CIAM API (3.6.49)
Download OpenAPI specification:Download
Update a tag, only if caller has access
path Parameters
| tagName required | string |
Request Body schema: application/jsonrequired
| id | string [ 0 .. 200 ] characters |
| name required | string non-empty |
| isEditable | boolean |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string",
- "isEditable": true
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create a tag, only if caller has access
Request Body schema: application/jsonrequired
| id | string [ 0 .. 200 ] characters |
| name required | string non-empty |
| isEditable | boolean |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string",
- "isEditable": true
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve validators paginated
query Parameters
| searchQuery | string Default: "" Filter by name |
| page | integer >= 0 Default: 0 Zero-based page index (0..N) |
| size | integer >= 1 Default: 10 The size of the page to be returned |
| sort | Array of strings Default: "name,ASC" Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update a validator
Request Body schema: application/jsonrequired
| id required | string [ 0 .. 36 ] characters |
| name required | string non-empty |
| type | string Enum: "STRING" "INTEGER" "BOOLEAN" "DATE" |
| function | string Enum: "NUMBER_GREATER_THAN_VALIDATOR" "STRING_CONTAINS_AT_LEAST_N_CHARACTER_CLASSES_VALIDATOR" "STRING_CONTAINS_LOWER_CASE_LETTER_VALIDATOR" "STRING_CONTAINS_UPPER_CASE_LETTER_VALIDATOR" "STRING_CONTAINS_NUMBER_VALIDATOR" "STRING_IS_OF_N_MINIMUM_LENGTH_VALIDATOR" "STRING_IS_OF_N_MAXIMUM_LENGTH_VALIDATOR" "STRING_MATCHES_REGEX_VALIDATOR" "STRING_IN_VALUES_VALIDATOR" |
object |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create a validator
Request Body schema: application/jsonrequired
| id required | string [ 0 .. 36 ] characters |
| name required | string non-empty |
| type | string Enum: "STRING" "INTEGER" "BOOLEAN" "DATE" |
| function | string Enum: "NUMBER_GREATER_THAN_VALIDATOR" "STRING_CONTAINS_AT_LEAST_N_CHARACTER_CLASSES_VALIDATOR" "STRING_CONTAINS_LOWER_CASE_LETTER_VALIDATOR" "STRING_CONTAINS_UPPER_CASE_LETTER_VALIDATOR" "STRING_CONTAINS_NUMBER_VALIDATOR" "STRING_IS_OF_N_MINIMUM_LENGTH_VALIDATOR" "STRING_IS_OF_N_MAXIMUM_LENGTH_VALIDATOR" "STRING_MATCHES_REGEX_VALIDATOR" "STRING_IN_VALUES_VALIDATOR" |
object |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Unlock subject
path Parameters
| subjectId required | string |
Request Body schema: application/jsonrequired
| lockAction required | string Enum: "LOCK_RESET_PWD" "UNLOCK_RESET_PWD" "RESET_SOFT_LOCK" "RESET_HARD_LOCK" |
Responses
Request samples
- Payload
Content type
application/json
{- "lockAction": "LOCK_RESET_PWD"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Add roles for a specific subject
path Parameters
| subjectId required | string |
Request Body schema: application/jsonrequired
| roleIds required | Array of strings unique |
Responses
Request samples
- Payload
Content type
application/json
{- "roleIds": [
- "string"
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Lock subject
path Parameters
| subjectId required | string |
Request Body schema: application/jsonrequired
| lockAction required | string Enum: "LOCK_RESET_PWD" "UNLOCK_RESET_PWD" "RESET_SOFT_LOCK" "RESET_HARD_LOCK" |
Responses
Request samples
- Payload
Content type
application/json
{- "lockAction": "LOCK_RESET_PWD"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve subjects (user / machine client / external) filtered and paginated
query Parameters
| excludedForGroup | string Group id to exclude the users from |
| searchQuery | string Default: "" Filter by name |
| subjectType | Array of strings Items Enum: "MACHINE" "USER" "EXTERNAL_USER" Filter by type of user |
| hasToBeRegistered | boolean Default: false Filter by registered status. Set to 'true' to retrieve users that must be registered, or 'false' to retrieve all users. |
| page | integer >= 0 Default: 0 Zero-based page index (0..N) |
| size | integer >= 1 Default: 10 The size of the page to be returned |
| sort | Array of strings Default: "principal,ASC" Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve subject (user / machine client / external) based on id
path Parameters
| subjectId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve memberships of a subject (user / machine client / external), paginated and filtered
path Parameters
| subjectId required | string |
query Parameters
| searchQuery | string Default: "" Filter by name |
| page | integer >= 0 Default: 0 Zero-based page index (0..N) |
| size | integer >= 1 Default: 10 The size of the page to be returned |
| sort | Array of strings Default: "name,ASC" Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Remove role from a specific subject
path Parameters
| subjectId required | string |
| roleId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Remove a specific subject (user / machine client / external)
path Parameters
| id required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update username
Request Body schema: application/jsonrequired
| newUsername required | string |
| password required | string |
Responses
Request samples
- Payload
Content type
application/json
{- "newUsername": "string",
- "password": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve subjects (users / machine) that have global roles, filtered and paginated
query Parameters
| searchQuery | string Default: "" Filter by name or externalId |
| subjectTypeFilter | Array of strings Filter by subject type |
| rolesFilter | Array of strings Filter by roles name |
| isRoleFilterExact | boolean Default: false Filter by roles name exact |
| page | integer >= 0 Default: 0 Zero-based page index (0..N) |
| size | integer >= 1 Default: 20 The size of the page to be returned |
| sort | Array of strings Default: "principal,ASC" Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Add global roles to subjects (users / machine)
Request Body schema: application/jsonrequired
required | Array of objects (AddGlobalRole) | ||||
Array
| |||||
Responses
Request samples
- Payload
Content type
application/json
{- "addGlobalRoles": [
- {
- "subjectId": "string",
- "roleIds": [
- "string"
]
}
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Patch global roles on subject
path Parameters
| targetSubjectId required | string |
Request Body schema: application/jsonrequired
| addedRoleIds | Array of strings unique |
| removedRoleIds | Array of strings unique |
Responses
Request samples
- Payload
Content type
application/json
{- "addedRoleIds": [
- "string"
], - "removedRoleIds": [
- "string"
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Check if a subject is authorized to delete a subject by a given id
path Parameters
| subjectId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve the memberships of a subject by its id. If user is SuperAdmin, it will return all roots memberships.
