Introduction
This is the NetFoundry identity service
Overview
HTTP verbs
NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP verbs.
Verb | Usage |
---|---|
|
Used to retrieve a resource |
|
Used to create a new resource |
|
Used to update an existing resource, full updates only |
|
Used to delete an existing resource |
The PATCH method is not used (yet).
|
HTTP status codes
NetFoundry adheres closely to standard HTTP and REST conventions in its use of HTTP status codes.
Status code | Usage |
---|---|
|
The actual response will depend on the request method used. In a GET request, the response will contain an entity corresponding to the requested resource. In a POST request, the response will contain an entity describing or containing the result of the action. |
|
The request has been fulfilled and resulted in a new resource being created. |
|
The request has been accepted and is being processed asynchronously Standard response for successful HTTP requests which invoke back-end services. |
|
The server successfully processed the request, but is not returning any content. |
|
The server cannot or will not process the request due to something that is perceived to be a client error (e.g., malformed request syntax, invalid request message framing, or deceptive request routing). |
|
The request lacks valid authentication credentials for the target resource. |
|
The request is authenticated with valid credentials however that set of credentials is not authorized to access this resource. |
|
The requested resource could not be found but may be available again in the future. Subsequent requests by the client are permissible. |
Resources
Organization
Find Organizations
GET /organizations
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
|
active |
Boolean |
true |
|
mfaProviders |
Object |
true |
Must be one of [None, GoogleAuthenticator]. |
includeDeleted |
Boolean |
true |
Default value: 'false'. |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
true |
Used for display purposes. Not unique or private. io.netfoundry.common.util.validation.BasicPattern. |
label |
String |
false |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. Must match the regular expression |
identityProviders |
Array[Object] |
false |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
false |
|
identityProviders[].organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
identityProviders[].name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
identityProviders[].auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
false |
|
identityProviders[].updatedAt |
Object |
false |
|
identityProviders[].deletedAt |
Object |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJfZjd6QVV3MG00YVh4UXZyUm55YVd3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI0LCJleHAiOjE2NzQ1MTMyMjQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.iOtAB7fD3RIcqJZMxPH_-xjylxAK7x0V9GANs13CJJuSyjE9PDSwh9oFgqgdl4o7kRZZJnj04cLJkqOC8ZfT0IIcRK34HfHJRtsiOwR32OWspl1lQFDZQCGOSPvnk0dI1DEhcBeHhpqyYre1daXyXeSRufbUVG85ae6e-3bRXvxyapCKHJqSKTQompU8qp7KC2_bKPk3HC0k_9EKkEDOa0V42xK9Cfyot81d9efULVvM_DbGMF5DEzFH5yXPCUo7cdXkglRHqdsq5iDQrqI_om-DOD9_VRDjFe4buxJfhGu8Ich7QpofOPX7FOJorS7gcc0GZrBbAz_2_D3p144cfw'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1586
[ {
"id" : "09bcec9d-9e55-4056-849a-7f49c09cae83",
"name" : "Newer Faster Name",
"label" : "WW-Imports-69",
"identityProviders" : [ {
"id" : "893eba92-1a03-45db-b373-39e5b8cfe068",
"organizationId" : "09bcec9d-9e55-4056-849a-7f49c09cae83",
"auth0ConnectionId" : "auth0-opaque-connectionId-70",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 223729000,
"epochSecond" : 1674509625
},
"updatedAt" : null,
"deletedAt" : null
} ],
"active" : true,
"mfaProvider" : "GoogleAuthenticator",
"createdAt" : {
"nano" : 221058000,
"epochSecond" : 1674509625
},
"updatedAt" : {
"nano" : 306656000,
"epochSecond" : 1674509625
},
"deletedAt" : null,
"deleted" : false
}, {
"id" : "2a1128df-83f0-4a15-b28e-817866e47b07",
"name" : "World Wide Imports",
"label" : "WW-Imports-42",
"identityProviders" : [ ],
"active" : true,
"mfaProvider" : "None",
"createdAt" : {
"nano" : 190638000,
"epochSecond" : 1674509621
},
"updatedAt" : {
"nano" : 259690000,
"epochSecond" : 1674509624
},
"deletedAt" : null,
"deleted" : false
}, {
"id" : "30ef40c3-5e73-402f-bbed-e778e110008a",
"name" : "World Wide Imports",
"label" : "WW-Imports-50",
"identityProviders" : [ ],
"active" : true,
"mfaProvider" : "None",
"createdAt" : {
"nano" : 258374000,
"epochSecond" : 1674509621
},
"updatedAt" : {
"nano" : 269496000,
"epochSecond" : 1674509624
},
"deletedAt" : null,
"deleted" : false
} ]
Get Organization By Id
GET /organizations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
true |
Used for display purposes. Not unique or private. io.netfoundry.common.util.validation.BasicPattern. |
label |
String |
false |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. Must match the regular expression |
identityProviders |
Array[Object] |
false |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
false |
|
identityProviders[].organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
identityProviders[].name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
identityProviders[].auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
false |
|
identityProviders[].updatedAt |
Object |
false |
|
identityProviders[].deletedAt |
Object |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/b0b10856-f257-4122-9ba0-6fd84cea951a' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJfZjd6QVV3MG00YVh4UXZyUm55YVd3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI0LCJleHAiOjE2NzQ1MTMyMjQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.iOtAB7fD3RIcqJZMxPH_-xjylxAK7x0V9GANs13CJJuSyjE9PDSwh9oFgqgdl4o7kRZZJnj04cLJkqOC8ZfT0IIcRK34HfHJRtsiOwR32OWspl1lQFDZQCGOSPvnk0dI1DEhcBeHhpqyYre1daXyXeSRufbUVG85ae6e-3bRXvxyapCKHJqSKTQompU8qp7KC2_bKPk3HC0k_9EKkEDOa0V42xK9Cfyot81d9efULVvM_DbGMF5DEzFH5yXPCUo7cdXkglRHqdsq5iDQrqI_om-DOD9_VRDjFe4buxJfhGu8Ich7QpofOPX7FOJorS7gcc0GZrBbAz_2_D3p144cfw'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1207
{
"id" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"name" : "ACME International, Inc.",
"label" : "ACME-0",
"identityProviders" : [ {
"id" : "555c4a9f-ded0-49eb-b738-0c3e6d4731f3",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ConnectionId" : "auth0-opaque-connectionId-1",
"name" : "ACME Federated Active Directory",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 650619000,
"epochSecond" : 1674509619
},
"updatedAt" : null,
"deletedAt" : null
}, {
"id" : "c9a54bfa-4cdf-4b8a-9b0b-37edc125b3b4",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ConnectionId" : "auth0-opaque-connectionId-2",
"name" : "Google-Account",
"auth0ConnectionType" : "Social",
"active" : true,
"createdAt" : {
"nano" : 655002000,
"epochSecond" : 1674509619
},
"updatedAt" : null,
"deletedAt" : null
} ],
"active" : true,
"mfaProvider" : "None",
"createdAt" : {
"nano" : 640338000,
"epochSecond" : 1674509619
},
"updatedAt" : {
"nano" : 341437000,
"epochSecond" : 1674509624
},
"deletedAt" : null,
"deleted" : false
}
Get Organization By Label
GET /organizations/label/{label:[-a-zA-Z0-9]{1,63}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
label |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
true |
Used for display purposes. Not unique or private. io.netfoundry.common.util.validation.BasicPattern. |
label |
String |
false |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. Must match the regular expression |
identityProviders |
Array[Object] |
false |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
false |
|
identityProviders[].organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
identityProviders[].name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
identityProviders[].auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
false |
|
identityProviders[].updatedAt |
Object |
false |
|
identityProviders[].deletedAt |
Object |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/label/ACME-0' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJfZjd6QVV3MG00YVh4UXZyUm55YVd3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI0LCJleHAiOjE2NzQ1MTMyMjQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.iOtAB7fD3RIcqJZMxPH_-xjylxAK7x0V9GANs13CJJuSyjE9PDSwh9oFgqgdl4o7kRZZJnj04cLJkqOC8ZfT0IIcRK34HfHJRtsiOwR32OWspl1lQFDZQCGOSPvnk0dI1DEhcBeHhpqyYre1daXyXeSRufbUVG85ae6e-3bRXvxyapCKHJqSKTQompU8qp7KC2_bKPk3HC0k_9EKkEDOa0V42xK9Cfyot81d9efULVvM_DbGMF5DEzFH5yXPCUo7cdXkglRHqdsq5iDQrqI_om-DOD9_VRDjFe4buxJfhGu8Ich7QpofOPX7FOJorS7gcc0GZrBbAz_2_D3p144cfw'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1207
{
"id" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"name" : "ACME International, Inc.",
"label" : "ACME-0",
"identityProviders" : [ {
"id" : "555c4a9f-ded0-49eb-b738-0c3e6d4731f3",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ConnectionId" : "auth0-opaque-connectionId-1",
"name" : "ACME Federated Active Directory",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 650619000,
"epochSecond" : 1674509619
},
"updatedAt" : null,
"deletedAt" : null
}, {
"id" : "c9a54bfa-4cdf-4b8a-9b0b-37edc125b3b4",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ConnectionId" : "auth0-opaque-connectionId-2",
"name" : "Google-Account",
"auth0ConnectionType" : "Social",
"active" : true,
"createdAt" : {
"nano" : 655002000,
"epochSecond" : 1674509619
},
"updatedAt" : null,
"deletedAt" : null
} ],
"active" : true,
"mfaProvider" : "None",
"createdAt" : {
"nano" : 640338000,
"epochSecond" : 1674509619
},
"updatedAt" : {
"nano" : 341437000,
"epochSecond" : 1674509624
},
"deletedAt" : null,
"deleted" : false
}
Create Organization
POST /organizations
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
io.netfoundry.common.util.validation.ValidAs. |
label |
String |
true |
io.netfoundry.common.util.validation.ValidAs. |
auth0ConnectionId |
String |
true |
io.netfoundry.common.util.validation.ValidAs. |
identityProviderName |
String |
true |
io.netfoundry.common.util.validation.ValidAs. |
auth0ConnectionType |
String |
true |
io.netfoundry.common.util.validation.ValidAs. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
true |
Used for display purposes. Not unique or private. io.netfoundry.common.util.validation.BasicPattern. |
label |
String |
false |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. Must match the regular expression |
identityProviders |
Array[Object] |
false |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
false |
|
identityProviders[].organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
identityProviders[].name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
identityProviders[].auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
false |
|
identityProviders[].updatedAt |
Object |
false |
|
identityProviders[].deletedAt |
Object |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJfZjd6QVV3MG00YVh4UXZyUm55YVd3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI0LCJleHAiOjE2NzQ1MTMyMjQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.iOtAB7fD3RIcqJZMxPH_-xjylxAK7x0V9GANs13CJJuSyjE9PDSwh9oFgqgdl4o7kRZZJnj04cLJkqOC8ZfT0IIcRK34HfHJRtsiOwR32OWspl1lQFDZQCGOSPvnk0dI1DEhcBeHhpqyYre1daXyXeSRufbUVG85ae6e-3bRXvxyapCKHJqSKTQompU8qp7KC2_bKPk3HC0k_9EKkEDOa0V42xK9Cfyot81d9efULVvM_DbGMF5DEzFH5yXPCUo7cdXkglRHqdsq5iDQrqI_om-DOD9_VRDjFe4buxJfhGu8Ich7QpofOPX7FOJorS7gcc0GZrBbAz_2_D3p144cfw' \
-d '{"name":"Best Corp.","label":"BEST-CORP","auth0ConnectionId":"auth0-opaque-connection","identityProviderName":"Corp SAML","auth0ConnectionType":"Enterprise"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 712
{
"id" : "5a507125-c5c7-4882-9524-222c48132a4e",
"name" : "Best Corp.",
"label" : "BEST-CORP",
"identityProviders" : [ {
"id" : "8a3604be-ad04-47f4-b5f0-f4aae160a68e",
"organizationId" : "5a507125-c5c7-4882-9524-222c48132a4e",
"auth0ConnectionId" : "auth0-opaque-connection",
"name" : "Best Corp.",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 951867000,
"epochSecond" : 1674509624
},
"updatedAt" : null,
"deletedAt" : null
} ],
"active" : true,
"mfaProvider" : null,
"createdAt" : {
"nano" : 949577000,
"epochSecond" : 1674509624
},
"updatedAt" : null,
"deletedAt" : null,
"deleted" : false
}
Activate Or Deactivate Organization
PUT /organizations/{id}/{action:activate|deactivate}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
action |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
true |
Used for display purposes. Not unique or private. io.netfoundry.common.util.validation.BasicPattern. |
label |
String |
false |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. Must match the regular expression |
identityProviders |
Array[Object] |
false |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
false |
|
identityProviders[].organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
identityProviders[].name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
identityProviders[].auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
false |
|
identityProviders[].updatedAt |
Object |
false |
|
identityProviders[].deletedAt |
Object |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/e7379ffd-2686-4861-a723-30930cac7422/deactivate' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJfZjd6QVV3MG00YVh4UXZyUm55YVd3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI0LCJleHAiOjE2NzQ1MTMyMjQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.iOtAB7fD3RIcqJZMxPH_-xjylxAK7x0V9GANs13CJJuSyjE9PDSwh9oFgqgdl4o7kRZZJnj04cLJkqOC8ZfT0IIcRK34HfHJRtsiOwR32OWspl1lQFDZQCGOSPvnk0dI1DEhcBeHhpqyYre1daXyXeSRufbUVG85ae6e-3bRXvxyapCKHJqSKTQompU8qp7KC2_bKPk3HC0k_9EKkEDOa0V42xK9Cfyot81d9efULVvM_DbGMF5DEzFH5yXPCUo7cdXkglRHqdsq5iDQrqI_om-DOD9_VRDjFe4buxJfhGu8Ich7QpofOPX7FOJorS7gcc0GZrBbAz_2_D3p144cfw'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 791
{
"id" : "e7379ffd-2686-4861-a723-30930cac7422",
"name" : "World Wide Imports",
"label" : "WW-Imports-75",
"identityProviders" : [ {
"id" : "6cffecb7-bc15-4df5-b297-9f6774f7214a",
"organizationId" : "e7379ffd-2686-4861-a723-30930cac7422",
"auth0ConnectionId" : "auth0-opaque-connectionId-76",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 770106000,
"epochSecond" : 1674509625
},
"updatedAt" : null,
"deletedAt" : null
} ],
"active" : false,
"mfaProvider" : null,
"createdAt" : {
"nano" : 767378000,
"epochSecond" : 1674509625
},
"updatedAt" : {
"nano" : 845808000,
"epochSecond" : 1674509625
},
"deletedAt" : null,
"deleted" : false
}
Add Identity Provider (deprecated)
POST /organizations/{id}/identity-providers
Deprecated.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
auth0ConnectionId |
String |
true |
io.netfoundry.common.util.validation.ValidAs. |
identityProviderName |
String |
true |
io.netfoundry.common.util.validation.ValidAs. |
auth0ConnectionType |
String |
true |
io.netfoundry.common.util.validation.ValidAs. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
name |
String |
true |
Used for display purposes. Not unique or private. io.netfoundry.common.util.validation.BasicPattern. |
label |
String |
false |
A short value, containing only letters, numbers and dashes, which could be used as a label in a vanity domain. This label uniquely identifies the Organization, and is the key by which organization users indicate the organization within which they intend to authenticate. Note: A deleted organization looses its label. Such organizations will have a label value that combines the organization id with the prior label value. This maintains the constraint that all organization labels are unique, and frees the prior organization label value for reclamation. Obviously a deleted organization’s label will no longer meet the validation constraints of a live organization label. Must match the regular expression |
identityProviders |
Array[Object] |
false |
The set of active (not marked deleted nor deactivated) {@link IdentityProvider}s assigned to this Organization. It is possible for this set to be null. For access to inactive or deleted IdentityProviders, access the IdentityProvider API endpoint directly. |
identityProviders[].id |
String |
false |
|
identityProviders[].organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
identityProviders[].auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
identityProviders[].name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
identityProviders[].auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
identityProviders[].active |
Boolean |
true |
|
identityProviders[].createdAt |
Object |
false |
|
identityProviders[].updatedAt |
Object |
false |
|
identityProviders[].deletedAt |
Object |
true |
|
active |
Boolean |
true |
|
mfaProvider |
String |
true |
Specifies an Auth0 compliant MFA provider. When set, it will trigger MFA on authentication via Auth0. If null, then the organization does not require MFA. Must be one of [None, GoogleAuthenticator]. |
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deleted |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/bc6de2a6-638a-4e51-894c-c09466adb1b5/identity-providers' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJfZjd6QVV3MG00YVh4UXZyUm55YVd3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI0LCJleHAiOjE2NzQ1MTMyMjQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.iOtAB7fD3RIcqJZMxPH_-xjylxAK7x0V9GANs13CJJuSyjE9PDSwh9oFgqgdl4o7kRZZJnj04cLJkqOC8ZfT0IIcRK34HfHJRtsiOwR32OWspl1lQFDZQCGOSPvnk0dI1DEhcBeHhpqyYre1daXyXeSRufbUVG85ae6e-3bRXvxyapCKHJqSKTQompU8qp7KC2_bKPk3HC0k_9EKkEDOa0V42xK9Cfyot81d9efULVvM_DbGMF5DEzFH5yXPCUo7cdXkglRHqdsq5iDQrqI_om-DOD9_VRDjFe4buxJfhGu8Ich7QpofOPX7FOJorS7gcc0GZrBbAz_2_D3p144cfw' \
-d '{"auth0ConnectionId":"auth0-opaque-connection","identityProviderName":"Corp SAML","auth0ConnectionType":"Enterprise"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 1130
{
"id" : "bc6de2a6-638a-4e51-894c-c09466adb1b5",
"name" : "World Wide Imports",
"label" : "WW-Imports-71",
"identityProviders" : [ {
"id" : "7ff2c691-5bdf-4f82-9d9d-fecce58367b5",
"organizationId" : "bc6de2a6-638a-4e51-894c-c09466adb1b5",
"auth0ConnectionId" : "auth0-opaque-connection",
"name" : "Corp SAML",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 597841000,
"epochSecond" : 1674509625
},
"updatedAt" : null,
"deletedAt" : null
}, {
"id" : "9650741d-ba27-4042-bb85-61e1ff9a8f60",
"organizationId" : "bc6de2a6-638a-4e51-894c-c09466adb1b5",
"auth0ConnectionId" : "auth0-opaque-connectionId-72",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 518782000,
"epochSecond" : 1674509625
},
"updatedAt" : null,
"deletedAt" : null
} ],
"active" : true,
"mfaProvider" : null,
"createdAt" : {
"nano" : 516012000,
"epochSecond" : 1674509625
},
"updatedAt" : null,
"deletedAt" : null,
"deleted" : false
}
Identity Providers
Find Identity Providers
GET /identity-providers
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
|
organizationId |
Object |
true |
|
auth0ConnectionId |
Object |
true |
|
auth0ConnectionType |
Object |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
deleted |
Object |
true |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtcmdiTWg0YlhraUEyRUxEV1V2MlZ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc1LCJleHAiOjE2NzQ1MTMyNzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCI5NTBiZDRjZS1lNDMyLTQyNzAtOWY2ZS0zZDk1OTBjNjA1ZDZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzV9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KVdfziUns_0gFLFWa3Bb_jCWDayp-LNkVFb28BvC44r8MBH8USc3Oi-Aq3y5BE2Iyj9NK3aQwORtHKsh6S0K5guzhlTuafus96K90WJCLjbP9ugS_77xq2iCUBhuDWw0pVz9Rcv3sZYEEPZ0pmfUPTPcMPWKfZcaR5_2QWhcuL4wL_tlTsDWFicnEuqsK04GHuUlCuuPW9IjBfCnwme_HbiDDS9T180tKc5y82F3HlbkVK07_SMRAPG9IVcSRU51UVk1Sv_7fB6MbqxH5MVZcD1ZBwQba4VOBES4lN7neDNYZwdPaq_5dYa021u8fu6dw2VC0Nf2Re6gLyb6p8U4NA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1144
[ {
"id" : "008b0b1a-c45b-42c2-960e-d7f96b9eed8a",
"organizationId" : "8bf4ca3a-a358-42a4-a429-3b0958fb903f",
"auth0ConnectionId" : "auth0-opaque-connectionId-41",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 156451000,
"epochSecond" : 1674509621
},
"updatedAt" : null,
"deletedAt" : null
}, {
"id" : "11ba5b0c-74fb-433b-90ee-be7d523b543e",
"organizationId" : "ceafef0c-be21-439f-a47f-a8748734d7a0",
