Introduction
Welcome to the XXX API. XXX provides a standards-based service to support provisioning of identity data into downstream Identity and Access Management systems without SCIM support. It eliminates the need to develop and maintain many custom connectors.
SCIM VDS includes endpoints for:
1.0 Authentication - creating and managing access tokens
2.0 Identity Administration - querying and managing identities in XXX and all connected systems
Authorization
In order to make an authenticated call to XXX API, you must include your access token with the call. OAuth2 uses a BEARER token that is passed along in an Authorization header. In most cases, the access token is obtained using the POST Access Token (Password) API call. The other cases are described in the specific endpoints.
The POST Access Token endpoint and others listed below require an API key, which you can request on our QuickStart Page.
1.0 Authentication
This section includes API endpoints for getting, refreshing, managing and revoking access tokens.
GET OpenID Connect Config
Example request
curl --location --request GET "https://xxx.net/oauth/.well-known/openid-configuration"
Example response
{
"issuer": "https://xxx.net",
"jwks_uri": "https://xxx.net/oauth/.well-known/jwks",
"authorization_endpoint": "https://xxx.net/oauth/v2/ui/authorize",
"token_endpoint": "https://xxx.net/oauth/v2/token",
"userinfo_endpoint": "https://xxx.net/oauth/v2/userinfo",
"tokeninfo_endpoint": "https://xxx.net/oauth/v2/tokeninfo",
"tokenrevoke_endpoint": "https://xxx.net/oauth/v2/tokenrevoke",
"scopes_supported": [
"openid",
"profile",
"email"
],
"claims_supported": [
"aud",
"iss",
"iat",
"exp",
"auth_time",
"nonce"
],
"response_types_supported": [
"code",
"token",
"id_token",
"id_token token",
"code id_token",
"code token",
"code id_token token"
],
"grant_types_supported": [
"authorization_code",
"client_credentials",
"password",
"refresh_token",
"implicit",
"urn:ietf:params:oauth:grant-type:saml2-bearer",
"urn:ietf:params:oauth:grant-type:certificate-bearer",
"urn:ietf:params:oauth:grant-type:impersonate-bearer",
"urn:ietf:params:oauth:grant-type:jwt-bearer"
],
"subject_types_supported": [
"public"
],
"id_token_signing_alg_values_supported": [
"RS256"
],
"token_endpoint_auth_methods_supported": [
"client_secret_post",
"client_secret_basic"
]
}
This endpoint retrieves configuration data for a tenant.
HTTP Request
GET https://xxx.net/oauth/.well-known/openid-configuration
Get OpenID Connect Web Keys
Example request
curl --location --request GET "https://xxx.net/oauth/.well-known/jwks"
Example response
{
"keys": [
{
"kty": "RSA",
"use": "sig",
"kid": "_lq2NHEiFgQ7UhAVVNiQJ63cnYs",
"x5t": "_lq2NHEiFgQ7UhAVVNiQJ63cnYs",
"e": "AQAB",
"n": "iAK5mwueGN3FD8Qect_LwQ5z554v2_3iP-ojLkoZwafszv5YLoyuTEHvOJeCspTf-YDwwKZ8tobAIl50pN0652QbBKIaimk0erQpFPyEQmN56B9JYAqU2sMFlczmYdbpqOH0uaQwi3ZYahGwAF2vF0hUz0r_X5yuDPZytVABBT4LkqKY3U_f1t0oQrmABCZmEZl_QETdQweVzKklR8x_ypnhl0OQgYExxZ8Dz8_j4bft3CfLZyKd_d8R4LVH_ssKUDX8WqrJFSMZU-iEVSN-xL8xHlOsq16dAB5TUUFC-fApDyoz3Ty5yhCyfbWoAVkXriXLZFa-2m7WS6_AVfADhw",
"x5c": [
"MIIC/zCCAeegAwIBAgIITkVwDg+Dp5IwDQYJKoZIhvcNAQELBQAwJjEkMCIGA1UEAwwbRW1wb3dlcklEIE9BdXRoIENlcnRpZmljYXRlMB4XDTE5MDYyMTAwMDAwMFoXDTIxMDYyMTAwMDAwMFowJjEkMCIGA1UEAwwbRW1wb3dlcklEIE9BdXRoIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAK5mwueGN3FD8Qect/LwQ5z554v2/3iP+ojLkoZwafszv5YLoyuTEHvOJeCspTf+YDwwKZ8tobAIl50pN0652QbBKIaimk0erQpFPyEQmN56B9JYAqU2sMFlczmYdbpqOH0uaQwi3ZYahGwAF2vF0hUz0r/X5yuDPZytVABBT4LkqKY3U/f1t0oQrmABCZmEZl/QETdQweVzKklR8x/ypnhl0OQgYExxZ8Dz8/j4bft3CfLZyKd/d8R4LVH/ssKUDX8WqrJFSMZU+iEVSN+xL8xHlOsq16dAB5TUUFC+fApDyoz3Ty5yhCyfbWoAVkXriXLZFa+2m7WS6/AVfADhwIDAQABozEwLzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQBotQvLAxfc15JSxF3794N7uhAT8cF2tbl6I5Z1noP1PBKO/2dibUzpGViBYLNE4G3PQF2ezDIsnoIfQnrdebZR3PxHHAvTjd+hSOCxUNRPi6PpeZCwPAw1DaJhbKSoYzamgOLbQHTFhXiIAmoKTI3PkV94o6NEIsv5xTfaffRqXmmCygQjlf4U7odeMNsAJKC650FnFc6KWzcUgfuE836yI1M2fS1OI/1o16QJzpYRPsfp4T1p2+59urzj17kFuU6Fm3/osxcMWlpBdg2K6pQzSnEm+83RfFdEf8yCkf0yroo4rqpMCDTKaNekrK5LuxtfRdP64H2jJI3nTwPgAGMD"
]
},
{
"kty": "RSA",
"use": "sig",
"kid": "mrTa7pmCADwefR_cP0jTo92V7vc",
"x5t": "mrTa7pmCADwefR_cP0jTo92V7vc",
"e": "AQAB",
"n": "sr1qLVDXYpeaIwMN6g1aDMZdlLCPIVSaRrcWuHybD5JvJ21gWoAnk05kAp5asnlD4xUg2JiGVe8yWJif1hSQiprfpTqsWSTEQxYzT-kPssbJtbMNcte8LJ8nCxZcsH5RSMiUK8gpQB4Cpp-jAcHXBzF8M9wAI-66KNR0Ue8qc-j3B7W0irWsLOfh76ituppdZmL-H4WRrwqyy-jzXYsadZk1I9xGdaX6_y0CKkWGeQ8vJ-oEezoXhIkVOJYC5CuK8Ihs7PsjXr1oF3kUCui4yyTb2CBGiZ2Tj82twGC7X_f1Z4fXJxbxcicAZU2NeMzMFNU0iLaI50MSB0oSJ6cl1ujfr4eiFPZkfs3c9zXhTauTZ7j5jB9B6MOC6x--U_J74n1csJ38oFIAVniAEGVXbeC2SEQX2CFJ2t6YGV_BiWj7LLdCJMG80oh-WcROmi2bapeOSdtH9hPSf2OZwP_fqylYMZ1CVZjbVwcMFX5BNNJDjVM_-sQ9c1UsCpD5Lojf8OC7HUAxO4JuSz-TlHfyohjuvHLYWwuhWnoFfOlWRPxw39Y1k7v0xTYTjGc8BmsBiApnkZL7JbHE333Y2jGJoDmR8MCkqAT3QokIfj0gsjmPvfiJBQGZ2ysEAkmYZ27f-Zc5BsXMdfw05X-7zB79EDbnu6Hq8Vr8bBR4xBwF_9M",
"x5c": [