path Parameters
| id required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve roles paginated and filtered Deprecated
query Parameters
| excludedType | string Enum: "SUBJECT" "MEMBERSHIP" "ROLE" Exclude type of resource from roles result: SUBJECT, MEMBERSHIP |
| excludedForGroup | string Id of group to exclude the roles from if |
| excludedForSubject | string Id of subject to exclude the roles from if |
| searchQuery | string Default: "" Filter by name |
| page | integer >= 0 Default: 0 Zero-based page index (0..N) |
| size | integer >= 1 Default: 10 The size of the page to be returned |
| sort | Array of strings Default: "name,ASC" Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update a role, only if caller has access
Request Body schema: application/jsonrequired
| id required | string [ 0 .. 200 ] characters ^[\S]*$ |
| name required | string non-empty [^\u0000]+ |
| description | string |
| isEditable | boolean |
Array of objects (Permission) unique | |
Array of objects (Tag) unique | |
| lastModified | string <date-time> |
object (Category) |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string",
- "description": "string",
- "isEditable": true,
- "permissions": [
- {
- "id": "string",
- "description": "string",
- "isEditable": true,
- "lastModified": "2019-08-24T14:15:22Z"
}
], - "tags": [
- {
- "id": "string",
- "name": "string",
- "isEditable": true
}
], - "lastModified": "2019-08-24T14:15:22Z",
- "category": {
- "id": "string",
- "name": "string"
}
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create a role, only if caller has access
Request Body schema: application/jsonrequired
| id required | string [ 0 .. 200 ] characters ^[\S]*$ |
| name required | string non-empty [^\u0000]+ |
| description | string |
| isEditable | boolean |
Array of objects (Permission) unique | |
Array of objects (Tag) unique | |
| lastModified | string <date-time> |
object (Category) |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string",
- "description": "string",
- "isEditable": true,
- "permissions": [
- {
- "id": "string",
- "description": "string",
- "isEditable": true,
- "lastModified": "2019-08-24T14:15:22Z"
}
], - "tags": [
- {
- "id": "string",
- "name": "string",
- "isEditable": true
}
], - "lastModified": "2019-08-24T14:15:22Z",
- "category": {
- "id": "string",
- "name": "string"
}
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Add permissions to role, only if caller has access Deprecated
path Parameters
| roleId required | string |
Request Body schema: application/jsonrequired
| permissionIds | Array of strings |
Responses
Request samples
- Payload
Content type
application/json
{- "permissionIds": [
- "string"
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Patch a role, only if caller has access
path Parameters
| roleId required | string |
Request Body schema: application/jsonrequired
| description | string |
| name | string |
object (Category) | |
| addedPermissionsIds | Array of strings unique |
| removedPermissionsIds | Array of strings unique |
| addedTagIds | Array of strings unique |
| removedTagIds | Array of strings unique |
Responses
Request samples
- Payload
Content type
application/json
{- "description": "string",
- "name": "string",
- "category": {
- "id": "string",
- "name": "string"
}, - "addedPermissionsIds": [
- "string"
], - "removedPermissionsIds": [
- "string"
], - "addedTagIds": [
- "string"
], - "removedTagIds": [
- "string"
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve all roles with permissions paginated
query Parameters
| searchQuery | string Default: "" Filter by name, externalId or permission name |
| page | integer >= 0 Default: 0 Zero-based page index (0..N) |
| size | integer >= 1 Default: 10 The size of the page to be returned |
| sort | Array of strings Default: "name,ASC" Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve filtered roles in context
query Parameters
| groupId | string Filter accessible roles in group context |
| searchQuery | string Default: "" |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve accessible roles in context Deprecated
query Parameters
| groupId | string Filter by group context |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve permissions paginated and filtered
query Parameters
| excludedForRole | string Id of role to exclude the permissions from if |
| searchQuery | string Default: "" Filter by id |
| page | integer >= 0 Default: 0 Zero-based page index (0..N) |
| size | integer >= 1 Default: 10 The size of the page to be returned |
| sort | Array of strings Default: "externalId,ASC" Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update a permission, only if caller has access
Request Body schema: application/jsonrequired
| id required | string [ 0 .. 200 ] characters ^[\S]*$ |
| description | string |
| isEditable | boolean |
| lastModified | string <date-time> |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "description": "string",
- "isEditable": true,
- "lastModified": "2019-08-24T14:15:22Z"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create a permission, only if caller has access
Request Body schema: application/jsonrequired
| id required | string [ 0 .. 200 ] characters ^[\S]*$ |
| description | string |
| isEditable | boolean |
| lastModified | string <date-time> |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "description": "string",
- "isEditable": true,
- "lastModified": "2019-08-24T14:15:22Z"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve group (organization, account, normal group), based on id, only if caller has access to them. Deprecated
path Parameters
| groupId required | string |
query Parameters
| includeSoftDeleted | boolean Default: false Specify if soft deleted group should be returned |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update group Deprecated
path Parameters
| groupId required | string |
Request Body schema: application/jsonrequired
| id | string |
| name required | string non-empty |
| displayName | string |
| type required | string Enum: "GROUP" "ORGANIZATION" "ACCOUNT" |
| parentId | string |
Array of objects (GroupAttribute) unique |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string",
- "displayName": "string",
- "type": "GROUP",
- "parentId": "string",
- "attributes": [
- {
- "id": "string",
- "definition": {
- "id": "string",
- "name": "string",
- "displayName": "string",
- "type": "STRING",
- "defaultValue": "string",
- "description": "string",
- "validators": [
- {
- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}
], - "mandatory": true,
- "predefinedValues": {
- "values": [
- "string"
], - "valueProviderId": "string"
}, - "displayValueList": [
- {
- "id": "string",
- "value": "string"
}
], - "isStandardAttribute": true,
- "isEditableByAdmin": true
}, - "value": "string"
}
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Delete group
path Parameters
| groupId required | string |
query Parameters
| permanent required | boolean Specify if resource should be removed permanently |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Patch a group
path Parameters
| groupId required | string |
Request Body schema: application/jsonrequired
| name | string |
| displayName | string |
| type | string Enum: "GROUP" "ORGANIZATION" "ACCOUNT" |
| parentId | string |
Array of objects (GroupAttribute) unique |
Responses
Request samples
- Payload
Content type
application/json
{- "name": "string",