"auth0ConnectionId" : "auth0-opaque-connectionId-22",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 786606000,
"epochSecond" : 1674509620
},
"updatedAt" : null,
"deletedAt" : null
}, {
"id" : "2510b98f-1ccf-4cd6-a626-2b6094e0e3d3",
"organizationId" : "4189b6b7-41f2-4480-a854-051f1752da2a",
"auth0ConnectionId" : "auth0-opaque-connectionId-31",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 29457000,
"epochSecond" : 1674509621
},
"updatedAt" : null,
"deletedAt" : null
} ]
Get Identity Provider
GET /identity-providers/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/555c4a9f-ded0-49eb-b738-0c3e6d4731f3' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtcmdiTWg0YlhraUEyRUxEV1V2MlZ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc1LCJleHAiOjE2NzQ1MTMyNzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCI5NTBiZDRjZS1lNDMyLTQyNzAtOWY2ZS0zZDk1OTBjNjA1ZDZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzV9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KVdfziUns_0gFLFWa3Bb_jCWDayp-LNkVFb28BvC44r8MBH8USc3Oi-Aq3y5BE2Iyj9NK3aQwORtHKsh6S0K5guzhlTuafus96K90WJCLjbP9ugS_77xq2iCUBhuDWw0pVz9Rcv3sZYEEPZ0pmfUPTPcMPWKfZcaR5_2QWhcuL4wL_tlTsDWFicnEuqsK04GHuUlCuuPW9IjBfCnwme_HbiDDS9T180tKc5y82F3HlbkVK07_SMRAPG9IVcSRU51UVk1Sv_7fB6MbqxH5MVZcD1ZBwQba4VOBES4lN7neDNYZwdPaq_5dYa021u8fu6dw2VC0Nf2Re6gLyb6p8U4NA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 394
{
"id" : "555c4a9f-ded0-49eb-b738-0c3e6d4731f3",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ConnectionId" : "auth0-opaque-connectionId-1",
"name" : "ACME Federated Active Directory",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 650619000,
"epochSecond" : 1674509619
},
"updatedAt" : null,
"deletedAt" : null
}
Create Identity Provider
POST /identity-providers
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
auth0ConnectionId |
String |
true |
|
name |
String |
true |
|
auth0ConnectionType |
String |
true |
Must be one of [Database, Social, Enterprise, Passwordless]. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtcmdiTWg0YlhraUEyRUxEV1V2MlZ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc1LCJleHAiOjE2NzQ1MTMyNzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCI5NTBiZDRjZS1lNDMyLTQyNzAtOWY2ZS0zZDk1OTBjNjA1ZDZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzV9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KVdfziUns_0gFLFWa3Bb_jCWDayp-LNkVFb28BvC44r8MBH8USc3Oi-Aq3y5BE2Iyj9NK3aQwORtHKsh6S0K5guzhlTuafus96K90WJCLjbP9ugS_77xq2iCUBhuDWw0pVz9Rcv3sZYEEPZ0pmfUPTPcMPWKfZcaR5_2QWhcuL4wL_tlTsDWFicnEuqsK04GHuUlCuuPW9IjBfCnwme_HbiDDS9T180tKc5y82F3HlbkVK07_SMRAPG9IVcSRU51UVk1Sv_7fB6MbqxH5MVZcD1ZBwQba4VOBES4lN7neDNYZwdPaq_5dYa021u8fu6dw2VC0Nf2Re6gLyb6p8U4NA' \
-d '{"organizationId":"1695c9b3-2250-42c1-80da-adcea15e15be","auth0ConnectionId":"auth0-opaque-connection","name":"Corp SAML","auth0ConnectionType":"Enterprise"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 368
{
"id" : "ca5a0680-b7fb-47c0-86cb-aa450f48f3f9",
"organizationId" : "1695c9b3-2250-42c1-80da-adcea15e15be",
"auth0ConnectionId" : "auth0-opaque-connection",
"name" : "Corp SAML",
"auth0ConnectionType" : "Enterprise",
"active" : true,
"createdAt" : {
"nano" : 612444000,
"epochSecond" : 1674509675
},
"updatedAt" : null,
"deletedAt" : null
}
Update Identity Provider
PUT /identity-providers/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/4a52964e-485d-4c65-8e7b-1e1f2eb2ddd1' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtcmdiTWg0YlhraUEyRUxEV1V2MlZ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc1LCJleHAiOjE2NzQ1MTMyNzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCI5NTBiZDRjZS1lNDMyLTQyNzAtOWY2ZS0zZDk1OTBjNjA1ZDZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzV9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KVdfziUns_0gFLFWa3Bb_jCWDayp-LNkVFb28BvC44r8MBH8USc3Oi-Aq3y5BE2Iyj9NK3aQwORtHKsh6S0K5guzhlTuafus96K90WJCLjbP9ugS_77xq2iCUBhuDWw0pVz9Rcv3sZYEEPZ0pmfUPTPcMPWKfZcaR5_2QWhcuL4wL_tlTsDWFicnEuqsK04GHuUlCuuPW9IjBfCnwme_HbiDDS9T180tKc5y82F3HlbkVK07_SMRAPG9IVcSRU51UVk1Sv_7fB6MbqxH5MVZcD1ZBwQba4VOBES4lN7neDNYZwdPaq_5dYa021u8fu6dw2VC0Nf2Re6gLyb6p8U4NA' \
-d '{"name":"New IdP Name"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 431
{
"id" : "4a52964e-485d-4c65-8e7b-1e1f2eb2ddd1",
"organizationId" : "1f11479b-3918-4035-993f-3a8cb4821a36",
"auth0ConnectionId" : "auth0-opaque-connectionId-186",
"name" : "New IdP Name",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 137865000,
"epochSecond" : 1674509676
},
"updatedAt" : {
"nano" : 267535000,
"epochSecond" : 1674509676
},
"deletedAt" : null
}
Activate Or Deactivate Identity Provider
PUT /identity-providers/{id}/{action:activate|deactivate}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
action |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/82975e21-66c7-43ac-a4b0-1ca5dcde224d/activate' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtcmdiTWg0YlhraUEyRUxEV1V2MlZ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc1LCJleHAiOjE2NzQ1MTMyNzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCI5NTBiZDRjZS1lNDMyLTQyNzAtOWY2ZS0zZDk1OTBjNjA1ZDZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzV9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KVdfziUns_0gFLFWa3Bb_jCWDayp-LNkVFb28BvC44r8MBH8USc3Oi-Aq3y5BE2Iyj9NK3aQwORtHKsh6S0K5guzhlTuafus96K90WJCLjbP9ugS_77xq2iCUBhuDWw0pVz9Rcv3sZYEEPZ0pmfUPTPcMPWKfZcaR5_2QWhcuL4wL_tlTsDWFicnEuqsK04GHuUlCuuPW9IjBfCnwme_HbiDDS9T180tKc5y82F3HlbkVK07_SMRAPG9IVcSRU51UVk1Sv_7fB6MbqxH5MVZcD1ZBwQba4VOBES4lN7neDNYZwdPaq_5dYa021u8fu6dw2VC0Nf2Re6gLyb6p8U4NA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 380
{
"id" : "82975e21-66c7-43ac-a4b0-1ca5dcde224d",
"organizationId" : "693dcc52-ce22-4a45-b713-a34cb68e4a63",
"auth0ConnectionId" : "auth0-opaque-connectionId-182",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 798573000,
"epochSecond" : 1674509675
},
"updatedAt" : null,
"deletedAt" : null
}
Delete Identity Provider
DELETE /identity-providers/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
The id of the {@link Organization} that this provider will authenticate users into. |
auth0ConnectionId |
String |
false |
The auth0 generated id of the auth0 connection that this IdentityProvider represents. Size must be between 1 and 128 inclusive. |
name |
String |
false |
Used for display purposes. Not unique or private. Size must be between 1 and 128 inclusive. |
auth0ConnectionType |
String |
false |
Must be one of [Database, Social, Enterprise, Passwordless]. |
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-providers/4ee100e6-d530-4d0c-b6a4-1ebb566c1843' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJtcmdiTWg0YlhraUEyRUxEV1V2MlZ3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc1LCJleHAiOjE2NzQ1MTMyNzUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCI5NTBiZDRjZS1lNDMyLTQyNzAtOWY2ZS0zZDk1OTBjNjA1ZDZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzV9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KVdfziUns_0gFLFWa3Bb_jCWDayp-LNkVFb28BvC44r8MBH8USc3Oi-Aq3y5BE2Iyj9NK3aQwORtHKsh6S0K5guzhlTuafus96K90WJCLjbP9ugS_77xq2iCUBhuDWw0pVz9Rcv3sZYEEPZ0pmfUPTPcMPWKfZcaR5_2QWhcuL4wL_tlTsDWFicnEuqsK04GHuUlCuuPW9IjBfCnwme_HbiDDS9T180tKc5y82F3HlbkVK07_SMRAPG9IVcSRU51UVk1Sv_7fB6MbqxH5MVZcD1ZBwQba4VOBES4lN7neDNYZwdPaq_5dYa021u8fu6dw2VC0Nf2Re6gLyb6p8U4NA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492
{
"id" : "4ee100e6-d530-4d0c-b6a4-1ebb566c1843",
"organizationId" : "bd17c803-3f52-49cb-bb65-fc19dd3f79ea",
"auth0ConnectionId" : "auth0-opaque-connectionId-184",
"name" : "Username/Password",
"auth0ConnectionType" : "Database",
"active" : true,
"createdAt" : {
"nano" : 981650000,
"epochSecond" : 1674509675
},
"updatedAt" : {
"nano" : 109119000,
"epochSecond" : 1674509676
},
"deletedAt" : {
"nano" : 108000000,
"epochSecond" : 1674509676
}
}
User Identity
Get Identity
GET /identities/self
Get an Identity (regardless of type) by its id.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
|
tenantId |
String |
true |
Deprecated.. |
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
String |
true |
||
name |
String |
true |
|
id |
String |
true |
|
type |
String |
true |
|
active |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identities/self' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVTGwxbUhmWEY0WXVOR1dSYjRKLWdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI4LCJleHAiOjE2NzQ1MTMyMjgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eNVEW8slwoRB-JAvdLsUCRX3RCBzPDgPBRsujFuBAjzMjJCd3-GXJtcW_JG3RUI5f7tZTa_QA_GNintzhlrWZNznbjV8q_jPrcczzdfD1M9XkBOgkAjurFAeKOAhyhvusaAZ2vvMZX98B7MOyN7-Pp9ENmAeIbHHN8MKal-ptMRtdsF5_Fhj8SgO2C6YWwOohCEoknUjOqKhOJTrxLUS1_CMji7hpF7Cd8wf29sC3JDUhINq3RTO2Cv_plabKVAPOMMizulwfQ2LxTU2KjCDnbfGwqWWi9fYkTEFc1SwCwGhTUo_byDQIE-MfeACcnm_WaK9oK2nZ63t6jgWjtT7bA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 691
{
"id" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"firstName" : "TESTING",
"lastName" : "CLIENT",
"email" : "test.client@server.com",
"identityMappings" : [ {
"id" : "2b11bdb9-0bb4-4d38-af0d-978b0c352697",
"auth0UserId" : "auth0-opaque-userId-6",
"identityProviderId" : "555c4a9f-ded0-49eb-b738-0c3e6d4731f3",
"userIdentityId" : "1809e618-43e4-424f-a86a-37aca0f916cb"
} ],
"active" : true,
"createdAt" : {
"nano" : 673264000,
"epochSecond" : 1674509619
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"name" : "TESTING CLIENT",
"type" : "UserIdentity"
}
Get Identity
GET /identities/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Get an Identity (regardless of type) by its id.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
The id of the desired Identity. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
|
tenantId |
String |
true |
Deprecated.. |
createdAt |
Object |
true |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
String |
true |
||
name |
String |
true |
|
id |
String |
true |
|
type |
String |
true |
|
active |
Boolean |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identities/5d9871fe-3c6e-4f36-b84e-26db5d35e726' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVTGwxbUhmWEY0WXVOR1dSYjRKLWdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI4LCJleHAiOjE2NzQ1MTMyMjgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eNVEW8slwoRB-JAvdLsUCRX3RCBzPDgPBRsujFuBAjzMjJCd3-GXJtcW_JG3RUI5f7tZTa_QA_GNintzhlrWZNznbjV8q_jPrcczzdfD1M9XkBOgkAjurFAeKOAhyhvusaAZ2vvMZX98B7MOyN7-Pp9ENmAeIbHHN8MKal-ptMRtdsF5_Fhj8SgO2C6YWwOohCEoknUjOqKhOJTrxLUS1_CMji7hpF7Cd8wf29sC3JDUhINq3RTO2Cv_plabKVAPOMMizulwfQ2LxTU2KjCDnbfGwqWWi9fYkTEFc1SwCwGhTUo_byDQIE-MfeACcnm_WaK9oK2nZ63t6jgWjtT7bA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 674
{
"id" : "5d9871fe-3c6e-4f36-b84e-26db5d35e726",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"firstName" : "John",
"lastName" : "Doe",
"email" : "john.doe@acme.com",
"identityMappings" : [ {
"id" : "a510e8da-91b2-448e-a914-0ac95db44628",
"auth0UserId" : "auth0-opaque-userId-3",
"identityProviderId" : "555c4a9f-ded0-49eb-b738-0c3e6d4731f3",
"userIdentityId" : "5d9871fe-3c6e-4f36-b84e-26db5d35e726"
} ],
"active" : true,
"createdAt" : {
"nano" : 662023000,
"epochSecond" : 1674509619
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"name" : "John Doe",
"type" : "UserIdentity"
}
Find User Identities
GET /user-identities
Returns a set of {@link UserIdentity}s that are visible to the requesting client and optionally filtered based on the submitted request parameters.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
tenantId |
Object |
true |
Deprecated.. |
organizationId |
Object |
true |
Restricts results to Identities in the specified Organization (by Organization’s id.). |
identityProviderId |
Object |
true |
|
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
||
active |
Boolean |
true |
Restricts results to Identities with a matching active status. |
includeDeleted |
Boolean |
true |
Default value: 'false'. |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
firstName |
String |
true |
Size must be between 0 and 128 inclusive. |
lastName |
String |
true |
Size must be between 1 and 128 inclusive. |
String |
false |
Size must be between 6 and 254 inclusive. |
|
identityMappings |
Array[Object] |
false |
|
identityMappings[].id |
String |
false |
|
identityMappings[].auth0UserId |
String |
false |
Size must be between 4 and 256 inclusive. |
identityMappings[].identityProviderId |
String |
false |
|
identityMappings[].userIdentityId |
String |
false |
|
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVTGwxbUhmWEY0WXVOR1dSYjRKLWdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI4LCJleHAiOjE2NzQ1MTMyMjgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eNVEW8slwoRB-JAvdLsUCRX3RCBzPDgPBRsujFuBAjzMjJCd3-GXJtcW_JG3RUI5f7tZTa_QA_GNintzhlrWZNznbjV8q_jPrcczzdfD1M9XkBOgkAjurFAeKOAhyhvusaAZ2vvMZX98B7MOyN7-Pp9ENmAeIbHHN8MKal-ptMRtdsF5_Fhj8SgO2C6YWwOohCEoknUjOqKhOJTrxLUS1_CMji7hpF7Cd8wf29sC3JDUhINq3RTO2Cv_plabKVAPOMMizulwfQ2LxTU2KjCDnbfGwqWWi9fYkTEFc1SwCwGhTUo_byDQIE-MfeACcnm_WaK9oK2nZ63t6jgWjtT7bA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1822
[ {
"id" : "083be52f-568a-4eca-b663-d232f421e376",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"firstName" : "Jane",
"lastName" : "Doe",
"email" : "jane.doe@acme.com",
"identityMappings" : [ ],
"active" : true,
"createdAt" : {
"nano" : 260195000,
"epochSecond" : 1674509624
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"name" : "Jane Doe",
"type" : "UserIdentity"
}, {
"id" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"firstName" : "TESTING",
"lastName" : "CLIENT",
"email" : "test.client@server.com",
"identityMappings" : [ {
"id" : "2b11bdb9-0bb4-4d38-af0d-978b0c352697",
"auth0UserId" : "auth0-opaque-userId-6",
"identityProviderId" : "555c4a9f-ded0-49eb-b738-0c3e6d4731f3",
"userIdentityId" : "1809e618-43e4-424f-a86a-37aca0f916cb"
} ],
"active" : true,
"createdAt" : {
"nano" : 673264000,
"epochSecond" : 1674509619
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"name" : "TESTING CLIENT",
"type" : "UserIdentity"
}, {
"id" : "1e500749-9e2d-44b3-a417-7557b21c5cb1",
"organizationId" : "62dadd00-8edc-4e97-bcbb-731d3a1248d2",
"firstName" : "First",
"lastName" : "Last",
"email" : "random-56@acme.com",
"identityMappings" : [ {
"id" : "0ab37bcb-ede4-41ac-9312-ecef520f2b9c",
"auth0UserId" : "auth0-opaque-userId-57",
"identityProviderId" : "49b244ab-e921-4612-9d86-5a99eaf8360d",
"userIdentityId" : "1e500749-9e2d-44b3-a417-7557b21c5cb1"
} ],
"active" : true,
"createdAt" : {
"nano" : 299478000,
"epochSecond" : 1674509621
},
"deletedAt" : null,
"tenantId" : "62dadd00-8edc-4e97-bcbb-731d3a1248d2",
"name" : "First Last",
"type" : "UserIdentity"
} ]
Get User Identity
GET /user-identities/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Get an User Identity by its id.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
The id of the desired Identity. Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
firstName |
String |
true |
Size must be between 0 and 128 inclusive. |
lastName |
String |
true |
Size must be between 1 and 128 inclusive. |
String |
false |
Size must be between 6 and 254 inclusive. |
|
identityMappings |
Array[Object] |
false |
|
identityMappings[].id |
String |
false |
|
identityMappings[].auth0UserId |
String |
false |
Size must be between 4 and 256 inclusive. |
identityMappings[].identityProviderId |
String |
false |
|
identityMappings[].userIdentityId |
String |
false |
|
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/5d9871fe-3c6e-4f36-b84e-26db5d35e726' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVTGwxbUhmWEY0WXVOR1dSYjRKLWdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI4LCJleHAiOjE2NzQ1MTMyMjgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eNVEW8slwoRB-JAvdLsUCRX3RCBzPDgPBRsujFuBAjzMjJCd3-GXJtcW_JG3RUI5f7tZTa_QA_GNintzhlrWZNznbjV8q_jPrcczzdfD1M9XkBOgkAjurFAeKOAhyhvusaAZ2vvMZX98B7MOyN7-Pp9ENmAeIbHHN8MKal-ptMRtdsF5_Fhj8SgO2C6YWwOohCEoknUjOqKhOJTrxLUS1_CMji7hpF7Cd8wf29sC3JDUhINq3RTO2Cv_plabKVAPOMMizulwfQ2LxTU2KjCDnbfGwqWWi9fYkTEFc1SwCwGhTUo_byDQIE-MfeACcnm_WaK9oK2nZ63t6jgWjtT7bA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 674
{
"id" : "5d9871fe-3c6e-4f36-b84e-26db5d35e726",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"firstName" : "John",
"lastName" : "Doe",
"email" : "john.doe@acme.com",
"identityMappings" : [ {
"id" : "a510e8da-91b2-448e-a914-0ac95db44628",
"auth0UserId" : "auth0-opaque-userId-3",
"identityProviderId" : "555c4a9f-ded0-49eb-b738-0c3e6d4731f3",
"userIdentityId" : "5d9871fe-3c6e-4f36-b84e-26db5d35e726"
} ],
"active" : true,
"createdAt" : {
"nano" : 662023000,
"epochSecond" : 1674509619
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"name" : "John Doe",
"type" : "UserIdentity"
}
Get User Identity By Mapping
GET /user-identities/mapping/{auth0UserId}/{identityProviderId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
auth0UserId |
String |
false |
|
identityProviderId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
firstName |
String |
true |
Size must be between 0 and 128 inclusive. |
lastName |
String |
true |
Size must be between 1 and 128 inclusive. |
String |
false |
Size must be between 6 and 254 inclusive. |
|
identityMappings |
Array[Object] |
false |
|
identityMappings[].id |
String |
false |
|
identityMappings[].auth0UserId |
String |
false |
Size must be between 4 and 256 inclusive. |
identityMappings[].identityProviderId |
String |
false |
|
identityMappings[].userIdentityId |
String |
false |
|
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/mapping/auth0-opaque-userId-3/555c4a9f-ded0-49eb-b738-0c3e6d4731f3' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVTGwxbUhmWEY0WXVOR1dSYjRKLWdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI4LCJleHAiOjE2NzQ1MTMyMjgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eNVEW8slwoRB-JAvdLsUCRX3RCBzPDgPBRsujFuBAjzMjJCd3-GXJtcW_JG3RUI5f7tZTa_QA_GNintzhlrWZNznbjV8q_jPrcczzdfD1M9XkBOgkAjurFAeKOAhyhvusaAZ2vvMZX98B7MOyN7-Pp9ENmAeIbHHN8MKal-ptMRtdsF5_Fhj8SgO2C6YWwOohCEoknUjOqKhOJTrxLUS1_CMji7hpF7Cd8wf29sC3JDUhINq3RTO2Cv_plabKVAPOMMizulwfQ2LxTU2KjCDnbfGwqWWi9fYkTEFc1SwCwGhTUo_byDQIE-MfeACcnm_WaK9oK2nZ63t6jgWjtT7bA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 674
{
"id" : "5d9871fe-3c6e-4f36-b84e-26db5d35e726",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"firstName" : "John",
"lastName" : "Doe",
"email" : "john.doe@acme.com",
"identityMappings" : [ {
"id" : "a510e8da-91b2-448e-a914-0ac95db44628",
"auth0UserId" : "auth0-opaque-userId-3",
"identityProviderId" : "555c4a9f-ded0-49eb-b738-0c3e6d4731f3",
"userIdentityId" : "5d9871fe-3c6e-4f36-b84e-26db5d35e726"
} ],
"active" : true,
"createdAt" : {
"nano" : 662023000,
"epochSecond" : 1674509619
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"name" : "John Doe",
"type" : "UserIdentity"
}
Create Identity
POST /user-identities
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
firstName |
String |
true |
Size must be between 0 and 128 inclusive. |
lastName |
String |
true |
Size must be between 1 and 128 inclusive. |
String |
false |
Size must be between 6 and 254 inclusive. |
|
identityMappings |
Array[Object] |
false |
|
identityMappings[].id |
String |
false |
|
identityMappings[].auth0UserId |
String |
false |
Size must be between 4 and 256 inclusive. |
identityMappings[].identityProviderId |
String |
false |
|
identityMappings[].userIdentityId |
String |
false |
|
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVTGwxbUhmWEY0WXVOR1dSYjRKLWdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI4LCJleHAiOjE2NzQ1MTMyMjgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eNVEW8slwoRB-JAvdLsUCRX3RCBzPDgPBRsujFuBAjzMjJCd3-GXJtcW_JG3RUI5f7tZTa_QA_GNintzhlrWZNznbjV8q_jPrcczzdfD1M9XkBOgkAjurFAeKOAhyhvusaAZ2vvMZX98B7MOyN7-Pp9ENmAeIbHHN8MKal-ptMRtdsF5_Fhj8SgO2C6YWwOohCEoknUjOqKhOJTrxLUS1_CMji7hpF7Cd8wf29sC3JDUhINq3RTO2Cv_plabKVAPOMMizulwfQ2LxTU2KjCDnbfGwqWWi9fYkTEFc1SwCwGhTUo_byDQIE-MfeACcnm_WaK9oK2nZ63t6jgWjtT7bA' \
-d '{"organizationId":"b0b10856-f257-4122-9ba0-6fd84cea951a","firstName":"Jane","lastName":"Doe","email":"jane.doe@acme.com"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 443
{
"id" : "b16adf9a-0da2-4bbb-99ae-d530d513aedf",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"firstName" : "Jane",
