time at which the first API request that triggered the creation of this session occurred. This value never changes after session creation.

lastApiRequestAt

Object

true

The most recent API request time for requests associated to this session. This value is updated as this session is actively used. Once this session becomes non-active, this value is no longer changes.

terminalState

String

true

The terminal state of this session. This will be null if this snapshot of the session was read while the session’s logical state was Active or the session record has not been processed into its logical terminal state. Once set, this value is the immutable persistent state of this session. ie: the session will never have a different state after this is set. See {@link IdentitySession#getState()} to determine the logical state, regardless of whether this session has been processed.

Must be one of [Active, IdleTimeout, Logout, Terminated].

terminatedAt

Object

true

Initially null, and set only at the moment that this session was processed from an active state to a terminal state. This will never change once set. This may not precisely equal the session’s configured time to live. Sessions may be terminated early by administrative action, such as when a new session configuration should be applied. Also, server processing time may result in some amount of drift from the configured session time to live. It is possible to read a session instance during this time, when it is logically terminated but has yet to be processed as such.

terminatedBy

String

true

Only set if the session is in a terminal state; this will hold the identity id that initiated the state transition. In case of auto-logout, this will be set to an internal service identifier which detected the sessions idle state and enforced the configured auto logout configuration. In cases of a user explicitly logging out or an administrator forcing a logout of another user, this will contain that identity id that made the logout request. This is set as part of processing the termination of the session, which can lag behind the logical point in time when the session was terminated.

asOf

Object

true

An ephemeral computed property; the point in time that this snapshot of the IdentitySession was read.

state

String

true

The logical state of this IdentitySession as of the point in time that it was read from the session persistent store. This will always reflect the logical state, regardless of whether this session has been processed or not. For example, if this session exceeded its idle TTL 3 seconds before reading it but the system had not yet processed it into its final terminated state …​ this computed property will still return the state as IdleTimeout even though the terminalState property is still null.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-sessions/self' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4Q0w5TlFiQWZfblB5amNJSzVVQk1RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.krM7YC2FyNfeYf4fY64K-m5OgYEo7946sV0rii3U30JwwpCbJhkemZY2GkQmV_LF6iW_hSqpXzpIrNQNirim09Xg2S1gMd-dZjhKbcfACfD4E4huzQJKqzaQM_aR4i8OsXa7Tgucwm5KgJGOnv1pQkCT1T6oelOQOQrdrwuRc1I9KFUIflwnt0MYyW42xulUCfi3UendNxKhryZF07dgV-JdY8SFNoWp5g_238K4FiRw3504u2qlgCKTBragyhPgg-kwBbVnDKzsI1JibF1yZTkYlhDHxtVJPjMk70m78mZ8DXLPIocSQT0CXIm-nk-Anz-N8XNDOD86bv7xoHb_lQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 525

{
  "id" : "0f9afe5c-cebc-4e8f-8c97-5767e46ad6e5",
  "userIdentityId" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "idleSessionTimeoutSeconds" : 321,
  "autoLogoutIdleSession" : true,
  "firstApiRequestAt" : {
    "nano" : 361381000,
    "epochSecond" : 1685544435
  },
  "lastApiRequestAt" : {
    "nano" : 361381000,
    "epochSecond" : 1685544435
  },
  "terminalState" : null,
  "terminatedAt" : null,
  "terminatedBy" : null,
  "asOf" : {
    "nano" : 369742000,
    "epochSecond" : 1685544435
  },
  "state" : "Active"
}

Logout

DELETE /identity-sessions

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

Parameter Type Optional Description

userIdentityId

Object

false

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-sessions?userIdentityId=21d07bbd-4a17-4878-9bcf-46052b6a1c25' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4Q0w5TlFiQWZfblB5amNJSzVVQk1RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.krM7YC2FyNfeYf4fY64K-m5OgYEo7946sV0rii3U30JwwpCbJhkemZY2GkQmV_LF6iW_hSqpXzpIrNQNirim09Xg2S1gMd-dZjhKbcfACfD4E4huzQJKqzaQM_aR4i8OsXa7Tgucwm5KgJGOnv1pQkCT1T6oelOQOQrdrwuRc1I9KFUIflwnt0MYyW42xulUCfi3UendNxKhryZF07dgV-JdY8SFNoWp5g_238K4FiRw3504u2qlgCKTBragyhPgg-kwBbVnDKzsI1JibF1yZTkYlhDHxtVJPjMk70m78mZ8DXLPIocSQT0CXIm-nk-Anz-N8XNDOD86bv7xoHb_lQ' \
    -H 'Content-Type: application/x-www-form-urlencoded'

Example response

HTTP/1.1 204 No Content

Logout

DELETE /identity-sessions/self

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-sessions/self' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ4Q0w5TlFiQWZfblB5amNJSzVVQk1RIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.krM7YC2FyNfeYf4fY64K-m5OgYEo7946sV0rii3U30JwwpCbJhkemZY2GkQmV_LF6iW_hSqpXzpIrNQNirim09Xg2S1gMd-dZjhKbcfACfD4E4huzQJKqzaQM_aR4i8OsXa7Tgucwm5KgJGOnv1pQkCT1T6oelOQOQrdrwuRc1I9KFUIflwnt0MYyW42xulUCfi3UendNxKhryZF07dgV-JdY8SFNoWp5g_238K4FiRw3504u2qlgCKTBragyhPgg-kwBbVnDKzsI1JibF1yZTkYlhDHxtVJPjMk70m78mZ8DXLPIocSQT0CXIm-nk-Anz-N8XNDOD86bv7xoHb_lQ'

Example response

HTTP/1.1 204 No Content

Session Configuration

Find Session Configurations

GET /session-configurations

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

organizationId

Object

true

identityProviderId

Object

true

identityId

Object

true

idleSessionTimeoutSecondsMinInclusive

Integer

true

idleSessionTimeoutSecondsMaxExclusive

Integer

true

autoLogoutIdleSession

Boolean

true

includeDeleted

Boolean

true

Default value: 'false'.

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

true

The id of this {@link SessionConfiguration}.

organizationId

String

true

The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids.

identityProviderId

String

true

The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids.

identityId

String

true

The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids.

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deletedBy

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1517

[ {
  "id" : "1cfebde3-1948-47be-97a4-f770bb411115",
  "organizationId" : null,
  "identityProviderId" : null,
  "identityId" : null,
  "idleSessionTimeoutSeconds" : 321,
  "autoLogoutIdleSession" : true,
  "createdBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "createdAt" : {
    "nano" : 7765000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : {
    "nano" : 7765000,
    "epochSecond" : 1685544435
  },
  "deletedAt" : null,
  "deletedBy" : null
}, {
  "id" : "1edc7626-3c8e-4fd6-9bfb-01c9ae87e7f6",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "identityProviderId" : null,
  "identityId" : "32cfe7c2-2641-4643-8e5a-3bd5eed963af",
  "idleSessionTimeoutSeconds" : 123,
  "autoLogoutIdleSession" : true,
  "createdBy" : "9408b1f8-976d-42b3-80b7-850d03975598",
  "createdAt" : {
    "nano" : 963789000,
    "epochSecond" : 1685544434
  },
  "updatedAt" : {
    "nano" : 963789000,
    "epochSecond" : 1685544434
  },
  "deletedAt" : null,
  "deletedBy" : null
}, {
  "id" : "af973723-7318-4a0a-997f-01c53c5d2cb3",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "identityProviderId" : null,
  "identityId" : "189f909e-0835-47dd-a9d9-c40975ae122d",
  "idleSessionTimeoutSeconds" : 123,
  "autoLogoutIdleSession" : true,
  "createdBy" : "d18da0a0-2d86-46ce-9d02-f63a0cded4f8",
  "createdAt" : {
    "nano" : 916211000,
    "epochSecond" : 1685544434
  },
  "updatedAt" : {
    "nano" : 916211000,
    "epochSecond" : 1685544434
  },
  "deletedAt" : null,
  "deletedBy" : null
} ]

Get Session Configuration

GET /session-configurations/{id}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

The id of this {@link SessionConfiguration}.

organizationId

String

true

The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids.

identityProviderId

String

true

The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids.

identityId

String

true

The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids.

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deletedBy

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/af973723-7318-4a0a-997f-01c53c5d2cb3' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 527

{
  "id" : "af973723-7318-4a0a-997f-01c53c5d2cb3",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "identityProviderId" : null,
  "identityId" : "189f909e-0835-47dd-a9d9-c40975ae122d",
  "idleSessionTimeoutSeconds" : 123,
  "autoLogoutIdleSession" : true,
  "createdBy" : "d18da0a0-2d86-46ce-9d02-f63a0cded4f8",
  "createdAt" : {
    "nano" : 916211000,
    "epochSecond" : 1685544434
  },
  "updatedAt" : {
    "nano" : 916211000,
    "epochSecond" : 1685544434
  },
  "deletedAt" : null,
  "deletedBy" : null
}

Get Default For Platform

GET /session-configurations/default-platform

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

The id of this {@link SessionConfiguration}.

organizationId

String

true

The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids.

identityProviderId

String

true

The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids.

identityId

String

true

The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids.

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deletedBy

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-platform' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 455

{
  "id" : "1cfebde3-1948-47be-97a4-f770bb411115",
  "organizationId" : null,
  "identityProviderId" : null,
  "identityId" : null,
  "idleSessionTimeoutSeconds" : 321,
  "autoLogoutIdleSession" : true,
  "createdBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "createdAt" : {
    "nano" : 7765000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : {
    "nano" : 7765000,
    "epochSecond" : 1685544435
  },
  "deletedAt" : null,
  "deletedBy" : null
}

Get Default For Organization

GET /session-configurations/default-organization/{organizationId}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

organizationId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

The id of this {@link SessionConfiguration}.

organizationId

String

true

The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids.

identityProviderId

String

true

The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids.

identityId

String

true

The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids.