- "displayName": "string",
- "type": "GROUP",
- "parentId": "string",
- "attributes": [
- {
- "id": "string",
- "definition": {
- "id": "string",
- "name": "string",
- "displayName": "string",
- "type": "STRING",
- "defaultValue": "string",
- "description": "string",
- "validators": [
- {
- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}
], - "mandatory": true,
- "predefinedValues": {
- "values": [
- "string"
], - "valueProviderId": "string"
}, - "displayValueList": [
- {
- "id": "string",
- "value": "string"
}
], - "isStandardAttribute": true,
- "isEditableByAdmin": true
}, - "value": "string"
}
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve authorized groups, paginated and with optional filtering on parentId/type
query Parameters
| searchQuery | string Default: "" Filter by name |
| groupType | string Enum: "GROUP" "ORGANIZATION" "ACCOUNT" Filter by group type: ORGANIZATION|ACCOUNT|GROUP |
| parentId | string Filter by parent id |
| includeSoftDeleted | boolean Default: false Specify if soft deleted group should be returned |
| scope | string Default: "READ" Enum: "READ" "INVITE" "GRANT_ACCESS" |
| page | integer >= 0 Default: 0 Zero-based page index (0..N) |
| size | integer >= 1 Default: 10 The size of the page to be returned |
| sort | Array of strings Default: "name,ASC" Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create new group
Request Body schema: application/jsonrequired
| id | string |
| name required | string non-empty |
| displayName | string |
| type required | string Enum: "GROUP" "ORGANIZATION" "ACCOUNT" |
| parentId | string |
Array of objects (GroupAttribute) unique |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string",
- "displayName": "string",
- "type": "GROUP",
- "parentId": "string",
- "attributes": [
- {
- "id": "string",
- "definition": {
- "id": "string",
- "name": "string",
- "displayName": "string",
- "type": "STRING",
- "defaultValue": "string",
- "description": "string",
- "validators": [
- {
- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}
], - "mandatory": true,
- "predefinedValues": {
- "values": [
- "string"
], - "valueProviderId": "string"
}, - "displayValueList": [
- {
- "id": "string",
- "value": "string"
}
], - "isStandardAttribute": true,
- "isEditableByAdmin": true
}, - "value": "string"
}
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve group with attributes (organization, account, normal group), based on id, only if caller has access to them.
path Parameters
| groupId required | string |
query Parameters
| includeSoftDeleted | boolean Default: false Specify if soft deleted group should be returned |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Memberships of a group (users/clients which are members of this group)
path Parameters
| groupId required | string |
query Parameters
| searchQuery | string Default: "" Filter by name |
| withRole | string Filter by role on membership |
required | object (Pageable) |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve permissions available in the current group based on the token
path Parameters
| groupId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve possible parent groups paginated with optional filtering on id/name
query Parameters
| forGroup required | string Specify groupId of which you want to change the parent of |
| searchQuery | string Default: "" Filter by name or externalId |
| name | string Filter by name |
| externalId | string Filter by external id |
| page | integer >= 0 Default: 0 Zero-based page index (0..N) |
| size | integer >= 1 Default: 10 The size of the page to be returned |
| sort | Array of strings Default: "name,ASC" Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve paginated groups with optional filtering on id/name/parentId access to them.
query Parameters
| searchQuery | string Default: "" Filter by name or externalId |
| groupType | string Enum: "GROUP" "ORGANIZATION" "ACCOUNT" Filter by group type: ORGANIZATION|ACCOUNT|GROUP |
| parentId | string Filter by parent id |
| name | string Filter by name |
| externalId | string Filter by external id |
| includeSoftDeleted | boolean Default: false Specify if soft deleted group should be returned |
| scope | string Default: "READ" Enum: "READ" "INVITE" "GRANT_ACCESS" |
| page | integer >= 0 Default: 0 Zero-based page index (0..N) |
| size | integer >= 1 Default: 10 The size of the page to be returned |
| sort | Array of strings Default: "name,ASC" Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve categories filtered
query Parameters
| searchQuery | string Default: "" Filter by name or externalId |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update a category, only if caller has access
Request Body schema: application/jsonrequired
| id required | string [ 0 .. 200 ] characters ^[\S]*$ |
| name required | string non-empty |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create a category, only if caller has access
Request Body schema: application/jsonrequired
| id required | string [ 0 .. 200 ] characters ^[\S]*$ |
| name required | string non-empty |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update a subject attribute definition, only if caller has access
path Parameters
| id required | string |
Request Body schema: application/jsonrequired
| displayName required | string non-empty |
| defaultValue | string |
| description | string |
required | Array of objects (Validator) |
object (AttributeDefinitionPredefinedValues) | |
| isEditableByAdmin | boolean |
| isEditableByUser | boolean |
Responses
Request samples
- Payload
Content type
application/json
{- "displayName": "string",
- "defaultValue": "string",
- "description": "string",
- "validators": [
- {
- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}
], - "predefinedValues": {
- "values": [
- "string"
], - "valueProviderId": "string"
}, - "isEditableByAdmin": true,
- "isEditableByUser": true
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Delete a subject attribute definition, only if caller has access
path Parameters
| id required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Read all subject attribute definitions, only if caller has access
query Parameters
| searchQuery | string Default: "" Filter by externalId or name or displayName |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create a subject attribute definition, only if caller has access
Request Body schema: application/jsonrequired
| id required | string [ 0 .. 36 ] characters |
| name required | string non-empty |
| displayName required | string non-empty |
| type required | string Enum: "STRING" "INTEGER" "BOOLEAN" "DATE" |
| defaultValue | string |
| description | string |
Array of objects (Validator) | |
| mandatory | boolean |
object (AttributeDefinitionPredefinedValues) | |
Array of objects (DisplayValue) | |
| isStandardAttribute | boolean |
| isEditableByUser | boolean |
| isEditableByAdmin | boolean |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string",
- "displayName": "string",
- "type": "STRING",
- "defaultValue": "string",
- "description": "string",
- "validators": [
- {
- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}
], - "mandatory": true,
- "predefinedValues": {
- "values": [
- "string"
], - "valueProviderId": "string"
}, - "displayValueList": [
- {
- "id": "string",
- "value": "string"
}
], - "isStandardAttribute": true,
- "isEditableByUser": true,
- "isEditableByAdmin": true