"lastName" : "Doe",
"email" : "jane.doe@acme.com",
"identityMappings" : [ ],
"active" : true,
"createdAt" : {
"nano" : 626166000,
"epochSecond" : 1674509629
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"name" : "Jane Doe",
"type" : "UserIdentity"
}
Update Identity Info
PUT /user-identities/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
firstName |
String |
true |
|
lastName |
String |
true |
|
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
firstName |
String |
true |
Size must be between 0 and 128 inclusive. |
lastName |
String |
true |
Size must be between 1 and 128 inclusive. |
String |
false |
Size must be between 6 and 254 inclusive. |
|
identityMappings |
Array[Object] |
false |
|
identityMappings[].id |
String |
false |
|
identityMappings[].auth0UserId |
String |
false |
Size must be between 4 and 256 inclusive. |
identityMappings[].identityProviderId |
String |
false |
|
identityMappings[].userIdentityId |
String |
false |
|
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/b0396718-370f-4539-bfb5-43265b5bbd34' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVTGwxbUhmWEY0WXVOR1dSYjRKLWdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI4LCJleHAiOjE2NzQ1MTMyMjgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eNVEW8slwoRB-JAvdLsUCRX3RCBzPDgPBRsujFuBAjzMjJCd3-GXJtcW_JG3RUI5f7tZTa_QA_GNintzhlrWZNznbjV8q_jPrcczzdfD1M9XkBOgkAjurFAeKOAhyhvusaAZ2vvMZX98B7MOyN7-Pp9ENmAeIbHHN8MKal-ptMRtdsF5_Fhj8SgO2C6YWwOohCEoknUjOqKhOJTrxLUS1_CMji7hpF7Cd8wf29sC3JDUhINq3RTO2Cv_plabKVAPOMMizulwfQ2LxTU2KjCDnbfGwqWWi9fYkTEFc1SwCwGhTUo_byDQIE-MfeACcnm_WaK9oK2nZ63t6jgWjtT7bA' \
-d '{"firstName":"Bobby","lastName":"White","email":"bobby.white@acme.com"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 685
{
"id" : "b0396718-370f-4539-bfb5-43265b5bbd34",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"firstName" : "Bobby",
"lastName" : "White",
"email" : "bobby.white@acme.com",
"identityMappings" : [ {
"id" : "90178615-3314-4a63-9d6e-9ee622d4b62d",
"auth0UserId" : "auth0-opaque-userId-123",
"identityProviderId" : "555c4a9f-ded0-49eb-b738-0c3e6d4731f3",
"userIdentityId" : "b0396718-370f-4539-bfb5-43265b5bbd34"
} ],
"active" : true,
"createdAt" : {
"nano" : 631826000,
"epochSecond" : 1674509628
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"name" : "Bobby White",
"type" : "UserIdentity"
}
Activate Or Deactivate User Identity
PUT /user-identities/{id}/{action:activate|deactivate}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
action |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
firstName |
String |
true |
Size must be between 0 and 128 inclusive. |
lastName |
String |
true |
Size must be between 1 and 128 inclusive. |
String |
false |
Size must be between 6 and 254 inclusive. |
|
identityMappings |
Array[Object] |
false |
|
identityMappings[].id |
String |
false |
|
identityMappings[].auth0UserId |
String |
false |
Size must be between 4 and 256 inclusive. |
identityMappings[].identityProviderId |
String |
false |
|
identityMappings[].userIdentityId |
String |
false |
|
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
name |
String |
true |
|
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/85e55394-3927-4c9d-a958-dc4f921e1c3e/deactivate' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVTGwxbUhmWEY0WXVOR1dSYjRKLWdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI4LCJleHAiOjE2NzQ1MTMyMjgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eNVEW8slwoRB-JAvdLsUCRX3RCBzPDgPBRsujFuBAjzMjJCd3-GXJtcW_JG3RUI5f7tZTa_QA_GNintzhlrWZNznbjV8q_jPrcczzdfD1M9XkBOgkAjurFAeKOAhyhvusaAZ2vvMZX98B7MOyN7-Pp9ENmAeIbHHN8MKal-ptMRtdsF5_Fhj8SgO2C6YWwOohCEoknUjOqKhOJTrxLUS1_CMji7hpF7Cd8wf29sC3JDUhINq3RTO2Cv_plabKVAPOMMizulwfQ2LxTU2KjCDnbfGwqWWi9fYkTEFc1SwCwGhTUo_byDQIE-MfeACcnm_WaK9oK2nZ63t6jgWjtT7bA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 683
{
"id" : "85e55394-3927-4c9d-a958-dc4f921e1c3e",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"firstName" : "First",
"lastName" : "Last",
"email" : "random-124@acme.com",
"identityMappings" : [ {
"id" : "f124e44f-81a6-4556-88ae-a3ecc19fbf06",
"auth0UserId" : "auth0-opaque-userId-125",
"identityProviderId" : "555c4a9f-ded0-49eb-b738-0c3e6d4731f3",
"userIdentityId" : "85e55394-3927-4c9d-a958-dc4f921e1c3e"
} ],
"active" : false,
"createdAt" : {
"nano" : 784583000,
"epochSecond" : 1674509628
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"name" : "First Last",
"type" : "UserIdentity"
}
Reset User Identity Mfa Settings
PUT /user-identities/{id}/reset-mfa
Calling this service will reset the user’s MFA settings. On their next login attempt, they will be required to setup their MFA settings again. This is useful if, for example, the user has replaced their phone and can no longer access their secondary authentication.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
The id of the user identity to reset. Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/5ed6a161-e0eb-4607-926f-7c6d38033386/reset-mfa' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVTGwxbUhmWEY0WXVOR1dSYjRKLWdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI4LCJleHAiOjE2NzQ1MTMyMjgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eNVEW8slwoRB-JAvdLsUCRX3RCBzPDgPBRsujFuBAjzMjJCd3-GXJtcW_JG3RUI5f7tZTa_QA_GNintzhlrWZNznbjV8q_jPrcczzdfD1M9XkBOgkAjurFAeKOAhyhvusaAZ2vvMZX98B7MOyN7-Pp9ENmAeIbHHN8MKal-ptMRtdsF5_Fhj8SgO2C6YWwOohCEoknUjOqKhOJTrxLUS1_CMji7hpF7Cd8wf29sC3JDUhINq3RTO2Cv_plabKVAPOMMizulwfQ2LxTU2KjCDnbfGwqWWi9fYkTEFc1SwCwGhTUo_byDQIE-MfeACcnm_WaK9oK2nZ63t6jgWjtT7bA'
Example response
HTTP/1.1 200 OK
Map Identity
POST /user-identities/{id}/mapping
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
auth0UserId |
String |
false |
Size must be between 1 and 128 inclusive. |
identityProviderId |
String |
false |
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/user-identities/42e6e2d6-a5ea-4847-b6b5-ec68cb0fea73/mapping' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJVTGwxbUhmWEY0WXVOR1dSYjRKLWdnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI4LCJleHAiOjE2NzQ1MTMyMjgsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.eNVEW8slwoRB-JAvdLsUCRX3RCBzPDgPBRsujFuBAjzMjJCd3-GXJtcW_JG3RUI5f7tZTa_QA_GNintzhlrWZNznbjV8q_jPrcczzdfD1M9XkBOgkAjurFAeKOAhyhvusaAZ2vvMZX98B7MOyN7-Pp9ENmAeIbHHN8MKal-ptMRtdsF5_Fhj8SgO2C6YWwOohCEoknUjOqKhOJTrxLUS1_CMji7hpF7Cd8wf29sC3JDUhINq3RTO2Cv_plabKVAPOMMizulwfQ2LxTU2KjCDnbfGwqWWi9fYkTEFc1SwCwGhTUo_byDQIE-MfeACcnm_WaK9oK2nZ63t6jgWjtT7bA' \
-d '{"auth0UserId":"new-auth0-userId:b9ba0564-3a21-4b93-82f5-0f4f5b31da4f","identityProviderId":"c9a54bfa-4cdf-4b8a-9b0b-37edc125b3b4"}'
Example response
HTTP/1.1 200 OK
Identity Session
Find Identity Sessions
GET /identity-sessions
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
organizationId |
Object |
true |
|
userIdentityId |
Object |
true |
|
active |
Boolean |
true |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
Id of this {@link IdentitySession}. |
userIdentityId |
String |
false |
The id of the {@link UserIdentity} who’s API activity this session tracks. |
idleSessionTimeoutSeconds |
Integer |
true |
The {@link SessionConfiguration#getIdleSessionTimeoutSeconds()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is no longer an active session. See {@link SessionConfiguration} documentation for the meaning of edge values like 0, -1, etc. Note, an identity can explicitly logout a session regardless of this configuration. |
autoLogoutIdleSession |
Boolean |
true |
The {@link SessionConfiguration#isAutoLogoutIdleSession()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is in a Logout state. As a result, as long as this is the current session (not active, but current), the client will not be able to make API requests using a token which was created before the logout at timestamp. Note, an identity can explicitly logout a session regardless of this configuration. |
firstApiRequestAt |
Object |
false |
The time at which the first API request that triggered the creation of this session occurred. This value never changes after session creation. |
lastApiRequestAt |
Object |
false |
The most recent API request time for requests associated to this session. This value is updated as this session is actively used. Once this session becomes non-active, this value is no longer changes. |
terminalState |
String |
true |
The terminal state of this session. This will be null if this snapshot of the session was read while the session’s logical state was Active or the session record has not been processed into its logical terminal state. Once set, this value is the immutable persistent state of this session. ie: the session will never have a different state after this is set. See {@link IdentitySession#getState()} to determine the logical state, regardless of whether this session has been processed. Must be one of [Active, IdleTimeout, Logout, Terminated]. |
terminatedAt |
Object |
true |
Initially null, and set only at the moment that this session was processed from an active state to a terminal state. This will never change once set. This may not precisely equal the session’s configured time to live. Sessions may be terminated early by administrative action, such as when a new session configuration should be applied. Also, server processing time may result in some amount of drift from the configured session time to live. It is possible to read a session instance during this time, when it is logically terminated but has yet to be processed as such. |
terminatedBy |
String |
true |
Only set if the session is in a terminal state; this will hold the identity id that initiated the state transition. In case of auto-logout, this will be set to an internal service identifier which detected the sessions idle state and enforced the configured auto logout configuration. In cases of a user explicitly logging out or an administrator forcing a logout of another user, this will contain that identity id that made the logout request. This is set as part of processing the termination of the session, which can lag behind the logical point in time when the session was terminated. |
asOf |
Object |
false |
An ephemeral computed property; the point in time that this snapshot of the IdentitySession was read. |
state |
String |
true |
The logical state of this IdentitySession as of the point in time that it was read from the session persistent store. This will always reflect the logical state, regardless of whether this session has been processed or not. For example, if this session exceeded its idle TTL 3 seconds before reading it but the system had not yet processed it into its final terminated state … this computed property will still return the state as IdleTimeout even though the terminalState property is still null. |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-sessions' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmWlplVmFUeTZNcnl3bFVwSnlQOVlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc0LCJleHAiOjE2NzQ1MTMyNzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Kb7MJUxVKhQTDrvEBLqArPvt9uexcYGeAIkFuPDPprP9q4WjGIVMXWGBnG7NFRB7B-aniz8u34o-fFpyW7iC9CSphG9vb4owzvs-afygpIGRVp1UjbbuDHyBjX48zIPueSsqSGAnqiAStx954Exs6rKfVdDh-yQoQHsfiQComteYvt-G_8scwLkqElnNACD0K_pAGl6UuF8H5uW3qkthwjrrdCz7Yuswrl9xMjjUJkl374anad2LWS750GX2voTBzldFwnUosqzohCcVC6c3sRNeaF2cXwiQD7yh4TX_wkImrjRhJVFRXtE4dH9Ods5Eheysp9OOpibiOpY6kxe4rg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1772
[ {
"id" : "28691a63-a526-4209-b26a-4e8cd5a5650d",
"userIdentityId" : "6348485a-7aa3-4b88-b9f0-93cd31caef4a",
"idleSessionTimeoutSeconds" : 321,
"autoLogoutIdleSession" : true,
"firstApiRequestAt" : {
"nano" : 790410000,
"epochSecond" : 1674509674
},
"lastApiRequestAt" : {
"nano" : 790410000,
"epochSecond" : 1674509674
},
"terminalState" : "Logout",
"terminatedAt" : {
"nano" : 915939000,
"epochSecond" : 1674509674
},
"terminatedBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"asOf" : {
"nano" : 138494000,
"epochSecond" : 1674509675
},
"state" : "Logout"
}, {
"id" : "57c6c0e1-e355-4f36-beed-134ccaa60433",
"userIdentityId" : "47c8ab0e-8083-422d-9bf1-50815be9ad79",
"idleSessionTimeoutSeconds" : 300,
"autoLogoutIdleSession" : false,
"firstApiRequestAt" : {
"nano" : 841621000,
"epochSecond" : 1674509620
},
"lastApiRequestAt" : {
"nano" : 841621000,
"epochSecond" : 1674509620
},
"terminalState" : null,
"terminatedAt" : null,
"terminatedBy" : null,
"asOf" : {
"nano" : 138494000,
"epochSecond" : 1674509675
},
"state" : "Active"
}, {
"id" : "6360b796-3457-4750-8970-7d4a70a367e4",
"userIdentityId" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"idleSessionTimeoutSeconds" : 321,
"autoLogoutIdleSession" : true,
"firstApiRequestAt" : {
"nano" : 734278000,
"epochSecond" : 1674509674
},
"lastApiRequestAt" : {
"nano" : 940680000,
"epochSecond" : 1674509674
},
"terminalState" : "Logout",
"terminatedAt" : {
"nano" : 945954000,
"epochSecond" : 1674509674
},
"terminatedBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"asOf" : {
"nano" : 138494000,
"epochSecond" : 1674509675
},
"state" : "Logout"
} ]
Get Identity Session
GET /identity-sessions/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
Id of this {@link IdentitySession}. |
userIdentityId |
String |
false |
The id of the {@link UserIdentity} who’s API activity this session tracks. |
idleSessionTimeoutSeconds |
Integer |
true |
The {@link SessionConfiguration#getIdleSessionTimeoutSeconds()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is no longer an active session. See {@link SessionConfiguration} documentation for the meaning of edge values like 0, -1, etc. Note, an identity can explicitly logout a session regardless of this configuration. |
autoLogoutIdleSession |
Boolean |
true |
The {@link SessionConfiguration#isAutoLogoutIdleSession()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is in a Logout state. As a result, as long as this is the current session (not active, but current), the client will not be able to make API requests using a token which was created before the logout at timestamp. Note, an identity can explicitly logout a session regardless of this configuration. |
firstApiRequestAt |
Object |
false |
The time at which the first API request that triggered the creation of this session occurred. This value never changes after session creation. |
lastApiRequestAt |
Object |
false |
The most recent API request time for requests associated to this session. This value is updated as this session is actively used. Once this session becomes non-active, this value is no longer changes. |
terminalState |
String |
true |
The terminal state of this session. This will be null if this snapshot of the session was read while the session’s logical state was Active or the session record has not been processed into its logical terminal state. Once set, this value is the immutable persistent state of this session. ie: the session will never have a different state after this is set. See {@link IdentitySession#getState()} to determine the logical state, regardless of whether this session has been processed. Must be one of [Active, IdleTimeout, Logout, Terminated]. |
terminatedAt |
Object |
true |
Initially null, and set only at the moment that this session was processed from an active state to a terminal state. This will never change once set. This may not precisely equal the session’s configured time to live. Sessions may be terminated early by administrative action, such as when a new session configuration should be applied. Also, server processing time may result in some amount of drift from the configured session time to live. It is possible to read a session instance during this time, when it is logically terminated but has yet to be processed as such. |
terminatedBy |
String |
true |
Only set if the session is in a terminal state; this will hold the identity id that initiated the state transition. In case of auto-logout, this will be set to an internal service identifier which detected the sessions idle state and enforced the configured auto logout configuration. In cases of a user explicitly logging out or an administrator forcing a logout of another user, this will contain that identity id that made the logout request. This is set as part of processing the termination of the session, which can lag behind the logical point in time when the session was terminated. |
asOf |
Object |
false |
An ephemeral computed property; the point in time that this snapshot of the IdentitySession was read. |
state |
String |
true |
The logical state of this IdentitySession as of the point in time that it was read from the session persistent store. This will always reflect the logical state, regardless of whether this session has been processed or not. For example, if this session exceeded its idle TTL 3 seconds before reading it but the system had not yet processed it into its final terminated state … this computed property will still return the state as IdleTimeout even though the terminalState property is still null. |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-sessions/aa42212e-5362-45ec-bb25-23f827fb51ed' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmWlplVmFUeTZNcnl3bFVwSnlQOVlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc0LCJleHAiOjE2NzQ1MTMyNzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Kb7MJUxVKhQTDrvEBLqArPvt9uexcYGeAIkFuPDPprP9q4WjGIVMXWGBnG7NFRB7B-aniz8u34o-fFpyW7iC9CSphG9vb4owzvs-afygpIGRVp1UjbbuDHyBjX48zIPueSsqSGAnqiAStx954Exs6rKfVdDh-yQoQHsfiQComteYvt-G_8scwLkqElnNACD0K_pAGl6UuF8H5uW3qkthwjrrdCz7Yuswrl9xMjjUJkl374anad2LWS750GX2voTBzldFwnUosqzohCcVC6c3sRNeaF2cXwiQD7yh4TX_wkImrjRhJVFRXtE4dH9Ods5Eheysp9OOpibiOpY6kxe4rg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 525
{
"id" : "aa42212e-5362-45ec-bb25-23f827fb51ed",
"userIdentityId" : "70de8f4a-968f-4352-8569-1eabcb515957",
"idleSessionTimeoutSeconds" : 321,
"autoLogoutIdleSession" : true,
"firstApiRequestAt" : {
"nano" : 980123000,
"epochSecond" : 1674509674
},
"lastApiRequestAt" : {
"nano" : 980123000,
"epochSecond" : 1674509674
},
"terminalState" : null,
"terminatedAt" : null,
"terminatedBy" : null,
"asOf" : {
"nano" : 105115000,
"epochSecond" : 1674509675
},
"state" : "Active"
}
Get Identity Session
GET /identity-sessions/self
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
Id of this {@link IdentitySession}. |
userIdentityId |
String |
false |
The id of the {@link UserIdentity} who’s API activity this session tracks. |
idleSessionTimeoutSeconds |
Integer |
true |
The {@link SessionConfiguration#getIdleSessionTimeoutSeconds()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is no longer an active session. See {@link SessionConfiguration} documentation for the meaning of edge values like 0, -1, etc. Note, an identity can explicitly logout a session regardless of this configuration. |
autoLogoutIdleSession |
Boolean |
true |
The {@link SessionConfiguration#isAutoLogoutIdleSession()} value that was active at the time this session was created and the value that will be applied to the maintenance of this session. A session with a last API Request At time that is older than this idle session timeout is in a Logout state. As a result, as long as this is the current session (not active, but current), the client will not be able to make API requests using a token which was created before the logout at timestamp. Note, an identity can explicitly logout a session regardless of this configuration. |
firstApiRequestAt |
Object |
false |
The time at which the first API request that triggered the creation of this session occurred. This value never changes after session creation. |
lastApiRequestAt |
Object |
false |
The most recent API request time for requests associated to this session. This value is updated as this session is actively used. Once this session becomes non-active, this value is no longer changes. |
terminalState |
String |
true |
The terminal state of this session. This will be null if this snapshot of the session was read while the session’s logical state was Active or the session record has not been processed into its logical terminal state. Once set, this value is the immutable persistent state of this session. ie: the session will never have a different state after this is set. See {@link IdentitySession#getState()} to determine the logical state, regardless of whether this session has been processed. Must be one of [Active, IdleTimeout, Logout, Terminated]. |