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deletedBy

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-organization/dba98d2a-1568-40d6-a0f4-c7d8555c3512' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 493

{
  "id" : "a71469d1-9fb1-4dd3-b7f5-63d39b7564ae",
  "organizationId" : "dba98d2a-1568-40d6-a0f4-c7d8555c3512",
  "identityProviderId" : null,
  "identityId" : null,
  "idleSessionTimeoutSeconds" : 100,
  "autoLogoutIdleSession" : true,
  "createdBy" : "f64ec946-8e2d-47b6-9cff-35aef07ab0b2",
  "createdAt" : {
    "nano" : 257074000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : {
    "nano" : 257074000,
    "epochSecond" : 1685544435
  },
  "deletedAt" : null,
  "deletedBy" : null
}

Get Default For Identity Provider

GET /session-configurations/default-identity-provider/{identityProviderId}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

identityProviderId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

The id of this {@link SessionConfiguration}.

organizationId

String

true

The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids.

identityProviderId

String

true

The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids.

identityId

String

true

The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids.

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deletedBy

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity-provider/208dcebd-fe13-48df-87e5-edaafc1bf06d' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 525

{
  "id" : "25bfcf75-fb4d-40f4-b7a5-91eced070b85",
  "organizationId" : "c5a97006-06e9-4e09-a164-07454d65b9f4",
  "identityProviderId" : "208dcebd-fe13-48df-87e5-edaafc1bf06d",
  "identityId" : null,
  "idleSessionTimeoutSeconds" : 200,
  "autoLogoutIdleSession" : true,
  "createdBy" : "0676f2f9-dee8-471d-a15c-00a386c9ac78",
  "createdAt" : {
    "nano" : 97785000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : {
    "nano" : 97785000,
    "epochSecond" : 1685544435
  },
  "deletedAt" : null,
  "deletedBy" : null
}

Get Default For Identity

GET /session-configurations/default-identity/{identityId}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

identityId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

The id of this {@link SessionConfiguration}.

organizationId

String

true

The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids.

identityProviderId

String

true

The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids.

identityId

String

true

The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids.

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deletedBy

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity/32cfe7c2-2641-4643-8e5a-3bd5eed963af' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 527

{
  "id" : "1edc7626-3c8e-4fd6-9bfb-01c9ae87e7f6",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "identityProviderId" : null,
  "identityId" : "32cfe7c2-2641-4643-8e5a-3bd5eed963af",
  "idleSessionTimeoutSeconds" : 123,
  "autoLogoutIdleSession" : true,
  "createdBy" : "9408b1f8-976d-42b3-80b7-850d03975598",
  "createdAt" : {
    "nano" : 963789000,
    "epochSecond" : 1685544434
  },
  "updatedAt" : {
    "nano" : 963789000,
    "epochSecond" : 1685544434
  },
  "deletedAt" : null,
  "deletedBy" : null
}

Set Default For Platform

POST /session-configurations/default-platform

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

Response fields

Path Type Optional Description

id

String

true

The id of this {@link SessionConfiguration}.

organizationId

String

true

The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids.

identityProviderId

String

true

The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids.

identityId

String

true

The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids.

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deletedBy

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-platform' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA' \
    -d '{"idleSessionTimeoutSeconds":321,"autoLogoutIdleSession":true}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 455

{
  "id" : "1cfebde3-1948-47be-97a4-f770bb411115",
  "organizationId" : null,
  "identityProviderId" : null,
  "identityId" : null,
  "idleSessionTimeoutSeconds" : 321,
  "autoLogoutIdleSession" : true,
  "createdBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "createdAt" : {
    "nano" : 7765000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : {
    "nano" : 7765000,
    "epochSecond" : 1685544435
  },
  "deletedAt" : null,
  "deletedBy" : null
}

Set Default For Organization

POST /session-configurations/default-organization/{organizationId}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

organizationId

Object

false

Query parameters

No parameters.

Request fields

Path Type Optional Description

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

Response fields

Path Type Optional Description

id

String

true

The id of this {@link SessionConfiguration}.

organizationId

String

true

The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids.

identityProviderId

String

true

The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids.

identityId

String

true

The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids.

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deletedBy

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-organization/1d0e5ca3-244a-4a25-b0e3-88720efe9120' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA' \
    -d '{"idleSessionTimeoutSeconds":321,"autoLogoutIdleSession":true}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 493

{
  "id" : "979b069d-1f85-40f1-9f54-2af79ad7f922",
  "organizationId" : "1d0e5ca3-244a-4a25-b0e3-88720efe9120",
  "identityProviderId" : null,
  "identityId" : null,
  "idleSessionTimeoutSeconds" : 321,
  "autoLogoutIdleSession" : true,
  "createdBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "createdAt" : {
    "nano" : 293035000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : {
    "nano" : 293035000,
    "epochSecond" : 1685544435
  },
  "deletedAt" : null,
  "deletedBy" : null
}

Set Default For Identity Provider

POST /session-configurations/default-identity-provider/{identityProviderId}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

identityProviderId

Object

false

Query parameters

No parameters.

Request fields

Path Type Optional Description

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

Response fields

Path Type Optional Description

id

String

true

The id of this {@link SessionConfiguration}.

organizationId

String

true

The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids.

identityProviderId

String

true

The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids.

identityId

String

true

The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids.

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deletedBy

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity-provider/b18bbfed-2314-4cb9-b9b4-c51714fcb53f' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA' \
    -d '{"idleSessionTimeoutSeconds":321,"autoLogoutIdleSession":true}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 525

{
  "id" : "ff7f3648-d744-4c36-98ce-2231e79070b5",
  "organizationId" : "5bedbf73-7186-4b26-aa81-cf82e4fc11c0",
  "identityProviderId" : "b18bbfed-2314-4cb9-b9b4-c51714fcb53f",
  "identityId" : null,
  "idleSessionTimeoutSeconds" : 321,
  "autoLogoutIdleSession" : true,
  "createdBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "createdAt" : {
    "nano" : 66982000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : {
    "nano" : 66982000,
    "epochSecond" : 1685544435
  },
  "deletedAt" : null,
  "deletedBy" : null
}

Set Default For Identity

POST /session-configurations/default-identity/{identityId}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

identityId

Object

false

Query parameters

No parameters.

Request fields

Path Type Optional Description

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

Response fields

Path Type Optional Description

id

String

true

The id of this {@link SessionConfiguration}.

organizationId

String

true

The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids.

identityProviderId

String

true

The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids.

identityId

String

true

The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids.

idleSessionTimeoutSeconds

Integer

true

The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout.

autoLogoutIdleSession

Boolean

true

When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time.

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

deletedBy

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity/12c8b4f4-a39e-416d-b45f-62ccfb98520a' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA' \
    -d '{"idleSessionTimeoutSeconds":321,"autoLogoutIdleSession":true}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 527

{
  "id" : "4059b41e-bc0e-463b-8f98-4599288d6aaa",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "identityProviderId" : "12c8b4f4-a39e-416d-b45f-62ccfb98520a",
  "identityId" : null,
  "idleSessionTimeoutSeconds" : 321,
  "autoLogoutIdleSession" : true,
  "createdBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "createdAt" : {
    "nano" : 196543000,
    "epochSecond" : 1685544435
  },
  "updatedAt" : {
    "nano" : 196543000,
    "epochSecond" : 1685544435
  },
  "deletedAt" : null,
  "deletedBy" : null
}

Delete Default For Organization

DELETE /session-configurations/default-organization/{organizationId}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

organizationId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-organization/3fbd9e8f-f03c-42db-b027-de8221496b53' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA'

Example response

HTTP/1.1 204 No Content

Delete Default For Identity Provider

DELETE /session-configurations/default-identity-provider/{identityProviderId}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

identityProviderId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity-provider/1f463dbe-95ed-47d9-9db8-4c597384f3ba' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA'

Example response

HTTP/1.1 204 No Content

Delete Default For Identity

DELETE /session-configurations/default-identity/{identityId}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

identityId

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity/bc6b9063-a1eb-408e-93e2-7d5ea1a38936' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ0a3E1eVV2SzA2bklxZk9JVWRuODNBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM0LCJleHAiOjE2ODU1NDgwMzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Hge6oxe4jG5qXVzjjzeB_ZNv0NoAFMLq5JKXvrdAaoUNLdDfhG4bNfJ6pdbosbVHukYVuHum1c8IM3AY00GU1GNZ8vcT8607fjqzbKUdbHJv6V1VBEEWzhc-KPtxuwbmQ01VN8aS2fHFA80Zg24s5_ZTUiooaML38d4jVWSFqKFJyNWda0xM68urPaAXRNf4X_O3bjVAZOgxCcZbj8LErazMiIOcrrGYT2x5zDfm0WWo1f74EpNaVWVDntnnmVl5DGxw-u2rDnL6aicwmedwaMWMlVPAUISWn_9k_gaE69q2bY432qQHh3MZPj89W-4dB02KquPm4vNenTat9ph_hA'

Example response

HTTP/1.1 204 No Content

API Account Identity

Find Api Account Identities

GET /api-account-identities

Returns a set of {@link ApiAccountIdentity}s that are visible to the requesting client and optionally filtered based on the submitted request parameters. optionally filtered based on the submitted request parameters.

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

tenantId

Object

true

Deprecated..

organizationId

Object

true

Restricts results to Identities in the specified Organization (by Organization’s id.).

name

String

true

contactEmail

String

true

active

Boolean

true

Restricts results to Identities with a matching active status.

includeDeleted

Boolean

true

Default value: 'false'.

provider

String

true

Must be one of [Auth0, Cognito].