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Read one subject attribute definition, only if caller has access
path Parameters
| attributeDefinitionId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Read a membership attribute definition, only if caller has access
path Parameters
| id required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update a membership attribute definition, only if caller has access
path Parameters
| id required | string |
Request Body schema: application/jsonrequired
| displayName required | string non-empty |
| defaultValue | string |
| description | string |
Array of objects (Validator) |
Responses
Request samples
- Payload
Content type
application/json
{- "displayName": "string",
- "defaultValue": "string",
- "description": "string",
- "validators": [
- {
- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Delete a membership attribute definition, only if caller has access
path Parameters
| id required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieves membership attribute definitions searchable, only if caller has access
query Parameters
| searchQuery | string Default: "" Filter by name, displayName or externalId |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create a membership attribute definition, only if caller has access
Request Body schema: application/jsonrequired
| id required | string [ 0 .. 36 ] characters |
| name required | string non-empty |
| displayName required | string non-empty |
| type required | string Enum: "STRING" "INTEGER" "BOOLEAN" "DATE" |
| defaultValue | string |
| description | string |
Array of objects (Validator) | |
| mandatory | boolean |
object (AttributeDefinitionPredefinedValues) | |
Array of objects (DisplayValue) | |
| isStandardAttribute | boolean |
| isEditableByUser | boolean |
| isEditableByAdmin | boolean |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string",
- "displayName": "string",
- "type": "STRING",
- "defaultValue": "string",
- "description": "string",
- "validators": [
- {
- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}
], - "mandatory": true,
- "predefinedValues": {
- "values": [
- "string"
], - "valueProviderId": "string"
}, - "displayValueList": [
- {
- "id": "string",
- "value": "string"
}
], - "isStandardAttribute": true,
- "isEditableByUser": true,
- "isEditableByAdmin": true
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Read a group attribute definition, only if caller has access
path Parameters
| id required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update a group attribute definition, only if caller has access
path Parameters
| id required | string |
Request Body schema: application/jsonrequired
| displayName required | string non-empty |
| defaultValue | string |
| description | string |
Array of objects (Validator) | |
| isEditableByAdmin | boolean |
Responses
Request samples
- Payload
Content type
application/json
{- "displayName": "string",
- "defaultValue": "string",
- "description": "string",
- "validators": [
- {
- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}
], - "isEditableByAdmin": true
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Delete a group attribute definition, only if caller has access
path Parameters
| id required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieves group attribute definitions searchable, only if caller has access
query Parameters
| searchQuery | string Default: "" Filter by name, displayName or externalId |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create a group attribute definition, only if caller has access
Request Body schema: application/jsonrequired
| id required | string [ 0 .. 36 ] characters |
| name required | string non-empty |
| displayName required | string non-empty |
| type required | string Enum: "STRING" "INTEGER" "BOOLEAN" "DATE" |
| defaultValue | string |
| description | string |
Array of objects (Validator) | |
| mandatory | boolean |
object (AttributeDefinitionPredefinedValues) | |
Array of objects (DisplayValue) | |
| isStandardAttribute | boolean |
| isEditableByAdmin | boolean |
Responses
Request samples
- Payload
Content type
application/json
{- "id": "string",
- "name": "string",
- "displayName": "string",
- "type": "STRING",
- "defaultValue": "string",
- "description": "string",
- "validators": [
- {
- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}
], - "mandatory": true,
- "predefinedValues": {
- "values": [
- "string"
], - "valueProviderId": "string"
}, - "displayValueList": [
- {
- "id": "string",
- "value": "string"
}
], - "isStandardAttribute": true,
- "isEditableByAdmin": true
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update account linking configuration, only if caller has access
path Parameters
| accountLinkingConfigId required | string |
Request Body schema: application/jsonrequired
| idp required | string non-empty |
| organizationId required | string non-empty |
Array of objects (AccountLinkingPermissionDto) |
Responses
Request samples
- Payload
Content type
application/json
{- "idp": "string",
- "organizationId": "string",
- "permissions": [
- {
- "attribute": "string",
- "values": [
- "string"
], - "rolesGiven": [
- "string"
]
}
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create account linking configs
Request Body schema: application/jsonrequired
| idp required | string non-empty |
| organizationId required | string non-empty |
Array of objects (AccountLinkingPermissionDto) |
Responses
Request samples
- Payload
Content type
application/json
{- "idp": "string",
- "organizationId": "string",
- "permissions": [
- {
- "attribute": "string",
- "values": [
- "string"
], - "rolesGiven": [
- "string"
]
}
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update some attributes. If they are not sent, any old attributes will be removed.
path Parameters
| subjectId required | string |
Request Body schema: application/jsonrequired
Array
| id required | string [ 0 .. 36 ] characters |
required | object (SubjectAttributeDefinition) |
| value required | string [ 0 .. 200 ] characters |
Responses
Request samples
- Payload
Content type
application/json
[- {
- "id": "string",
- "definition": {
- "id": "string",
- "name": "string",
- "displayName": "string",
- "type": "STRING",
- "defaultValue": "string",
- "description": "string",
- "validators": [
- {
- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}
], - "mandatory": true,
- "predefinedValues": {
- "values": [
- "string"
], - "valueProviderId": "string"
}, - "displayValueList": [
- {
- "id": "string",
- "value": "string"
}
], - "isStandardAttribute": true,
- "isEditableByUser": true,
- "isEditableByAdmin": true
}, - "value": "string"
}
]Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}validateCredentials
query Parameters
| contextPath required | string |
Request Body schema: application/jsonrequired
| username required | string non-empty |
| password required | string non-empty |
| transactionId required | string non-empty |
| messageId required | string non-empty |
Responses
Request samples
- Payload
Content type
application/json
{- "username": "string",
- "password": "string",
- "transactionId": "string",
- "messageId": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Request samples
- Payload
Content type
application/json
{- "token": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Request samples
- Payload
Content type
application/json
{- "token": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}startLogin