terminatedAt |
Object |
true |
Initially null, and set only at the moment that this session was processed from an active state to a terminal state. This will never change once set. This may not precisely equal the session’s configured time to live. Sessions may be terminated early by administrative action, such as when a new session configuration should be applied. Also, server processing time may result in some amount of drift from the configured session time to live. It is possible to read a session instance during this time, when it is logically terminated but has yet to be processed as such. |
terminatedBy |
String |
true |
Only set if the session is in a terminal state; this will hold the identity id that initiated the state transition. In case of auto-logout, this will be set to an internal service identifier which detected the sessions idle state and enforced the configured auto logout configuration. In cases of a user explicitly logging out or an administrator forcing a logout of another user, this will contain that identity id that made the logout request. This is set as part of processing the termination of the session, which can lag behind the logical point in time when the session was terminated. |
asOf |
Object |
false |
An ephemeral computed property; the point in time that this snapshot of the IdentitySession was read. |
state |
String |
true |
The logical state of this IdentitySession as of the point in time that it was read from the session persistent store. This will always reflect the logical state, regardless of whether this session has been processed or not. For example, if this session exceeded its idle TTL 3 seconds before reading it but the system had not yet processed it into its final terminated state … this computed property will still return the state as IdleTimeout even though the terminalState property is still null. |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-sessions/self' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmWlplVmFUeTZNcnl3bFVwSnlQOVlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc0LCJleHAiOjE2NzQ1MTMyNzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Kb7MJUxVKhQTDrvEBLqArPvt9uexcYGeAIkFuPDPprP9q4WjGIVMXWGBnG7NFRB7B-aniz8u34o-fFpyW7iC9CSphG9vb4owzvs-afygpIGRVp1UjbbuDHyBjX48zIPueSsqSGAnqiAStx954Exs6rKfVdDh-yQoQHsfiQComteYvt-G_8scwLkqElnNACD0K_pAGl6UuF8H5uW3qkthwjrrdCz7Yuswrl9xMjjUJkl374anad2LWS750GX2voTBzldFwnUosqzohCcVC6c3sRNeaF2cXwiQD7yh4TX_wkImrjRhJVFRXtE4dH9Ods5Eheysp9OOpibiOpY6kxe4rg'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 525
{
"id" : "6360b796-3457-4750-8970-7d4a70a367e4",
"userIdentityId" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"idleSessionTimeoutSeconds" : 321,
"autoLogoutIdleSession" : true,
"firstApiRequestAt" : {
"nano" : 734278000,
"epochSecond" : 1674509674
},
"lastApiRequestAt" : {
"nano" : 734278000,
"epochSecond" : 1674509674
},
"terminalState" : null,
"terminatedAt" : null,
"terminatedBy" : null,
"asOf" : {
"nano" : 750468000,
"epochSecond" : 1674509674
},
"state" : "Active"
}
Logout
DELETE /identity-sessions
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
userIdentityId |
Object |
false |
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-sessions?userIdentityId=6348485a-7aa3-4b88-b9f0-93cd31caef4a' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmWlplVmFUeTZNcnl3bFVwSnlQOVlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc0LCJleHAiOjE2NzQ1MTMyNzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Kb7MJUxVKhQTDrvEBLqArPvt9uexcYGeAIkFuPDPprP9q4WjGIVMXWGBnG7NFRB7B-aniz8u34o-fFpyW7iC9CSphG9vb4owzvs-afygpIGRVp1UjbbuDHyBjX48zIPueSsqSGAnqiAStx954Exs6rKfVdDh-yQoQHsfiQComteYvt-G_8scwLkqElnNACD0K_pAGl6UuF8H5uW3qkthwjrrdCz7Yuswrl9xMjjUJkl374anad2LWS750GX2voTBzldFwnUosqzohCcVC6c3sRNeaF2cXwiQD7yh4TX_wkImrjRhJVFRXtE4dH9Ods5Eheysp9OOpibiOpY6kxe4rg'
Example response
HTTP/1.1 204 No Content
Logout
DELETE /identity-sessions/self
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-sessions/self' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJmWlplVmFUeTZNcnl3bFVwSnlQOVlnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc0LCJleHAiOjE2NzQ1MTMyNzQsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.Kb7MJUxVKhQTDrvEBLqArPvt9uexcYGeAIkFuPDPprP9q4WjGIVMXWGBnG7NFRB7B-aniz8u34o-fFpyW7iC9CSphG9vb4owzvs-afygpIGRVp1UjbbuDHyBjX48zIPueSsqSGAnqiAStx954Exs6rKfVdDh-yQoQHsfiQComteYvt-G_8scwLkqElnNACD0K_pAGl6UuF8H5uW3qkthwjrrdCz7Yuswrl9xMjjUJkl374anad2LWS750GX2voTBzldFwnUosqzohCcVC6c3sRNeaF2cXwiQD7yh4TX_wkImrjRhJVFRXtE4dH9Ods5Eheysp9OOpibiOpY6kxe4rg'
Example response
HTTP/1.1 204 No Content
Session Configuration
Find Session Configurations
GET /session-configurations
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
organizationId |
Object |
true |
|
identityProviderId |
Object |
true |
|
identityId |
Object |
true |
|
idleSessionTimeoutSecondsMinInclusive |
Integer |
true |
|
idleSessionTimeoutSecondsMaxExclusive |
Integer |
true |
|
autoLogoutIdleSession |
Boolean |
true |
|
includeDeleted |
Boolean |
true |
Default value: 'false'. |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
The id of this {@link SessionConfiguration}. |
organizationId |
String |
true |
The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids. |
identityProviderId |
String |
true |
The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids. |
identityId |
String |
true |
The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids. |
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. Must be at least -1. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. |
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1521
[ {
"id" : "2170c95b-8d00-4531-8e28-77ef4b58eba9",
"organizationId" : null,
"identityProviderId" : null,
"identityId" : null,
"idleSessionTimeoutSeconds" : 321,
"autoLogoutIdleSession" : true,
"createdBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"createdAt" : {
"nano" : 354446000,
"epochSecond" : 1674509673
},
"updatedAt" : {
"nano" : 354446000,
"epochSecond" : 1674509673
},
"deletedAt" : null,
"deletedBy" : null
}, {
"id" : "9b59ca07-f4f2-4582-aaf6-1288e4fdfab7",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"identityProviderId" : null,
"identityId" : "c8be520d-2efc-49db-8b3a-0c2a9b061d8a",
"idleSessionTimeoutSeconds" : 123,
"autoLogoutIdleSession" : true,
"createdBy" : "911fcae2-0d6d-4afe-921e-46e13babbba9",
"createdAt" : {
"nano" : 940508000,
"epochSecond" : 1674509672
},
"updatedAt" : {
"nano" : 940508000,
"epochSecond" : 1674509672
},
"deletedAt" : null,
"deletedBy" : null
}, {
"id" : "dea7dd85-4201-4ce4-add0-a3d9db635f3b",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"identityProviderId" : null,
"identityId" : "881b3be4-8076-4bdf-b76a-7dd740e2c986",
"idleSessionTimeoutSeconds" : 123,
"autoLogoutIdleSession" : true,
"createdBy" : "1cf63f1e-c8b2-469b-a4f2-7c3d2e2827d4",
"createdAt" : {
"nano" : 105694000,
"epochSecond" : 1674509673
},
"updatedAt" : {
"nano" : 105694000,
"epochSecond" : 1674509673
},
"deletedAt" : null,
"deletedBy" : null
} ]
Get Session Configuration
GET /session-configurations/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
The id of this {@link SessionConfiguration}. |
organizationId |
String |
true |
The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids. |
identityProviderId |
String |
true |
The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids. |
identityId |
String |
true |
The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids. |
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. Must be at least -1. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. |
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/9b59ca07-f4f2-4582-aaf6-1288e4fdfab7' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 527
{
"id" : "9b59ca07-f4f2-4582-aaf6-1288e4fdfab7",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"identityProviderId" : null,
"identityId" : "c8be520d-2efc-49db-8b3a-0c2a9b061d8a",
"idleSessionTimeoutSeconds" : 123,
"autoLogoutIdleSession" : true,
"createdBy" : "911fcae2-0d6d-4afe-921e-46e13babbba9",
"createdAt" : {
"nano" : 940508000,
"epochSecond" : 1674509672
},
"updatedAt" : {
"nano" : 940508000,
"epochSecond" : 1674509672
},
"deletedAt" : null,
"deletedBy" : null
}
Get Default For Platform
GET /session-configurations/default-platform
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
The id of this {@link SessionConfiguration}. |
organizationId |
String |
true |
The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids. |
identityProviderId |
String |
true |
The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids. |
identityId |
String |
true |
The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids. |
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. Must be at least -1. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. |
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-platform' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 459
{
"id" : "2170c95b-8d00-4531-8e28-77ef4b58eba9",
"organizationId" : null,
"identityProviderId" : null,
"identityId" : null,
"idleSessionTimeoutSeconds" : 321,
"autoLogoutIdleSession" : true,
"createdBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"createdAt" : {
"nano" : 354446000,
"epochSecond" : 1674509673
},
"updatedAt" : {
"nano" : 354446000,
"epochSecond" : 1674509673
},
"deletedAt" : null,
"deletedBy" : null
}
Get Default For Organization
GET /session-configurations/default-organization/{organizationId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
organizationId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
The id of this {@link SessionConfiguration}. |
organizationId |
String |
true |
The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids. |
identityProviderId |
String |
true |
The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids. |
identityId |
String |
true |
The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids. |
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. Must be at least -1. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. |
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-organization/fcf5c4e0-d26e-4901-a9b7-5dc7ef79d815' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 493
{
"id" : "7164d63b-316b-4a2f-a3ec-3c5757adcfc3",
"organizationId" : "fcf5c4e0-d26e-4901-a9b7-5dc7ef79d815",
"identityProviderId" : null,
"identityId" : null,
"idleSessionTimeoutSeconds" : 100,
"autoLogoutIdleSession" : true,
"createdBy" : "c144df4b-c577-4b34-b27e-3179bfec7b5e",
"createdAt" : {
"nano" : 251584000,
"epochSecond" : 1674509674
},
"updatedAt" : {
"nano" : 251584000,
"epochSecond" : 1674509674
},
"deletedAt" : null,
"deletedBy" : null
}
Get Default For Identity Provider
GET /session-configurations/default-identity-provider/{identityProviderId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
identityProviderId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
The id of this {@link SessionConfiguration}. |
organizationId |
String |
true |
The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids. |
identityProviderId |
String |
true |
The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids. |
identityId |
String |
true |
The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids. |
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. Must be at least -1. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. |
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity-provider/aba30f04-be3a-4514-8c06-8ba3d098fc88' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 527
{
"id" : "1554bf1f-ff62-4e0b-8df3-ec9fe31a4fbc",
"organizationId" : "d4c58438-9eac-45fb-a0a3-639f6b639941",
"identityProviderId" : "aba30f04-be3a-4514-8c06-8ba3d098fc88",
"identityId" : null,
"idleSessionTimeoutSeconds" : 200,
"autoLogoutIdleSession" : true,
"createdBy" : "4bdea2b1-5aa9-4fe1-9165-2517697ee918",
"createdAt" : {
"nano" : 581734000,
"epochSecond" : 1674509673
},
"updatedAt" : {
"nano" : 581734000,
"epochSecond" : 1674509673
},
"deletedAt" : null,
"deletedBy" : null
}
Get Default For Identity
GET /session-configurations/default-identity/{identityId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
The id of this {@link SessionConfiguration}. |
organizationId |
String |
true |
The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids. |
identityProviderId |
String |
true |
The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids. |
identityId |
String |
true |
The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids. |
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. Must be at least -1. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. |
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity/881b3be4-8076-4bdf-b76a-7dd740e2c986' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 527
{
"id" : "dea7dd85-4201-4ce4-add0-a3d9db635f3b",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"identityProviderId" : null,
"identityId" : "881b3be4-8076-4bdf-b76a-7dd740e2c986",
"idleSessionTimeoutSeconds" : 123,
"autoLogoutIdleSession" : true,
"createdBy" : "1cf63f1e-c8b2-469b-a4f2-7c3d2e2827d4",
"createdAt" : {
"nano" : 105694000,
"epochSecond" : 1674509673
},
"updatedAt" : {
"nano" : 105694000,
"epochSecond" : 1674509673
},
"deletedAt" : null,
"deletedBy" : null
}
Set Default For Platform
POST /session-configurations/default-platform
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. io.netfoundry.common.util.validation.ValidAs. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. io.netfoundry.common.util.validation.ValidAs. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
The id of this {@link SessionConfiguration}. |
organizationId |
String |
true |
The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids. |
identityProviderId |
String |
true |
The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids. |
identityId |
String |
true |
The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids. |
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. Must be at least -1. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. |
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-platform' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A' \
-d '{"idleSessionTimeoutSeconds":321,"autoLogoutIdleSession":true}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 459
{
"id" : "2170c95b-8d00-4531-8e28-77ef4b58eba9",
"organizationId" : null,
"identityProviderId" : null,
"identityId" : null,
"idleSessionTimeoutSeconds" : 321,
"autoLogoutIdleSession" : true,
"createdBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"createdAt" : {
"nano" : 354446000,
"epochSecond" : 1674509673
},
"updatedAt" : {
"nano" : 354446000,
"epochSecond" : 1674509673
},
"deletedAt" : null,
"deletedBy" : null
}
Set Default For Organization
POST /session-configurations/default-organization/{organizationId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
organizationId |
Object |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. io.netfoundry.common.util.validation.ValidAs. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. io.netfoundry.common.util.validation.ValidAs. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
The id of this {@link SessionConfiguration}. |
organizationId |
String |
true |
The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids. |
identityProviderId |
String |
true |
The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids. |
identityId |
String |
true |
The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids. |
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. Must be at least -1. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. |
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-organization/12efebc9-be01-46a5-ab59-4d25a6bec353' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A' \
-d '{"idleSessionTimeoutSeconds":321,"autoLogoutIdleSession":true}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 493
{
"id" : "1bdeb423-1c2e-423d-a6dc-7b31d5202a9c",
"organizationId" : "12efebc9-be01-46a5-ab59-4d25a6bec353",
"identityProviderId" : null,
"identityId" : null,
"idleSessionTimeoutSeconds" : 321,
"autoLogoutIdleSession" : true,
"createdBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"createdAt" : {
"nano" : 534402000,
"epochSecond" : 1674509674
},
"updatedAt" : {
"nano" : 534402000,
"epochSecond" : 1674509674
},
"deletedAt" : null,
"deletedBy" : null
}
Set Default For Identity Provider
POST /session-configurations/default-identity-provider/{identityProviderId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
identityProviderId |
Object |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. io.netfoundry.common.util.validation.ValidAs. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. io.netfoundry.common.util.validation.ValidAs. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
The id of this {@link SessionConfiguration}. |
organizationId |
String |
true |
The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids. |
identityProviderId |
String |
true |
The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids. |
identityId |
String |
true |
The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids. |
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. Must be at least -1. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. |
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity-provider/b8e2a10a-ea4a-495e-af99-c863b5091a4a' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A' \
-d '{"idleSessionTimeoutSeconds":321,"autoLogoutIdleSession":true}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 527
{
"id" : "38c28e9d-b684-4556-b9fc-a3c6520bd8fa",
"organizationId" : "4b957802-e5b8-4c14-9639-93b9c8946fb4",
"identityProviderId" : "b8e2a10a-ea4a-495e-af99-c863b5091a4a",
"identityId" : null,
"idleSessionTimeoutSeconds" : 321,
"autoLogoutIdleSession" : true,
"createdBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"createdAt" : {
"nano" : 531502000,
"epochSecond" : 1674509673
},
"updatedAt" : {
"nano" : 531502000,
"epochSecond" : 1674509673
},
"deletedAt" : null,
"deletedBy" : null
}
Set Default For Identity
POST /session-configurations/default-identity/{identityId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. io.netfoundry.common.util.validation.ValidAs. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. io.netfoundry.common.util.validation.ValidAs. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
The id of this {@link SessionConfiguration}. |
organizationId |
String |
true |
The {@link Organization} id that this {@link SessionConfiguration} applies to. This should be set for all configurations other than the platform default configuration. Selection of a configuration is based on the most specific match between this property and the properties for the {@link IdentityProvider} and {@link Identity} ids. |
identityProviderId |
String |
true |
The {@link IdentityProvider} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to identities within a specific IdentityProvider. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link Identity} ids. |
identityId |
String |
true |
The {@link UserIdentity} id that this {@link SessionConfiguration} applies to. This is set when the configuration applies to a specific {@link UserIdentity}. This is often null, as most configurations occur at the {@link Organization} level. Selection of a configuration is based on the most specific match between this property and the properties for the {@link Organization} and {@link IdentityProvider} ids. |
idleSessionTimeoutSeconds |
Integer |
true |
The maximum number of seconds between API requests after which the next request will result in a new session being created. A value of -1 will result in a non-expiring session. A value of 0 will result in an instantly expiring session. All values > 0 will result in sessions that can timeout due to inactivity. See the auto-logout property for additional effects at session timeout. Must be at least -1. |
autoLogoutIdleSession |