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

true

organizationId

String

true

auth0ClientId

String

true

awsCognitoClientId

String

true

authenticationUrl

String

true

The OAuth2 url where a client credentials grant flow should be performed.

name

String

true

contactEmail

String

true

description

String

true

active

Boolean

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

email

String

true

tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

type

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJXdWR1d2xLSGFsUzBMZ3JueFpfOXBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.W8qy3UQgg3D277XgnqYQg4_8DSqbx6_XIwMyTEIchBHb6RdGpRH_rzoBqcsBACjDDEmdLxGCmnF4ygSwtXKEn7NbFZuCP9DpybJtIi2coBzNSSij0n7NaDS0nq8d5NoDQtnx6GFtV6-S-Mbr5-j9jL3pSVZ8NEhPESAiMp1Y8KFfJy-mZU9rBYnGWw-t2_YVoZBim9BOJnvhz0vUxBbvXZUrs5pYQM_uAtBhq_88xalRVYT10X3uEyp1hHsFaoRSDmR2PDCcw4A8JkehCPDNskZeqnpSuGZl2cBAkWkvR1E83xba48caHkZprQTxig7iE6T-lF8eNfo_ePABi4RQiw'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2123

[ {
  "id" : "02c18d1b-b704-4718-bd84-0638a3eab63b",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "auth0ClientId" : null,
  "awsCognitoClientId" : "4163e20b-d590-4ee2-b4e7-5203c9ca8122|uvmchaht",
  "authenticationUrl" : "https://netfoundry-test-iuexnm.auth.us-east-1.amazoncognito.com/oauth2/token",
  "name" : "Testing Limits",
  "contactEmail" : "a@acme.com",
  "description" : "description",
  "active" : true,
  "createdAt" : {
    "nano" : 313917000,
    "epochSecond" : 1685544402
  },
  "updatedAt" : null,
  "deletedAt" : null,
  "email" : "a@acme.com",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "ApiAccountIdentity"
}, {
  "id" : "08876d75-3ca9-45ee-892a-55b915a51aef",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "auth0ClientId" : null,
  "awsCognitoClientId" : "f0edbbd7-aafe-4710-b9af-ab32a35f94e8|cofoxcqo",
  "authenticationUrl" : "https://netfoundry-test-ccgokg.auth.us-east-1.amazoncognito.com/oauth2/token",
  "name" : "Testing Limits",
  "contactEmail" : "a@acme.com",
  "description" : "description",
  "active" : true,
  "createdAt" : {
    "nano" : 588300000,
    "epochSecond" : 1685544427
  },
  "updatedAt" : null,
  "deletedAt" : null,
  "email" : "a@acme.com",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "ApiAccountIdentity"
}, {
  "id" : "0ca69bb4-84fa-4468-9d50-d3bcaa075afa",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "auth0ClientId" : "cce02183-914b-4355-a463-8e55c54c179f",
  "awsCognitoClientId" : "86996692-b8ea-43fa-8cb1-05be568e63c5|uejoycih",
  "authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
  "name" : "ACME Internal Service-53",
  "contactEmail" : "service.admin-54@acme.com",
  "description" : "updatable API Account description-55",
  "active" : true,
  "createdAt" : {
    "nano" : 290216000,
    "epochSecond" : 1685544398
  },
  "updatedAt" : {
    "nano" : 654988000,
    "epochSecond" : 1685544400
  },
  "deletedAt" : null,
  "email" : "service.admin-54@acme.com",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "ApiAccountIdentity"
} ]

Get Api Account Identity

GET /api-account-identities/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}

Get an API Account Identity by its id.

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

The id of the desired Identity.

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

auth0ClientId

String

true

awsCognitoClientId

String

true

authenticationUrl

String

true

The OAuth2 url where a client credentials grant flow should be performed.

name

String

true

contactEmail

String

true

description

String

true

active

Boolean

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

email

String

true

tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

type

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/1d53fc48-5a7a-4343-8c38-4812744447c6' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJXdWR1d2xLSGFsUzBMZ3JueFpfOXBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.W8qy3UQgg3D277XgnqYQg4_8DSqbx6_XIwMyTEIchBHb6RdGpRH_rzoBqcsBACjDDEmdLxGCmnF4ygSwtXKEn7NbFZuCP9DpybJtIi2coBzNSSij0n7NaDS0nq8d5NoDQtnx6GFtV6-S-Mbr5-j9jL3pSVZ8NEhPESAiMp1Y8KFfJy-mZU9rBYnGWw-t2_YVoZBim9BOJnvhz0vUxBbvXZUrs5pYQM_uAtBhq_88xalRVYT10X3uEyp1hHsFaoRSDmR2PDCcw4A8JkehCPDNskZeqnpSuGZl2cBAkWkvR1E83xba48caHkZprQTxig7iE6T-lF8eNfo_ePABi4RQiw'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 718

{
  "id" : "1d53fc48-5a7a-4343-8c38-4812744447c6",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "auth0ClientId" : "a5a0bc59-574b-4b4c-9211-fc143f516ec5",
  "awsCognitoClientId" : null,
  "authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
  "name" : "api-account",
  "contactEmail" : "no-reply@acme.com",
  "description" : "This is an ACME non-interactive API client.",
  "active" : true,
  "createdAt" : {
    "nano" : 774587000,
    "epochSecond" : 1685544395
  },
  "updatedAt" : {
    "nano" : 652801000,
    "epochSecond" : 1685544400
  },
  "deletedAt" : null,
  "email" : "no-reply@acme.com",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "ApiAccountIdentity"
}

Get Api Account Identity By Mapping

GET /api-account-identities/mapping/{clientId}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

clientId

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

auth0ClientId

String

true

awsCognitoClientId

String

true

authenticationUrl

String

true

The OAuth2 url where a client credentials grant flow should be performed.

name

String

true

contactEmail

String

true

description

String

true

active

Boolean

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

email

String

true

tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

type

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/mapping/90081277-149b-4cab-8129-cb38e1ce354b' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJXdWR1d2xLSGFsUzBMZ3JueFpfOXBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.W8qy3UQgg3D277XgnqYQg4_8DSqbx6_XIwMyTEIchBHb6RdGpRH_rzoBqcsBACjDDEmdLxGCmnF4ygSwtXKEn7NbFZuCP9DpybJtIi2coBzNSSij0n7NaDS0nq8d5NoDQtnx6GFtV6-S-Mbr5-j9jL3pSVZ8NEhPESAiMp1Y8KFfJy-mZU9rBYnGWw-t2_YVoZBim9BOJnvhz0vUxBbvXZUrs5pYQM_uAtBhq_88xalRVYT10X3uEyp1hHsFaoRSDmR2PDCcw4A8JkehCPDNskZeqnpSuGZl2cBAkWkvR1E83xba48caHkZprQTxig7iE6T-lF8eNfo_ePABi4RQiw'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 688

{
  "id" : "14b3e51d-98df-432c-9e78-c8766910abf6",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "auth0ClientId" : "90081277-149b-4cab-8129-cb38e1ce354b",
  "awsCognitoClientId" : null,
  "authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
  "name" : "ACME Internal Service-148",
  "contactEmail" : "service.admin-149@acme.com",
  "description" : "updatable API Account description-150",
  "active" : true,
  "createdAt" : {
    "nano" : 805311000,
    "epochSecond" : 1685544434
  },
  "updatedAt" : null,
  "deletedAt" : null,
  "email" : "service.admin-149@acme.com",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "ApiAccountIdentity"
}

Create Api Account Identity

POST /api-account-identities

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

organizationId

String

true

The id of the Organization within which this API Account should be created.

name

String

true

The user friendly name to assign to the API Account Identity. This value is for ease of administration.

contactEmail

String

true

An arbitrary email address to associate to the API Account Identity. This value is mainly for administrative purposes, to provide a point of contact for someone that presumably is knowledgeable about the usage of this API Account Identity.

description

String

true

A free form description.

grantDefaultRoles

Boolean

true

Optional flag that when true will result in the API Account Identity being granted the 'default' roles (Organization and Network Group Admin, at this time.) When false, no authorization, roles or otherwise, will be configured, and it is assumed that the caller has permission to manage permissions of this API Account Identity after the fact. This defaults to true if not specified in the request.

provider

String

true

The authorization provider that should be used. Either Auth0 or Cognito. Auth0 is deprecated, and Cognito should be used moving forward. Support for Auth0 will be dropped at a future point in time.

Must be one of [Auth0, Cognito].

Response fields

Path Type Optional Description

apiAccountIdentity

Object

true

apiAccountIdentity.id

String

true

apiAccountIdentity.organizationId

String

true

apiAccountIdentity.auth0ClientId

String

true

apiAccountIdentity.awsCognitoClientId

String

true

apiAccountIdentity.authenticationUrl

String

true

The OAuth2 url where a client credentials grant flow should be performed.

apiAccountIdentity.name

String

true

apiAccountIdentity.contactEmail

String

true

apiAccountIdentity.description

String

true

apiAccountIdentity.active

Boolean

true

apiAccountIdentity.createdAt

Object

true

apiAccountIdentity.updatedAt

Object

true

apiAccountIdentity.deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

apiAccountIdentity.email

String

true

apiAccountIdentity.tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

apiAccountIdentity.type

String

true

clientId

String

true

The OAuth2 client id which must be passed to the OAuth2 provider at the specified authenticationUrl.

password

String

true

The OAuth2 client secret which must be passed to the OAuth2 provider at the specified authenticationUrl.

authenticationUrl

String

true

The url where the created client should authenticate, using a standard OAuth2 Client Credentials Grant Flow.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJXdWR1d2xLSGFsUzBMZ3JueFpfOXBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.W8qy3UQgg3D277XgnqYQg4_8DSqbx6_XIwMyTEIchBHb6RdGpRH_rzoBqcsBACjDDEmdLxGCmnF4ygSwtXKEn7NbFZuCP9DpybJtIi2coBzNSSij0n7NaDS0nq8d5NoDQtnx6GFtV6-S-Mbr5-j9jL3pSVZ8NEhPESAiMp1Y8KFfJy-mZU9rBYnGWw-t2_YVoZBim9BOJnvhz0vUxBbvXZUrs5pYQM_uAtBhq_88xalRVYT10X3uEyp1hHsFaoRSDmR2PDCcw4A8JkehCPDNskZeqnpSuGZl2cBAkWkvR1E83xba48caHkZprQTxig7iE6T-lF8eNfo_ePABi4RQiw' \
    -d '{"organizationId":"3fbd9e8f-f03c-42db-b027-de8221496b53","name":"HR Bridge Service","contactEmail":"hr.director@acme.com","description":"description goes here","grantDefaultRoles":true,"provider":"Cognito"}'