Request Body schema: application/jsonrequired
object (WebLoginRequestContext) | |
| requestedAttributes | Array of strings |
Responses
Request samples
- Payload
Content type
application/json
{- "context": {
- "transactionId": "string",
- "messageId": "string",
- "redirectUrl": "string",
- "requestedAttributes": [
- "string"
]
}, - "requestedAttributes": [
- "string"
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create memberships on a group
path Parameters
| groupId required | string |
Request Body schema: application/jsonrequired
Array of objects (AddMemberDto) | |||||
Array
| |||||
Responses
Request samples
- Payload
Content type
application/json
{- "members": [
- {
- "subjectId": "string",
- "roleIds": [
- "string"
]
}
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update roles for a specific membership
path Parameters
| groupId required | string |
| subjectId required | string |
Request Body schema: application/jsonrequired
| roleIds required | Array of strings unique |
Responses
Request samples
- Payload
Content type
application/json
{- "roleIds": [
- "string"
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Patch roles on a membership
path Parameters
| groupId required | string |
| subjectId required | string |
Request Body schema: application/jsonrequired
| addedRoleIds | Array of strings unique |
| removedRoleIds | Array of strings unique |
Responses
Request samples
- Payload
Content type
application/json
{- "addedRoleIds": [
- "string"
], - "removedRoleIds": [
- "string"
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve authorized memberships
query Parameters
| searchQuery | string Default: "" Filter by name, display name or externalId |
| subjectTypeFilter | Array of strings Filter by subject type |
| rolesFilter | Array of strings Filter by roles name containing pattern |
| groupTypeFilter | Array of strings Filter by group type |
| page | integer >= 0 Default: 0 Zero-based page index (0..N) |
| size | integer >= 1 Default: 10 The size of the page to be returned |
| sort | Array of strings Default: "principal,ASC" Sorting criteria in the format: property,(asc|desc). Default sort order is ascending. Multiple sort criteria are supported. |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve membership between group and subject
path Parameters
| groupId required | string |
| subjectId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Remove membership between user/client and group
path Parameters
| groupId required | string |
| subjectId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Remove role for a membership
path Parameters
| groupId required | string |
| subjectId required | string |
| roleId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Request samples
- Payload
Content type
application/json
{- "qrToken": "string",
- "flowId": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Request samples
- Payload
Content type
application/json
{- "password": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Create a new user
Request Body schema: application/jsonrequired
| email required | string |
| password required | string |
| username required | string |
| roleIds required | Array of strings unique |
required | Array of objects (FinishInvitationAttributeCommand) unique |
| registrationId required | string |
Responses
Request samples
- Payload
Content type
application/json
{- "email": "string",
- "password": "string",
- "username": "string",
- "roleIds": [
- "string"
], - "attributes": [
- {
- "definition": {
- "id": "string",
- "name": "string",
- "displayName": "string",
- "type": "STRING",
- "defaultValue": "string",
- "description": "string",
- "validators": [
- {
- "id": "string",
- "name": "string",
- "type": "STRING",
- "function": "NUMBER_GREATER_THAN_VALIDATOR",
- "params": {
- "property1": "string",
- "property2": "string"
}
}
], - "mandatory": true,
- "predefinedValues": {
- "values": [
- "string"
], - "valueProviderId": "string"
}, - "displayValueList": [
- {
- "id": "string",
- "value": "string"
}
], - "isStandardAttribute": true,
- "isEditableByUser": true,
- "isEditableByAdmin": true
}, - "value": "string"
}
], - "registrationId": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve subject (user type) with roles based on its email
query Parameters
| email required | string non-empty |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Send invite to a new user
Request Body schema: application/jsonrequired
| email required | string non-empty |
| groupId required | string non-empty |
| roleIds | Array of strings unique |
Array of objects (AttributeCommand) | |
Array of objects (AttributeCommand) |
Responses
Request samples
- Payload
Content type
application/json
{- "email": "string",
- "groupId": "string",
- "roleIds": [
- "string"
], - "attributes": [
- {
- "attributeDefinitionId": "string",
- "attributeValue": "string"
}
], - "membershipAttributes": [
- {
- "attributeDefinitionId": "string",
- "attributeValue": "string"
}
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Onboard external user
Request Body schema: application/jsonrequired
| subject required | string |
| idp required | string |
| organizationId required | string |
| accountId required | string |
required | object (SubjectStandardAttributes) |
Array of objects (MediatorAttribute) |
Responses
Request samples
- Payload
Content type
application/json
{- "subject": "string",
- "idp": "string",
- "organizationId": "string",
- "accountId": "string",
- "standardAttributes": {
- "name": {
- "formatted": "string",
- "familyName": "string",
- "givenName": "string",
- "middleName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string"
}, - "dateOfBirth": "string",
- "email": "string",
- "gender": "string",
- "address": {
- "fullAddress": "string",
- "street": "string",
- "houseNumber": 0,
- "city": "string",
- "region": "string",
- "postalCode": "string",
- "country": "string"
}, - "nin": {
- "value": "string",
- "issuingCountry": "string"
}, - "phoneNumber": "string"
}, - "attributes": [
- {
- "name": "string",
- "datatype": "string",
- "value": "string"
}
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Onboard external user
Request Body schema: application/jsonrequired
| subject required | string |
| idp required | string |
| organizationId required | string |
| accountId required | string |
required | object (SubjectStandardAttributes) |
Array of objects (MediatorAttribute) |
Responses
Request samples
- Payload
Content type
application/json
{- "subject": "string",
- "idp": "string",
- "organizationId": "string",
- "accountId": "string",
- "standardAttributes": {
- "name": {
- "formatted": "string",
- "familyName": "string",
- "givenName": "string",
- "middleName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string"
}, - "dateOfBirth": "string",
- "email": "string",
- "gender": "string",
- "address": {
- "fullAddress": "string",
- "street": "string",
- "houseNumber": 0,
- "city": "string",
- "region": "string",
- "postalCode": "string",
- "country": "string"
}, - "nin": {
- "value": "string",
- "issuingCountry": "string"
}, - "phoneNumber": "string"
}, - "attributes": [
- {
- "name": "string",
- "datatype": "string",
- "value": "string"
}
]
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Lookup details for external subjects. If organization identifier of the issuer is not sent, all memberships of the subject will be returned.