Boolean |
true |
When true, a session that becomes idle (see idle session timeout) will automatically be logged out. A logged out session will result in the rejection of future requests which use a token that was created prior to this session’s logout time. |
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
|
deletedBy |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity/89f90220-7c12-4433-b48c-7a8f44f72edf' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A' \
-d '{"idleSessionTimeoutSeconds":321,"autoLogoutIdleSession":true}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 525
{
"id" : "2d8090e6-a4d1-4cdc-9b4d-e0f1e57714b0",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"identityProviderId" : "89f90220-7c12-4433-b48c-7a8f44f72edf",
"identityId" : null,
"idleSessionTimeoutSeconds" : 321,
"autoLogoutIdleSession" : true,
"createdBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"createdAt" : {
"nano" : 51302000,
"epochSecond" : 1674509674
},
"updatedAt" : {
"nano" : 51302000,
"epochSecond" : 1674509674
},
"deletedAt" : null,
"deletedBy" : null
}
Delete Default For Organization
DELETE /session-configurations/default-organization/{organizationId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
organizationId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-organization/b0b10856-f257-4122-9ba0-6fd84cea951a' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A'
Example response
HTTP/1.1 204 No Content
Delete Default For Identity Provider
DELETE /session-configurations/default-identity-provider/{identityProviderId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
identityProviderId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity-provider/8e7a358b-4321-4a70-a4a7-2d5b62e4a4fc' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A'
Example response
HTTP/1.1 204 No Content
Delete Default For Identity
DELETE /session-configurations/default-identity/{identityId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
identityId |
Object |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/session-configurations/default-identity/142e409b-4e18-4800-8791-34151d707bfa' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJpeThaZzZtR3NPOENJbEJNYjlwUUpnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjcyLCJleHAiOjE2NzQ1MTMyNzIsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.LCkyylI1z0ev4nnN7gD_4FLY1E9NI6pTAKK43aGOHcf4J9w29qzzmIDO1KtblE9CpMDzQjs5PHuNuqyfIQryndCbKseTDQwAPYufFmpgD9VNvJBrAa8EADU5o_kLc20a1gNfdOv3I7C-u7_GrxAHhEVKCycmxZSG7dqSHEWQZE8FvWz05KBASNMzZ7InVCKL9KZWqK3jU2Sm72pPQJcqpGs6Kx3ZrdtsRDDXHwOW41KszAzHCAQcNpUlepWX11p7T1uGHHKIOgTHjmnwzH-1roqTs6sqi1E1OJIUsKlLShNSaK25XZqi70DlZjA04f0CSiAbhgV1ICnAyWn6EQHM1A'
Example response
HTTP/1.1 204 No Content
API Account Identity
Find Api Account Identities
GET /api-account-identities
Returns a set of {@link ApiAccountIdentity}s that are visible to the requesting client and optionally filtered based on the submitted request parameters.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
tenantId |
Object |
true |
Deprecated.. |
organizationId |
Object |
true |
Restricts results to Identities in the specified Organization (by Organization’s id.). |
name |
String |
true |
|
contactEmail |
String |
true |
|
active |
Boolean |
true |
Restricts results to Identities with a matching active status. |
includeDeleted |
Boolean |
true |
Default value: 'false'. |
provider |
String |
true |
Must be one of [Auth0, Cognito]. |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
auth0ClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
awsCognitoClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
authenticationUrl |
String |
false |
The OAuth2 url where a client credentials grant flow should be performed. Size must be between 16 and 128 inclusive. |
name |
String |
true |
io.netfoundry.common.util.validation.BasicPattern. |
contactEmail |
String |
false |
Must be a well-formed email address. |
description |
String |
false |
Size must be between 0 and 2048 inclusive. |
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
String |
true |
||
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJLNzhjUUR1OGd0ek1YMlZ0c1BnbmVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI5LCJleHAiOjE2NzQ1MTMyMjksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.giKZUQtY1i5pvf7UlVhb1ukO93zqOdj2U0zu9F8vSrQLNPaIitza35qOouR1cPBUONmz7efSz2TtWjDbE0tGYDhdW1KVgNoqwOnktvs-bUVTH3oGWHhjba72-QfOmc0xbDAWJk1iOHJF7jlXJG6ZjELOXtGN4PGAV6NuWrM_bRcEzc9wutUyEfiuurTraJMuXvDqlyKx7u1B8dHXdNRLi8im4E4kFW7sq88BldPfcmNGkRW-4WYY5XKJb665Ip-zGx5b9-P1K2oc-82GT4juHIKhYCvnI3Ux7LTAO-8r5s15061Kpxkqnt_oUiWbLwD6pL5tKE_5cvNxNz9lX5WhmQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2006
[ {
"id" : "007cdc98-48b9-44ae-b6c2-a3965e331207",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ClientId" : null,
"awsCognitoClientId" : "e0fea481-ecba-44be-9bab-6e5d5062341a|vavxevvw",
"authenticationUrl" : "https://netfoundry-test-axedxy.auth.us-east-1.amazoncognito.com/oauth2/token",
"name" : "Testing Limits",
"contactEmail" : "a@acme.com",
"description" : "description",
"active" : true,
"createdAt" : {
"nano" : 759003000,
"epochSecond" : 1674509653
},
"updatedAt" : null,
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"email" : "a@acme.com",
"type" : "ApiAccountIdentity"
}, {
"id" : "0144c141-0018-4b5b-9edb-41727b37b103",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ClientId" : null,
"awsCognitoClientId" : "dbd38e34-16c3-4526-b4c1-aebaf58a6e19|pgotdfdi",
"authenticationUrl" : "https://netfoundry-test-prykns.auth.us-east-1.amazoncognito.com/oauth2/token",
"name" : "Testing Limits",
"contactEmail" : "a@acme.com",
"description" : "description",
"active" : true,
"createdAt" : {
"nano" : 884848000,
"epochSecond" : 1674509646
},
"updatedAt" : null,
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"email" : "a@acme.com",
"type" : "ApiAccountIdentity"
}, {
"id" : "0779dab9-626f-46d4-969d-104d50cf5bd2",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ClientId" : null,
"awsCognitoClientId" : "f07fc14b-3a93-4806-9c91-7cdb5e27b65e|canbolby",
"authenticationUrl" : "https://netfoundry-test-hmuhvu.auth.us-east-1.amazoncognito.com/oauth2/token",
"name" : "Testing Limits",
"contactEmail" : "a@acme.com",
"description" : "description",
"active" : true,
"createdAt" : {
"nano" : 804571000,
"epochSecond" : 1674509636
},
"updatedAt" : null,
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"email" : "a@acme.com",
"type" : "ApiAccountIdentity"
} ]
Get Api Account Identity
GET /api-account-identities/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Get an API Account Identity by its id.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
The id of the desired Identity. Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
auth0ClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
awsCognitoClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
authenticationUrl |
String |
false |
The OAuth2 url where a client credentials grant flow should be performed. Size must be between 16 and 128 inclusive. |
name |
String |
true |
io.netfoundry.common.util.validation.BasicPattern. |
contactEmail |
String |
false |
Must be a well-formed email address. |
description |
String |
false |
Size must be between 0 and 2048 inclusive. |
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
String |
true |
||
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/bb878237-aaaf-4011-9738-6b4b705b9dca' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJLNzhjUUR1OGd0ek1YMlZ0c1BnbmVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI5LCJleHAiOjE2NzQ1MTMyMjksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.giKZUQtY1i5pvf7UlVhb1ukO93zqOdj2U0zu9F8vSrQLNPaIitza35qOouR1cPBUONmz7efSz2TtWjDbE0tGYDhdW1KVgNoqwOnktvs-bUVTH3oGWHhjba72-QfOmc0xbDAWJk1iOHJF7jlXJG6ZjELOXtGN4PGAV6NuWrM_bRcEzc9wutUyEfiuurTraJMuXvDqlyKx7u1B8dHXdNRLi8im4E4kFW7sq88BldPfcmNGkRW-4WYY5XKJb665Ip-zGx5b9-P1K2oc-82GT4juHIKhYCvnI3Ux7LTAO-8r5s15061Kpxkqnt_oUiWbLwD6pL5tKE_5cvNxNz9lX5WhmQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 718
{
"id" : "bb878237-aaaf-4011-9738-6b4b705b9dca",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ClientId" : "06926f48-f9dc-482e-a68b-ab58c7e4b53c",
"awsCognitoClientId" : null,
"authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
"name" : "api-account",
"contactEmail" : "no-reply@acme.com",
"description" : "This is an ACME non-interactive API client.",
"active" : true,
"createdAt" : {
"nano" : 668491000,
"epochSecond" : 1674509619
},
"updatedAt" : {
"nano" : 394293000,
"epochSecond" : 1674509630
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"email" : "no-reply@acme.com",
"type" : "ApiAccountIdentity"
}
Get Api Account Identity By Mapping
GET /api-account-identities/mapping/{clientId}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
clientId |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
auth0ClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
awsCognitoClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
authenticationUrl |
String |
false |
The OAuth2 url where a client credentials grant flow should be performed. Size must be between 16 and 128 inclusive. |
name |
String |
true |
io.netfoundry.common.util.validation.BasicPattern. |
contactEmail |
String |
false |
Must be a well-formed email address. |
description |
String |
false |
Size must be between 0 and 2048 inclusive. |
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
String |
true |
||
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/mapping/c9a6283d-6226-4f5a-b6f5-71cb39167a2d' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJLNzhjUUR1OGd0ek1YMlZ0c1BnbmVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI5LCJleHAiOjE2NzQ1MTMyMjksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.giKZUQtY1i5pvf7UlVhb1ukO93zqOdj2U0zu9F8vSrQLNPaIitza35qOouR1cPBUONmz7efSz2TtWjDbE0tGYDhdW1KVgNoqwOnktvs-bUVTH3oGWHhjba72-QfOmc0xbDAWJk1iOHJF7jlXJG6ZjELOXtGN4PGAV6NuWrM_bRcEzc9wutUyEfiuurTraJMuXvDqlyKx7u1B8dHXdNRLi8im4E4kFW7sq88BldPfcmNGkRW-4WYY5XKJb665Ip-zGx5b9-P1K2oc-82GT4juHIKhYCvnI3Ux7LTAO-8r5s15061Kpxkqnt_oUiWbLwD6pL5tKE_5cvNxNz9lX5WhmQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 688
{
"id" : "5962d801-9e86-49ee-b2ae-6ac417c98278",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ClientId" : "c9a6283d-6226-4f5a-b6f5-71cb39167a2d",
"awsCognitoClientId" : null,
"authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
"name" : "ACME Internal Service-149",
"contactEmail" : "service.admin-150@acme.com",
"description" : "updatable API Account description-151",
"active" : true,
"createdAt" : {
"nano" : 629021000,
"epochSecond" : 1674509672
},
"updatedAt" : null,
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"email" : "service.admin-150@acme.com",
"type" : "ApiAccountIdentity"
}
Create Api Account Identity
POST /api-account-identities
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
The id of the Organization within which this API Account should be created. Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
name |
String |
true |
The user friendly name to assign to the API Account Identity. This value is for ease of administration. |
contactEmail |
String |
true |
An arbitrary email address to associate to the API Account Identity. This value is mainly for administrative purposes, to provide a point of contact for someone that presumably is knowledgeable about the usage of this API Account Identity. |
description |
String |
true |
A free form description. |
grantDefaultRoles |
Boolean |
true |
Optional flag that when true will result in the API Account Identity being granted the 'default' roles (Organization and Network Group Admin, at this time.) When false, no authorization, roles or otherwise, will be configured, and it is assumed that the caller has permission to manage permissions of this API Account Identity after the fact. This defaults to true if not specified in the request. |
provider |
String |
true |
The authorization provider that should be used. Either Auth0 or Cognito. Auth0 is deprecated, and Cognito should be used moving forward. Support for Auth0 will be dropped at a future point in time. Must be one of [Auth0, Cognito]. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
apiAccountIdentity |
Object |
true |
|
apiAccountIdentity.id |
String |
false |
|
apiAccountIdentity.organizationId |
String |
false |
|
apiAccountIdentity.auth0ClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
apiAccountIdentity.awsCognitoClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
apiAccountIdentity.authenticationUrl |
String |
false |
The OAuth2 url where a client credentials grant flow should be performed. Size must be between 16 and 128 inclusive. |
apiAccountIdentity.name |
String |
true |
io.netfoundry.common.util.validation.BasicPattern. |
apiAccountIdentity.contactEmail |
String |
false |
Must be a well-formed email address. |
apiAccountIdentity.description |
String |
false |
Size must be between 0 and 2048 inclusive. |
apiAccountIdentity.active |
Boolean |
true |
|
apiAccountIdentity.createdAt |
Object |
false |
|
apiAccountIdentity.updatedAt |
Object |
false |
|
apiAccountIdentity.deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
apiAccountIdentity.tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
apiAccountIdentity.email |
String |
true |
|
apiAccountIdentity.type |
String |
true |
|
clientId |
String |
true |
The OAuth2 client id which must be passed to the OAuth2 provider at the specified authenticationUrl. |
password |
String |
true |
The OAuth2 client secret which must be passed to the OAuth2 provider at the specified authenticationUrl. |
authenticationUrl |
String |
true |
The url where the created client should authenticate, using a standard OAuth2 Client Credentials Grant Flow. |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJLNzhjUUR1OGd0ek1YMlZ0c1BnbmVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI5LCJleHAiOjE2NzQ1MTMyMjksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.giKZUQtY1i5pvf7UlVhb1ukO93zqOdj2U0zu9F8vSrQLNPaIitza35qOouR1cPBUONmz7efSz2TtWjDbE0tGYDhdW1KVgNoqwOnktvs-bUVTH3oGWHhjba72-QfOmc0xbDAWJk1iOHJF7jlXJG6ZjELOXtGN4PGAV6NuWrM_bRcEzc9wutUyEfiuurTraJMuXvDqlyKx7u1B8dHXdNRLi8im4E4kFW7sq88BldPfcmNGkRW-4WYY5XKJb665Ip-zGx5b9-P1K2oc-82GT4juHIKhYCvnI3Ux7LTAO-8r5s15061Kpxkqnt_oUiWbLwD6pL5tKE_5cvNxNz9lX5WhmQ' \
-d '{"organizationId":"b0b10856-f257-4122-9ba0-6fd84cea951a","name":"HR Bridge Service","contactEmail":"hr.director@acme.com","description":"description goes here","grantDefaultRoles":true,"provider":"Cognito"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 940
{
"apiAccountIdentity" : {
"id" : "a49358fe-bfae-446f-93f0-f98adeaec504",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ClientId" : null,
"awsCognitoClientId" : "efc5bb48-b62c-485e-9d4a-e40db8084234|eyyijcmk",
"authenticationUrl" : "https://netfoundry-test-jqmlpj.auth.us-east-1.amazoncognito.com/oauth2/token",
"name" : "HR Bridge Service",
"contactEmail" : "hr.director@acme.com",
"description" : "description goes here",
"active" : true,
"createdAt" : {
"nano" : 930073000,
"epochSecond" : 1674509631
},
"updatedAt" : null,
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"email" : "hr.director@acme.com",
"type" : "ApiAccountIdentity"
},
"clientId" : "eyyijcmk",
"password" : "wggbonucaenjsiqgsqtxqxfw",
"authenticationUrl" : "https://netfoundry-test-jqmlpj.auth.us-east-1.amazoncognito.com/oauth2/token"
}
Update Identity Info
PUT /api-account-identities/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
|
contactEmail |
String |
true |
|
description |
String |
true |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
auth0ClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
awsCognitoClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
authenticationUrl |
String |
false |
The OAuth2 url where a client credentials grant flow should be performed. Size must be between 16 and 128 inclusive. |
name |
String |
true |
io.netfoundry.common.util.validation.BasicPattern. |
contactEmail |
String |
false |
Must be a well-formed email address. |
description |
String |
false |
Size must be between 0 and 2048 inclusive. |
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
String |
true |
||
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/3b134f92-bf13-4ee8-ba01-68d158e3cb26' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJLNzhjUUR1OGd0ek1YMlZ0c1BnbmVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI5LCJleHAiOjE2NzQ1MTMyMjksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.giKZUQtY1i5pvf7UlVhb1ukO93zqOdj2U0zu9F8vSrQLNPaIitza35qOouR1cPBUONmz7efSz2TtWjDbE0tGYDhdW1KVgNoqwOnktvs-bUVTH3oGWHhjba72-QfOmc0xbDAWJk1iOHJF7jlXJG6ZjELOXtGN4PGAV6NuWrM_bRcEzc9wutUyEfiuurTraJMuXvDqlyKx7u1B8dHXdNRLi8im4E4kFW7sq88BldPfcmNGkRW-4WYY5XKJb665Ip-zGx5b9-P1K2oc-82GT4juHIKhYCvnI3Ux7LTAO-8r5s15061Kpxkqnt_oUiWbLwD6pL5tKE_5cvNxNz9lX5WhmQ' \
-d '{"name":"Robot","contactEmail":"robot@acme.com","description":"description here."}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 679
{
"id" : "3b134f92-bf13-4ee8-ba01-68d158e3cb26",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ClientId" : "c9cd8e36-ce2d-4b40-ae0c-50a3a478b913",
"awsCognitoClientId" : null,
"authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
"name" : "Robot",
"contactEmail" : "robot@acme.com",
"description" : "description here.",
"active" : true,
"createdAt" : {
"nano" : 918388000,
"epochSecond" : 1674509629
},
"updatedAt" : {
"nano" : 40501000,
"epochSecond" : 1674509630
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"email" : "robot@acme.com",
"type" : "ApiAccountIdentity"
}
Activate Or Deactivate Api Account Identity
PUT /api-account-identities/{id}/{action:activate|deactivate}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
action |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
auth0ClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
awsCognitoClientId |
String |
true |
Size must be between 16 and 128 inclusive. |
authenticationUrl |
String |
false |
The OAuth2 url where a client credentials grant flow should be performed. Size must be between 16 and 128 inclusive. |
name |
String |
true |
io.netfoundry.common.util.validation.BasicPattern. |
contactEmail |
String |
false |
Must be a well-formed email address. |
description |
String |
false |
Size must be between 0 and 2048 inclusive. |
active |
Boolean |
true |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedAt |
Object |
true |
Returns the date that the identity was deleted or null if the identity has not been deleted. Note, identities are marked as deleted and not returned from searches unless explicitly requested. |
tenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getOrganizationId(). Returns the id of the {@link Organization} that this identity is a member of. |
String |
true |
||
type |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/api-account-identities/66bd51c2-4a40-4c61-859d-046e4c3fd19d/deactivate' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJLNzhjUUR1OGd0ek1YMlZ0c1BnbmVBIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI5LCJleHAiOjE2NzQ1MTMyMjksInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.giKZUQtY1i5pvf7UlVhb1ukO93zqOdj2U0zu9F8vSrQLNPaIitza35qOouR1cPBUONmz7efSz2TtWjDbE0tGYDhdW1KVgNoqwOnktvs-bUVTH3oGWHhjba72-QfOmc0xbDAWJk1iOHJF7jlXJG6ZjELOXtGN4PGAV6NuWrM_bRcEzc9wutUyEfiuurTraJMuXvDqlyKx7u1B8dHXdNRLi8im4E4kFW7sq88BldPfcmNGkRW-4WYY5XKJb665Ip-zGx5b9-P1K2oc-82GT4juHIKhYCvnI3Ux7LTAO-8r5s15061Kpxkqnt_oUiWbLwD6pL5tKE_5cvNxNz9lX5WhmQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 745
{
"id" : "66bd51c2-4a40-4c61-859d-046e4c3fd19d",
"organizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"auth0ClientId" : "fdf0b618-e850-42f0-8c38-dfc1e02cdd35",
"awsCognitoClientId" : null,
"authenticationUrl" : "http://127.0.0.1:1234/IdP/OAuth2/login",
"name" : "ACME Internal Service-143",
"contactEmail" : "service.admin-144@acme.com",
"description" : "updatable API Account description-145",
"active" : false,
"createdAt" : {
"nano" : 311564000,
"epochSecond" : 1674509672
},
"updatedAt" : {
"nano" : 454440000,
"epochSecond" : 1674509672
},
"deletedAt" : null,
"tenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"email" : "service.admin-144@acme.com",
"type" : "ApiAccountIdentity"
}
Invitation
Find Invitations
GET /invitations
Returns a set of Invitation instances based on the optional query parameters. The results will be constrained to the invitations that the client has authorization to view. Results may be further constrained by the setting any combination of query parameter values, which will logically AND’d together to form a filter for matching invitations. The states query parameter, unlike others, supports multiple values. For example, to retrieve a list of active invitations, specify states=Open,Declined,Expired.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Parameter | Type | Optional | Description |
---|---|---|---|
fromIdentityId |
Object |
true |
The id of the identity that created the target invitation(s). |
toTenantId |
Object |
true |
Deprecated.. |
toOrganizationId |
Object |
true |
The id of the organization that the resulting invitations are inviting into. |
invitedEmailAddress |
String |
true |
A full (no partial match support) email address to match against. |
targetIdentityId |
Object |
true |
The id of the identity that the invitation will/has assumed. |
states |
Object |
true |
One or more {@link State} names to restrict the invitations returned. Must be one of [Open, Accepted, Declined, Expired, Revoked]. |
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
fromIdentityId |
String |
false |
|
toOrganizationId |
String |
false |
|
invitedEmailAddress |
String |
false |
Must be a well-formed email address. |
expiration |
Object |
false |
|
targetUserIdentityId |
String |
true |
Optional. The identity id that the invited party will be mapped to should they accept the invite. |
accepted |
Boolean |
true |
|
revokedAt |
Object |
true |
The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken. |
responseReceivedAt |
Object |
true |
The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation. |
toTenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId(). Returns the id of the {@link Organization} that the recipient is being invited to join. |
state |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJEd0NCV1ZWcFFGa3ljYzhHZ21IYTJnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc2LCJleHAiOjE2NzQ1MTMyNzYsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCI5NTBiZDRjZS1lNDMyLTQyNzAtOWY2ZS0zZDk1OTBjNjA1ZDZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzV9LHtcImlkXCI6XCIxOTIwYTk5Ny01YjFmLTRlZTAtYWQxMS04Y2U1ZjFjODZlYzZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzZ9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.ZCcck0TALdoIkgNIKGEgxB9ROcB9gFo-Y3uBZ4vHaQsrj_URUNzBuwhVh99-bBh23cTAcmhzK4A7Z-BWEtDY7Iojyd18A6AH-xB8CkdTSGp6vCpmxL2LV2DythBSarlgG44OsWDqSBfrpOFe2RGU1luk1-FJ_RP_7AX9GYnpG7P1WyvmqgLNwN-R5g9SN2jpzJviVHzIVCfspUGVXTW7KriT77joXVuU3WLueGPKpNBs6rr9jetV4CeYaW3iO11Bq3a9yLlM4aK-F9OtUpj8UqjiGcigk8MwLm-0gn05IaQvGEpxVVwulbHGw3idUgUB79DhPm05-7_NymTLFFF2KA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1644
[ {
"id" : "315fd756-fcfc-4c5e-9dce-724436b13382",
"fromIdentityId" : "5d9871fe-3c6e-4f36-b84e-26db5d35e726",
"toOrganizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"invitedEmailAddress" : "new.employee-20@acme.com",
"expiration" : {
"nano" : 712929000,
"epochSecond" : 1675114420
},
"targetUserIdentityId" : "43e29fef-fb20-4d60-8cb1-4443a7758dc7",
"accepted" : null,
"revokedAt" : null,
"responseReceivedAt" : null,
"toTenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"state" : "Open"
}, {
"id" : "5bcd95a1-4971-431e-b648-cc552fb637a6",
"fromIdentityId" : "5d9871fe-3c6e-4f36-b84e-26db5d35e726",
"toOrganizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"invitedEmailAddress" : "new.employee-17@acme.com",
"expiration" : {
"nano" : 635615000,
"epochSecond" : 1675114420
},
"targetUserIdentityId" : "76181021-d1b2-48e0-9dcd-bacd4fc80736",
"accepted" : false,
"revokedAt" : null,
"responseReceivedAt" : {
"nano" : 644457000,
"epochSecond" : 1674509620
},
"toTenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"state" : "Declined"
}, {
"id" : "85c8ae37-82ff-4f96-9828-4a9fbb1dea27",
"fromIdentityId" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"toOrganizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"invitedEmailAddress" : "new.employee@acme.com",
"expiration" : {
"nano" : 832350000,
"epochSecond" : 1675114476
},
"targetUserIdentityId" : "5f9d43c2-ddf0-47d6-94a2-988accd77b5e",
"accepted" : null,
"revokedAt" : null,
"responseReceivedAt" : null,
"toTenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"state" : "Open"
} ]
Get Invitation By Id
GET /invitations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
fromIdentityId |
String |
false |
|
toOrganizationId |
String |
false |
|
invitedEmailAddress |
String |
false |
Must be a well-formed email address. |
expiration |
Object |
false |
|
targetUserIdentityId |
String |
true |
Optional. The identity id that the invited party will be mapped to should they accept the invite. |
accepted |
Boolean |
true |
|
revokedAt |
Object |
true |
The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken. |
responseReceivedAt |
Object |
true |
The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation. |
toTenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId(). Returns the id of the {@link Organization} that the recipient is being invited to join. |
state |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/db234e65-d080-4a54-9607-f39c4628e2e3' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJEd0NCV1ZWcFFGa3ljYzhHZ21IYTJnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc2LCJleHAiOjE2NzQ1MTMyNzYsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCI5NTBiZDRjZS1lNDMyLTQyNzAtOWY2ZS0zZDk1OTBjNjA1ZDZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzV9LHtcImlkXCI6XCIxOTIwYTk5Ny01YjFmLTRlZTAtYWQxMS04Y2U1ZjFjODZlYzZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzZ9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.ZCcck0TALdoIkgNIKGEgxB9ROcB9gFo-Y3uBZ4vHaQsrj_URUNzBuwhVh99-bBh23cTAcmhzK4A7Z-BWEtDY7Iojyd18A6AH-xB8CkdTSGp6vCpmxL2LV2DythBSarlgG44OsWDqSBfrpOFe2RGU1luk1-FJ_RP_7AX9GYnpG7P1WyvmqgLNwN-R5g9SN2jpzJviVHzIVCfspUGVXTW7KriT77joXVuU3WLueGPKpNBs6rr9jetV4CeYaW3iO11Bq3a9yLlM4aK-F9OtUpj8UqjiGcigk8MwLm-0gn05IaQvGEpxVVwulbHGw3idUgUB79DhPm05-7_NymTLFFF2KA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 527
{
"id" : "db234e65-d080-4a54-9607-f39c4628e2e3",
"fromIdentityId" : "5d9871fe-3c6e-4f36-b84e-26db5d35e726",
"toOrganizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"invitedEmailAddress" : "new.employee-194@acme.com",
"expiration" : {
"nano" : 111228000,
"epochSecond" : 1675114477
},
"targetUserIdentityId" : "f052ed13-4dfd-418e-ac59-0f36f682dcb2",
"accepted" : null,
"revokedAt" : null,
"responseReceivedAt" : null,
"toTenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"state" : "Open"
}
Create Invitation
POST /invitations
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
toOrganizationId |
String |
true |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
invitedEmailAddress |
String |
true |
|
invitationUrl |
String |
false |
|
targetUserIdentityId |
String |
true |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
fromIdentityId |
String |
false |
|
toOrganizationId |
String |
false |
|
invitedEmailAddress |
String |
false |
Must be a well-formed email address. |
expiration |
Object |
false |
|
targetUserIdentityId |
String |
true |
Optional. The identity id that the invited party will be mapped to should they accept the invite. |
accepted |
Boolean |
true |
|
revokedAt |
Object |
true |
The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken. |
responseReceivedAt |
Object |
true |
The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation. |
toTenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId(). Returns the id of the {@link Organization} that the recipient is being invited to join. |
state |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJEd0NCV1ZWcFFGa3ljYzhHZ21IYTJnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc2LCJleHAiOjE2NzQ1MTMyNzYsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCI5NTBiZDRjZS1lNDMyLTQyNzAtOWY2ZS0zZDk1OTBjNjA1ZDZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzV9LHtcImlkXCI6XCIxOTIwYTk5Ny01YjFmLTRlZTAtYWQxMS04Y2U1ZjFjODZlYzZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzZ9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.ZCcck0TALdoIkgNIKGEgxB9ROcB9gFo-Y3uBZ4vHaQsrj_URUNzBuwhVh99-bBh23cTAcmhzK4A7Z-BWEtDY7Iojyd18A6AH-xB8CkdTSGp6vCpmxL2LV2DythBSarlgG44OsWDqSBfrpOFe2RGU1luk1-FJ_RP_7AX9GYnpG7P1WyvmqgLNwN-R5g9SN2jpzJviVHzIVCfspUGVXTW7KriT77joXVuU3WLueGPKpNBs6rr9jetV4CeYaW3iO11Bq3a9yLlM4aK-F9OtUpj8UqjiGcigk8MwLm-0gn05IaQvGEpxVVwulbHGw3idUgUB79DhPm05-7_NymTLFFF2KA' \
-d '{"toOrganizationId":"b0b10856-f257-4122-9ba0-6fd84cea951a","invitedEmailAddress":"new.employee@acme.com","invitationUrl":"http://acme.console.netfoundry.io/invitation","targetUserIdentityId":"5f9d43c2-ddf0-47d6-94a2-988accd77b5e"}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 523
{
"id" : "85c8ae37-82ff-4f96-9828-4a9fbb1dea27",
"fromIdentityId" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"toOrganizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"invitedEmailAddress" : "new.employee@acme.com",
"expiration" : {
"nano" : 832350000,
"epochSecond" : 1675114476
},
"targetUserIdentityId" : "5f9d43c2-ddf0-47d6-94a2-988accd77b5e",
"accepted" : null,
"revokedAt" : null,
"responseReceivedAt" : null,
"toTenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"state" : "Open"
}
Respond To Invitation
PUT /invitations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}/{action:accept|decline}
This is not the typical way to accept or decline an invitation. See {@link InvitationFlowController}. This service is a straight update of the Invitation. It does not map the calling user, nor any other related activity. It simply updates the state of the Invitation.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
action |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
fromIdentityId |
String |
false |
|
toOrganizationId |
String |
false |
|
invitedEmailAddress |
String |
false |
Must be a well-formed email address. |
expiration |
Object |
false |
|
targetUserIdentityId |
String |
true |
Optional. The identity id that the invited party will be mapped to should they accept the invite. |
accepted |
Boolean |
true |
|
revokedAt |
Object |
true |
The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken. |
responseReceivedAt |
Object |
true |
The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation. |
toTenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId(). Returns the id of the {@link Organization} that the recipient is being invited to join. |
state |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/cf893912-193a-4682-9206-54ef835a7d61/decline' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJEd0NCV1ZWcFFGa3ljYzhHZ21IYTJnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc2LCJleHAiOjE2NzQ1MTMyNzYsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCI5NTBiZDRjZS1lNDMyLTQyNzAtOWY2ZS0zZDk1OTBjNjA1ZDZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzV9LHtcImlkXCI6XCIxOTIwYTk5Ny01YjFmLTRlZTAtYWQxMS04Y2U1ZjFjODZlYzZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzZ9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.ZCcck0TALdoIkgNIKGEgxB9ROcB9gFo-Y3uBZ4vHaQsrj_URUNzBuwhVh99-bBh23cTAcmhzK4A7Z-BWEtDY7Iojyd18A6AH-xB8CkdTSGp6vCpmxL2LV2DythBSarlgG44OsWDqSBfrpOFe2RGU1luk1-FJ_RP_7AX9GYnpG7P1WyvmqgLNwN-R5g9SN2jpzJviVHzIVCfspUGVXTW7KriT77joXVuU3WLueGPKpNBs6rr9jetV4CeYaW3iO11Bq3a9yLlM4aK-F9OtUpj8UqjiGcigk8MwLm-0gn05IaQvGEpxVVwulbHGw3idUgUB79DhPm05-7_NymTLFFF2KA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 587
{
"id" : "cf893912-193a-4682-9206-54ef835a7d61",
"fromIdentityId" : "5d9871fe-3c6e-4f36-b84e-26db5d35e726",
"toOrganizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"invitedEmailAddress" : "new.employee-191@acme.com",
"expiration" : {
"nano" : 926546000,
"epochSecond" : 1675114476
},
"targetUserIdentityId" : "9059a315-80f2-475c-a744-5119f7fbe486",
"accepted" : false,
"revokedAt" : null,
"responseReceivedAt" : {
"nano" : 58585000,
"epochSecond" : 1674509677
},
"toTenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"state" : "Declined"
}
Revoke Invitation
PUT /invitations/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}/revoke
This service will revoke the specified invitation if it is in a state that permits revoke.
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
fromIdentityId |
String |
false |
|
toOrganizationId |
String |
false |
|
invitedEmailAddress |
String |
false |
Must be a well-formed email address. |
expiration |
Object |
false |
|
targetUserIdentityId |
String |
true |
Optional. The identity id that the invited party will be mapped to should they accept the invite. |
accepted |
Boolean |
true |
|
revokedAt |
Object |
true |
The date-time that this invitation was revoked. If null, then this invitation has not been revoked. An open invitation (accepted == null) can be revoked, which will prevent the invitation from being accepted or declined by a user. The accepted state remains null to reflect that it was never accepted or declined. A declined or expired invitation can be revoked after the fact. An accepted invitation can not be revoked retroactively. Finally, revoking an invitation is a terminal operation. Once revoked, no other action can be taken. |
responseReceivedAt |
Object |
true |
The date-time that this invitation was marked as accepted or declined. If null, then there has been no response (accept or decline) of this invitation. This is effectively the update timestamp of the accepted property of an invitation. |
toTenantId |
String |
true |
Deprecated. The Tenant resource has been renamed to Organization. Use getToOrganizationId(). Returns the id of the {@link Organization} that the recipient is being invited to join. |
state |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/da64df29-1472-402f-bb4b-e58462dcfefa/revoke' -i -X PUT \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJEd0NCV1ZWcFFGa3ljYzhHZ21IYTJnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5Njc2LCJleHAiOjE2NzQ1MTMyNzYsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCJhODE4ODdkMy02MWEyLTRmMTItYjRkMy0xOGU0NjBjMzA2NzFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjl9LHtcImlkXCI6XCI3MTYzNjQzZC1kYTc0LTRlMTQtODJlNy04NDNkNzUwYzkxZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzJ9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCI5NTBiZDRjZS1lNDMyLTQyNzAtOWY2ZS0zZDk1OTBjNjA1ZDZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzV9LHtcImlkXCI6XCIxOTIwYTk5Ny01YjFmLTRlZTAtYWQxMS04Y2U1ZjFjODZlYzZcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzZ9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9LHtcImlkXCI6XCIyNTQ0MmIzZi0wOWViLTQ1OTUtOTlkNC01MDI5Y2MyNzdjNTNcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjh9LHtcImlkXCI6XCI4MDc1ODdiMC0zNjcxLTQwNmEtYmY4NC05YzBlZDFjYjczNmRcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2NzR9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.ZCcck0TALdoIkgNIKGEgxB9ROcB9gFo-Y3uBZ4vHaQsrj_URUNzBuwhVh99-bBh23cTAcmhzK4A7Z-BWEtDY7Iojyd18A6AH-xB8CkdTSGp6vCpmxL2LV2DythBSarlgG44OsWDqSBfrpOFe2RGU1luk1-FJ_RP_7AX9GYnpG7P1WyvmqgLNwN-R5g9SN2jpzJviVHzIVCfspUGVXTW7KriT77joXVuU3WLueGPKpNBs6rr9jetV4CeYaW3iO11Bq3a9yLlM4aK-F9OtUpj8UqjiGcigk8MwLm-0gn05IaQvGEpxVVwulbHGw3idUgUB79DhPm05-7_NymTLFFF2KA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 642
{
"id" : "da64df29-1472-402f-bb4b-e58462dcfefa",
"fromIdentityId" : "5d9871fe-3c6e-4f36-b84e-26db5d35e726",
"toOrganizationId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"invitedEmailAddress" : "new.employee-197@acme.com",
"expiration" : {
"nano" : 374612000,
"epochSecond" : 1675114477
},
"targetUserIdentityId" : "303ca9ef-a742-429f-a89d-0fa8f5f775e7",
"accepted" : null,
"revokedAt" : {
"nano" : 599665000,
"epochSecond" : 1674509677
},
"responseReceivedAt" : {
"nano" : 599666000,
"epochSecond" : 1674509677
},
"toTenantId" : "b0b10856-f257-4122-9ba0-6fd84cea951a",
"state" : "Revoked"
}
Support
Create Support Request
POST /nfconsole/support/requests
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
name |
String |
true |
The name of the user. This is a required value if the request is submitted by a client that is not currently authenticated. In this unauthenticated case, this name is used in the support request ticket that is created. If the request comes from an authenticated client, then this property should be ignored (not sent), as the API will overwrite it with the name of the authenticated identity. Size must be between 1 and 2147483647 inclusive. |
String |
true |
The email of the user. This is a required value if the request is submitted by a client that is not currently authenticated. In this unauthenticated case, this email is used in the support request ticket that is created. If the request comes from an authenticated client, then this property should be ignored (not sent), as the API will overwrite it with the email of the authenticated identity. Must be a well-formed email address. |
|
selectedOrganizationId |
String |
true |
The id of an organization which the current user has selected as his working context at the time that this support request is being generated. This value may be null in most cases as it only applies to users with access to more than one organization. This value is ignored if the support request comes from a user that is not logged in. |
selectedNetworkId |
String |
true |
The id of a network which the current user has selected as his working context at the time that this support request is being generated. This value may be null, particularly if the client is submitting the support request from a context that is not network specific. However, if the user is working in a context (ie, a 'page' that lists AppWans) that is network specific, then this value can help support agents when reviewing the support request. This value is ignored if the support request comes from a user that is not logged in. |
subject |
String |
false |
The support request subject. This value is required and can not be empty. |
comment |
String |
false |
The support request message. This value is required and can not be empty. |
type |
String |
true |
The type of the support request. If not specified, the type will default to "question". Must be one of [problem, incident, question, task]. |
priority |
String |
true |
The priority of the support request. If not specified, the type will default to "normal". Must be one of [urgent, high, normal, low]. |
severity |
String |
true |
The Severity of the support request. Severity 1, 2, 3 If not specificed: default to "Severity3". Must be one of [Severity1, Severity2, Severity3]. |
recentErrorMessages |
Array[String] |
true |
An optional list of error messages received from the API by the client. These should be in order from most recent to oldest. These provide contextual information for the agent handling the support request. These are not required, but clients are encouraged to track and supply such error messages to aid in support. Note, an interactive user (ie human) should not provide this information; it should be tracked and added by the client agent on their behalf. |
Response fields
No response body.
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/nfconsole/support/requests' -i -X POST \
-H 'Content-Type: application/json' \
-d '{"name":"Curious George","email":"george@curious-client.com","selectedOrganizationId":null,"selectedNetworkId":null,"subject":"Sales Contact Request","comment":"This looks great! I'd like a sales rep to contact me.","type":"question","priority":"high","severity":"Severity3","recentErrorMessages":null}'
Example response
HTTP/1.1 200 OK
Sign-up Flow
Check Email
GET /signup
This service allows a client to validate that the submitted email may be used during the sign-up process. Not all email addresses are supported, and clients are encouraged to use this service to check before getting an error from the sign-up service.