Example response

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 940

{
  "apiAccountIdentity" : {
    "id" : "547daf9f-bd12-4b02-9daf-81e5034fb3fa",
    "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
    "auth0ClientId" : null,
    "awsCognitoClientId" : "86996692-b8ea-43fa-8cb1-05be568e63c5|mdtconbk",
    "authenticationUrl" : "https://netfoundry-test-eanvjw.auth.us-east-1.amazoncognito.com/oauth2/token",
    "name" : "HR Bridge Service",
    "contactEmail" : "hr.director@acme.com",
    "description" : "description goes here",
    "active" : true,
    "createdAt" : {
      "nano" : 943660000,
      "epochSecond" : 1685544400
    },
    "updatedAt" : null,
    "deletedAt" : null,
    "email" : "hr.director@acme.com",
    "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
    "type" : "ApiAccountIdentity"
  },
  "clientId" : "mdtconbk",
  "password" : "axqkcrwgvkydfpavhatidcyd",
  "authenticationUrl" : "https://netfoundry-test-eanvjw.auth.us-east-1.amazoncognito.com/oauth2/token"
}

Update Identity Info

PUT /api-account-identities/{id}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

Path Type Optional Description

name

String

true

contactEmail

String

true

description

String

true

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

auth0ClientId

String

true

awsCognitoClientId

String

true

authenticationUrl

String

true

The OAuth2 url where a client credentials grant flow should be performed.

name

String

true

contactEmail

String

true

description

String

true

active

Boolean

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

email

String

true

tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

type

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/4774462f-35bc-4656-81b9-d99104d5abcd' -i -X PUT \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJXdWR1d2xLSGFsUzBMZ3JueFpfOXBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.W8qy3UQgg3D277XgnqYQg4_8DSqbx6_XIwMyTEIchBHb6RdGpRH_rzoBqcsBACjDDEmdLxGCmnF4ygSwtXKEn7NbFZuCP9DpybJtIi2coBzNSSij0n7NaDS0nq8d5NoDQtnx6GFtV6-S-Mbr5-j9jL3pSVZ8NEhPESAiMp1Y8KFfJy-mZU9rBYnGWw-t2_YVoZBim9BOJnvhz0vUxBbvXZUrs5pYQM_uAtBhq_88xalRVYT10X3uEyp1hHsFaoRSDmR2PDCcw4A8JkehCPDNskZeqnpSuGZl2cBAkWkvR1E83xba48caHkZprQTxig7iE6T-lF8eNfo_ePABi4RQiw' \
    -d '{"name":"Robot","contactEmail":"robot@acme.com","description":"description here."}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 680

{
  "id" : "4774462f-35bc-4656-81b9-d99104d5abcd",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "auth0ClientId" : "2c5575da-bd5a-4d6c-9c40-cbb512574e23",
  "awsCognitoClientId" : null,
  "authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
  "name" : "Robot",
  "contactEmail" : "robot@acme.com",
  "description" : "description here.",
  "active" : true,
  "createdAt" : {
    "nano" : 531420000,
    "epochSecond" : 1685544400
  },
  "updatedAt" : {
    "nano" : 555186000,
    "epochSecond" : 1685544400
  },
  "deletedAt" : null,
  "email" : "robot@acme.com",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "ApiAccountIdentity"
}

Activate Or Deactivate Api Account Identity

PUT /api-account-identities/{id}/{action:activate|deactivate}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

action

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

auth0ClientId

String

true

awsCognitoClientId

String

true

authenticationUrl

String

true

The OAuth2 url where a client credentials grant flow should be performed.

name

String

true

contactEmail

String

true

description

String

true

active

Boolean

true

createdAt

Object

true

updatedAt

Object

true

deletedAt

Object

true

Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested.

email

String

true

tenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId().

Returns the id of the {@link Organization} that this identity is a member of.

type

String

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/158d24e8-b194-4736-85e3-2a7fc775a4db/deactivate' -i -X PUT \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJXdWR1d2xLSGFsUzBMZ3JueFpfOXBBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDAwLCJleHAiOjE2ODU1NDgwMDAsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.W8qy3UQgg3D277XgnqYQg4_8DSqbx6_XIwMyTEIchBHb6RdGpRH_rzoBqcsBACjDDEmdLxGCmnF4ygSwtXKEn7NbFZuCP9DpybJtIi2coBzNSSij0n7NaDS0nq8d5NoDQtnx6GFtV6-S-Mbr5-j9jL3pSVZ8NEhPESAiMp1Y8KFfJy-mZU9rBYnGWw-t2_YVoZBim9BOJnvhz0vUxBbvXZUrs5pYQM_uAtBhq_88xalRVYT10X3uEyp1hHsFaoRSDmR2PDCcw4A8JkehCPDNskZeqnpSuGZl2cBAkWkvR1E83xba48caHkZprQTxig7iE6T-lF8eNfo_ePABi4RQiw'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 745

{
  "id" : "158d24e8-b194-4736-85e3-2a7fc775a4db",
  "organizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "auth0ClientId" : "45e7c12d-7073-44ac-bd83-596927e203d3",
  "awsCognitoClientId" : null,
  "authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
  "name" : "ACME Internal Service-142",
  "contactEmail" : "service.admin-143@acme.com",
  "description" : "updatable API Account description-144",
  "active" : false,
  "createdAt" : {
    "nano" : 723417000,
    "epochSecond" : 1685544434
  },
  "updatedAt" : {
    "nano" : 734728000,
    "epochSecond" : 1685544434
  },
  "deletedAt" : null,
  "email" : "service.admin-143@acme.com",
  "tenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "type" : "ApiAccountIdentity"
}

Invitation

Find Invitations

GET /invitations

Returns a set of Invitation instances based on the optional query parameters. The results will be constrained to the invitations that the client has authorization to view. Results may be further constrained by the setting any combination of query parameter values, which will logically AND’d together to form a filter for matching invitations. The states query parameter, unlike others, supports multiple values. For example, to retrieve a list of active invitations, specify states=Open,Declined,Expired.

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Parameter Type Optional Description

fromIdentityId

Object

true

The id of the identity that created the target invitation(s).

toTenantId

Object

true

Deprecated..

toOrganizationId

Object

true

The id of the organization that the resulting invitations are inviting into.

invitedEmailAddress

String

true

A full (no partial match support) email address to match against.

targetIdentityId

Object

true

The id of the identity that the invitation will/has assumed.

states

Object

true

One or more ,{@link State}, names to restrict the invitations returned.

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

true

fromIdentityId

String

true

toOrganizationId

String

true

invitedEmailAddress

String

true

expiration

Object

true

targetUserIdentityId

String

true

Optional. The identity id that the invited party will be mapped to should they accept the invite.

accepted

Boolean

true

revokedAt

Object

true

The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken.

responseReceivedAt

Object

true

The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation.

state

String

true

toTenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId().

Returns the id of the {@link Organization} that the recipient is being invited to join.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/invitations' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI1Zm9hRkV0MXNmcFBrRGJtdTh6Vmp3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCJmNmJhYjI4MS0yYTE4LTRlMjYtYWNhYy1hYWQ5Y2Q2OGQ0ZmJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3N2VhNjY3OS0wMTJiLTRjZTEtOTY0MS02NTJmOGM3YzRhY2ZcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.dB4ui5iKuD8TvJNi0HaZ16bdH-Sq4joy6y_ppGLmvunbb-mqVZOKOXjC75JgNayY5PfHQkFrKQ5c21BS0SFDWU0l9QBiuA4Isbxm2n4PtZiKvCQBiyv3eDjmrmv9SV4EoWPyIAhUpne2w2hTHXqE_g9TtDOFXnOU4uCZqbogCiMwOWpfBsNvk6bQa5MRiC_65NQ3juGF_-HeedPd83bhpFXLJVEa-BBuZAL1uHMfPbtQN2ASXC97eT9U5jSBQpQGzF2Sb62vVIT2pcpntXgN5kWySsME77vLwD_uKq654hqCPyOHwTxNUrUAbqsVmqYRGhNQmrraGG9RQk4L9FTB2A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1646

[ {
  "id" : "261795a0-82af-42e6-9ef5-0b55b26c9e13",
  "fromIdentityId" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b",
  "toOrganizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "invitedEmailAddress" : "new.employee-12@acme.com",
  "expiration" : {
    "nano" : 851342000,
    "epochSecond" : 1686149195
  },
  "targetUserIdentityId" : "80a728c4-a462-4dc5-b9a6-31b159ae92f5",
  "accepted" : false,
  "revokedAt" : null,
  "responseReceivedAt" : {
    "nano" : 855976000,
    "epochSecond" : 1685544395
  },
  "state" : "Declined",
  "toTenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53"
}, {
  "id" : "6d2c2d5d-c9ea-49de-ad04-d7eca0a19b7b",
  "fromIdentityId" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b",
  "toOrganizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "invitedEmailAddress" : "new.employee-9@acme.com",
  "expiration" : {
    "nano" : 780077000,
    "epochSecond" : 1686149195
  },
  "targetUserIdentityId" : "4b068667-b0df-4ef2-af9c-7b8f7d444fea",
  "accepted" : null,
  "revokedAt" : null,
  "responseReceivedAt" : null,
  "state" : "Open",
  "toTenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53"
}, {
  "id" : "9e8101b8-49d7-4e1e-abb8-d6ee30a84a0d",
  "fromIdentityId" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b",
  "toOrganizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "invitedEmailAddress" : "new.employee-15@acme.com",
  "expiration" : {
    "nano" : 913081000,
    "epochSecond" : 1686149195
  },
  "targetUserIdentityId" : "424f6ddf-511d-4d32-97f8-92f6b14118fb",
  "accepted" : null,
  "revokedAt" : null,
  "responseReceivedAt" : null,
  "state" : "Open",
  "toTenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53"
} ]

Get Invitation By Id

GET /invitations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

fromIdentityId

String

true

toOrganizationId

String

true

invitedEmailAddress

String

true

expiration

Object

true

targetUserIdentityId

String

true

Optional. The identity id that the invited party will be mapped to should they accept the invite.

accepted

Boolean

true

revokedAt

Object

true

The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken.

responseReceivedAt

Object

true

The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation.

state

String

true

toTenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId().