query Parameters
| subject required | string Identifier of the subject |
| idp required | string Issuer of the subject |
| organizationId | string Organization identifier of the subject |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve users
Retrieve users paginated
query Parameters
| filter | string |
| searchQuery | string Default: "" |
| startIndex | integer <int32> Default: 1 |
| count | integer <int32> Default: 20 |
| sortOrder | string Default: "DESC" Enum: "ASC" "DESC" |
Responses
Response samples
- 200
- 400
- 401
- 403
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "totalResults": 0,
- "itemsPerPage": 0,
- "startIndex": 0,
- "Resources": [
- null
], - "id": "string",
- "externalId": "string",
- "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Create user
Create a new user For schema definition please check the '/schemas/v2/Schemas' endpoint, with the following resourceId: 'urn:ietf:params:scim:schemas:core:2.0:User'
Request Body schema: application/jsonrequired
| schemas | Array of strings unique |
| id | string |
| externalId | string |
| userName | string |
object (Name) | |
| displayName | string |
| active | boolean |
| password | string |
Array of objects (Email) | |
Array of objects (X509Certificate) | |
| lastLogin | string |
| otpActive | boolean |
| resetPassword | boolean |
Array of objects (ScimInboundCustomAttribute) | |
object (Meta) |
Responses
Request samples
- Payload
Content type
application/json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "userName": "string",
- "name": {
- "formatted": "string",
- "familyName": "string",
- "givenName": "string",
- "middleName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string"
}, - "displayName": "string",
- "active": true,
- "password": "string",
- "emails": [
- {
- "value": "string",
- "display": "string",
- "type": "string",
- "primary": true
}
], - "x509Certificates": [
- {
- "value": "string",
- "display": "string",
- "type": "string",
- "primary": true
}
], - "lastLogin": "string",
- "otpActive": true,
- "resetPassword": true,
- "customAttributes": [
- {
- "value": "string",
- "id": "string"
}
], - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Response samples
- 201
- 400
- 401
- 403
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "userName": "string",
- "name": {
- "formatted": "string",
- "familyName": "string",
- "givenName": "string",
- "middleName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string"
}, - "displayName": "string",
- "active": true,
- "emails": [
- {
- "value": "string",
- "display": "string",
- "type": "string",
- "primary": true
}
], - "x509Certificates": [
- {
- "value": "string",
- "display": "string",
- "type": "string",
- "primary": true
}
], - "lastLogin": "string",
- "otpActive": true,
- "resetPassword": true,
- "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "userName": "string",
- "name": {
- "formatted": "string",
- "familyName": "string",
- "givenName": "string",
- "middleName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string"
}, - "displayName": "string",
- "active": true,
- "emails": [
- {
- "value": "string",
- "display": "string",
- "type": "string",
- "primary": true
}
], - "x509Certificates": [
- {
- "value": "string",
- "display": "string",
- "type": "string",
- "primary": true
}
], - "lastLogin": "string",
- "otpActive": true,
- "resetPassword": true,
- "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Patch user
Change details of a user
path Parameters
| subjectId required | string |
Request Body schema: application/jsonrequired
| schemas | Array of strings unique |
| id | string |
| externalId | string |
required | Array of AddOperation (object) or RemoveOperation (object) or ReplaceOperation (object) |
object (Meta) |
Responses
Request samples
- Payload
Content type
application/json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "Operations": [
- {
- "path": "string",
- "op": "string",
- "value": null
}
], - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "userName": "string",
- "name": {
- "formatted": "string",
- "familyName": "string",
- "givenName": "string",
- "middleName": "string",
- "honorificPrefix": "string",
- "honorificSuffix": "string"
}, - "displayName": "string",
- "active": true,
- "emails": [
- {
- "value": "string",
- "display": "string",
- "type": "string",
- "primary": true
}
], - "x509Certificates": [
- {
- "value": "string",
- "display": "string",
- "type": "string",
- "primary": true
}
], - "lastLogin": "string",
- "otpActive": true,
- "resetPassword": true,
- "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Start reset password
Start the reset password flow for a given user
path Parameters
| subjectId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Delete totp configuration
Delete totp configuration by id
path Parameters
| totpDeviceId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve roles
Retrieve roles paginated
query Parameters
| filter | string |
| searchQuery | string Default: "" |
| startIndex | integer <int32> Default: 1 |
| count | integer <int32> Default: 20 |
| sortOrder | string Default: "DESC" Enum: "ASC" "DESC" |
Responses
Response samples
- 200
- 400
- 401
- 403
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "totalResults": 0,
- "itemsPerPage": 0,
- "startIndex": 0,
- "Resources": [
- null
], - "id": "string",
- "externalId": "string",
- "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Create role
Create a new role
Request Body schema: application/jsonrequired
| schemas | Array of strings unique |
| id | string |
| externalId | string |
| displayName | string |
| description | string |
| isEditable | boolean |
Array of objects (ScimPermission) | |
object (Meta) |
Responses
Request samples
- Payload
Content type
application/json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "displayName": "string",
- "description": "string",
- "isEditable": true,
- "permissions": [
- {
- "value": "string"
}
], - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Response samples
- 201
- 400
- 401
- 403
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "displayName": "string",
- "description": "string",
- "isEditable": true,
- "permissions": [
- {
- "value": "string"
}
], - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "displayName": "string",
- "description": "string",
- "isEditable": true,
- "permissions": [
- {
- "value": "string"
}
], - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Response samples
- 204
- 400
- 401
- 403
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "detail": "string",
- "status": 0,
- "traceId": "string",
- "spanId": "string",
- "requestUri": "string",
- "title": "string",
- "code": "string",
- "timestamp": "string",
- "type": "string"
}Patch role
Update the details of a role
path Parameters
| roleId required | string |
Request Body schema: application/jsonrequired
| schemas | Array of strings unique |
| id | string |
| externalId | string |
required | Array of AddOperation (object) or RemoveOperation (object) or ReplaceOperation (object) |
object (Meta) |
Responses
Request samples
- Payload
Content type
application/json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "Operations": [
- {
- "path": "string",