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
Parameter | Type | Optional | Description |
---|---|---|---|
checkEmail |
String |
false |
The email address to check. Must be a well-formed email address. |
provider |
String |
true |
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
checkEmail |
String |
false |
The email address that whose status was checked. Must be a well-formed email address. |
status |
String |
false |
The current status of the checked email address. Must be one of [VALID, BLACKLISTED]. |
Example request, valid
$ curl 'https://gateway.netFoundry.io/identity/v1/signup?checkEmail=white.hat@trusted.com' -i -X GET
Example response, valid
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 66
{
"checkEmail" : "white.hat@trusted.com",
"status" : "VALID"
}
Example request, blacklisted
$ curl 'https://gateway.netFoundry.io/identity/v1/signup?checkEmail=black.hat@untrusted.com' -i -X GET
Example response, blacklisted
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 74
{
"checkEmail" : "black.hat@untrusted.com",
"status" : "BLACKLISTED"
}
Find Identity Provider Types
GET /identity-provider-types
This service provides a list of available IdentityProviderTypes. It does not require authentication, as any client that is preparing to create a new Organization via the sign-up process must be able to list the set of IdentityProviderTypes to the user prior to creation of the Organization.
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
[].id |
String |
false |
Unique id of this IdentityProviderType instance. |
[].identityProviderTypeName |
String |
false |
A simple label for display to a human user. Size must be between 1 and 128 inclusive. |
[].auth0ConnectionId |
String |
false |
An opaque value used by Auth0 to identify their Identity Provider. Size must be between 1 and 128 inclusive. |
[].auth0ConnectionType |
String |
false |
One of four types of connections that Auth0 supports. Must be one of [Database, Social, Enterprise, Passwordless]. |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-provider-types' -i -X GET
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 391
[ {
"id" : "474342c9-9d52-4da8-ba20-3ad04a9666b1",
"identityProviderTypeName" : "Google Account",
"auth0ConnectionId" : "google-oauth2",
"auth0ConnectionType" : "Social"
}, {
"id" : "91cff470-70d9-4e99-bfd8-3c7920d6a552",
"identityProviderTypeName" : "Simple Username/Password",
"auth0ConnectionId" : "Username-Password-Authentication",
"auth0ConnectionType" : "Database"
} ]
Signup
POST /signup
This service can be used to create a new Organization. The client specifies a basic set of Organization information, such as a descriptive name and a site label, as well as other configuration details. The client must specify how the Organization wishes to authenticate its users by passing one or more specifications for an IdentityProvider. A client may call the Find Identity Provider Types service to preview a list of available authentication mechanisms. Finally, the client must specify user information for the initial 'root' user of the Organization. Upon successful completion of the service request, the API Server will send the user an email with instructions to complete the sign-up process. Note, the API Server does not permit sending invitations to all email addresses. A client may check to see if an email address is supported by calling the Check Email Address service prior to calling this sign-up service.
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
organizationName |
String |
true |
A human friendly name for the Organization. This will become the Organization’s name property. io.netfoundry.common.util.validation.ValidAs. |
organizationLabel |
String |
true |
A domain name label, used to compose the Organization’s custom site domain. The value can be 1 to 63 alpha-numeric or hyphen characters, but may not begin or end with a hyphen. io.netfoundry.common.util.validation.ValidAs. |
identityProviders |
Array[Object] |
false |
A non-empty set of identity providers that the Organization should allow users to login through. io.netfoundry.common.util.validation.ValidAs. |
identityProviders[].name |
String |
true |
A human friendly name for the IdentityProvider. This value is specific to the Organization, even if the authentication mechanism is shared across many Organizations (social based authentication being a prime example.). io.netfoundry.common.util.validation.ValidAs. |
identityProviders[].identityProviderTypeId |
String |
false |
The IdentityProviderType.id of the IdentityProviderType to create and use within the Organization. See service to get a list of available IdentityProviderTypes. |
signupUrl |
String |
false |
A fully qualified http or https url where the sign-up email will link to, so that the sign-up user may complete the sign-up process. |
billingInfo |
Object |
true |
|
billingInfo.type |
String |
true |
If type is SelfService, then the Billing organization will be setup as SelfService. Must be one of [SelfService, AWS, Stripe, Enterprise]. |
billingInfo.customerEmail |
String |
true |
|
billingInfo.cardToken |
String |
true |
|
billingInfo.productId |
String |
true |
The product Id to use for billing AWS market place customer. |
billingInfo.customerFirstName |
String |
true |
|
billingInfo.customerLastName |
String |
true |
|
billingInfo.countryCode |
String |
true |
|
billingInfo.zipCode |
String |
true |
|
billingInfo.customerSiteName |
String |
true |
|
billingInfo.customerSiteLabel |
String |
true |
|
billingInfo.customerId |
String |
false |
The customer Id to use for billing aws market place customer. If the type is AWS and customer Id is provided, then the Billing organization will be setup as enterprise. |
billingInfo.stripeCardToken |
String |
false |
The token from Stripe for the card to use for billing. If the type is stripe and stripeCardToken is provided, then the Billing organization will be setup as self-service. |
adminUsers |
Array[Object] |
false |
An ordered list of initial user accounts to create within this organization. All will be granted administrative access. The first will be the primary billing contact. |
adminUsers[].firstName |
String |
true |
The given name to assign to the initial user Identity. io.netfoundry.common.util.validation.ValidAs. |
adminUsers[].lastName |
String |
true |
The family name to assign to the initial user Identity. io.netfoundry.common.util.validation.ValidAs. |
adminUsers[].email |
String |
true |
The email address to assign to the initial user Identity. This is also the email address when the sign-up invitation will be sent. io.netfoundry.common.util.validation.ValidAs. |
adminUsers[].countryCode |
String |
true |
The country name to assign to the hubspot contact. Must be one of [AF, AX, AL, DZ, AS, AD, AO, AI, AQ, AG, AR, AM, AW, AU, AT, AZ, BS, BH, BD, BB, BY, BE, BZ, BJ, BM, BT, BO, BQ, BA, BW, BV, BR, IO, UM, VG, VI, BN, BG, BF, BI, KH, CM, CA, CV, KY, CF, TD, CL, CN, CX, CC, CO, KM, CG, CD, CK, CR, HR, CU, CW, CY, CZ, DK, DJ, DM, DO, EC, EG, SV, GQ, ER, EE, ET, FK, FO, FJ, FI, FR, GF, PF, TF, GA, GM, GE, DE, GH, GI, GR, GL, GD, GP, GU, GT, GG, GN, GW, GY, HT, HM, VA, HN, HK, HU, IS, IN, ID, CI, IR, IQ, IE, IM, IL, IT, JM, JP, JE, JO, KZ, KE, KI, KW, KG, LA, LV, LB, LS, LR, LY, LI, LT, LU, MO, MK, MG, MW, MY, MV, ML, MT, MH, MQ, MR, MU, YT, MX, FM, MD, MC, MN, ME, MS, MA, MZ, MM, NA, NR, NP, NL, NC, NZ, NI, NE, NG, NU, NF, KP, MP, NO, OM, PK, PW, PS, PA, PG, PY, PE, PH, PN, PL, PT, PR, QA, XK, RE, RO, RU, RW, BL, SH, KN, LC, MF, PM, VC, WS, SM, ST, SA, SN, RS, SC, SL, SG, SX, SK, SI, SB, SO, ZA, GS, KR, SS, ES, LK, SD, SR, SJ, SZ, SE, CH, SY, TW, TJ, TZ, TH, TL, TG, TK, TO, TT, TN, TR, TM, TC, TV, UG, UA, AE, GB, US, UY, UZ, VU, VE, VN, WF, EH, YE, ZM, ZW]. |
adminUsers[].zip |
String |
true |
The zip code used to retrieve a US based customer’s state. Size must be between 0 and 32 inclusive. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
nfToken |
String |
true |
|
auth0ConnectionIds |
Array[String] |
true |
|
invitationKey |
String |
true |
|
success |
Boolean |
true |
|
error |
String |
true |
Must be one of [TenantLabelTaken, InvalidIdentityProviderType, EmailBlocked, BillingError, UnknownServerError]. |
errorDetail |
String |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/signup' -i -X POST \
-H 'Content-Type: application/json' \
-d '{"organizationName":"Global Gadgets Inc.-9","organizationLabel":"Global-Gadgets-10","identityProviders":[{"name":"GG Auth2-8","identityProviderTypeId":"91cff470-70d9-4e99-bfd8-3c7920d6a552"},{"name":"GG Auth1-7","identityProviderTypeId":"474342c9-9d52-4da8-ba20-3ad04a9666b1"}],"signupUrl":"https://nfadmin.console.netfoundry.io/signup","billingInfo":{"type":"SelfService","customerEmail":"user@email.com","cardToken":"token1","productId":"plan01","type":"SelfService","customerFirstName":null,"customerLastName":null,"countryCode":null,"zipCode":null,"customerSiteName":null,"customerSiteLabel":null},"adminUsers":[{"firstName":"Sally","lastName":"Cook","email":"sally.cook@globalGadgets.com","countryCode":"US","zip":"14530"}]}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1092
{
"nfToken" : "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdXRoMENvbm5lY3Rpb25JZHMiOlsiVXNlcm5hbWUtUGFzc3dvcmQtQXV0aGVudGljYXRpb24iLCJnb29nbGUtb2F1dGgyIl0sImF1ZCI6Imh0dHBzOi8vbmV0Zm91bmRyeS1zYW5kYm94LmF1dGgwLmNvbS8iLCJyZWRpcmVjdFVybCI6Imh0dHBzOi8vbmZhZG1pbi5jb25zb2xlLm5ldGZvdW5kcnkuaW8vc2lnbnVwIiwiaXNzIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwL2lkZW50aXR5L3YxIiwidGVuYW50TGFiZWwiOiJHbG9iYWwtR2FkZ2V0cy0xMCIsImludml0YXRpb25JZCI6ImUxZWZmZGE2LTcwNGYtNDRmYy04N2MxLWUwOTVjMzFlYmUyNSIsImV4cCI6MTY3NDUxMDUxOSwiaWF0IjoxNjc0NTA5NjE5LCJmbG93IjoiaW52aXRhdGlvbiJ9.dKNj70vT6_Ffs6ssxUMgImgJs51dqfChSmd6jKr4e4DYn2sL2cGZLt8YzTrRW0xw722IRgu-kYqgOJuJwY1ZfXS0GTxKnpbPTU9EOEc4MrVASO5p35rOoDJyKJSKZiUOFV6PwyUALJ63N4TSLDGtzfyY6-FRsdp9ULRKaXmTB8nxhaTzHnaYOmUpkO20lCT0lOC_yTtKDkTMSRdSGRNZRNle2ls6ra2wHdo6rB3Gam3n4gxNWsjNshFXPsbn5RHIDilR7DZSwhE-hQ1Xrh5G2Gxun-raxFY2F1rw6hnCH_1fsjNNUTk4CLbJXWYJHH0rqPAZRNJ9s0SVFMgRS5RBtA",
"auth0ConnectionIds" : [ "Username-Password-Authentication", "google-oauth2" ],
"invitationKey" : "EoUctQtBpJCA4VfLgoMLUWrqBk1tNkjLVePS",
"success" : true,
"error" : null,
"errorDetail" : null
}
Invitation Flow
Get Invitation By Key
GET /invitations/key/{key:[\p{Alnum}]{36}}
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
key |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
fromIdentity |
Object |
false |
|
fromIdentity.name |
String |
true |
|
fromIdentity.email |
String |
false |
Size must be between 6 and 254 inclusive. |
targetIdentity |
Object |
true |
|
targetIdentity.name |
String |
true |
|
targetIdentity.email |
String |
false |
Size must be between 6 and 254 inclusive. |
invitedEmailAddress |
String |
false |
Must be a well-formed email address. |
toOrganizationName |
String |
false |
|
toOrganizationLabel |
String |
false |
|
expiration |
Object |
false |
|
accepted |
Boolean |
true |
|
state |
String |
false |
Must be one of [Open, Accepted, Declined, Expired, Revoked]. |
toTenantName |
String |
true |
Deprecated.. |
toTenantLabel |
String |
true |
Deprecated.. |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/key/k4ELgKDrPJkei3U5lubs1A9B2sp9XcRCxr7y' -i -X GET
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 517
{
"fromIdentity" : {
"name" : "John Doe",
"email" : "john.doe@acme.com"
},
"targetIdentity" : {
"name" : "First Last",
"email" : "random-18@acme.com"
},
"invitedEmailAddress" : "new.employee-20@acme.com",
"toOrganizationName" : "ACME International, Inc.",
"toOrganizationLabel" : "ACME-0",
"expiration" : {
"nano" : 712929000,
"epochSecond" : 1675114420
},
"accepted" : null,
"state" : "Open",
"toTenantName" : "ACME International, Inc.",
"toTenantLabel" : "ACME-0"
}
Decline Invitation
PUT /invitations/key/{key:[\p{Alnum}]{36}}/decline
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
key |
String |
false |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
fromIdentity |
Object |
false |
|
fromIdentity.name |
String |
true |
|
fromIdentity.email |
String |
false |
Size must be between 6 and 254 inclusive. |
targetIdentity |
Object |
true |
|
targetIdentity.name |
String |
true |
|
targetIdentity.email |
String |
false |
Size must be between 6 and 254 inclusive. |
invitedEmailAddress |
String |
false |
Must be a well-formed email address. |
toOrganizationName |
String |
false |
|
toOrganizationLabel |
String |
false |
|
expiration |
Object |
false |
|
accepted |
Boolean |
true |
|
state |
String |
false |
Must be one of [Open, Accepted, Declined, Expired, Revoked]. |
toTenantName |
String |
true |
Deprecated.. |
toTenantLabel |
String |
true |
Deprecated.. |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/key/sDRLndz0k2mGoWOwOK0bvAxFEuZUvOjwjNZO/decline' -i -X PUT
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 522
{
"fromIdentity" : {
"name" : "John Doe",
"email" : "john.doe@acme.com"
},
"targetIdentity" : {
"name" : "First Last",
"email" : "random-15@acme.com"
},
"invitedEmailAddress" : "new.employee-17@acme.com",
"toOrganizationName" : "ACME International, Inc.",
"toOrganizationLabel" : "ACME-0",
"expiration" : {
"nano" : 635615000,
"epochSecond" : 1675114420
},
"accepted" : false,
"state" : "Declined",
"toTenantName" : "ACME International, Inc.",
"toTenantLabel" : "ACME-0"
}
Initiate Accept Invitation
POST /invitations/key/{key:[\p{Alnum}]{36}}/accept-initiate
Authorization
Authorization not required for this request.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
key |
String |
false |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
intermediateReturnUrl |
String |
false |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
nfToken |
String |
false |
|
auth0ConnectionIds |
Array[String] |
false |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/invitations/key/ryxTROJCr8YLN7XEJMy5Ee8fovZm59ShgOb9/accept-initiate' -i -X POST \
-H 'Content-Type: application/json' \
-d '{"intermediateReturnUrl":"http://console.nfadmin.netfoundry.io/invitation"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1055
{
"nfToken" : "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdXRoMENvbm5lY3Rpb25JZHMiOlsiYXV0aDAtb3BhcXVlLWNvbm5lY3Rpb25JZC0xIiwiYXV0aDAtb3BhcXVlLWNvbm5lY3Rpb25JZC0yIl0sIm9yZ2FuaXphdGlvbklkIjoiMWVjNGU4NWYtNmY1My00ZmQzLWI3NTYtYTI2NGViN2VhYzUwIiwiYXVkIjoiaHR0cHM6Ly9uZXRmb3VuZHJ5LXNhbmRib3guYXV0aDAuY29tLyIsInJlZGlyZWN0VXJsIjoiaHR0cDovL2NvbnNvbGUubmZhZG1pbi5uZXRmb3VuZHJ5LmlvL2ludml0YXRpb24iLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvaWRlbnRpdHkvdjEiLCJ0ZW5hbnRMYWJlbCI6IkFDTUUtMCIsImludml0YXRpb25JZCI6ImY1YTAxNTA3LWU5MDQtNDZlNC05Y2ZlLTVlMTVjN2RlODk4YyIsImV4cCI6MTY3NDUxMDUyMCwiaWF0IjoxNjc0NTA5NjIwLCJmbG93IjoiaW52aXRhdGlvbiJ9.TentrUHv0EDUT2rDwCYR3tdXLu8TbZnQ-HGbW_KJ10a9YdpmHPL8sA418SJaUS5WFsA8XLc-tU2YncdnskLYLxlFH1BA1edikM2_ktjjBg4g_T1deOaw-Lq_xuMAF_erT8TUF8E53wzmmAnkV6oMc-IC9JG8KA6fV7vq0kZkB9l6AhHAxDQ4mCSwgGZfgGQk6Bs71vykDXK-iSZVhEnlhkxs1eGKaPcZLdihodTDYXrYMHpXMVTx4HiEob2RJLG7syGGK-_nShcAnCLxJSRcpa2E_23K6tbRqiyjpeHioG2y4bBRNmqEGiKkIkB6YtdbkSlJUReMDQTiKE_1Rzoung",
"auth0ConnectionIds" : [ "auth0-opaque-connectionId-1", "auth0-opaque-connectionId-2" ]
}
Login Flow
Initiate Interactive Authorization
POST /organizations/authorize-initiate
Authorization
Authorization not required for this request.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
label |
String |
false |
Must match the regular expression |
intermediateReturnUrl |
String |
false |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
nfToken |
String |
false |
|
auth0ConnectionIds |
Array[String] |
false |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organizations/authorize-initiate' -i -X POST \
-H 'Content-Type: application/json' \
-d '{"label":"ACME-0","intermediateReturnUrl":"http://console.nfadmin.netfoundry.io/invitation"}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 977
{
"nfToken" : "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdXRoMENvbm5lY3Rpb25JZHMiOlsiYXV0aDAtb3BhcXVlLWNvbm5lY3Rpb25JZC0xIiwiYXV0aDAtb3BhcXVlLWNvbm5lY3Rpb25JZC0yIl0sIm9yZ2FuaXphdGlvbklkIjoiMWVjNGU4NWYtNmY1My00ZmQzLWI3NTYtYTI2NGViN2VhYzUwIiwiYXVkIjoiaHR0cHM6Ly9uZXRmb3VuZHJ5LXNhbmRib3guYXV0aDAuY29tLyIsInJlZGlyZWN0VXJsIjoiaHR0cDovL2NvbnNvbGUubmZhZG1pbi5uZXRmb3VuZHJ5LmlvL2ludml0YXRpb24iLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjgwODAvaWRlbnRpdHkvdjEiLCJ0ZW5hbnRMYWJlbCI6IkFDTUUtMCIsImV4cCI6MTY3NDUxMDUyMywiaWF0IjoxNjc0NTA5NjIzLCJmbG93IjoibG9naW4ifQ.cGaA9JkPSTCKyIzXCdgglahY1D2xkVbVdpieYsI9DmmfN79c7zsyOPiaE6e6P9DyNZJGh5Vwfz31hi8A3b-HTrMSFdTTOi7nG16HM9BiDWrbObRcRj7LG1mseI1_ZggbxihyK4JCLU3e0yO30R5XaaT8N-XXiVP4ej748L_ugE8Bry3JTVdbZicnsyWrp4xkGvodXnKd9UBOYgduNimQy75HowLqyfczgxeZkWY1HcWshYc0ojSdMRNbSewVmtomiSTD1hOOHwdVcKEDJYqjaTe5zj92NiN893B18-eahj0XU_VImrxdMCzcqZ21S9f91Qmli9JDw6X4ZhUeW7Ztfg",
"auth0ConnectionIds" : [ "auth0-opaque-connectionId-1", "auth0-opaque-connectionId-2" ]
}
Identity Preference Flow
Find Identity Preferences
GET /identity-preferences
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
userIdentityId |
String |
false |
|
preferences |
Object |
false |
|
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ6al92Tmo1a2R3a1dQX0JIQnpwUkRnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI3LCJleHAiOjE2NzQ1MTMyMjcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.U_bb6dszZqbWRHh6-Uj0RXTO37BRGqgQKA9Rybk6RXmt785xD4Y2YxYwVbfg7oTNre9xUpNXF8A_EIWUVHK648HZl5jENcH7f4_PGLDNvu1fDEdqski11V8vghafLtOThQj0ozpVjWrocVA3elfiWctWZ9QN2t3oCLxGemVa4E1TPpYy-CQ8YrQoOO-U_rlIA41du7sE0dyHK8Q8Q028hOEGZtPTGRwCSLwi3cbJBUJ4L0pgN2F-_wWQpWGgySAKwl1_wPM_MXV-4zdh8HICWMTQc18U_AknJGQN1An9TbtXliI1q4WXs_KpappXkdR-Byf5Ct1QwzUdnDhZ83_SfQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 434
[ {
"id" : "5de5c5ef-2b61-47ef-8eb9-1fbabbbea659",
"userIdentityId" : "dce97e6f-4947-409e-8cb3-fea21399056c",
"preferences" : {
"first" : "my first preference."