Returns the id of the {@link Organization} that the recipient is being invited to join.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/3ae99f59-0935-4fe0-a5ee-6a8d47ce5226' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI1Zm9hRkV0MXNmcFBrRGJtdTh6Vmp3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCJmNmJhYjI4MS0yYTE4LTRlMjYtYWNhYy1hYWQ5Y2Q2OGQ0ZmJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3N2VhNjY3OS0wMTJiLTRjZTEtOTY0MS02NTJmOGM3YzRhY2ZcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.dB4ui5iKuD8TvJNi0HaZ16bdH-Sq4joy6y_ppGLmvunbb-mqVZOKOXjC75JgNayY5PfHQkFrKQ5c21BS0SFDWU0l9QBiuA4Isbxm2n4PtZiKvCQBiyv3eDjmrmv9SV4EoWPyIAhUpne2w2hTHXqE_g9TtDOFXnOU4uCZqbogCiMwOWpfBsNvk6bQa5MRiC_65NQ3juGF_-HeedPd83bhpFXLJVEa-BBuZAL1uHMfPbtQN2ASXC97eT9U5jSBQpQGzF2Sb62vVIT2pcpntXgN5kWySsME77vLwD_uKq654hqCPyOHwTxNUrUAbqsVmqYRGhNQmrraGG9RQk4L9FTB2A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 527

{
  "id" : "3ae99f59-0935-4fe0-a5ee-6a8d47ce5226",
  "fromIdentityId" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b",
  "toOrganizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "invitedEmailAddress" : "new.employee-193@acme.com",
  "expiration" : {
    "nano" : 811969000,
    "epochSecond" : 1686149235
  },
  "targetUserIdentityId" : "b65a8e46-7c7d-4063-a031-8964732658e2",
  "accepted" : null,
  "revokedAt" : null,
  "responseReceivedAt" : null,
  "state" : "Open",
  "toTenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53"
}

Create Invitation

POST /invitations

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

toOrganizationId

String

true

invitedEmailAddress

String

true

invitationUrl

String

true

targetUserIdentityId

String

true

Response fields

Path Type Optional Description

id

String

true

fromIdentityId

String

true

toOrganizationId

String

true

invitedEmailAddress

String

true

expiration

Object

true

targetUserIdentityId

String

true

Optional. The identity id that the invited party will be mapped to should they accept the invite.

accepted

Boolean

true

revokedAt

Object

true

The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken.

responseReceivedAt

Object

true

The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation.

state

String

true

toTenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId().

Returns the id of the {@link Organization} that the recipient is being invited to join.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/invitations' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI1Zm9hRkV0MXNmcFBrRGJtdTh6Vmp3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCJmNmJhYjI4MS0yYTE4LTRlMjYtYWNhYy1hYWQ5Y2Q2OGQ0ZmJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3N2VhNjY3OS0wMTJiLTRjZTEtOTY0MS02NTJmOGM3YzRhY2ZcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.dB4ui5iKuD8TvJNi0HaZ16bdH-Sq4joy6y_ppGLmvunbb-mqVZOKOXjC75JgNayY5PfHQkFrKQ5c21BS0SFDWU0l9QBiuA4Isbxm2n4PtZiKvCQBiyv3eDjmrmv9SV4EoWPyIAhUpne2w2hTHXqE_g9TtDOFXnOU4uCZqbogCiMwOWpfBsNvk6bQa5MRiC_65NQ3juGF_-HeedPd83bhpFXLJVEa-BBuZAL1uHMfPbtQN2ASXC97eT9U5jSBQpQGzF2Sb62vVIT2pcpntXgN5kWySsME77vLwD_uKq654hqCPyOHwTxNUrUAbqsVmqYRGhNQmrraGG9RQk4L9FTB2A' \
    -d '{"toOrganizationId":"3fbd9e8f-f03c-42db-b027-de8221496b53","invitedEmailAddress":"new.employee@acme.com","invitationUrl":"http://acme.console.netfoundry.io/invitation","targetUserIdentityId":"1302e5a5-4c27-4f9b-8f10-66707c09ff52"}'

Example response

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 523

{
  "id" : "c72bbdcf-acec-4c32-9e46-679a1e442e60",
  "fromIdentityId" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "toOrganizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "invitedEmailAddress" : "new.employee@acme.com",
  "expiration" : {
    "nano" : 719545000,
    "epochSecond" : 1686149235
  },
  "targetUserIdentityId" : "1302e5a5-4c27-4f9b-8f10-66707c09ff52",
  "accepted" : null,
  "revokedAt" : null,
  "responseReceivedAt" : null,
  "state" : "Open",
  "toTenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53"
}

Respond To Invitation

PUT /invitations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}/{action:accept|decline}

This is not the typical way to accept or decline an invitation. See {@link InvitationFlowController}. This service is a straight update of the Invitation. It does not map the calling user, nor any other related activity. It simply updates the state of the Invitation.

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

action

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

fromIdentityId

String

true

toOrganizationId

String

true

invitedEmailAddress

String

true

expiration

Object

true

targetUserIdentityId

String

true

Optional. The identity id that the invited party will be mapped to should they accept the invite.

accepted

Boolean

true

revokedAt

Object

true

The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken.

responseReceivedAt

Object

true

The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation.

state

String

true

toTenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId().

Returns the id of the {@link Organization} that the recipient is being invited to join.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/1d7fd049-51a0-47a0-8702-f666c164dc67/decline' -i -X PUT \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI1Zm9hRkV0MXNmcFBrRGJtdTh6Vmp3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCJmNmJhYjI4MS0yYTE4LTRlMjYtYWNhYy1hYWQ5Y2Q2OGQ0ZmJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3N2VhNjY3OS0wMTJiLTRjZTEtOTY0MS02NTJmOGM3YzRhY2ZcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.dB4ui5iKuD8TvJNi0HaZ16bdH-Sq4joy6y_ppGLmvunbb-mqVZOKOXjC75JgNayY5PfHQkFrKQ5c21BS0SFDWU0l9QBiuA4Isbxm2n4PtZiKvCQBiyv3eDjmrmv9SV4EoWPyIAhUpne2w2hTHXqE_g9TtDOFXnOU4uCZqbogCiMwOWpfBsNvk6bQa5MRiC_65NQ3juGF_-HeedPd83bhpFXLJVEa-BBuZAL1uHMfPbtQN2ASXC97eT9U5jSBQpQGzF2Sb62vVIT2pcpntXgN5kWySsME77vLwD_uKq654hqCPyOHwTxNUrUAbqsVmqYRGhNQmrraGG9RQk4L9FTB2A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 588

{
  "id" : "1d7fd049-51a0-47a0-8702-f666c164dc67",
  "fromIdentityId" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b",
  "toOrganizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "invitedEmailAddress" : "new.employee-190@acme.com",
  "expiration" : {
    "nano" : 787551000,
    "epochSecond" : 1686149235
  },
  "targetUserIdentityId" : "d9da2124-8236-4848-883f-2b872b907476",
  "accepted" : false,
  "revokedAt" : null,
  "responseReceivedAt" : {
    "nano" : 794127000,
    "epochSecond" : 1685544435
  },
  "state" : "Declined",
  "toTenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53"
}

Revoke Invitation

PUT /invitations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}/revoke

This service will revoke the specified invitation if it is in a state that permits revoke.

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

fromIdentityId

String

true

toOrganizationId

String

true

invitedEmailAddress

String

true

expiration

Object

true

targetUserIdentityId

String

true

Optional. The identity id that the invited party will be mapped to should they accept the invite.

accepted

Boolean

true

revokedAt

Object

true

The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken.

responseReceivedAt

Object

true

The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation.

state

String

true

toTenantId

String

true

Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId().

Returns the id of the {@link Organization} that the recipient is being invited to join.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/7c9cf1c2-6f41-41c9-a574-8401b0829587/revoke' -i -X PUT \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiI1Zm9hRkV0MXNmcFBrRGJtdTh6Vmp3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0NDM1LCJleHAiOjE2ODU1NDgwMzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI2YTE2OTc4OS04MDY0LTRhM2UtYjI1MC05MzE0N2YxZTg4MzVcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCJmNmJhYjI4MS0yYTE4LTRlMjYtYWNhYy1hYWQ5Y2Q2OGQ0ZmJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJjNDRlMzg4NS1kZWIxLTRiNjItYThkZC1lNzg4MGE4ZmIwZDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MDB9LHtcImlkXCI6XCI0M2U2MzY4MS05ZWNjLTRkNzUtYmIxOC03OThhZjk2ZmIzNjBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3N2VhNjY3OS0wMTJiLTRjZTEtOTY0MS02NTJmOGM3YzRhY2ZcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzV9LHtcImlkXCI6XCI1OTE2ZWY3OC05ZDFhLTQ1MWUtOWI0MC1lZWJlMzgzNjM2OGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQ0MzR9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.dB4ui5iKuD8TvJNi0HaZ16bdH-Sq4joy6y_ppGLmvunbb-mqVZOKOXjC75JgNayY5PfHQkFrKQ5c21BS0SFDWU0l9QBiuA4Isbxm2n4PtZiKvCQBiyv3eDjmrmv9SV4EoWPyIAhUpne2w2hTHXqE_g9TtDOFXnOU4uCZqbogCiMwOWpfBsNvk6bQa5MRiC_65NQ3juGF_-HeedPd83bhpFXLJVEa-BBuZAL1uHMfPbtQN2ASXC97eT9U5jSBQpQGzF2Sb62vVIT2pcpntXgN5kWySsME77vLwD_uKq654hqCPyOHwTxNUrUAbqsVmqYRGhNQmrraGG9RQk4L9FTB2A'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 642

{
  "id" : "7c9cf1c2-6f41-41c9-a574-8401b0829587",
  "fromIdentityId" : "62c31f2f-7da3-4ae5-9e51-9b24dd3e6c4b",
  "toOrganizationId" : "3fbd9e8f-f03c-42db-b027-de8221496b53",
  "invitedEmailAddress" : "new.employee-196@acme.com",
  "expiration" : {
    "nano" : 835257000,
    "epochSecond" : 1686149235
  },
  "targetUserIdentityId" : "62fbccd4-fd69-4758-946b-c4d22257c86d",
  "accepted" : null,
  "revokedAt" : {
    "nano" : 841654000,
    "epochSecond" : 1685544435
  },
  "responseReceivedAt" : {
    "nano" : 841655000,
    "epochSecond" : 1685544435
  },
  "state" : "Revoked",
  "toTenantId" : "3fbd9e8f-f03c-42db-b027-de8221496b53"
}

Support

Create Support Request

POST /nfconsole/support/requests

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

name

String

true

The name of the user. This is a required value if the request is submitted by a client that is not currently authenticated. In this unauthenticated case, this name is used in the support request ticket that is created. If the request comes from an authenticated client, then this property should be ignored (not sent), as the API will overwrite it with the name of the authenticated identity.

email

String

true

The email of the user. This is a required value if the request is submitted by a client that is not currently authenticated. In this unauthenticated case, this email is used in the support request ticket that is created. If the request comes from an authenticated client, then this property should be ignored (not sent), as the API will overwrite it with the email of the authenticated identity.

selectedOrganizationId

String

true

The id of an organization which the current user has selected as his working context at the time that this support request is being generated. This value may be null in most cases as it only applies to users with access to more than one organization. This value is ignored if the support request comes from a user that is not logged in.

selectedNetworkId

String

true

The id of a network which the current user has selected as his working context at the time that this support request is being generated. This value may be null, particularly if the client is submitting the support request from a context that is not network specific. However, if the user is working in a context (ie, a 'page' that lists AppWans) that is network specific, then this value can help support agents when reviewing the support request. This value is ignored if the support request comes from a user that is not logged in.

subject

String

true

The support request subject. This value is required and can not be empty.

comment

String

true

The support request message. This value is required and can not be empty.

type

String

true

The type of the support request. If not specified, the type will default to "question".