"MIIGNTCCBR2gAwIBAgIIZZxXZN8OjLQwDQYJKoZIhvcNAQELBQAwgbQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIEwdBcml6b25hMRMwEQYDVQQHEwpTY290dHNkYWxlMRowGAYDVQQKExFHb0RhZGR5LmNvbSwgSW5jLjEtMCsGA1UECxMkaHR0cDovL2NlcnRzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvMTMwMQYDVQQDEypHbyBEYWRkeSBTZWN1cmUgQ2VydGlmaWNhdGUgQXV0aG9yaXR5IC0gRzIwHhcNMTgwMTIyMTYyMjAwWhcNMjEwMTIyMTYyMjAwWjA+MSEwHwYDVQQLExhEb21haW4gQ29udHJvbCBWYWxpZGF0ZWQxGTAXBgNVBAMMECouZW1wb3dlcmlhbS5jb20wggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCyvWotUNdil5ojAw3qDVoMxl2UsI8hVJpGtxa4fJsPkm8nbWBagCeTTmQCnlqyeUPjFSDYmIZV7zJYmJ/WFJCKmt+lOqxZJMRDFjNP6Q+yxsm1sw1y17wsnycLFlywflFIyJQryClAHgKmn6MBwdcHMXwz3AAj7roo1HRR7ypz6PcHtbSKtaws5+HvqK26ml1mYv4fhZGvCrLL6PNdixp1mTUj3EZ1pfr/LQIqRYZ5Dy8n6gR7OheEiRU4lgLkK4rwiGzs+yNevWgXeRQK6LjLJNvYIEaJnZOPza3AYLtf9/Vnh9cnFvFyJwBlTY14zMwU1TSItojnQxIHShInpyXW6N+vh6IU9mR+zdz3NeFNq5NnuPmMH0How4LrH75T8nvifVywnfygUgBWeIAQZVdt4LZIRBfYIUna3pgZX8GJaPsst0IkwbzSiH5ZxE6aLZtql45J20f2E9J/Y5nA/9+rKVgxnUJVmNtXBwwVfkE00kONUz/6xD1zVSwKkPkuiN/w4LsdQDE7gm5LP5OUd/KiGO68cthbC6FaegV86VZE/HDf1jWTu/TFNhOMZzwGawGICmeRkvslscTffdjaMYmgOZHwwKSoBPdCiQh+PSCyOY+9+IkFAZnbKwQCSZhnbt/5lzkGxcx1/DTlf7vMHv0QNue7oerxWvxsFHjEHAX/0wIDAQABo4IBvjCCAbowDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDgYDVR0PAQH/BAQDAgWgMDcGA1UdHwQwMC4wLKAqoCiGJmh0dHA6Ly9jcmwuZ29kYWRkeS5jb20vZ2RpZzJzMS04MDIuY3JsMF0GA1UdIARWMFQwSAYLYIZIAYb9bQEHFwEwOTA3BggrBgEFBQcCARYraHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzAIBgZngQwBAgEwdgYIKwYBBQUHAQEEajBoMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5nb2RhZGR5LmNvbS8wQAYIKwYBBQUHMAKGNGh0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeS9nZGlnMi5jcnQwHwYDVR0jBBgwFoAUQMK9J47MNIMwojPX+2yz8LQsgM4wKwYDVR0RBCQwIoIQKi5lbXBvd2VyaWFtLmNvbYIOZW1wb3dlcmlhbS5jb20wHQYDVR0OBBYEFMgbjQt3GR/bWU4ykfZnmkNfb9v2MA0GCSqGSIb3DQEBCwUAA4IBAQC4WjqoZsdzHzM6cyvfJmcV8970KljLcwK2UR/sBDojqUrkWiKnKoJiOzeCrGt8tB8mSyV5MzhuEmlcgHFkMJzbuOormYMLwYvEz6O8WvcMEvDXJfjJa73bkSVX8lI+Gk9P2i2O5VCS4dETVpsO8S4FhDO7dKp7ypn3wqE/+uCIh4qimQZbzp51Kd/BlvOIMKvQp00oNSN09FIUCU4dewyH3xa5gQc4Ubjr33sf3qixZkX/jJoePkR7FG4/UUYbh5iBW7hsrBXU523as+H6eUVenGq+YLTp0JC4ixRoVFmRtfvBAaqzJWtOYqB55cBJzRijjvl8Hh4XygTyHz8p/GKj"
]
},
{
"kty": "RSA",
"use": "sig",
"kid": "3jaJpg7iYf8tDinNGobcK0_Ws44",
"x5t": "3jaJpg7iYf8tDinNGobcK0_Ws44",
"e": "AQAB",
"n": "gx-FkcFVuVJBRPiaUrWz38k5mQdQp4FdwZ3aTJOf1Dj9WJ0JJVTcsbVUQ_OA39Pqg6rXmQLV6TaMyzIzmvEcc8UDf2U0EMlzPhWUV1lGZwDnvVb9913MQv6WJ9rPY9TeYoYYHX4VYWOPkvbM09Lt5WNwgwp4obyMeg1zuc0Wtj4gVeUmMoFgwGhgSznvBGNnC2oo4QEoGfrgUyonuDjeID7E6IkGWnd0wWCSwfUOw75ts0tptRQ8YPdMW8HoDlIaZo-ovuEnU-WrFom80Lm4FbFJc5Ts_HxUoXHj7bSQaSKP1WuYnu23Eb6_hrsdFEFtprQHBWG0MxDPx8B0Vsdviw",
"x5c": [
"MIIDEjCCAfqgAwIBAgIQGNJ+GYECN7xA/XvD1sHgIzANBgkqhkiG9w0BAQsFADAyMTAwLgYDVQQDEydNaWNoYWVsLVdpbjE2LnRoZWRvdG5ldGZhY3RvcnkuaW50ZXJuYWwwHhcNMTgwNjAxMTQyNzQ0WhcNMTkwNjAxMDAwMDAwWjAyMTAwLgYDVQQDEydNaWNoYWVsLVdpbjE2LnRoZWRvdG5ldGZhY3RvcnkuaW50ZXJuYWwwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCDH4WRwVW5UkFE+JpStbPfyTmZB1CngV3BndpMk5/UOP1YnQklVNyxtVRD84Df0+qDqteZAtXpNozLMjOa8RxzxQN/ZTQQyXM+FZRXWUZnAOe9Vv33XcxC/pYn2s9j1N5ihhgdfhVhY4+S9szT0u3lY3CDCnihvIx6DXO5zRa2PiBV5SYygWDAaGBLOe8EY2cLaijhASgZ+uBTKie4ON4gPsToiQZad3TBYJLB9Q7Dvm2zS2m1FDxg90xbwegOUhpmj6i+4SdT5asWibzQubgVsUlzlOz8fFShcePttJBpIo/Va5ie7bcRvr+Gux0UQW2mtAcFYbQzEM/HwHRWx2+LAgMBAAGjJDAiMAsGA1UdDwQEAwIEMDATBgNVHSUEDDAKBggrBgEFBQcDATANBgkqhkiG9w0BAQsFAAOCAQEAW7uC6Q2t8fhHBIW8/bfaBUkMpE5D0F0u0vWe9i6FUfidpTOlMh/HoTaggnbFpEXajvfPM6PwpIuel8xtfs4wESvZgjV9sBT7ItVaHI610VLG5swhCjMoJYyq7rTyBZ50BhJP8x1pEVeFCbHp+vNDsrOUuX4t156BMvUW84domffSqncG1BoyflwE+BrawO/lN3Uiy1U2Z5GhZaUVaHaTLiEeHBL4N4S9qq5Ei2ml/niviJgsAEhGIx9N3RZFreaUgAyABeo247j2I6WRrzXWZvWaIRjNR2cS8Q+xfTpWnICKg8cRRm7/fhMasbisl/IKgW5wpe/1IE0iX0REmyuubQ=="
]
},
{
"kty": "RSA",
"use": "sig",
"kid": "DXyhbYjljijVQ4g_DznZe-d18Ok",
"x5t": "DXyhbYjljijVQ4g_DznZe-d18Ok",
"e": "AQAB",
"n": "kHNEGgR4a_TVqVx0NohjwBynpVstePwDzUNTubxN7POxZQm44BLrd5NnzmbCeBosbO6JRa3yWs3tNmB7rRbLo20E29MsrXj_CQ4UzvrdYrptns0L7alxn5mhHqYg9P6B1VJBNaYHo9PvX-nO6GnyYfpj3622wAkqsLL3AUCOGd5yDzL-LrR2S0mWPecvynTTZP4krPrLPdWlWmbq9hbDme-H9Ijl1TLv5lO9GM-gmvwagDRI0rcIy4P4fHIU9kpKkg2mw6wTaQD8Yqb6crfKAX5bJt_HXNLnKeK4TfSGmE7gvBmoU_0Q71i-t8xYor_RJtNb1wVmZAwvMgh6JAxJ1Q",
"x5c": [
"MIIDCzCCAfOgAwIBAgIIZ9nE/VxSO1AwDQYJKoZIhvcNAQELBQAwLDEqMCgGA1UEAwwhRW1wb3dlcklEIFNlbGYtc2lnbmVkIENlcnRpZmljYXRlMB4XDTE4MDcyNDAwMDAwMFoXDTIwMDcyNDAwMDAwMFowLDEqMCgGA1UEAwwhRW1wb3dlcklEIFNlbGYtc2lnbmVkIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHNEGgR4a/TVqVx0NohjwBynpVstePwDzUNTubxN7POxZQm44BLrd5NnzmbCeBosbO6JRa3yWs3tNmB7rRbLo20E29MsrXj/CQ4UzvrdYrptns0L7alxn5mhHqYg9P6B1VJBNaYHo9PvX+nO6GnyYfpj3622wAkqsLL3AUCOGd5yDzL+LrR2S0mWPecvynTTZP4krPrLPdWlWmbq9hbDme+H9Ijl1TLv5lO9GM+gmvwagDRI0rcIy4P4fHIU9kpKkg2mw6wTaQD8Yqb6crfKAX5bJt/HXNLnKeK4TfSGmE7gvBmoU/0Q71i+t8xYor/RJtNb1wVmZAwvMgh6JAxJ1QIDAQABozEwLzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQAJzHYWi+ZQPCgtVn6QNKgL8wjKwuK1xdeC40+apwNBy3I7XjSTJw0cXjsRZoR578U8j+T+WxusR3ZyfjV4A4xAC/G0SGC9JzO3JgYf7Y5MxcEHrcq9PH00sLRLFx/lhFqPMRjkI8GkwYnA9nvq3dNkX+ETUd7wWNvq501ZHNyeGRBMiF2YvRk1X8eS+X35Tb2o7cWDzQzbo3EylYDXc6FfXRLUc8mPFLA9et3dJVD7+pccSlsb5bBfSrL/IEs7qKe3D+Yuw7AgaVIfldBcorSXJNAjtUjjT0FcGoFbS9xrWfaWGo1HP/FslR3PwE8yWajOn1levE2mqYKSgDOTLw2+"
]
},
{
"kty": "RSA",
"use": "sig",
"kid": "szn7iHCjxiXVOM45QW2K100R1Qw",
"x5t": "szn7iHCjxiXVOM45QW2K100R1Qw",
"e": "AQAB",
"n": "roIYhFGbgYf0tXvAH2ydYZT3pG2SbML9azXR0OKj3YBEMAGO2rrdHkF3IUCql5xaoN5j99bjuVneD8DBaE_A32u6lSloTx41fC2XZ1Wsf26lIOYJwuESxjaT6-84r20en6H3nqsx02uej9f9bbFM2tw-j74WTDoY3sCjeUzwCiy-oX0eLsygL_tI2bVZY4KiMgqPXzP6rvj8qg5CMpSYIb8q6qD1vsYsKR6VRNJDvMpm3juRgU668XEbbtA0szuw1Nrp3UhH4KVGxEvcWIUJ1aH5MjD8NVTfswnUHVRwfpg3NcpZO_pHwulqDwTNi94o6KFPjkZ8qtJoAzcuwaId0Q",
"x5c": [