},
"createdBy" : "dce97e6f-4947-409e-8cb3-fea21399056c",
"createdAt" : {
"nano" : 624363000,
"epochSecond" : 1674509627
},
"updatedAt" : {
"nano" : 624363000,
"epochSecond" : 1674509627
},
"deletedBy" : null,
"deletedAt" : null
} ]
Get Identity Preference
GET /identity-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
userIdentityId |
String |
false |
|
preferences |
Object |
false |
|
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences/927b3641-ca70-46fb-acb8-3d2050dafaa9' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ6al92Tmo1a2R3a1dQX0JIQnpwUkRnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI3LCJleHAiOjE2NzQ1MTMyMjcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.U_bb6dszZqbWRHh6-Uj0RXTO37BRGqgQKA9Rybk6RXmt785xD4Y2YxYwVbfg7oTNre9xUpNXF8A_EIWUVHK648HZl5jENcH7f4_PGLDNvu1fDEdqski11V8vghafLtOThQj0ozpVjWrocVA3elfiWctWZ9QN2t3oCLxGemVa4E1TPpYy-CQ8YrQoOO-U_rlIA41du7sE0dyHK8Q8Q028hOEGZtPTGRwCSLwi3cbJBUJ4L0pgN2F-_wWQpWGgySAKwl1_wPM_MXV-4zdh8HICWMTQc18U_AknJGQN1An9TbtXliI1q4WXs_KpappXkdR-Byf5Ct1QwzUdnDhZ83_SfQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 413
{
"id" : "927b3641-ca70-46fb-acb8-3d2050dafaa9",
"userIdentityId" : "f7d55936-9db4-4c07-b1c3-2af5d09e1bed",
"preferences" : {
"hello" : "world"
},
"createdBy" : "f7d55936-9db4-4c07-b1c3-2af5d09e1bed",
"createdAt" : {
"nano" : 99105000,
"epochSecond" : 1674509628
},
"updatedAt" : {
"nano" : 99105000,
"epochSecond" : 1674509628
},
"deletedBy" : null,
"deletedAt" : null
}
Create Identity Preference
POST /identity-preferences
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
userIdentityId |
String |
true |
Passing null will result in the creation of the Identity Preferences on the authenticated identity making the create API request. Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
preferences |
Object |
true |
io.netfoundry.common.util.validation.ValidAs. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
userIdentityId |
String |
false |
|
preferences |
Object |
false |
|
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ6al92Tmo1a2R3a1dQX0JIQnpwUkRnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI3LCJleHAiOjE2NzQ1MTMyMjcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.U_bb6dszZqbWRHh6-Uj0RXTO37BRGqgQKA9Rybk6RXmt785xD4Y2YxYwVbfg7oTNre9xUpNXF8A_EIWUVHK648HZl5jENcH7f4_PGLDNvu1fDEdqski11V8vghafLtOThQj0ozpVjWrocVA3elfiWctWZ9QN2t3oCLxGemVa4E1TPpYy-CQ8YrQoOO-U_rlIA41du7sE0dyHK8Q8Q028hOEGZtPTGRwCSLwi3cbJBUJ4L0pgN2F-_wWQpWGgySAKwl1_wPM_MXV-4zdh8HICWMTQc18U_AknJGQN1An9TbtXliI1q4WXs_KpappXkdR-Byf5Ct1QwzUdnDhZ83_SfQ' \
-d '{"userIdentityId":"47fbd94c-7ee5-400c-b540-df59c87e76d0","preferences":{"first":"my first preference."}}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 430
{
"id" : "c870d96b-1394-46c0-b3a7-2cf5cb4b4fe0",
"userIdentityId" : "47fbd94c-7ee5-400c-b540-df59c87e76d0",
"preferences" : {
"first" : "my first preference."
},
"createdBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"createdAt" : {
"nano" : 878779000,
"epochSecond" : 1674509627
},
"updatedAt" : {
"nano" : 878779000,
"epochSecond" : 1674509627
},
"deletedBy" : null,
"deletedAt" : null
}
Update Identity Preference
PUT /identity-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
preferences |
Object |
true |
io.netfoundry.common.util.validation.ValidAs. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
userIdentityId |
String |
false |
|
preferences |
Object |
false |
|
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences/fc9d09f2-c893-4bb3-9eff-9820d3c8f173' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ6al92Tmo1a2R3a1dQX0JIQnpwUkRnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI3LCJleHAiOjE2NzQ1MTMyMjcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.U_bb6dszZqbWRHh6-Uj0RXTO37BRGqgQKA9Rybk6RXmt785xD4Y2YxYwVbfg7oTNre9xUpNXF8A_EIWUVHK648HZl5jENcH7f4_PGLDNvu1fDEdqski11V8vghafLtOThQj0ozpVjWrocVA3elfiWctWZ9QN2t3oCLxGemVa4E1TPpYy-CQ8YrQoOO-U_rlIA41du7sE0dyHK8Q8Q028hOEGZtPTGRwCSLwi3cbJBUJ4L0pgN2F-_wWQpWGgySAKwl1_wPM_MXV-4zdh8HICWMTQc18U_AknJGQN1An9TbtXliI1q4WXs_KpappXkdR-Byf5Ct1QwzUdnDhZ83_SfQ' \
-d '{"preferences":{"updated":"my second preference."}}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 433
{
"id" : "fc9d09f2-c893-4bb3-9eff-9820d3c8f173",
"userIdentityId" : "586b58d8-2b03-417a-ada3-8883c0637157",
"preferences" : {
"updated" : "my second preference."
},
"createdBy" : "586b58d8-2b03-417a-ada3-8883c0637157",
"createdAt" : {
"nano" : 269210000,
"epochSecond" : 1674509628
},
"updatedAt" : {
"nano" : 371838000,
"epochSecond" : 1674509628
},
"deletedBy" : null,
"deletedAt" : null
}
Delete Identity Preference
DELETE /identity-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
userIdentityId |
String |
false |
|
preferences |
Object |
false |
|
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/identity-preferences/0965d0c6-2c5e-4293-bf2a-12c11c633657' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJ6al92Tmo1a2R3a1dQX0JIQnpwUkRnIiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI3LCJleHAiOjE2NzQ1MTMyMjcsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJkYjRiMjkwMy03N2ZlLTQ1ODEtODljMy1mZWEzZTM3MTg2NTBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjZ9LHtcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCIyNjk4OWE0OC04NTg1LTRmMWEtYTc1Mi0xYmFjZGJkZTc1ZjJcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2Mjd9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.U_bb6dszZqbWRHh6-Uj0RXTO37BRGqgQKA9Rybk6RXmt785xD4Y2YxYwVbfg7oTNre9xUpNXF8A_EIWUVHK648HZl5jENcH7f4_PGLDNvu1fDEdqski11V8vghafLtOThQj0ozpVjWrocVA3elfiWctWZ9QN2t3oCLxGemVa4E1TPpYy-CQ8YrQoOO-U_rlIA41du7sE0dyHK8Q8Q028hOEGZtPTGRwCSLwi3cbJBUJ4L0pgN2F-_wWQpWGgySAKwl1_wPM_MXV-4zdh8HICWMTQc18U_AknJGQN1An9TbtXliI1q4WXs_KpappXkdR-Byf5Ct1QwzUdnDhZ83_SfQ'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 503
{
"id" : "0965d0c6-2c5e-4293-bf2a-12c11c633657",
"userIdentityId" : "505a7948-b986-4336-a9d4-69abb333504a",
"preferences" : {
"hello" : "world"
},
"createdBy" : "505a7948-b986-4336-a9d4-69abb333504a",
"createdAt" : {
"nano" : 964762000,
"epochSecond" : 1674509627
},
"updatedAt" : {
"nano" : 67208000,
"epochSecond" : 1674509628
},
"deletedBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"deletedAt" : {
"nano" : 66000000,
"epochSecond" : 1674509628
}
}
Organization Preference Flow
Find Organization Preferences
GET /organization-preferences
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
Supports standard paging query parameters.
Request fields
No request body.
Response fields
Standard paging response where content
field is list of following objects:
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
preferences |
Object |
false |
|
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjQXdTQnB1MjVaTVBYYk9jT0F6Wkl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI1LCJleHAiOjE2NzQ1MTMyMjUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KBUF8e5_yNu3UXVZr08oisg1LDHbI5ckO4yq6N0H3SyZg3ck2RZqJZD1OjxPsI4xKATC9ONFYUcQ42pWadAPQOEOC5u0rF3FERSvhTR2JYW9wnab9YDL3HVJg7wOjY6IP8LXbjKzs0dBSZjok44HC_72cm1lr-prln5bQMNrgpJS5qxoRmKumcgIjwBnfaxRcgh6y-nwt2NNPpS_CHtCncSBl0o4w7_SR3ytC15Pwe3n0PGZ-jPeefSHWzh7_uCE8SQE8AWhEZbMcZq1MfiUJiudbeYvOWhcUZr8lzFEQQGG-_YWZ5NV4PxYUtw0uHAd49tClUPL81yFmCZk0378wA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1268
[ {
"id" : "8e5900a0-7a4d-4a57-961f-7e1e5ee14e76",
"organizationId" : "fc1bebe8-d65c-4b92-96ce-3ede881eb630",
"preferences" : {
"hello" : "world"
},
"createdBy" : "7718eb39-3a79-47f6-96ba-acbd69cb1dbd",
"createdAt" : {
"nano" : 931713000,
"epochSecond" : 1674509625
},
"updatedAt" : {
"nano" : 931713000,
"epochSecond" : 1674509625
},
"deletedBy" : null,
"deletedAt" : null
}, {
"id" : "93881914-9c7d-4d9e-9f8f-b7f39da7c833",
"organizationId" : "6e95a056-4ff0-4770-a5e5-b246d8c440b9",
"preferences" : {
"hello" : "world"
},
"createdBy" : "8d5b77b9-6b68-4ee1-a9af-d44119d62100",
"createdAt" : {
"nano" : 300998000,
"epochSecond" : 1674509626
},
"updatedAt" : {
"nano" : 300998000,
"epochSecond" : 1674509626
},
"deletedBy" : null,
"deletedAt" : null
}, {
"id" : "97800390-5964-493b-81f3-697e01053e4e",
"organizationId" : "045b8392-2095-4ac7-8422-e58fc673b522",
"preferences" : {
"first" : "my first preference."
},
"createdBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"createdAt" : {
"nano" : 154172000,
"epochSecond" : 1674509626
},
"updatedAt" : {
"nano" : 154172000,
"epochSecond" : 1674509626
},
"deletedBy" : null,
"deletedAt" : null
} ]
Get Organization Preference
GET /organization-preferences/{id:[a-fA-F0-9]{8}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{4}-[a-fA-F0-9]{12}}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
preferences |
Object |
false |
|
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences/93881914-9c7d-4d9e-9f8f-b7f39da7c833' -i -X GET \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjQXdTQnB1MjVaTVBYYk9jT0F6Wkl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI1LCJleHAiOjE2NzQ1MTMyMjUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KBUF8e5_yNu3UXVZr08oisg1LDHbI5ckO4yq6N0H3SyZg3ck2RZqJZD1OjxPsI4xKATC9ONFYUcQ42pWadAPQOEOC5u0rF3FERSvhTR2JYW9wnab9YDL3HVJg7wOjY6IP8LXbjKzs0dBSZjok44HC_72cm1lr-prln5bQMNrgpJS5qxoRmKumcgIjwBnfaxRcgh6y-nwt2NNPpS_CHtCncSBl0o4w7_SR3ytC15Pwe3n0PGZ-jPeefSHWzh7_uCE8SQE8AWhEZbMcZq1MfiUJiudbeYvOWhcUZr8lzFEQQGG-_YWZ5NV4PxYUtw0uHAd49tClUPL81yFmCZk0378wA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 415
{
"id" : "93881914-9c7d-4d9e-9f8f-b7f39da7c833",
"organizationId" : "6e95a056-4ff0-4770-a5e5-b246d8c440b9",
"preferences" : {
"hello" : "world"
},
"createdBy" : "8d5b77b9-6b68-4ee1-a9af-d44119d62100",
"createdAt" : {
"nano" : 300998000,
"epochSecond" : 1674509626
},
"updatedAt" : {
"nano" : 300998000,
"epochSecond" : 1674509626
},
"deletedBy" : null,
"deletedAt" : null
}
Create Organization Preference
POST /organization-preferences
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
No parameters.
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
organizationId |
String |
true |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
preferences |
Object |
true |
io.netfoundry.common.util.validation.ValidAs. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
preferences |
Object |
false |
|
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences' -i -X POST \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjQXdTQnB1MjVaTVBYYk9jT0F6Wkl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI1LCJleHAiOjE2NzQ1MTMyMjUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KBUF8e5_yNu3UXVZr08oisg1LDHbI5ckO4yq6N0H3SyZg3ck2RZqJZD1OjxPsI4xKATC9ONFYUcQ42pWadAPQOEOC5u0rF3FERSvhTR2JYW9wnab9YDL3HVJg7wOjY6IP8LXbjKzs0dBSZjok44HC_72cm1lr-prln5bQMNrgpJS5qxoRmKumcgIjwBnfaxRcgh6y-nwt2NNPpS_CHtCncSBl0o4w7_SR3ytC15Pwe3n0PGZ-jPeefSHWzh7_uCE8SQE8AWhEZbMcZq1MfiUJiudbeYvOWhcUZr8lzFEQQGG-_YWZ5NV4PxYUtw0uHAd49tClUPL81yFmCZk0378wA' \
-d '{"organizationId":"045b8392-2095-4ac7-8422-e58fc673b522","preferences":{"first":"my first preference."}}'
Example response
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 430
{
"id" : "97800390-5964-493b-81f3-697e01053e4e",
"organizationId" : "045b8392-2095-4ac7-8422-e58fc673b522",
"preferences" : {
"first" : "my first preference."
},
"createdBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"createdAt" : {
"nano" : 154172000,
"epochSecond" : 1674509626
},
"updatedAt" : {
"nano" : 154172000,
"epochSecond" : 1674509626
},
"deletedBy" : null,
"deletedAt" : null
}
Update Organization Preference
PUT /organization-preferences/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
Path | Type | Optional | Description |
---|---|---|---|
preferences |
Object |
true |
io.netfoundry.common.util.validation.ValidAs. |
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
preferences |
Object |
false |
|
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences/e74d7adf-b369-4956-9be4-3a52e4581a7e' -i -X PUT \
-H 'Content-Type: application/json' \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjQXdTQnB1MjVaTVBYYk9jT0F6Wkl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI1LCJleHAiOjE2NzQ1MTMyMjUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KBUF8e5_yNu3UXVZr08oisg1LDHbI5ckO4yq6N0H3SyZg3ck2RZqJZD1OjxPsI4xKATC9ONFYUcQ42pWadAPQOEOC5u0rF3FERSvhTR2JYW9wnab9YDL3HVJg7wOjY6IP8LXbjKzs0dBSZjok44HC_72cm1lr-prln5bQMNrgpJS5qxoRmKumcgIjwBnfaxRcgh6y-nwt2NNPpS_CHtCncSBl0o4w7_SR3ytC15Pwe3n0PGZ-jPeefSHWzh7_uCE8SQE8AWhEZbMcZq1MfiUJiudbeYvOWhcUZr8lzFEQQGG-_YWZ5NV4PxYUtw0uHAd49tClUPL81yFmCZk0378wA' \
-d '{"preferences":{"updated":"my second preference."}}'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 433
{
"id" : "e74d7adf-b369-4956-9be4-3a52e4581a7e",
"organizationId" : "2a2334d5-4577-4b33-8042-3352469c2ba2",
"preferences" : {
"updated" : "my second preference."
},
"createdBy" : "0f2aff1f-135e-4501-b9ec-3f2a680b4193",
"createdAt" : {
"nano" : 445266000,
"epochSecond" : 1674509626
},
"updatedAt" : {
"nano" : 525360000,
"epochSecond" : 1674509626
},
"deletedBy" : null,
"deletedAt" : null
}
Delete Organization Preference
DELETE /organization-preferences/{id}
Authorization
Valid Authorization Bearer token required, along with a permission grant authorizing access to any referenced resources.
Path parameters
Parameter | Type | Optional | Description |
---|---|---|---|
id |
Object |
false |
Client lacks authorization for the '{action}' action on the '{resourceDesc}' resource over the {pathDesc} resource path. |
Query parameters
No parameters.
Request fields
No request body.
Response fields
Path | Type | Optional | Description |
---|---|---|---|
id |
String |
false |
|
organizationId |
String |
false |
|
preferences |
Object |
false |
|
createdBy |
String |
false |
|
createdAt |
Object |
false |
|
updatedAt |
Object |
false |
|
deletedBy |
String |
true |
|
deletedAt |
Object |
true |
Example request
$ curl 'https://gateway.netFoundry.io/identity/v1/organization-preferences/1d8f1b17-45c6-4999-b577-3e77d6322cf0' -i -X DELETE \
-H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJqdGkiOiJjQXdTQnB1MjVaTVBYYk9jT0F6Wkl3IiwiaXNzIjoiTmV0Rm91bmRyeSIsInN1YiI6IjE4MDllNjE4LTQzZTQtNDI0Zi1hODZhLTM3YWNhMGY5MTZjYiIsImF1ZCI6ImlkZW50aXR5IiwiaWF0IjoxNjc0NTA5NjI1LCJleHAiOjE2NzQ1MTMyMjUsInBvbGljaWVzIjpbeyJyZXNvdXJjZXMiOlsibmZybjoqIl0sImFjdGlvbnMiOlsiKjoqIl19XSwiZ3JhbnRzLXN1cGVyIjoiW3tcImlkXCI6XCJjZWM5MzRhMS1hNDczLTQ0YjUtOGY5OC0wY2RjYTI3NDE1ZjVcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjV9LHtcImlkXCI6XCI5MTdjOGU0Zi03NWQ1LTQ0ZGQtOTliZS01ODFjMjNmM2Q5NDFcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjR9LHtcImlkXCI6XCJkYTgwODE1Ny05ZjMwLTRkYjMtYmUxNS03Y2QyM2ViODYyZDBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjB9LHtcImlkXCI6XCJlOTg2YmFjNS1kODQ4LTRiYTUtYWI2OC1hMzNiYTZmMWJkMjBcIixcImxhc3RNb2RpZmllZFwiOjE2NzQ1MDk2MjN9XSIsImdyYW50cy1jdXN0b20iOiJbXSIsImdyYW50cy1wdWJsaWMiOiJbXSIsImdyYW50cy1hY3Rpb24iOiJbXSIsImdyYW50cy1zdGFuZGFyZCI6IltdIn0.KBUF8e5_yNu3UXVZr08oisg1LDHbI5ckO4yq6N0H3SyZg3ck2RZqJZD1OjxPsI4xKATC9ONFYUcQ42pWadAPQOEOC5u0rF3FERSvhTR2JYW9wnab9YDL3HVJg7wOjY6IP8LXbjKzs0dBSZjok44HC_72cm1lr-prln5bQMNrgpJS5qxoRmKumcgIjwBnfaxRcgh6y-nwt2NNPpS_CHtCncSBl0o4w7_SR3ytC15Pwe3n0PGZ-jPeefSHWzh7_uCE8SQE8AWhEZbMcZq1MfiUJiudbeYvOWhcUZr8lzFEQQGG-_YWZ5NV4PxYUtw0uHAd49tClUPL81yFmCZk0378wA'
Example response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 505
{
"id" : "1d8f1b17-45c6-4999-b577-3e77d6322cf0",
"organizationId" : "a1f4956d-84f4-4042-9662-70d75fbb027c",
"preferences" : {
"hello" : "world"
},
"createdBy" : "4beebb3e-dc71-4c7c-8d2d-7857dea8e772",
"createdAt" : {
"nano" : 191405000,
"epochSecond" : 1674509626
},
"updatedAt" : {
"nano" : 268996000,
"epochSecond" : 1674509626
},
"deletedBy" : "1809e618-43e4-424f-a86a-37aca0f916cb",
"deletedAt" : {
"nano" : 268000000,
"epochSecond" : 1674509626
}
}