Must be one of [problem, incident, question, task].

priority

String

true

The priority of the support request. If not specified, the type will default to "normal".

Must be one of [urgent, high, normal, low].

severity

String

true

The Severity of the support request. Severity 1, 2, 3 If not specificed: default to "Severity3".

Must be one of [Severity1, Severity2, Severity3].

recentErrorMessages

Array[String]

true

An optional list of error messages received from the API by the client. These should be in order from most recent to oldest. These provide contextual information for the agent handling the support request. These are not required, but clients are encouraged to track and supply such error messages to aid in support. Note, an interactive user (ie human) should not provide this information; it should be tracked and added by the client agent on their behalf.

Response fields

No response body.

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/nfconsole/support/requests' -i -X POST \
    -H 'Content-Type: application/json' \
    -d '{"name":"Curious George","email":"george@curious-client.com","selectedOrganizationId":null,"selectedNetworkId":null,"subject":"Sales Contact Request","comment":"This looks great!  I'd like a sales rep to contact me.","type":"question","priority":"high","severity":"Severity3","recentErrorMessages":null}'

Example response

HTTP/1.1 200 OK

Invitation Flow

Get Invitation By Key

GET /invitations/key/{key:[\p{Alnum}]{36}}

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

key

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

fromIdentity

Object

true

fromIdentity.name

String

true

fromIdentity.email

String

true

targetIdentity

Object

true

targetIdentity.name

String

true

targetIdentity.email

String

true

invitedEmailAddress

String

true

toOrganizationName

String

true

toOrganizationLabel

String

true

expiration

Object

true

accepted

Boolean

true

state

String

true

Must be one of [Open, Accepted, Declined, Expired, Revoked].

toTenantName

String

true

Deprecated..

toTenantLabel

String

true

Deprecated..

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/key/MvITj9jXWeUpz6GoVe3J3nUA6c4EedZn2mzW' -i -X GET

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 517

{
  "fromIdentity" : {
    "name" : "John Doe",
    "email" : "john.doe@acme.com"
  },
  "targetIdentity" : {
    "name" : "First Last",
    "email" : "random-13@acme.com"
  },
  "invitedEmailAddress" : "new.employee-15@acme.com",
  "toOrganizationName" : "ACME International, Inc.",
  "toOrganizationLabel" : "ACME-0",
  "expiration" : {
    "nano" : 913081000,
    "epochSecond" : 1686149195
  },
  "accepted" : null,
  "state" : "Open",
  "toTenantName" : "ACME International, Inc.",
  "toTenantLabel" : "ACME-0"
}

Decline Invitation

PUT /invitations/key/{key:[\p{Alnum}]{36}}/decline

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

key

String

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

fromIdentity

Object

true

fromIdentity.name

String

true

fromIdentity.email

String

true

targetIdentity

Object

true

targetIdentity.name

String

true

targetIdentity.email

String

true

invitedEmailAddress

String

true

toOrganizationName

String

true

toOrganizationLabel

String

true

expiration

Object

true

accepted

Boolean

true

state

String

true

Must be one of [Open, Accepted, Declined, Expired, Revoked].

toTenantName

String

true

Deprecated..

toTenantLabel

String

true

Deprecated..

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/key/9PQW8JC4EwJvZTIGKLef1ze1Q8vieL1Zwigj/decline' -i -X PUT

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 522

{
  "fromIdentity" : {
    "name" : "John Doe",
    "email" : "john.doe@acme.com"
  },
  "targetIdentity" : {
    "name" : "First Last",
    "email" : "random-10@acme.com"
  },
  "invitedEmailAddress" : "new.employee-12@acme.com",
  "toOrganizationName" : "ACME International, Inc.",
  "toOrganizationLabel" : "ACME-0",
  "expiration" : {
    "nano" : 851342000,
    "epochSecond" : 1686149195
  },
  "accepted" : false,
  "state" : "Declined",
  "toTenantName" : "ACME International, Inc.",
  "toTenantLabel" : "ACME-0"
}

Initiate Accept Invitation

POST /invitations/key/{key:[\p{Alnum}]{36}}/accept-initiate

Authorization

Authorization not required for this request.

Path parameters

Parameter Type Optional Description

key

String

false

Query parameters

No parameters.

Request fields

Path Type Optional Description

intermediateReturnUrl

String

true

Response fields

Path Type Optional Description

nfToken

String

true

auth0ConnectionIds

Array[String]

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/key/V6Oi0NtFX5oMGUs0ssi9bQC7s2j6NnvI8pYi/accept-initiate' -i -X POST \
    -H 'Content-Type: application/json' \
    -d '{"intermediateReturnUrl":"http://console.nfadmin.netfoundry.io/invitation"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 981

{
  "nfToken" : "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdXRoMENvbm5lY3Rpb25JZHMiOlsiYXV0aDAtb3BhcXVlLWNvbm5lY3Rpb25JZC0xIiwiYXV0aDAtb3BhcXVlLWNvbm5lY3Rpb25JZC0yIl0sImF1ZCI6Imh0dHBzOi8vbmV0Zm91bmRyeS1zYW5kYm94LmF1dGgwLmNvbS8iLCJyZWRpcmVjdFVybCI6Imh0dHA6Ly9jb25zb2xlLm5mYWRtaW4ubmV0Zm91bmRyeS5pby9pbnZpdGF0aW9uIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2lkZW50aXR5L3YxIiwidGVuYW50TGFiZWwiOiJBQ01FLTAiLCJpbnZpdGF0aW9uSWQiOiI2ZDJjMmQ1ZC1jOWVhLTQ5ZGUtYWQwNC1kN2VjYTBhMTliN2IiLCJleHAiOjE2ODU1NDUyOTUsImlhdCI6MTY4NTU0NDM5NSwiZmxvdyI6Imludml0YXRpb24ifQ.mHoCb6ZLKtq9gvsBpeg3HERDR7ab_9nDA0mOCRPZPT0sqxumLSdBB_96JhcnT9isuoC56JHu94Ozr4ZxAXe5FQcwjVvFoaiYHH90osipDJ1IpX97nZmzbcfIIO7aEaCXlkczYDMGNSyx2t6P7lTwAyCTIZJXXUYLLfCx4p8-LGwmZ-HU6ewAYMJEjDWzOQrfSvQBWeDHPdXrptyt19iIi2z1KO6FJ_8ESavx1-e4vywctOgwdhwm-33jHVni8Eob638G8TCqa8xUxe5D8qulMeBbQFjhHa7Wh-1YAZZIt_llBWh53d7pB7bl9AObsWpkp-xQ5qtqba_T6g8GECNs7A",
  "auth0ConnectionIds" : [ "auth0-opaque-connectionId-1", "auth0-opaque-connectionId-2" ]
}

Login Flow

Initiate Interactive Authorization

POST /organizations/authorize-initiate

Authorization

Authorization not required for this request.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

label

String

true

intermediateReturnUrl

String

true

Response fields

Path Type Optional Description

nfToken

String

true

auth0ConnectionIds

Array[String]

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/authorize-initiate' -i -X POST \
    -H 'Content-Type: application/json' \
    -d '{"label":"ACME-0","intermediateReturnUrl":"http://console.nfadmin.netfoundry.io/invitation"}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 902

{
  "nfToken" : "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdXRoMENvbm5lY3Rpb25JZHMiOlsiYXV0aDAtb3BhcXVlLWNvbm5lY3Rpb25JZC0xIiwiYXV0aDAtb3BhcXVlLWNvbm5lY3Rpb25JZC0yIl0sImF1ZCI6Imh0dHBzOi8vbmV0Zm91bmRyeS1zYW5kYm94LmF1dGgwLmNvbS8iLCJyZWRpcmVjdFVybCI6Imh0dHA6Ly9jb25zb2xlLm5mYWRtaW4ubmV0Zm91bmRyeS5pby9pbnZpdGF0aW9uIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2lkZW50aXR5L3YxIiwidGVuYW50TGFiZWwiOiJBQ01FLTAiLCJleHAiOjE2ODU1NDUyOTgsImlhdCI6MTY4NTU0NDM5OCwiZmxvdyI6ImxvZ2luIn0.XPsJUGRT7GyLY9kFflQ1JlOpwk9xqd5E_LVTQe5Aa03WKPNtij_DvEHSGxGwAW0SrkYKDk-pS0Vpn0hNDnWxQT3tORjD2wLv4XmAwW8tMVDKxS-IklVMHVr5d0p04Fvk0dqAfLQ1JIafiPPzvlR_8EXcwgdmw1Nm_zMz9rOT3JLmZsf1epQg7Bnfi0asfAh5ltF0vEfdpp050C7jDFd4pAB6yB7rtzy0l1DHB1nXfUbmSi4qiuzN33ZTq64vOwXUHEtI48r2LPhsdAxbk1HSJb7wtB_jDhVOtH6gDHQmR-JQAPFg9L2y3swq3dlZt7KAIh_Q_o0MrX3uWkKO0WT2Xw",
  "auth0ConnectionIds" : [ "auth0-opaque-connectionId-1", "auth0-opaque-connectionId-2" ]
}