"MIIDCzCCAfOgAwIBAgIIZiTwalbu2CMwDQYJKoZIhvcNAQELBQAwLDEqMCgGA1UEAwwhRW1wb3dlcklEIFNlbGYtc2lnbmVkIENlcnRpZmljYXRlMB4XDTE4MDgxMDAwMDAwMFoXDTIwMDgxMDAwMDAwMFowLDEqMCgGA1UEAwwhRW1wb3dlcklEIFNlbGYtc2lnbmVkIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAroIYhFGbgYf0tXvAH2ydYZT3pG2SbML9azXR0OKj3YBEMAGO2rrdHkF3IUCql5xaoN5j99bjuVneD8DBaE/A32u6lSloTx41fC2XZ1Wsf26lIOYJwuESxjaT6+84r20en6H3nqsx02uej9f9bbFM2tw+j74WTDoY3sCjeUzwCiy+oX0eLsygL/tI2bVZY4KiMgqPXzP6rvj8qg5CMpSYIb8q6qD1vsYsKR6VRNJDvMpm3juRgU668XEbbtA0szuw1Nrp3UhH4KVGxEvcWIUJ1aH5MjD8NVTfswnUHVRwfpg3NcpZO/pHwulqDwTNi94o6KFPjkZ8qtJoAzcuwaId0QIDAQABozEwLzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQCfoSV28iwT56yp2qmG+YWM8N9qF8O0ok5ze3tnYhB7a35RYpzjcUKpyuMuU1+si9bB52SPHfiP5tCMQ+hQcFJCJ8UfQjiFnQTLLZPYOEklpHhWERd47jKbpFaLDKZJ+KnRk2AB2EwG5kju8RFJW9k29N9qkGLoNxwOJMNyB0Rj1ZDOhxgAKKJYAuk0l0JjQ7fRxbzD37G2VySUSj059EYMANTOY5SGWPxDkT7k1XHkPzwfcTjjXqDrCMMyLDLyRg8bvEyZxTc0vjPGqb7fUipXmqEpm/QHFpuy5kSG0lcLuD4cHbVSD/YCxyARbVSww0ReQEnLqgWOTIgx/bRPkpSB"
]
},
{
"kty": "RSA",
"use": "sig",
"kid": "FkW4n4nwll1WTM9fepcTsKXS6_I",
"x5t": "FkW4n4nwll1WTM9fepcTsKXS6_I",
"e": "AQAB",
"n": "q4RmNq_hjrWurcT29C32PeNu8d-hGX7oBJqFJUgc_dqCCKUjnBNn3k8Xuq-TmdoTCiziguvmn3SxQpHmmBHb1UAdr3O3x8jNSwo0pcSmTlOgwkwveEoxzukoEL9PdZq1uei1xE4K1ggk_4YslujERCm_mLm_lyzkAC8VhLjphthvvkeWw1LIlwvqCwuFFrpwxaWFQ9FZiUXKRDxSQsndgddKnQDjI5LomkRymcQR1SBaMLLTrBcCBVyV7dstx0_3Veq7CrYv5KAFSkdpx0Iy8MZ5cX63HmclUuzmscdmHACro1lkWNynI7nIlit1hVjbljBSksdfEn26f8SpS_rJ4w",
"x5c": [
"MIIDCzCCAfOgAwIBAgIIFKbO+cngoW4wDQYJKoZIhvcNAQELBQAwLDEqMCgGA1UEAwwhRW1wb3dlcklEIFNlbGYtc2lnbmVkIENlcnRpZmljYXRlMB4XDTE4MDMyOTAwMDAwMFoXDTIwMDMyOTAwMDAwMFowLDEqMCgGA1UEAwwhRW1wb3dlcklEIFNlbGYtc2lnbmVkIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4RmNq/hjrWurcT29C32PeNu8d+hGX7oBJqFJUgc/dqCCKUjnBNn3k8Xuq+TmdoTCiziguvmn3SxQpHmmBHb1UAdr3O3x8jNSwo0pcSmTlOgwkwveEoxzukoEL9PdZq1uei1xE4K1ggk/4YslujERCm/mLm/lyzkAC8VhLjphthvvkeWw1LIlwvqCwuFFrpwxaWFQ9FZiUXKRDxSQsndgddKnQDjI5LomkRymcQR1SBaMLLTrBcCBVyV7dstx0/3Veq7CrYv5KAFSkdpx0Iy8MZ5cX63HmclUuzmscdmHACro1lkWNynI7nIlit1hVjbljBSksdfEn26f8SpS/rJ4wIDAQABozEwLzAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBCwUAA4IBAQBX+HDkCg1yyclbE869XgO/kHVWJ+W+75ORRVRxUDQE7R8BjYY8yLol7cymLVVghGxBs39/3mVVqmvqOztCZDFKQvMC9EgZwjdM6qZ2rGXpsw8/jXWX6YaxKSqKJh+yfFqc5OqVrIvTNsZbaTDhfYE/w6jtGoNakhsA2xxAGwh60oUd4Yt/tFvVUGb1kE7cDs8up4ELh9psSquSf0R7uhGNqIgWgFa34Qn7VPv0zbTH2umk/1xYJD5p1xta7Gi8WF/Q2uGtKuwukYUCPQO6u3f5/2e5IUtDhbP7BP6p/+HSxlNwtht/ny5I6P3mqWndQG3VbcAL4LtoUc6DZL/zDy7f"
]
},
{
"kty": "RSA",
"use": "sig",
"kid": "hAJOk3hqmJ_MtXHX4GQWnO4cpKM",
"x5t": "hAJOk3hqmJ_MtXHX4GQWnO4cpKM",
"e": "AQAB",
"n": "sr1qLVDXYpeaIwMN6g1aDMZdlLCPIVSaRrcWuHybD5JvJ21gWoAnk05kAp5asnlD4xUg2JiGVe8yWJif1hSQiprfpTqsWSTEQxYzT-kPssbJtbMNcte8LJ8nCxZcsH5RSMiUK8gpQB4Cpp-jAcHXBzF8M9wAI-66KNR0Ue8qc-j3B7W0irWsLOfh76ituppdZmL-H4WRrwqyy-jzXYsadZk1I9xGdaX6_y0CKkWGeQ8vJ-oEezoXhIkVOJYC5CuK8Ihs7PsjXr1oF3kUCui4yyTb2CBGiZ2Tj82twGC7X_f1Z4fXJxbxcicAZU2NeMzMFNU0iLaI50MSB0oSJ6cl1ujfr4eiFPZkfs3c9zXhTauTZ7j5jB9B6MOC6x--U_J74n1csJ38oFIAVniAEGVXbeC2SEQX2CFJ2t6YGV_BiWj7LLdCJMG80oh-WcROmi2bapeOSdtH9hPSf2OZwP_fqylYMZ1CVZjbVwcMFX5BNNJDjVM_-sQ9c1UsCpD5Lojf8OC7HUAxO4JuSz-TlHfyohjuvHLYWwuhWnoFfOlWRPxw39Y1k7v0xTYTjGc8BmsBiApnkZL7JbHE333Y2jGJoDmR8MCkqAT3QokIfj0gsjmPvfiJBQGZ2ysEAkmYZ27f-Zc5BsXMdfw05X-7zB79EDbnu6Hq8Vr8bBR4xBwF_9M",
"x5c": [
"MIIGKzCCBROgAwIBAgIJAOEHwy0C7ul3MA0GCSqGSIb3DQEBCwUAMIG0MQswCQYDVQQGEwJVUzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UEChMRR29EYWRkeS5jb20sIEluYy4xLTArBgNVBAsTJGh0dHA6Ly9jZXJ0cy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzEzMDEGA1UEAxMqR28gRGFkZHkgU2VjdXJlIENlcnRpZmljYXRlIEF1dGhvcml0eSAtIEcyMB4XDTE1MDYxMTE0NTc0MFoXDTE4MDEyMTE4NTYzOVowPjEhMB8GA1UECxMYRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkMRkwFwYDVQQDDBAqLmVtcG93ZXJpYW0uY29tMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsr1qLVDXYpeaIwMN6g1aDMZdlLCPIVSaRrcWuHybD5JvJ21gWoAnk05kAp5asnlD4xUg2JiGVe8yWJif1hSQiprfpTqsWSTEQxYzT+kPssbJtbMNcte8LJ8nCxZcsH5RSMiUK8gpQB4Cpp+jAcHXBzF8M9wAI+66KNR0Ue8qc+j3B7W0irWsLOfh76ituppdZmL+H4WRrwqyy+jzXYsadZk1I9xGdaX6/y0CKkWGeQ8vJ+oEezoXhIkVOJYC5CuK8Ihs7PsjXr1oF3kUCui4yyTb2CBGiZ2Tj82twGC7X/f1Z4fXJxbxcicAZU2NeMzMFNU0iLaI50MSB0oSJ6cl1ujfr4eiFPZkfs3c9zXhTauTZ7j5jB9B6MOC6x++U/J74n1csJ38oFIAVniAEGVXbeC2SEQX2CFJ2t6YGV/BiWj7LLdCJMG80oh+WcROmi2bapeOSdtH9hPSf2OZwP/fqylYMZ1CVZjbVwcMFX5BNNJDjVM/+sQ9c1UsCpD5Lojf8OC7HUAxO4JuSz+TlHfyohjuvHLYWwuhWnoFfOlWRPxw39Y1k7v0xTYTjGc8BmsBiApnkZL7JbHE333Y2jGJoDmR8MCkqAT3QokIfj0gsjmPvfiJBQGZ2ysEAkmYZ27f+Zc5BsXMdfw05X+7zB79EDbnu6Hq8Vr8bBR4xBwF/9MCAwEAAaOCAbMwggGvMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA4GA1UdDwEB/wQEAwIFoDA2BgNVHR8ELzAtMCugKaAnhiVodHRwOi8vY3JsLmdvZGFkZHkuY29tL2dkaWcyczEtODcuY3JsMFMGA1UdIARMMEowSAYLYIZIAYb9bQEHFwEwOTA3BggrBgEFBQcCARYraHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5LzB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmdvZGFkZHkuY29tLzBABggrBgEFBQcwAoY0aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5LmNvbS9yZXBvc2l0b3J5L2dkaWcyLmNydDAfBgNVHSMEGDAWgBRAwr0njsw0gzCiM9f7bLPwtCyAzjArBgNVHREEJDAighAqLmVtcG93ZXJpYW0uY29tgg5lbXBvd2VyaWFtLmNvbTAdBgNVHQ4EFgQUyBuNC3cZH9tZTjKR9meaQ19v2/YwDQYJKoZIhvcNAQELBQADggEBAGkAOy25sxzLqW9tEiUWYwhPn/T4G8Gpc0NfHc4OeTn6hMqNnQuPDGdDrPNDfOm/UIc8yZCRNgCC4+NqUl/EzEucvZG8RfTthsjswwt5cJ0Aq889Xz3QQURN1kFq32pI24DXVA2EBhdtB59kQDY10w3QteDyrf50khx+5RhJBymJg1vmAjgst/RJzC1sdQ4cfvfWvcay/S0Wh6n2IOENBaXdfR5Qqjj4UolCJQDqF6KcHe9mJjoFlI9v9SPsl5IP45Pej9EKx/ZV0zVX/mk6UF/fI86v7syO0V1dHilrtiXYTqreUbZW1JiTivInbPcIJf9xhIFNosQu84FGD82zYLg="
]
}
]
}
This endpoint retrieves public keys.
