Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

As a GET endpoint, there is no body, so JSON parameters are not required in the message body.

GET EndpointExample

/users/{userId}

https://secureauth.company.com/secureauth2/api/v1/users/jdoe
UI Expand
titleWeb Admin configuration notes

WebAdmin Configuration:

  • The isWritable flag is configured in the WebAdmin Data tab.

Profile data edits:

  • Profile data that responds to the GET request can be updated in the WebAdmin.
  • To clear an attribute from the profile, include the schema name and an empty string.

...

The /users PUT / POST endpoints add, update, or delete end user profile properties. SecureAuth IdP updates the user's profile by using the username in the endpoint URL.

PUT / POST EndpointExample

/users/{userId}

https://secureauth.company.com/secureauth2/api/v1/users/jdoe 
UI Expand
titleNotes
  • Extended properties cannot be updated.
  • The userId is included in the URL, so therefore is not a part of the request.
  • The maximum number of properties that can be included in the message body for each of the following attributes are:
    • "phone" = 4
    • "email" = 4
    • "auxId" = 10
    • knowledgeBase "kbq" = 6

...

The /users POST user endpoint creates the new end user profile, so a username is not specified in the endpoint URL

POST EndpointExample

/users/

https://secureauth.company.com/secureauth2/api/v1/users/
UI Expand
titleNotes
  • The request is the same as the one used for update user profile, although you can specify a user ID and password.
  • "Provider error" indicates a failure from the data provider.
  • The user is created at the root of the connection string (LDAP only).
  • To use a specific location for the user profile, the path to the correct OU must be specified in the Connection String on the Data tab.
  • The maximum number of properties that can be included in the message body for each of the following attributes are:
    • "phone" = 4
    • "email" = 4
    • "auxId" = 10
    • knowledgeBase "kbq" = 6

...

The /users POST resetpwd endpoint performs an administrative password reset for the end user. SecureAuth IdP accesses the end user's profile, resets the user's password, and provides a new password by using the username in the endpoint URL.

POST EndpointExample

/users/{userId}/resetpwd

https://secureauth.company.com/secureauth2/api/v1/users/jdoe/resetpwd
UI Expand
titleNotes
  • The current password does not need to be provided by the administrator.
  • A failed response references the text set up in the contextuser_changepwd1-4 fields in the Web Admin.
    • The administrator can edit the text for these fields in the Verbiage Editor in the Web Admin.
    • To access the Verbiage Editor, open the Overview tab and click the Content and Localization link.

...

The /users POST changepwd endpoint performs a password reset for the end user. SecureAuth IdP accesses the end user's profile and lets the end user change that password by using the username in the endpoint URL.

POST EndpointExample

/users/{userId}/changepwd

https://secureauth.company.com/secureauth2/api/v1/users/jdoe/changepwd
UI Expand
titleNotes
  • The end user must provide the existing password to change the password.
  • A failed response references the text set up in the contextuser_changepwd1-4 fields in the Web Admin.
    • The administrator can edit the text for these fields in the Verbiage Editor in the Web Admin.
    • To access the Verbiage Editor, open the Overview tab and click the Content and Localization link.

...

No message body is required because all parameters for this request are present in the call URL.

POST EndpointExample

/users/{userId}/groups/{groupID to associate}

https://secureauth.company.com/secureauth2/api/v1/users/jdoe/groups/admins

Result: userID "jdoe" is associated with the groupID "admins"

...

If any of the userIDs fail to POST, a failure response is generated that lists each userID that failed. userIDs not listed in the failure response successfully POSTed.

POST EndpointExample

/users/{userId}/groups/{groupId}/users

https://secureauth.company.com/secureauth2/api/v1/groups/Sharepoint%20Visitors/users

Result: group "Sharepoint Visitors" is associated with the list of users specified in the message body

...

No message body is required because all parameters for this request are present in the call URL.

POST EndpointExample

/groups/{groupID}/users/{userID to associate}

https://secureauth.company.com/secureauth2/api/v1/groups/admins/users/jdoe 

Result: groupID "admins" is associated with userID "jdoe"

...

If any of the groupIDs fail to POST, a failure response is generated that lists each groupID that failed. groupIDs not listed in the failure response successfully POSTed.

POST EndpointExample

/users/{userId}/groups

https://secureauth.company.com/secureauth2/api/v1/users/jdoe/groups

Result: user "jdoe" is associated with a list of groups specified in the message body

...