Identity Preference Flow

Find Identity Preferences

GET /identity-preferences

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

true

userIdentityId

String

true

preferences

Object

true

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedBy

String

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtOUk2UUhIUUljY2JENzZMZWUzVkF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk5LCJleHAiOjE2ODU1NDc5OTksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.tY0zso-xDZ_mH0YWaR5nbCgqnRT6L6jIM4V3BM7hEo1c07XgVjbhNMC6yiB3txvdCXj1_lLI-KuVyU8pOeCZlQoBunAL-1goQJmiiFfaUjZXTCCbngpV72Oa6yt9bCLsbBuOG8gJX5iDoYg9nGyYp5MUwokI5DxALZBStGHvaPF_0BEYOv0lSxhsOyHnYkYB4p00gq18AJ2lNTpvWwCONkSeCy2-fY5bnfuwQeWKrZta1lvVJ1jV-DdEhgwi45jew3W0dpsF48eEXXyc2hgJshkr_XzCtrr-K4ICCWlY0nLjtbmhLXlj7MlaLFy4kpY3TrzJ3AjBgE52gdLzEhaAKQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 434

[ {
  "id" : "d97e94de-06c4-4843-8397-91d898b7bb91",
  "userIdentityId" : "1e205e51-5882-49e6-87f8-67124e0c60b6",
  "preferences" : {
    "first" : "my first preference."
  },
  "createdBy" : "1e205e51-5882-49e6-87f8-67124e0c60b6",
  "createdAt" : {
    "nano" : 931876000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : {
    "nano" : 931876000,
    "epochSecond" : 1685544399
  },
  "deletedBy" : null,
  "deletedAt" : null
} ]

Get Identity Preference

GET /identity-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

userIdentityId

String

true

preferences

Object

true

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedBy

String

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences/d62ff510-a409-4042-85a0-8e60355cff6a' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtOUk2UUhIUUljY2JENzZMZWUzVkF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk5LCJleHAiOjE2ODU1NDc5OTksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.tY0zso-xDZ_mH0YWaR5nbCgqnRT6L6jIM4V3BM7hEo1c07XgVjbhNMC6yiB3txvdCXj1_lLI-KuVyU8pOeCZlQoBunAL-1goQJmiiFfaUjZXTCCbngpV72Oa6yt9bCLsbBuOG8gJX5iDoYg9nGyYp5MUwokI5DxALZBStGHvaPF_0BEYOv0lSxhsOyHnYkYB4p00gq18AJ2lNTpvWwCONkSeCy2-fY5bnfuwQeWKrZta1lvVJ1jV-DdEhgwi45jew3W0dpsF48eEXXyc2hgJshkr_XzCtrr-K4ICCWlY0nLjtbmhLXlj7MlaLFy4kpY3TrzJ3AjBgE52gdLzEhaAKQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 415

{
  "id" : "d62ff510-a409-4042-85a0-8e60355cff6a",
  "userIdentityId" : "466c01d3-91ec-4bf6-8a27-a8dc299375c3",
  "preferences" : {
    "hello" : "world"
  },
  "createdBy" : "466c01d3-91ec-4bf6-8a27-a8dc299375c3",
  "createdAt" : {
    "nano" : 129295000,
    "epochSecond" : 1685544400
  },
  "updatedAt" : {
    "nano" : 129295000,
    "epochSecond" : 1685544400
  },
  "deletedBy" : null,
  "deletedAt" : null
}

Create Identity Preference

POST /identity-preferences

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

userIdentityId

String

true

Passing null will result in the creation of the Identity Preferences on the authenticated identity making the create API request.

preferences

Object

true

Response fields

Path Type Optional Description

id

String

true

userIdentityId

String

true

preferences

Object

true

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedBy

String

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtOUk2UUhIUUljY2JENzZMZWUzVkF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk5LCJleHAiOjE2ODU1NDc5OTksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.tY0zso-xDZ_mH0YWaR5nbCgqnRT6L6jIM4V3BM7hEo1c07XgVjbhNMC6yiB3txvdCXj1_lLI-KuVyU8pOeCZlQoBunAL-1goQJmiiFfaUjZXTCCbngpV72Oa6yt9bCLsbBuOG8gJX5iDoYg9nGyYp5MUwokI5DxALZBStGHvaPF_0BEYOv0lSxhsOyHnYkYB4p00gq18AJ2lNTpvWwCONkSeCy2-fY5bnfuwQeWKrZta1lvVJ1jV-DdEhgwi45jew3W0dpsF48eEXXyc2hgJshkr_XzCtrr-K4ICCWlY0nLjtbmhLXlj7MlaLFy4kpY3TrzJ3AjBgE52gdLzEhaAKQ' \
    -d '{"userIdentityId":"c1f220b0-5262-4eb9-8154-365a0b06bf04","preferences":{"first":"my first preference."}}'

Example response

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 430

{
  "id" : "b1a64da0-de5d-42d3-bac6-4a8ff1bd1915",
  "userIdentityId" : "c1f220b0-5262-4eb9-8154-365a0b06bf04",
  "preferences" : {
    "first" : "my first preference."
  },
  "createdBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "createdAt" : {
    "nano" : 996090000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : {
    "nano" : 996090000,
    "epochSecond" : 1685544399
  },
  "deletedBy" : null,
  "deletedAt" : null
}

Update Identity Preference

PUT /identity-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

Path Type Optional Description

preferences

Object

true

Response fields

Path Type Optional Description

id

String

true

userIdentityId

String

true

preferences

Object

true

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedBy

String

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences/1ce29700-2525-4aff-896a-9d2f3101db3b' -i -X PUT \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtOUk2UUhIUUljY2JENzZMZWUzVkF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk5LCJleHAiOjE2ODU1NDc5OTksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.tY0zso-xDZ_mH0YWaR5nbCgqnRT6L6jIM4V3BM7hEo1c07XgVjbhNMC6yiB3txvdCXj1_lLI-KuVyU8pOeCZlQoBunAL-1goQJmiiFfaUjZXTCCbngpV72Oa6yt9bCLsbBuOG8gJX5iDoYg9nGyYp5MUwokI5DxALZBStGHvaPF_0BEYOv0lSxhsOyHnYkYB4p00gq18AJ2lNTpvWwCONkSeCy2-fY5bnfuwQeWKrZta1lvVJ1jV-DdEhgwi45jew3W0dpsF48eEXXyc2hgJshkr_XzCtrr-K4ICCWlY0nLjtbmhLXlj7MlaLFy4kpY3TrzJ3AjBgE52gdLzEhaAKQ' \
    -d '{"preferences":{"updated":"my second preference."}}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 433

{
  "id" : "1ce29700-2525-4aff-896a-9d2f3101db3b",
  "userIdentityId" : "a6cf6cf2-31c5-417b-b23d-2ec73553e87f",
  "preferences" : {
    "updated" : "my second preference."
  },
  "createdBy" : "a6cf6cf2-31c5-417b-b23d-2ec73553e87f",
  "createdAt" : {
    "nano" : 177886000,
    "epochSecond" : 1685544400
  },
  "updatedAt" : {
    "nano" : 186053000,
    "epochSecond" : 1685544400
  },
  "deletedBy" : null,
  "deletedAt" : null
}

Delete Identity Preference

DELETE /identity-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

userIdentityId

String

true

preferences

Object

true

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedBy

String

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences/9d919644-dd74-4c39-b932-4b7eda7fad34' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtOUk2UUhIUUljY2JENzZMZWUzVkF3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk5LCJleHAiOjE2ODU1NDc5OTksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCJhYjBjNjk3NS05MjdiLTRhNjctOTcwZi0xMTU0MmYyMTc3ZTJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI3NTlhNDA3Ni0xYTUzLTQ3MGMtOTI2Ny1kMTkzYmE2Nzc3MGFcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.tY0zso-xDZ_mH0YWaR5nbCgqnRT6L6jIM4V3BM7hEo1c07XgVjbhNMC6yiB3txvdCXj1_lLI-KuVyU8pOeCZlQoBunAL-1goQJmiiFfaUjZXTCCbngpV72Oa6yt9bCLsbBuOG8gJX5iDoYg9nGyYp5MUwokI5DxALZBStGHvaPF_0BEYOv0lSxhsOyHnYkYB4p00gq18AJ2lNTpvWwCONkSeCy2-fY5bnfuwQeWKrZta1lvVJ1jV-DdEhgwi45jew3W0dpsF48eEXXyc2hgJshkr_XzCtrr-K4ICCWlY0nLjtbmhLXlj7MlaLFy4kpY3TrzJ3AjBgE52gdLzEhaAKQ'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 504

{
  "id" : "9d919644-dd74-4c39-b932-4b7eda7fad34",
  "userIdentityId" : "8adbf730-544a-474f-bbd8-54d314825941",
  "preferences" : {
    "hello" : "world"
  },
  "createdBy" : "8adbf730-544a-474f-bbd8-54d314825941",
  "createdAt" : {
    "nano" : 96948000,
    "epochSecond" : 1685544400
  },
  "updatedAt" : {
    "nano" : 104743000,
    "epochSecond" : 1685544400
  },
  "deletedBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "deletedAt" : {
    "nano" : 104000000,
    "epochSecond" : 1685544400
  }
}

Organization Preference Flow

Find Organization Preferences

GET /organization-preferences

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

Supports standard paging query parameters.

Request fields

No request body.