HTTP Request
GET https://xxx.net/oauth/.well-known/jwks
POST Access Token (Password)
Example request
curl --location --request POST "https://xxx.net/oauth/v2/token" \
--header "Content-Type: application/x-www-form-urlencoded" \
--header "Authorization: Basic cGF0cmljazpwQCQkdzByZA==" \
--data "client_id=3542a382-60ef-4a49-85c4-30831fa1a474&client_secret=4d045e04-7f76-4fea-8041-4430e53a440c&grant_type=password&scope=openid"
Example response
{
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFbXBvd2VySUQiLCJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiMzU0MmEzODItNjBlZi00YTQ5LTg1YzQtMzA4MzFmYTFhNDc0IiwiZXhwIjoxNTY4MTgyMDk0LCJuYmYiOjE1NjQ1ODIwOTQsImlhdCI6MTU2NDU4MjA5NCwianRpIjoiYTQyZTg4N2YtZjdlMy00MmQ3LThlZjAtZjU4MDIwZjFiMmM2IiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJkMzk5NzY1ZC1mY2Q3LTQ1YzktOTEzZi0yYjBjOWU2NWY4YjciLCJkaXNwbGF5TmFtZSI6IlBhdHJpY2sgUGFya2VyIiwiZW1haWwiOiJwYXRyaWNrQHBhdHJpY2twYXJrZXIuY29tIn19.lTEy42mU6zGwvGbDmwLXWbFuTtZ1jNesaPqwDL3gCp_Rh8gseJdJ_admy-gXaJ1V2oh2PP6WyIeBd93iPloR7k9-i10zdxL6zevA2LLUpoh_iisrnPS1wlw8LAehe7fAt3wvTPAxF5roNJAl3wI7_jOVoOh0FEtAFuXRahTPpecX98pyKINnz_dMSv0jQz0p8pEiNl_dQ5bvEs4R7DxUMzWXrgW0MPeKF4tvzbwBdIA5QIsknUeHb4nGBpaLV7S8upDX5X2BS1_AQwYkNzzQb8cs8Zb6XXqnnVnAW8tcCqJP8l0J2mUykQLqtFi57H-5FvRBpb0P49Fz_tm_-MTbdZkY8JWjUjbtbrJKHPNOQEgvkeKJXgeC8BpqouQpGBKgzvgdPVAEf0mIZeMtywn387PfGRLp4Ie_f0g8UsxZRTaEH4_f8j4kh9nhX82Sv2YQ8Kz_WJPpaTR1CR7yrzjz6k0w3GQnGZEeJE_IPIej7u4QKL-jCkOj_545fCvCh10mZ60-GrupkRnQucdnxuBOXRJxnOOgSRYi_zzchFLTigZQe7zOjm7zcEwWyrydn5O_hFk3JzjEy15DlmZWgvZqSs3T9IERAAIIBoHPq7UTXIpGMiFxJ8YfPOCUqXnLzhPz6xawFR-f5JDQzZvqWmK8vHrH1hqQmYCbk5Si6TaJGJ8",
"token_type": "Bearer",
"expires_in": 3600000,
"refresh_token": "cm50Nlo2T1dEdlp2SFpDZm5TTTVMOHoyR1lrMER6V1hKY2xrcFNWRS9RL3BsOXhvNTlrUnVuclN4K1Y5TUlaRw",
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFbXBvd2VySUQiLCJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiMzU0MmEzODItNjBlZi00YTQ5LTg1YzQtMzA4MzFmYTFhNDc0IiwiZXhwIjoxNTY4MjU0MDQyLCJuYmYiOjE1NjEwNTQwNDIsImlhdCI6MTU2NDY1NDA0MiwiYXpwIjoiMzU0MmEzODItNjBlZi00YTQ5LTg1YzQtMzA4MzFmYTFhNDc0IiwiYXRfaGFzaCI6IklkZkt1bHNvQk9RNXg2VWRVeWJmdUEiLCJqdGkiOiJkNjMxMjljMC05ZDQyLTRiMWQtYjQ4Ni0wNzY2NTQ5ODk2ZDQiLCJhdHRyaWIiOnt9fQ.AvtHJ3iEZhI8lUMqsWiivosjv4PTsjWuT25dRsk41jLICz4dGqh7e9byNOBtVzfiR9LVaej0oOJKgfS3ef8saLRkmSmrmvCRs4RhYunZPVBhwpT2DbHMlQBaw7Myp2X6AXVflF5APuxYL-OlavOziDq9b_8x50eWLOJumGJPQepTFC3vzHVXyal23m89XCJhRPuuBd7A5DMcXsJcIhBykqxzgDQBkSlA1CYiVKirxnZLI5ALBW1sPessxAaGmnI0Otvxm1mXXKWTMJxi7J8AirMY12Gc-bdmQpbOkVNrQq2gN8jatQL0MZNDuYk4__HGfOKHemeXgskfZQg2mrisUFKT5fRQcUrPKVkwU6kvGlWr2lvN6JlEJDnKC_aKWpvJVTWuCRI2H-a1yCbZIeJ4e3HY7VaKLeVoNZm-kTwLj2h8M3fDtmT_Gn9SwyAYrg6CMN-nPrEz8XQ0JcZlzbJYLeCzHUuHB5G368o-dNjmE90S0ZReQqALFmvKK2KY3KX4rt3HkJNqWpOyf8NyatXAjIvHPjFHRXWSgCO5g8nfrgJuvXKBFRA4C5VC3vB8YMvpOWvcvL-IEZT05sePUVqq5fAbV-c58KTMosctdjNevdGAbn0sfWKVagsfavN0UyVJ95tVGD6ByBWfFpAEqudqxOACTTfvktWm8wt1UL1kS-I",
"id": "d399765d-fcd7-45c9-913f-2b0c9e65f8b7"
}
This endpoint retrieves the access token, ID token and refresh token for a given user name and password. The retrieved tokens can be used in the 1.0 POST Refresh Token, POST User Info and POST Token Info endpoints listed below, as well as the 2.0 Identity Administration endpoints.
HTTP Request
POST https://xxx.net/oauth/v2/token
Headers
| Parameter | Value |
|---|---|
| Content-Type | application/x-www-form-urlencoded |
| Authorization | Basic <Base64 Encoded UserName:Password> |
Body urlencoded
| Parameter | Value |
|---|---|
| client_id | <OAuth application Client ID> |
| client_secret | <OAuth application Client Secret> |
| grant_type | password |
| scope | openid |
POST Access Token (Authorization code)
Example request
curl --location --request POST "https://xxx.net/oauth/v2/token" \
--header "Content-Type: application/x-www-form-urlencoded" \
--data "client_id=3542a382-60ef-4a49-85c4-30831fa1a474&client_secret=4d045e04-7f76-4fea-8041-4430e53a440c&grant_type=authorization_code&code=bW5lWmNYT0VxMnAxRFQwUFIwNy84czBpUkdDTTY2RitjRkFhd0JXUXVOM3MzUXZ4TlptYTgrdUw2akdVMDRSdGc2V1h6WjdOV1NXVmFDMzEwbGsvYUE9PQ"
This endpoint retrieves the access token for a given authorization code. The Authorization Code grant type is used by web and mobile apps. It differs from other grant types in that it first requires that the app launch a browser. The basic process is as follows:
- The application opens a browser to direct the user to the OAuth Server.
- An authorization prompt is displayed to the user who approves the request from the application.
- The user is redirected back to the application with an authorization code in the query string.
- The application exchanges the authorization code for an access token.
HTTP Request
POST https://xxx.net/oauth/v2/token
Headers
| Parameter | Value |
|---|---|
| Content-Type | application/x-www-form-urlencoded |
| X-API-Key | API Key supplied by XXX |
Body urlencoded
| Parameter | Value |
|---|---|
| client_id | <OAuth application Client ID> |
| client_secret | <OAuth application Client Secret> |
| grant_type | authorization_code |
| code | <Authorization Code> |
POST ID/Access Token - Client credentials grant type
Example request
curl --location --request POST "https://xxx.net/oauth/v2/token" \
--header "Content-Type: application/x-www-form-urlencoded" \
--header "X-API-Key: <OAuth application API Key>" \
--data "client_id=%3COAuth%20application%20Client%20ID%3E&client_secret=%3COAuth%20application%20Client%20Secret%3E&grant_type=client_credentials&scope=openid&response_type=id_token%20token"
This endpoint is used by clients to obtain an access token outside the context of a user. It is typically used by clients to access their own resources rather than another user's resources.