- "op": "string",
- "value": null
}
], - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "displayName": "string",
- "description": "string",
- "isEditable": true,
- "permissions": [
- {
- "value": "string"
}
], - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Retrieve organisations
Retrieve organizations paginated
query Parameters
| filter | string |
| searchQuery | string Default: "" |
| startIndex | integer <int32> Default: 1 |
| count | integer <int32> Default: 20 |
| sortOrder | string Default: "DESC" Enum: "ASC" "DESC" |
Responses
Response samples
- 200
- 400
- 401
- 403
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "name": "string",
- "active": true,
- "parent": {
- "value": "string",
- "display": "string",
- "ref": "string",
- "type": "GROUP"
}, - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Create organization
Create new organization
Request Body schema: application/jsonrequired
| schemas | Array of strings unique |
| id | string |
| externalId | string |
| name | string |
| active | boolean |
Array of objects (ScimInboundCustomAttribute) | |
| parent | string |
object (Meta) |
Responses
Request samples
- Payload
Content type
application/json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "name": "string",
- "active": true,
- "customAttributes": [
- {
- "value": "string",
- "id": "string"
}
], - "parent": "string",
- "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Response samples
- 201
- 400
- 401
- 403
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "name": "string",
- "active": true,
- "parent": {
- "value": "string",
- "display": "string",
- "ref": "string",
- "type": "GROUP"
}, - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Retrieve a single organisation
Retrieve a single organization by id
path Parameters
| organizationId required | string |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "name": "string",
- "active": true,
- "parent": {
- "value": "string",
- "display": "string",
- "ref": "string",
- "type": "GROUP"
}, - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve organization users
Retrieves organizations users
query Parameters
| searchQuery | string Default: "" |
| startIndex | integer <int32> Default: 1 |
| count | integer <int32> Default: 20 |
| sortOrder | string Default: "DESC" Enum: "ASC" "DESC" |
Responses
Response samples
- 200
- 400
- 401
- 403
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "totalResults": 0,
- "itemsPerPage": 0,
- "startIndex": 0,
- "Resources": [
- null
], - "id": "string",
- "externalId": "string",
- "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Create organization user
Create a new organization user
Request Body schema: application/jsonrequired
| organization | string |
| user | string |
| roles | Array of strings |
Array of objects (ScimInboundCustomAttribute) |
Responses
Request samples
- Payload
Content type
application/json
{- "organization": "string",
- "user": "string",
- "roles": [
- "string"
], - "customAttributes": [
- {
- "value": "string",
- "id": "string"
}
]
}Response samples
- 201
- 400
- 401
- 403
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "displayName": "string",
- "active": true,
- "roles": [
- {
- "value": "string",
- "display": "string",
- "ref": "string",
- "type": "string"
}
], - "organization": {
- "value": "string",
- "display": "string",
- "ref": "string",
- "type": "GROUP"
}, - "user": {
- "value": "string",
- "display": "string",
- "ref": "string",
- "type": "MACHINE",
- "createdAt": "2019-08-24T14:15:22Z"
}, - "customAttributes": [
- {
- "value": "string",
- "id": "string"
}
], - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Retrieve single organization user
Retrieve an organization user
path Parameters
| organizationUserId required | string |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "id": "string",
- "externalId": "string",
- "displayName": "string",
- "active": true,
- "roles": [
- {
- "value": "string",
- "display": "string",
- "ref": "string",
- "type": "string"
}
], - "organization": {
- "value": "string",
- "display": "string",
- "ref": "string",
- "type": "GROUP"
}, - "user": {
- "value": "string",
- "display": "string",
- "ref": "string",
- "type": "MACHINE",
- "createdAt": "2019-08-24T14:15:22Z"
}, - "customAttributes": [
- {
- "value": "string",
- "id": "string"
}
], - "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Delete organization user
Delete an organization user by id
path Parameters
| organizationUserId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Send new invitation
Invite new user
Request Body schema: application/jsonrequired
| email required | string non-empty |
| organization required | string non-empty |
| roles | Array of strings unique |
Array of objects (ScimAttributeCommand) | |
Array of objects (ScimAttributeCommand) |
Responses
Request samples
- Payload
Content type
application/json
{- "email": "string",
- "organization": "string",
- "roles": [
- "string"
], - "customAttributes": [
- {
- "id": "string",
- "value": "string"
}
], - "subjectAttributes": [
- {
- "id": "string",
- "value": "string"
}
]
}Response samples
- 204
- 400
- 401
- 403
- 500
Content type
application/scim+json
{ }Retrieve invitations
Retrieve list of invitations
query Parameters
| startIndex | integer <int32> Default: 1 |
| count | integer <int32> Default: 20 |
| sortOrder | string Default: "DESC" Enum: "ASC" "DESC" |
Responses
Response samples
- 200
- 400
- 401
- 403
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "totalResults": 0,
- "itemsPerPage": 0,
- "startIndex": 0,
- "Resources": [
- null
], - "id": "string",
- "externalId": "string",
- "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Invite admins to customer tenant
Request Body schema: application/jsonrequired
| accountId | string |
Responses
Request samples
- Payload
Content type
application/json
{- "accountId": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update password
Request Body schema: application/jsonrequired
| oldPassword required | string non-empty |
| newPassword required | string non-empty |
Responses
Request samples
- Payload
Content type
application/json
{- "oldPassword": "string",
- "newPassword": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Update password
Request Body schema: application/jsonrequired
| oldPassword required | string non-empty |
| newPassword required | string non-empty |
Responses
Request samples
- Payload
Content type
application/json
{- "oldPassword": "string",
- "newPassword": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Patch settings
Request Body schema: application/jsonrequired
| loginUrl | string |
| softLockEnabled | boolean |
| hardLockEnabled | boolean |
| softLockAllowedAttempts | integer <int32> [ 3 .. 20 ] |
| softLockDurationInMinutes | integer <int32> [ 1 .. 2880 ] |
| softLockCounterResetPeriodInMinutes | integer <int32> [ 1 .. 30 ] |
| hardLockCounterResetPeriodInHours | integer <int32> [ 6 .. 72 ] |
| softLockAmountUntilHardLock | integer <int32> [ 2 .. 10 ] |
| authSessionTtlInMinutes | integer <int32> [ 1 .. 60 ] |
| autoLoginEnabled | boolean |
| autoLoginCookieTtlInSeconds | integer <int32> [ 3 .. 60 ] |
| selfRegistrationEnabled | boolean |