Response fields

Standard paging response where content field is list of following objects:

Path Type Optional Description

id

String

true

organizationId

String

true

preferences

Object

true

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedBy

String

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJuc0RCakYyVkZqMnpnaXYzT29reFl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk5LCJleHAiOjE2ODU1NDc5OTksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eq190pu4SbQBPymJgqlaGW3U18pdGL3rQuTbWZyWYvjYVd6nnaOCXrdaXnSq-Ny5e5yoe0mQ001zgEaaTQTU4E2pj4g38RXCLo6tlqaOxy3YleNHLNKFwGbhA0e328NAqyMIvUcf7MwgZ1xwm43pF1vuzxhQC6GGKWrTZmFU2l78vHdvD5R1P_ueqj7guGn0JNG2PJifw92bTcP1PacUctQw5no1Cng3FV7tsu37kTdQrOqELwiTag2mmpRYAIUUdw6in9J7An8LfT8L9J4zUYlRr-QAaPvapyLqAIlgjHYk2uAhvgsxyZocxTBerCWCnA00eYNa8IQ2TQyIv9pH_g'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1268

[ {
  "id" : "05c68a67-02af-4ae3-b6c5-300ef1ec5efa",
  "organizationId" : "c8603c8d-eab3-4988-936c-2c72ced1bdf5",
  "preferences" : {
    "hello" : "world"
  },
  "createdBy" : "6e4eb0f0-9a8f-4713-93b0-dcea73b694b8",
  "createdAt" : {
    "nano" : 415747000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : {
    "nano" : 415747000,
    "epochSecond" : 1685544399
  },
  "deletedBy" : null,
  "deletedAt" : null
}, {
  "id" : "28d3d747-00c6-4f47-bed3-8f429c12b4c4",
  "organizationId" : "ff7d47e5-ad5a-4319-8d77-60d6226ea476",
  "preferences" : {
    "first" : "my first preference."
  },
  "createdBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "createdAt" : {
    "nano" : 467110000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : {
    "nano" : 467110000,
    "epochSecond" : 1685544399
  },
  "deletedBy" : null,
  "deletedAt" : null
}, {
  "id" : "3e996e8c-c8ac-4469-9c74-facea0c1ab29",
  "organizationId" : "3bdd2914-6321-4519-9dec-11f8143f4e77",
  "preferences" : {
    "hello" : "world"
  },
  "createdBy" : "ca14eb17-1b19-4e35-853a-ce4628b93b1d",
  "createdAt" : {
    "nano" : 510986000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : {
    "nano" : 510986000,
    "epochSecond" : 1685544399
  },
  "deletedBy" : null,
  "deletedAt" : null
} ]

Get Organization Preference

GET /organization-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

preferences

Object

true

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedBy

String

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences/3e996e8c-c8ac-4469-9c74-facea0c1ab29' -i -X GET \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJuc0RCakYyVkZqMnpnaXYzT29reFl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk5LCJleHAiOjE2ODU1NDc5OTksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eq190pu4SbQBPymJgqlaGW3U18pdGL3rQuTbWZyWYvjYVd6nnaOCXrdaXnSq-Ny5e5yoe0mQ001zgEaaTQTU4E2pj4g38RXCLo6tlqaOxy3YleNHLNKFwGbhA0e328NAqyMIvUcf7MwgZ1xwm43pF1vuzxhQC6GGKWrTZmFU2l78vHdvD5R1P_ueqj7guGn0JNG2PJifw92bTcP1PacUctQw5no1Cng3FV7tsu37kTdQrOqELwiTag2mmpRYAIUUdw6in9J7An8LfT8L9J4zUYlRr-QAaPvapyLqAIlgjHYk2uAhvgsxyZocxTBerCWCnA00eYNa8IQ2TQyIv9pH_g'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 415

{
  "id" : "3e996e8c-c8ac-4469-9c74-facea0c1ab29",
  "organizationId" : "3bdd2914-6321-4519-9dec-11f8143f4e77",
  "preferences" : {
    "hello" : "world"
  },
  "createdBy" : "ca14eb17-1b19-4e35-853a-ce4628b93b1d",
  "createdAt" : {
    "nano" : 510986000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : {
    "nano" : 510986000,
    "epochSecond" : 1685544399
  },
  "deletedBy" : null,
  "deletedAt" : null
}

Create Organization Preference

POST /organization-preferences

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

No parameters.

Query parameters

No parameters.

Request fields

Path Type Optional Description

organizationId

String

true

preferences

Object

true

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

preferences

Object

true

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedBy

String

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences' -i -X POST \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJuc0RCakYyVkZqMnpnaXYzT29reFl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk5LCJleHAiOjE2ODU1NDc5OTksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eq190pu4SbQBPymJgqlaGW3U18pdGL3rQuTbWZyWYvjYVd6nnaOCXrdaXnSq-Ny5e5yoe0mQ001zgEaaTQTU4E2pj4g38RXCLo6tlqaOxy3YleNHLNKFwGbhA0e328NAqyMIvUcf7MwgZ1xwm43pF1vuzxhQC6GGKWrTZmFU2l78vHdvD5R1P_ueqj7guGn0JNG2PJifw92bTcP1PacUctQw5no1Cng3FV7tsu37kTdQrOqELwiTag2mmpRYAIUUdw6in9J7An8LfT8L9J4zUYlRr-QAaPvapyLqAIlgjHYk2uAhvgsxyZocxTBerCWCnA00eYNa8IQ2TQyIv9pH_g' \
    -d '{"organizationId":"ff7d47e5-ad5a-4319-8d77-60d6226ea476","preferences":{"first":"my first preference."}}'

Example response

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 430

{
  "id" : "28d3d747-00c6-4f47-bed3-8f429c12b4c4",
  "organizationId" : "ff7d47e5-ad5a-4319-8d77-60d6226ea476",
  "preferences" : {
    "first" : "my first preference."
  },
  "createdBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "createdAt" : {
    "nano" : 467110000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : {
    "nano" : 467110000,
    "epochSecond" : 1685544399
  },
  "deletedBy" : null,
  "deletedAt" : null
}

Update Organization Preference

PUT /organization-preferences/{id}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

Path Type Optional Description

preferences

Object

true

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

preferences

Object

true

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedBy

String

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences/e55825e8-7d67-4194-9164-76a86189c608' -i -X PUT \
    -H 'Content-Type: application/json' \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJuc0RCakYyVkZqMnpnaXYzT29reFl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk5LCJleHAiOjE2ODU1NDc5OTksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eq190pu4SbQBPymJgqlaGW3U18pdGL3rQuTbWZyWYvjYVd6nnaOCXrdaXnSq-Ny5e5yoe0mQ001zgEaaTQTU4E2pj4g38RXCLo6tlqaOxy3YleNHLNKFwGbhA0e328NAqyMIvUcf7MwgZ1xwm43pF1vuzxhQC6GGKWrTZmFU2l78vHdvD5R1P_ueqj7guGn0JNG2PJifw92bTcP1PacUctQw5no1Cng3FV7tsu37kTdQrOqELwiTag2mmpRYAIUUdw6in9J7An8LfT8L9J4zUYlRr-QAaPvapyLqAIlgjHYk2uAhvgsxyZocxTBerCWCnA00eYNa8IQ2TQyIv9pH_g' \
    -d '{"preferences":{"updated":"my second preference."}}'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 433

{
  "id" : "e55825e8-7d67-4194-9164-76a86189c608",
  "organizationId" : "19b9c6f9-ebb7-4e7a-989b-3278205c9103",
  "preferences" : {
    "updated" : "my second preference."
  },
  "createdBy" : "47afbaca-e51f-43c9-ad1b-8870d29205a9",
  "createdAt" : {
    "nano" : 560110000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : {
    "nano" : 576795000,
    "epochSecond" : 1685544399
  },
  "deletedBy" : null,
  "deletedAt" : null
}

Delete Organization Preference

DELETE /organization-preferences/{id}

Authorization

Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.

Path parameters

Parameter Type Optional Description

id

Object

false

Query parameters

No parameters.

Request fields

No request body.

Response fields

Path Type Optional Description

id

String

true

organizationId

String

true

preferences

Object

true

createdBy

String

true

createdAt

Object

true

updatedAt

Object

true

deletedBy

String

true

deletedAt

Object

true

Example request

$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences/38d03ec7-a9c4-481d-aca2-04ee19ff96f6' -i -X DELETE \
    -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJuc0RCakYyVkZqMnpnaXYzT29reFl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjNiNDdiMTQ0LTNiNDYtNDcxZi05YjNhLTM0ZGFhZjc1MmU3YyIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjg1NTQ0Mzk5LCJleHAiOjE2ODU1NDc5OTksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI3MmQ0NjZmMi0wN2UzLTRkYzQtYjU4Ni0wZTZlODBmNTM0N2JcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9LHtcImlkXCI6XCI4M2FlZTlmNC1mN2VkLTQ5YjctOTIzZi04ZWMzY2M4NjZiMDBcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTl9LHtcImlkXCI6XCI0NWQxMGRlNS02YzViLTRkNjAtODc5Zi00OWRmZTY3ZjFmNzJcIixcImxhc3RNb2RpZmllZFwiOjE2ODU1NDQzOTh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eq190pu4SbQBPymJgqlaGW3U18pdGL3rQuTbWZyWYvjYVd6nnaOCXrdaXnSq-Ny5e5yoe0mQ001zgEaaTQTU4E2pj4g38RXCLo6tlqaOxy3YleNHLNKFwGbhA0e328NAqyMIvUcf7MwgZ1xwm43pF1vuzxhQC6GGKWrTZmFU2l78vHdvD5R1P_ueqj7guGn0JNG2PJifw92bTcP1PacUctQw5no1Cng3FV7tsu37kTdQrOqELwiTag2mmpRYAIUUdw6in9J7An8LfT8L9J4zUYlRr-QAaPvapyLqAIlgjHYk2uAhvgsxyZocxTBerCWCnA00eYNa8IQ2TQyIv9pH_g'

Example response

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 505

{
  "id" : "38d03ec7-a9c4-481d-aca2-04ee19ff96f6",
  "organizationId" : "16031f3f-eada-41bf-818b-ec0b97a7878c",
  "preferences" : {
    "hello" : "world"
  },
  "createdBy" : "a9b2b138-bdfc-4125-93ff-7c60d05666c1",
  "createdAt" : {
    "nano" : 485984000,
    "epochSecond" : 1685544399
  },
  "updatedAt" : {
    "nano" : 492331000,
    "epochSecond" : 1685544399
  },
  "deletedBy" : "3b47b144-3b46-471f-9b3a-34daaf752e7c",
  "deletedAt" : {
    "nano" : 492000000,
    "epochSecond" : 1685544399
  }
}