HTTP Request
POST https://XXX.net/oauth/v2/token
Headers
| Parameter | Value |
|---|---|
| Content-Type | application/x-www-form-urlencoded |
| X-API-Key | API Key supplied by XXX |
Body urlencoded
| Parameter | Value |
|---|---|
| client_id | <OAuth application Client ID> |
| client_secret | <OAuth application Client Secret> |
| grant_type | client credentials |
| scope | openid |
| response_type | id_token token |
POST ID/Access Token - SAML Assertion grant type
Example request
curl --location --request POST "https://XXX.net/oauth/v2/token" \
--header "Content-Type: application/x-www-form-urlencoded" \
--header "X-API-Key: <OAuth application API Key>" \
--data "assertion=%3CSAML%20assertion%3E&grant_type=urn%3Aietf%3Aparams%3Aoauth%3Agrant-type%3Asaml2-bearer&scope=openid"
This endpoint enables clients using existing SAML SSO and IdP infrastructure to obtain OAuth 2.0 tokens for accessing protected resources such as web APIs. The basic process is as follows:
- A user initiates a login to an application.
- The application as a SAML 2.0 SP redirects the user to the SAML 2.0 IdP and receives a SAML assertion on success.
- If access to an OAuth 2.0 protected resource (e.g. a web API) is required, the client exchanges the SAML 2.0 assertion for an access token at the token endpoint of the Connect2id server.
HTTP Request
POST https://XXX.net/oauth/v2/token
Headers
| Parameter | Value |
|---|---|
| Content-Type | application/x-www-form-urlencoded |
| X-API-Key | API Key supplied by XXX |
Body urlencoded
| Parameter | Value |
|---|---|
| assertion | <SAML assertion> |
| grant_type | urn:ietf:params:oauth:grant-type:saml2-bearer |
| scope | openid |
POST Refresh Token
Example request
curl --location --request POST "https://XXX.net/oauth/v2/token" \
--header "Content-Type: application/x-www-form-urlencoded" \
--data "client_id=%3COAuth%20application%20Client%20ID%3E&client_secret=%3COAuth%20application%20Client%20Secret%3E&refresh_token=OXJqUUx5elBSWFg1dVhZUHR1YUE2Y2xYU3VQMm95amtnNXc2R3pvRit3ZGlIZzRjYk5hWE5EU2tEVlBSd3ZIRw&grant_type=refresh_token"
Example response
{
"access_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFbXBvd2VySUQiLCJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiMzU0MmEzODItNjBlZi00YTQ5LTg1YzQtMzA4MzFmYTFhNDc0IiwiZXhwIjoxNTY4MTgyMDk0LCJuYmYiOjE1NjQ1ODIwOTQsImlhdCI6MTU2NDU4MjA5NCwianRpIjoiYTQyZTg4N2YtZjdlMy00MmQ3LThlZjAtZjU4MDIwZjFiMmM2IiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJkMzk5NzY1ZC1mY2Q3LTQ1YzktOTEzZi0yYjBjOWU2NWY4YjciLCJkaXNwbGF5TmFtZSI6IlBhdHJpY2sgUGFya2VyIiwiZW1haWwiOiJwYXRyaWNrQHBhdHJpY2twYXJrZXIuY29tIn19.lTEy42mU6zGwvGbDmwLXWbFuTtZ1jNesaPqwDL3gCp_Rh8gseJdJ_admy-gXaJ1V2oh2PP6WyIeBd93iPloR7k9-i10zdxL6zevA2LLUpoh_iisrnPS1wlw8LAehe7fAt3wvTPAxF5roNJAl3wI7_jOVoOh0FEtAFuXRahTPpecX98pyKINnz_dMSv0jQz0p8pEiNl_dQ5bvEs4R7DxUMzWXrgW0MPeKF4tvzbwBdIA5QIsknUeHb4nGBpaLV7S8upDX5X2BS1_AQwYkNzzQb8cs8Zb6XXqnnVnAW8tcCqJP8l0J2mUykQLqtFi57H-5FvRBpb0P49Fz_tm_-MTbdZkY8JWjUjbtbrJKHPNOQEgvkeKJXgeC8BpqouQpGBKgzvgdPVAEf0mIZeMtywn387PfGRLp4Ie_f0g8UsxZRTaEH4_f8j4kh9nhX82Sv2YQ8Kz_WJPpaTR1CR7yrzjz6k0w3GQnGZEeJE_IPIej7u4QKL-jCkOj_545fCvCh10mZ60-GrupkRnQucdnxuBOXRJxnOOgSRYi_zzchFLTigZQe7zOjm7zcEwWyrydn5O_hFk3JzjEy15DlmZWgvZqSs3T9IERAAIIBoHPq7UTXIpGMiFxJ8YfPOCUqXnLzhPz6xawFR-f5JDQzZvqWmK8vHrH1hqQmYCbk5Si6TaJGJ8",
"token_type": "Bearer",
"expires_in": 3600000,
"refresh_token": "cm50Nlo2T1dEdlp2SFpDZm5TTTVMOHoyR1lrMER6V1hKY2xrcFNWRS9RL3BsOXhvNTlrUnVuclN4K1Y5TUlaRw",
"id_token": "eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFbXBvd2VySUQiLCJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiMzU0MmEzODItNjBlZi00YTQ5LTg1YzQtMzA4MzFmYTFhNDc0IiwiZXhwIjoxNTY4MjU0MDQyLCJuYmYiOjE1NjEwNTQwNDIsImlhdCI6MTU2NDY1NDA0MiwiYXpwIjoiMzU0MmEzODItNjBlZi00YTQ5LTg1YzQtMzA4MzFmYTFhNDc0IiwiYXRfaGFzaCI6IklkZkt1bHNvQk9RNXg2VWRVeWJmdUEiLCJqdGkiOiJkNjMxMjljMC05ZDQyLTRiMWQtYjQ4Ni0wNzY2NTQ5ODk2ZDQiLCJhdHRyaWIiOnt9fQ.AvtHJ3iEZhI8lUMqsWiivosjv4PTsjWuT25dRsk41jLICz4dGqh7e9byNOBtVzfiR9LVaej0oOJKgfS3ef8saLRkmSmrmvCRs4RhYunZPVBhwpT2DbHMlQBaw7Myp2X6AXVflF5APuxYL-OlavOziDq9b_8x50eWLOJumGJPQepTFC3vzHVXyal23m89XCJhRPuuBd7A5DMcXsJcIhBykqxzgDQBkSlA1CYiVKirxnZLI5ALBW1sPessxAaGmnI0Otvxm1mXXKWTMJxi7J8AirMY12Gc-bdmQpbOkVNrQq2gN8jatQL0MZNDuYk4__HGfOKHemeXgskfZQg2mrisUFKT5fRQcUrPKVkwU6kvGlWr2lvN6JlEJDnKC_aKWpvJVTWuCRI2H-a1yCbZIeJ4e3HY7VaKLeVoNZm-kTwLj2h8M3fDtmT_Gn9SwyAYrg6CMN-nPrEz8XQ0JcZlzbJYLeCzHUuHB5G368o-dNjmE90S0ZReQqALFmvKK2KY3KX4rt3HkJNqWpOyf8NyatXAjIvHPjFHRXWSgCO5g8nfrgJuvXKBFRA4C5VC3vB8YMvpOWvcvL-IEZT05sePUVqq5fAbV-c58KTMosctdjNevdGAbn0sfWKVagsfavN0UyVJ95tVGD6ByBWfFpAEqudqxOACTTfvktWm8wt1UL1kS-I",
"id": "d399765d-fcd7-45c9-913f-2b0c9e65f8b7"
}
This endpoint refreshes an expired access token.
HTTP Request
POST https://XXX.net/oauth/v2/token
Headers
| Parameter | Value |
|---|---|
| Content-Type | application/x-www-form-urlencoded |
Body urlencoded
| Parameter | Value |
|---|---|
| client_id | <OAuth application Client ID> |
| client_secret | <OAuth application Client Secret> |
| refresh_token | Refresh Token returned by POST Access Token (Password) |
| grant_type | refresh_token |
POST User Info
Example request
curl --location --request POST "https://XXX.net/oauth/v2/userinfo" \
--header "Content-Type: application/x-www-form-urlencoded" \
--data "access_token=eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFbXBvd2VySUQiLCJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiMzU0MmEzODItNjBlZi00YTQ5LTg1YzQtMzA4MzFmYTFhNDc0IiwiZXhwIjoxNTY4MTgyMDk0LCJuYmYiOjE1NjQ1ODIwOTQsImlhdCI6MTU2NDU4MjA5NCwianRpIjoiYTQyZTg4N2YtZjdlMy00MmQ3LThlZjAtZjU4MDIwZjFiMmM2IiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJkMzk5NzY1ZC1mY2Q3LTQ1YzktOTEzZi0yYjBjOWU2NWY4YjciLCJkaXNwbGF5TmFtZSI6IlBhdHJpY2sgUGFya2VyIiwiZW1haWwiOiJwYXRyaWNrQHBhdHJpY2twYXJrZXIuY29tIn19.lTEy42mU6zGwvGbDmwLXWbFuTtZ1jNesaPqwDL3gCp_Rh8gseJdJ_admy-gXaJ1V2oh2PP6WyIeBd93iPloR7k9-i10zdxL6zevA2LLUpoh_iisrnPS1wlw8LAehe7fAt3wvTPAxF5roNJAl3wI7_jOVoOh0FEtAFuXRahTPpecX98pyKINnz_dMSv0jQz0p8pEiNl_dQ5bvEs4R7DxUMzWXrgW0MPeKF4tvzbwBdIA5QIsknUeHb4nGBpaLV7S8upDX5X2BS1_AQwYkNzzQb8cs8Zb6XXqnnVnAW8tcCqJP8l0J2mUykQLqtFi57H-5FvRBpb0P49Fz_tm_-MTbdZkY8JWjUjbtbrJKHPNOQEgvkeKJXgeC8BpqouQpGBKgzvgdPVAEf0mIZeMtywn387PfGRLp4Ie_f0g8UsxZRTaEH4_f8j4kh9nhX82Sv2YQ8Kz_WJPpaTR1CR7yrzjz6k0w3GQnGZEeJE_IPIej7u4QKL-jCkOj_545fCvCh10mZ60-GrupkRnQucdnxuBOXRJxnOOgSRYi_zzchFLTigZQe7zOjm7zcEwWyrydn5O_hFk3JzjEy15DlmZWgvZqSs3T9IERAAIIBoHPq7UTXIpGMiFxJ8YfPOCUqXnLzhPz6xawFR-f5JDQzZvqWmK8vHrH1hqQmYCbk5Si6TaJGJ8"
Example response
{
"id": "d399765d-fcd7-45c9-913f-2b0c9e65f8b7",
"username": "patrick",
"first_name": "Patrick",
"last_name": "Smith",
"email": "patrick@patricksmith.com",
"organization": "Hosting Organization",
"business_role_locations": [
"Any Role in Anywhere",
"Standard Employee in Anywhere",
"All Employee Roles in Anywhere",
"All Employee Roles in All Business Locations",
"Any Role in All Business Locations",
"Default Organization All Roles in All Business Locations",
"Standard Employee in All Business Locations",
"All Business Roles in Anywhere",
"All Business Roles in Default Organization",
"All Employee Roles in Default Organization",
"Any Role in Default Organization",
"Standard Employee in Default Organization"
]
}
This endpoint retrieves user information for a given access token.