| inviteRegistrationEnabled | boolean |
| exportSelfRegistrationEnabled | boolean |
| minutesUntilRegistrationExpires | integer <int32> [ 2 .. 14400 ] |
| expiredRegistrationsCleanupEnabled | boolean |
| expiredRegistrationsMaxAgeInDays | integer <int32> [ 2 .. 90 ] |
| expiredInvitationsCleanupEnabled | boolean |
| expiredInvitationsMaxAgeInDays | integer <int32> [ 2 .. 90 ] |
| updateRegistrationStatusesEnabled | boolean |
| updateInvitationStatusesEnabled | boolean |
| selfRegistrationAcceptedRedirectPaths | Array of strings unique |
| loginWithEmailEnabled | boolean |
| loginWithUsernameEnabled | boolean |
| temporaryUsersCleanupSuffix | string |
| temporaryUsersMaxAgeInDays | integer <int32> |
| temporaryUsersCleanupAttributeName | string |
| temporaryUsersCleanupEnabled | boolean |
| invalidUsersCleanupEnabled | boolean |
| lockedResetPasswordEmailEnabled | boolean |
| canChangeEmail | boolean |
| autoDisableSubjectsWithoutMembershipsEnabled | boolean |
| autoDisableSubjectsWithoutMembershipsThresholdDays | integer <int32> |
| autoDisableInactiveUsersEnabled | boolean |
| autoDisableInactiveUsersThresholdDays | integer <int32> [ 30 .. 1095 ] |
| autoDeleteDisabledUsersEnabled | boolean |
| autoDeleteDisabledUsersThresholdDays | integer <int32> [ 15 .. 1825 ] |
| totpUserEnabled | boolean |
| totpAdminEnabled | boolean |
| issuer | string |
| cookieTtlInSeconds | integer <int32> |
| noOfPreviouslyUsedPasswordsChecked | integer <int32> [ 0 .. 100 ] |
| isCommonPasswordEnabled | boolean |
| passwordMinimumLength | integer <int32> [ 8 .. 60 ] |
| passwordMinimumDigits | integer <int32> [ 1 .. 15 ] |
| passwordMinimumLowercaseLetters | integer <int32> [ 1 .. 15 ] |
| passwordMinimumUppercaseLetters | integer <int32> [ 1 .. 15 ] |
| passwordMinimumSpecialCharacters | integer <int32> [ 0 .. 15 ] |
| resetPasswordExpirationInMinutes | integer <int32> |
| permissionGrantViaAccountRegistrationAllowed | boolean |
| collectEmail | boolean |
Responses
Request samples
- Payload
Content type
application/json
{- "loginUrl": "string",
- "softLockEnabled": true,
- "hardLockEnabled": true,
- "softLockAllowedAttempts": 3,
- "softLockDurationInMinutes": 1,
- "softLockCounterResetPeriodInMinutes": 1,
- "hardLockCounterResetPeriodInHours": 6,
- "softLockAmountUntilHardLock": 2,
- "authSessionTtlInMinutes": 1,
- "autoLoginEnabled": true,
- "autoLoginCookieTtlInSeconds": 3,
- "selfRegistrationEnabled": true,
- "inviteRegistrationEnabled": true,
- "exportSelfRegistrationEnabled": true,
- "minutesUntilRegistrationExpires": 2,
- "expiredRegistrationsCleanupEnabled": true,
- "expiredRegistrationsMaxAgeInDays": 2,
- "expiredInvitationsCleanupEnabled": true,
- "expiredInvitationsMaxAgeInDays": 2,
- "updateRegistrationStatusesEnabled": true,
- "updateInvitationStatusesEnabled": true,
- "selfRegistrationAcceptedRedirectPaths": [
- "string"
], - "loginWithEmailEnabled": true,
- "loginWithUsernameEnabled": true,
- "temporaryUsersCleanupSuffix": "string",
- "temporaryUsersMaxAgeInDays": 0,
- "temporaryUsersCleanupAttributeName": "string",
- "temporaryUsersCleanupEnabled": true,
- "invalidUsersCleanupEnabled": true,
- "lockedResetPasswordEmailEnabled": true,
- "canChangeEmail": true,
- "autoDisableSubjectsWithoutMembershipsEnabled": true,
- "autoDisableSubjectsWithoutMembershipsThresholdDays": 0,
- "autoDisableInactiveUsersEnabled": true,
- "autoDisableInactiveUsersThresholdDays": 30,
- "autoDeleteDisabledUsersEnabled": true,
- "autoDeleteDisabledUsersThresholdDays": 15,
- "totpUserEnabled": true,
- "totpAdminEnabled": true,
- "issuer": "string",
- "cookieTtlInSeconds": 0,
- "noOfPreviouslyUsedPasswordsChecked": 100,
- "isCommonPasswordEnabled": true,
- "passwordMinimumLength": 8,
- "passwordMinimumDigits": 1,
- "passwordMinimumLowercaseLetters": 1,
- "passwordMinimumUppercaseLetters": 1,
- "passwordMinimumSpecialCharacters": 15,
- "resetPasswordExpirationInMinutes": 0,
- "permissionGrantViaAccountRegistrationAllowed": true,
- "collectEmail": true
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve all memberships of a subject (user/client)
path Parameters
| subjectId required | string |
query Parameters
| includePermissions | boolean Default: true Should include permissions in the response result |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve all permissions of a subject in correlation with a group (account/organization)
path Parameters
| subjectId required | string |
| groupId required | string |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve all subjects updated since the specified lastModified date paginated
query Parameters
| lastModifiedSince | string <date-time> Filter by lastModified since, ISO-8601 format |
| lastModifiedCursor | string <date-time> Cursor lastModified value for pagination |
| idCursor | string Cursor id value for pagination |
| sortDirection | string Default: "DESC" Enum: "ASC" "DESC" Sort direction |
| size | integer <int32> <= 10000 Default: 10 Size of page |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve all roles with lastModified since paginated
query Parameters
| lastModifiedSince | string <date-time> Filter by lastModified since, ISO-8601 format |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve all permissions paginated with lastModifiedSince
query Parameters
| lastModifiedSince | string <date-time> Filter by lastModifiedSince, ISO-8601 format |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve all memberships paginated with lastModifiedSince
query Parameters
| lastModifiedSince | string <date-time> Filter by lastModified since, ISO-8601 format |
| lastModifiedCursor | string <date-time> Cursor lastModified value for pagination |
| idCursor | string Cursor id value for pagination |
| sortDirection | string Default: "DESC" Enum: "ASC" "DESC" Sort direction |
| size | integer <int32> <= 10000 Default: 10 Size of page |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve all schemas
Retrieve all SCIM schemas
query Parameters
| startIndex | integer <int32> Default: 1 |
| count | integer <int32> Default: 20 |
Responses
Response samples
- 200
- 400
- 401
- 403
- 500
Content type
application/scim+json
{- "schemas": [
- "string"
], - "totalResults": 0,
- "itemsPerPage": 0,
- "startIndex": 0,
- "Resources": [
- null
], - "id": "string",
- "externalId": "string",
- "meta": {
- "resourceType": "string",
- "created": "2019-08-24T14:15:22Z",
- "lastModified": "2019-08-24T14:15:22Z",
- "version": "string"
}
}Retrieve accessible roles with context. The roles are computed based on the accessible permissions of the user from the token.
query Parameters
| groupId required | string Filter by group context |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Retrieve all permissions accessible to a subject in the context a group. Will return only global permissions if group does not exist
query Parameters
| groupId required | string Filter by group context |
Responses
Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}Response samples
- 400
- 401
- 403
- 500
Content type
application/json
{- "title": "string",
- "status": 0,
- "code": "string",
- "timestamp": "string",
- "traceId": "string",
- "spanId": "string",
- "detail": "string",
- "type": "string",
- "requestUri": "string"
}