HTTP Request
POST https://XXX.net/oauth/v2/userinfo
Headers
| Parameter | Value |
|---|---|
| Content-Type | application/x-www-form-urlencoded |
Body urlencoded
| Parameter | Value |
|---|---|
| access_token | Access Token returned by POST Access Token (Password) |
POST Token Info
Example request
curl --location --request POST "https://XXX.net/oauth/v2/tokeninfo" \
--header "Content-Type: application/x-www-form-urlencoded" \
--header "Authorization: Basic MzU0MmEzODItNjBlZi00YTQ5LTg1YzQtMzA4MzFmYTFhNDc0OjRkMDQ1ZTA0LTdmNzYtNGZlYS04MDQxLTQ0MzBlNTNhNDQwYw==" \
--data "token=eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFbXBvd2VySUQiLCJzdWIiOiJwYXRyaWNrIiwiYXVkIjoiMzU0MmEzODItNjBlZi00YTQ5LTg1YzQtMzA4MzFmYTFhNDc0IiwiZXhwIjoxNTY4MTgyMDk0LCJuYmYiOjE1NjQ1ODIwOTQsImlhdCI6MTU2NDU4MjA5NCwianRpIjoiYTQyZTg4N2YtZjdlMy00MmQ3LThlZjAtZjU4MDIwZjFiMmM2IiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJkMzk5NzY1ZC1mY2Q3LTQ1YzktOTEzZi0yYjBjOWU2NWY4YjciLCJkaXNwbGF5TmFtZSI6IlBhdHJpY2sgUGFya2VyIiwiZW1haWwiOiJwYXRyaWNrQHBhdHJpY2twYXJrZXIuY29tIn19.lTEy42mU6zGwvGbDmwLXWbFuTtZ1jNesaPqwDL3gCp_Rh8gseJdJ_admy-gXaJ1V2oh2PP6WyIeBd93iPloR7k9-i10zdxL6zevA2LLUpoh_iisrnPS1wlw8LAehe7fAt3wvTPAxF5roNJAl3wI7_jOVoOh0FEtAFuXRahTPpecX98pyKINnz_dMSv0jQz0p8pEiNl_dQ5bvEs4R7DxUMzWXrgW0MPeKF4tvzbwBdIA5QIsknUeHb4nGBpaLV7S8upDX5X2BS1_AQwYkNzzQb8cs8Zb6XXqnnVnAW8tcCqJP8l0J2mUykQLqtFi57H-5FvRBpb0P49Fz_tm_-MTbdZkY8JWjUjbtbrJKHPNOQEgvkeKJXgeC8BpqouQpGBKgzvgdPVAEf0mIZeMtywn387PfGRLp4Ie_f0g8UsxZRTaEH4_f8j4kh9nhX82Sv2YQ8Kz_WJPpaTR1CR7yrzjz6k0w3GQnGZEeJE_IPIej7u4QKL-jCkOj_545fCvCh10mZ60-GrupkRnQucdnxuBOXRJxnOOgSRYi_zzchFLTigZQe7zOjm7zcEwWyrydn5O_hFk3JzjEy15DlmZWgvZqSs3T9IERAAIIBoHPq7UTXIpGMiFxJ8YfPOCUqXnLzhPz6xawFR-f5JDQzZvqWmK8vHrH1hqQmYCbk5Si6TaJGJ8"
Example response
{
"active": true,
"client_id": "3542a382-60ef-4a49-85c4-30831fa1a474",
"token_type": "Bearer",
"username": "patrick",
"exp": 1568182094,
"iat": 1564582094,
"nbf": 1564582094,
"sub": "patrick",
"iss": "XXX",
"jti": "a42e887f-f7e3-42d7-8ef0-f58020f1b2c6"
}
This endpoint retrieves token information for a given access token.
HTTP Request
POST https://XXX.net/oauth/v2/tokeninfo
Headers
| Parameter | Value |
|---|---|
| Content-Type | application/x-www-form-urlencoded |
| Authorization | Basic <Base64 Encoded ClientID:ClientSecret> |
Body urlencoded
| Parameter | Value |
|---|---|
| token | Access Token returned by POST Access Token (Password) |
| token_type_hint | refresh_token (defaults to access_token) |
| client_id | <OAuth Client ID> (pass if Authorization Header is not sent) |
| client_secret | <OAuth Client Secret> (pass if Authorization Header is not sent) |
| token_type_hint | refresh_token (defaults to access_token) |
POST Token Revoke
Example request
curl --location --request POST "https://XXX.net/oauth/v2/tokenrevoke" \
--header "Content-Type: application/x-www-form-urlencoded" \
--header "Authorization: Basic cGF0cmljazpwQCQkdzByZA==" \
--data "token=bHdxdkFzY1gyenEwV3Z1aVQ4WUJhNzFJd1NJeU8zWDdlS3pEK3pwTFBKOWhRUHlDTDZ4MWg3WmMzQVpDNEdzR0xLbzZ3Tk9UUkJYZlRZS0R1OW8wZzVnV1J6TXovNXRtMnRwMEFxemVBeDY3K0UvbytoVnhRVHlVM1IybEVxTHVsdytUTXpyUTdzbkowOGRqUDdEY2lFc2V4YXZId3E3Q3c5VFJIUHQvNnFNdXdFRWFtU3RMM1B6bTBybnBNTW&client_id=3542a382-60ef-4a49-85c4-30831fa1a474&client_secret=4d045e04-7f76-4fea-8041-4430e53a440c"
This endpoint revokes an access token.
HTTP Request
POST https://XXX.net/oauth/v2/tokenrevoke
Headers
| Parameter | Value |
|---|---|
| Content-Type | application/x-www-form-urlencoded |
| Authorization | Basic <Base64 Encoded Username:Password> |
Body urlencoded
| Parameter | Value |
|---|---|
| token | Access token returned by POST Access Token (Password) |
| token_type_hint | access_token |
| client_id | <OAuth Client ID> |
| client_secret | <OAuth Client Secret> |
2.0 Identity Administration
This section includes API endpoints to query and manage identities in the XXX and all connected systems, including user accounts, person objects, user groups, management roles, business roles and locations.
Accounts
GET Get Account
Example request
curl --location --request GET "http://40.83.12.251:80/v1/1C31542A-73B6-46A9-A701-816F2599BF46/Users/5BEB4AB8-5F74-4D1C-91B6-3FCCC93D356A" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6InQ3X2JIb3RRT3FpOVRZSjl5bWg1RGprMWlIYyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFbXBvd2VySUQiLCJzdWIiOiJlbXBvd2VyaWRhZG1pbiIsImF1ZCI6ImIzNDBjM2ZlLTU4M2YtNDY3Ni1hNzZjLTYxOWEyNDIxYTQ5NSIsImV4cCI6MTU2NjQwMzE1MCwibmJmIjoxNTY2Mzk5NTUwLCJpYXQiOjE1NjYzOTk1NTAsImp0aSI6ImY3NGE0MDFiLWE5YzMtNGEwMS1iZjQ0LTU5ZjhkNTljYjRmZSIsImF0dHJpYiI6eyJwZXJzb25HdWlkIjoiZWMyODgzZmQtYWFhYS00N2MyLWE2NWUtZWE3MzM1NjkwYjMyIiwiZGlzcGxheU5hbWUiOiJFbXBvd2VySUQgQWRtaW4iLCJlbWFpbCI6bnVsbH19.R7tjFKZW1jeb_Q9Giex-KRgnvWd9LNfC21BaxCV5Vp0JOYv8zLyk4X9N2bH6rgXbP5FYHeE8w7Mw4za6s_nRlfiPXSwsKTj_rvWxufakCnvx9BmJOzsaCDg7myaCf42zBnNkAuhjnsNLqYIGO9kgkoA4nkciG-C1AHcyHgZbAjVhJKOVMi9jiSdN9mU5Kn4yx9XSWIgbHbqyFDS_-EPQtkvaUrA_U7KxI35pLEK8lC73K7_Wfda6bv7HTRVK1CSshIZeafiit4mpyKueagnzRU969K7ISWQ6wwQdTvPHqL1RsYtY8GEB6tEPh_yNsLfkYj8wyLgXZyQLg_rGL7j7jA" \
--data ""
Example response
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "7ff0113f-2ce0-4422-8ca1-9e9c271f5000",
"userName": "John.Doe",
"name": {
"formatted": "John Doe",
"familyName": "Doe",
"givenName": "John"
},
"displayName": "John Doe",
"active": true,
"emails": [],
"phoneNumbers": [],
"ims": [],
"photos": [],
"addresses": [],
"groups": [],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
},
"meta": {
"resourceType": "User",
"created": "2019-08-15T12:51:19",
"lastModified": "2019-08-16T20:19:06.94"
}
}
This endpoint retrieves account information for a given user account.
HTTP Request
GET http://40.83.12.251:80/v1/{AccountStoreGuid}/Users/{AccountGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
GET Query Account
Example request
curl --location --request GET "http://40.83.12.251:80/v1/1C31542A-73B6-46A9-A701-816F2599BF46/Users/?filter=Id%20eq%201234" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6InQ3X2JIb3RRT3FpOVRZSjl5bWg1RGprMWlIYyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFbXBvd2VySUQiLCJzdWIiOiJlbXBvd2VyaWRhZG1pbiIsImF1ZCI6ImIzNDBjM2ZlLTU4M2YtNDY3Ni1hNzZjLTYxOWEyNDIxYTQ5NSIsImV4cCI6MTU2NjQwMzE1MCwibmJmIjoxNTY2Mzk5NTUwLCJpYXQiOjE1NjYzOTk1NTAsImp0aSI6ImY3NGE0MDFiLWE5YzMtNGEwMS1iZjQ0LTU5ZjhkNTljYjRmZSIsImF0dHJpYiI6eyJwZXJzb25HdWlkIjoiZWMyODgzZmQtYWFhYS00N2MyLWE2NWUtZWE3MzM1NjkwYjMyIiwiZGlzcGxheU5hbWUiOiJFbXBvd2VySUQgQWRtaW4iLCJlbWFpbCI6bnVsbH19.R7tjFKZW1jeb_Q9Giex-KRgnvWd9LNfC21BaxCV5Vp0JOYv8zLyk4X9N2bH6rgXbP5FYHeE8w7Mw4za6s_nRlfiPXSwsKTj_rvWxufakCnvx9BmJOzsaCDg7myaCf42zBnNkAuhjnsNLqYIGO9kgkoA4nkciG-C1AHcyHgZbAjVhJKOVMi9jiSdN9mU5Kn4yx9XSWIgbHbqyFDS_-EPQtkvaUrA_U7KxI35pLEK8lC73K7_Wfda6bv7HTRVK1CSshIZeafiit4mpyKueagnzRU969K7ISWQ6wwQdTvPHqL1RsYtY8GEB6tEPh_yNsLfkYj8wyLgXZyQLg_rGL7j7jA" \
--data ""
Example response
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 10,
"Resources": [
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "8dd86b62-8c6b-498a-9b22-41bcdaff39f6",
"userName": "jane.doe",
"name": {
"formatted": "jane.doe",
"familyName": "",
"givenName": ""
},
"displayName": "jane.doe",
"active": true,
"emails": [
{
"type": "work",
"value": "jane.doe@company.com"
}
],
"phoneNumbers": [],
"ims": [],
"photos": [],
"addresses": [],
"groups": [
{
"type": "Group",
"display": "Dev Team",
"value": "0a923db9-e287-4622-885c-f8fe373ce571"
},
{
"type": "Group",
"display": "Managers",
"value": "7fb73ed4-1a57-459f-9a2c-e89b504b4ff0"
},
{
"type": "Group",
"display": "QA",
"value": "d45bf30f-320b-4e25-8f0f-7f754831e07d"
},
{
"type": "Group",
"display": "Slack Admins",
"value": "5dcc771e-ce15-4817-b52d-ed5af4279c6f"
}
],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
},
"meta": {
"resourceType": "User",
"created": "2019-08-16T02:59:12",
"lastModified": "2019-08-21T15:46:43.267"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "0169fdc6-be21-43f6-8977-6ecdac289e8b",
"userName": "john",
"name": {
"formatted": "john",
"familyName": "",
"givenName": ""
},
"displayName": "john",
"active": false,
"emails": [
{
"type": "work",
"value": "john@company.com"
}
],
"phoneNumbers": [],
"ims": [],
"photos": [],
"addresses": [],
"groups": [],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
},
"meta": {
"resourceType": "User",
"created": "2019-08-20T18:46:28",
"lastModified": "2019-08-21T15:46:43.267"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "26714c55-3c64-4d9f-a50f-20812bc95d79",
"userName": "237__testperson",
"name": {
"formatted": "237__testperson",
"familyName": "237",
"givenName": "testperson"
},
"displayName": "237__testperson",
"userType": "user",
"active": false,
"emails": [
{
"type": "work",
"value": "tttt@devdomain1.com"
}
],
"phoneNumbers": [],
"ims": [],
"photos": [],
"addresses": [],
"groups": [],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
},
"meta": {
"resourceType": "User",
"created": "2019-08-20T18:46:28",
"lastModified": "2019-08-21T15:46:43.267"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "159c9083-7aab-429d-8e16-3fdea21b6d05",
"userName": "Fred.Smith",
"name": {
"formatted": "Fred Smith",
"familyName": "Smith",
"givenName": "Fred"
},
"displayName": "Fred Smith",
"active": true,
"emails": [],
"phoneNumbers": [],
"ims": [],
"photos": [],
"addresses": [],
"groups": [],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
},
"meta": {
"resourceType": "User",
"created": "2019-08-15T12:51:26",
"lastModified": "2019-08-16T20:19:06.94"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "8f3e5130-d2c5-4c6d-a671-5888fcbb91f9",
"userName": "Janet.Brown",
"name": {
"formatted": "Janet Brown",
"familyName": "Brown",
"givenName": "Janet"
},
"displayName": "Janet Brown",
"active": true,
"emails": [],
"phoneNumbers": [],
"ims": [],
"photos": [],
"addresses": [],
"groups": [],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
},
"meta": {
"resourceType": "User",
"created": "2019-08-15T12:51:25",
"lastModified": "2019-08-16T20:19:06.94"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "b0860308-a2b1-42c9-88af-ddda038d4d5f",
"userName": "Dave.McMarshall",
"name": {
"formatted": "Dave McMarshall",
"familyName": "McMarshall",
"givenName": "Dave"
},
"displayName": "Dave McMarshall",
"active": true,
"emails": [],
"phoneNumbers": [],
"ims": [],
"photos": [],
"addresses": [],
"groups": [],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
},
"meta": {
"resourceType": "User",
"created": "2019-08-15T12:51:26",
"lastModified": "2019-08-16T20:19:06.94"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "ee2388a2-233b-4f4c-bdfb-f05382ebc2bb",
"userName": "Ada.Burgess",
"name": {
"formatted": "Ada Burgess",
"familyName": "Burgess",
"givenName": "Ada"
},
"displayName": "Ada Burgess",
"active": true,
"emails": [],
"phoneNumbers": [],
"ims": [],
"photos": [],
"addresses": [],
"groups": [],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
},
"meta": {
"resourceType": "User",
"created": "2019-08-15T12:51:26",
"lastModified": "2019-08-16T20:19:06.94"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "61b4b8b0-32b8-44e4-b157-d35d6c1c8fbe",
"userName": "Ada.Pearson",
"name": {
"formatted": "Ada Pearson",
"familyName": "Pearson",
"givenName": "Ada"
},
"displayName": "Ada Pearson",
"active": true,
"emails": [],
"phoneNumbers": [],
"ims": [],
"photos": [],
"addresses": [],
"groups": [],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
},
"meta": {
"resourceType": "User",
"created": "2019-08-15T12:51:26",
"lastModified": "2019-08-16T20:19:06.94"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "fcd657ec-8d4b-4590-ab33-2b40deb89e5e",
"userName": "Administrator",
"name": {
"formatted": "Administrator"
},
"displayName": "Administrator",
"active": true,
"emails": [],
"phoneNumbers": [],
"ims": [],
"photos": [],
"addresses": [],
"groups": [
{
"type": "Group",
"display": "Administrators",
"value": "de47cdda-8058-4a6e-b4ef-bd9a73164687"
},
{
"type": "Group",
"display": "Domain Admins",
"value": "5d7b179f-d291-49cb-a9df-4aad7e98d1fc"
},
{
"type": "Group",
"display": "Enterprise Admins",
"value": "f17e4556-c1e1-4e57-a977-83fd68a22ff8"
},
{
"type": "Group",
"display": "Group Policy Creator Owners",
"value": "3cd2385f-0053-47f3-b71b-cc86b12230ac"
},
{
"type": "Group",
"display": "Schema Admins",
"value": "893a8052-2071-4b95-9304-2a2eefee43ae"
}
],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
},
"meta": {
"resourceType": "User",
"created": "2019-08-15T12:51:12",
"lastModified": "2019-08-16T05:00:00.533"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"id": "3aa7eca6-ac82-4fbd-8ef8-deb6b6d2580e",
"userName": "Ava.Farmer",
"name": {
"formatted": "Ava Farmer",
"familyName": "Farmer",
"givenName": "Ava"
},
"displayName": "Ava Farmer",
"active": true,
"emails": [],
"phoneNumbers": [],
"ims": [],
"photos": [],
"addresses": [],
"groups": [],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
},
"meta": {
"resourceType": "User",
"created": "2019-08-15T12:51:23",
"lastModified": "2019-08-16T20:19:06.94"
}
}
],
"startIndex": 0,
"itemsPerPage": 10
}
This endpoint retrieves account information for a given user account, based on the specified filters.
HTTP Request
GET http://40.83.12.251:80/v1/{AccountStoreGuid}/Users/?filter={filter, e.g. 'Id eq 1234'}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
Parameters
| Parameter | Value |
|---|---|
| filter | {filter, e.g. 'Id eq 1234'} |
| Possible filters are: GivenName, FamilyName, UserName, Active, HonorificSuffix, MiddleName, Id, FriendlyName, OrganizationId, Title, Division, Department, EmployeeType, LocaleId, PreferredLanguage, EmployeeId |
PATCH Update Account
Example request
curl --location --request PATCH "http://40.83.12.251:80/v1/1C31542A-73B6-46A9-A701-816F2599BF46/Users/5BEB4AB8-5F74-4D1C-91B6-3FCCC93D356A" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI" \
--header "Content-Type: application/json" \
--data
"{
\"schemas\": \"urn:ietf:Params:Scim:api:messages:2.0:PatchOp\",
\"Operations\": [
{
\"op\": \"add\",
\"path\": \"name\",
\"value\":{
\"familyName\": \"Iron\",
\"middleName\": \"S\",
\"givenName\": \"Man\",
\"honorificSuffix\": \"Mr.\"
}
},
{
\"op\": \"replace\",
\"path\": \"user\",
\"value\": {
\"active\": false
\"title\": \"AQ\",
\"userType\": \"bsa\",
\"preferredLanguage\": \"Korean\"
}
},
{
\"op\": \"replace\",
\"path\": \"enterpriseextension\",
\"value\": {
\"employeenumber\": \"bb\",
\"manager\" : \"D399765D-FCD7-45C9-913F-2B0C9E65F8B7\",
\"division\": \"test\",
\"department\": \"qs\",
}
},
{
\"op\": \"replace\",
\"path\": \"email\",
\"value\": {
\"work\": \"barrywest@company.com\",
}
},
{
\"op\": \"replace\",
\"path\": \"addresses\",
\"value\": {
\"streetaddress\": \"5499 Crosshaven drive\",
\"locality\": \"Dublin\",
\"region\": \"LA\",
\"country\": \"US\"
\"postalcode\": \"48102\"{
}
},
{
\"op\": \"replace\",
\"path\": \"phoneNumbers\",
\"value\": {
\"telephone\": \"51354798\",
\"mobilephone\": \"1234567654\",
\"work\": \"123434567\"
}
},
{
\"op\": \"add\",
\"path\": \"group\",
\"value\": \"D1DFB4CB-73E4-9757-2DC5-50D32263DEE9\"
}
]
}"
This endpoint updates account information for a given user account.
HTTP Request
PATCH http://40.83.12.251:80/v1/{AccountStoreGuid}/Users/{AccountGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
| Content-Type | application/json |
Body raw (application/json)
See Example request. The example shows all the account attributes you can update; the order of operations is not important.
The group path operation can only have an op value of add or remove. All other operations can have an op value of add, remove or replace.
POST Create Account
Example request
curl --location --request POST "http://40.83.12.251:80/v1/1C31542A-73B6-46A9-A701-816F2599BF46/Users" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI" \
--data "{
\"name\": {
\"familyName\": \"Bothel\",
\"givenName\": \"Way\",
\"middleName\": \"T\",
\"honorificSuffix\": \"Mr.\"
},
\"userName\": \"BothelWayLogin\",
\"title\": \"QA\",
\"userType\": \"A\",
\"preferredLanguage\": \"English\",
\"active\": true,
\"emails\": [
{
\"type\": \"work\",
\"value\": \"testpil@mail.com\"
}
],
\"phoneNumbers\": [
{
\"type\": \"telephone\",
\"value\": \"5131234567\"
},
{
\"type\": \"mobilephone\",
\"value\": \"5131234567\"
},
{
\"type\": \"work\",
\"value\": \"5131234567\"
}
],
\"addresses\": [
{
\"type\": \"work\",
\"locality\": \"Dublin\"
\"region\": \"Ohio\"
\"postalCode\": \"43017\"
\"country\": \"US\"
\"streetAddress\": \"4353 Tuller Road\"
}
],
\"groups\": [
{
\"type\": \"Group\",
\"display\": \"name of primary orgroleorgzone\"
\"value\": \"2242506D-F379-8B50-5C36-B0D7A2002B81\"
}
],
\"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User\": {
\"employeeNumber\": \"ss\",
\"division\": \"test\",
\"organization\": \"5EB659C4-EF64-448A-8D32-8A45A70F184F\"
\"department\": \"Development\", // string: optional: null
\"SchemaIdentifier\": \"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User\",
}
}"
Example response
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User" // generated by SCIM service
],
"id": "070b6b3c-4e99-43a8-9796-f9444ca56d3c", // auto-generated when the user is created
"userName": "AllenBarryLogin01", // a number is appended to non-unique user names
"name": {
"formatted": "Barry Allen", // auto-generated from familyName and givenName
"familyName": "Allen",
"givenName": "Barry",
"middleName": "West",
"honorificSuffix": "Mr."
},
"displayName": "Barry Allen", // auto-generated from family name and given name
"title": "QA",
"userType": "ABS",
"preferredLanguage": "English",
"active": true,
"emails": [
{
"type": "work",
"value": "testpil@mail.com"
}
],
"phonenumbers": [
{
"type": "telephone",
"value": "5131234567"
},
{
"type": "mobilephone",
"value": "5131234567"
},
{
"type": "work",
"value": "5131234567"
}],
"ims": [],
"photos": [],
"addresses": [
{
"streetAddress": "4353 Tuller Road",
"locality": "Dublin",
"region": "Ohio",
"postalCode": "43017",
"country": "US"
}
],
"groups": [],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"employeeNumber": "ss",
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"division": "test",
"department": "Development",
"SchemaIdentifier": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User" // generated by SCIM service
},
"meta": {
"resourceType": "User", // generated by SCIM service
"created": "2019-08-27T17:44:39.5924384Z", // auto-generated when the user is created
"lastModified": "2019-08-27T17:44:39.5924384Z" // auto-generated when the user is modified
}
}
This endpoint creates a new user account in the account store.
HTTP Request
POST http://40.83.12.251:80/v1/{AccountStoreGuid}/Users
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
| Content-Type | application/json |
Body raw (application/json)
See Example request. Attributes are explained in the table below.
| Attribute | Description | Type | Mandatory | Default value |
|---|---|---|---|---|
name |
Account name details | |||
name.familyName |
Account family name | string | Y | |
name.givenName |
Account given name | string | Y | |
name.middleName |
Account middle name | string | N | null |
name.honorificSuffix |
Title | string | N | null |
userName |
User name (if not supplied, auto-generated from familyName and givenName) | string | N | |
title |
Job title | string | N | null |
userType |
User type | string | N | null |
preferredLanguage |
Preferred language | string | N | null |
active |
Is account active? | bool | N | true |
emails |
List of email addresses | array | N | null |
emails.type |
Type of email address (must be 'work') | string | N | |
emails.value |
Email address | string | N | |
phoneNumbers |
List of phone numbers | array | N | null |
phoneNumbers.type |
Type of phone number ('work','telephone' or 'mobilephone') | string | N | |
phoneNumbers.value |
Email address | string | N | null |
addresses |
List of postal addresses | array | N | null |
addresses.type |
Type of address (must be 'work') | string | N | |
addresses.locality |
Locality | string | N | |
addresses.region |
Region | string | N | |
addresses.postalCode |
Postal code | string | N | |
addresses.country |
Country | string | N | |
groups |
List of groups | array | N | null |
groups.type |
Type of group | string | N | Temporary role and location |
groups.display |
Name of the group | string | N | |
groups.value |
Group GUID | string | N | |
urn... |
See note below | |||
urn....employeeNumber |
Employee number | string | N | null |
urn....division |
Division | string | N | null |
urn....organization |
Organization GUID (must be either null or '5EB659C4-EF64-448A-8D32-8A45A70F184F') | string | N | null |
urn....department |
Department name | string | N | null |
urn....SchemaIdentifier |
Schema ID | string | N | 'urn:ietf:params:scim:schemas:extension:enterprise:2.0:User' |
Note: The attribute abbreviated to urn... in this table is written in its full form as urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.
DEL Delete Account
Example request
curl --location --request DELETE "http://40.83.12.251:80/v1/1C31542A-73B6-46A9-A701-816F2599BF46/Users/5BEB4AB8-5F74-4D1C-91B6-3FCCC93D356A" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI"
This endpoint deletes the specified user account from the account store.
HTTP Request
DEL http://40.83.12.251:80/v1/{AccountStoreGuid}/Users/{AccountGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
People
GET Get Person
Example request
curl --location --request GET "https://localhost:44326/v1/4AFAC894-8C01-4B51-95B8-9834B92B9CB4/Users/3AF825A6-5CF1-4412-A45B-7BB802FD5C9F" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6InQ3X2JIb3RRT3FpOVRZSjl5bWg1RGprMWlIYyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJFbXBvd2VySUQiLCJzdWIiOiJlbXBvd2VyaWRhZG1pbiIsImF1ZCI6ImIzNDBjM2ZlLTU4M2YtNDY3Ni1hNzZjLTYxOWEyNDIxYTQ5NSIsImV4cCI6MTU2NTgxMDY0NywibmJmIjoxNTY1ODA3MDQ3LCJpYXQiOjE1NjU4MDcwNDcsImp0aSI6IjAwM2I3N2RmLWMwZWYtNDY1Ni1hYTE2LTlkOWFmYjJkOGRjYiIsImF0dHJpYiI6eyJwZXJzb25HdWlkIjoiZWMyODgzZmQtYWFhYS00N2MyLWE2NWUtZWE3MzM1NjkwYjMyIiwiZGlzcGxheU5hbWUiOiJFbXBvd2VySUQgQWRtaW4iLCJlbWFpbCI6bnVsbH19.z7vVzod9II_JvCLzLZkP6Z_pdCNNYSwe2cZ8fShQEQShqMTvFSX2dxsMAnF4-GuF-wI4qAPX_Z6t2x_j73IxiKEG7vA_8xsgbg1VeTKZBchkQZq0rYOY71WaK9PWRRWBR-CHWJLZjOhSjWP2HbbdIsZW_wWmFyXgShUiZr1nuIJaAopl00qeKzfalsxfAFdiq0nRtMYIFoZV49qMC-v_1IdgwwZULyfPhDkpGfDVoOnzLnYWJxwe_Qxy4ElFt-DzdXnt-x7gj2I6xz-PEvSfPnVjZPtxQtiwNV06vFmEimDkW1OnOaxUbTkznLRU2L_Roryk0harRezMw9r3AKaf8A" \
--data ""
This endpoint retrieves person object information from the XXX.
HTTP Request
GET http://40.83.12.251:80/v1/{AccountStoreGuid}/Users/{PersonGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
GET Query Person
Example request
curl --location --request GET "http://40.83.12.251:80/v1/4AFAC894-8C01-4B51-95B8-9834B92B9CB4/Users/?filter=Id%20eq%201234" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6IkRhaXN5WHVlIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNzY0NzI4LCJuYmYiOjE1NjE3Mjg3MjgsImlhdCI6MTU2MTcyODcyOCwianRpIjoiMjBkZjg3NTItNTg3Yy00YTllLTk4MDgtYjNlMDAyNGY1NWRkIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJhMGJjZjdhNS0wMDMxLTQzMjAtYjY1MC01ZTY2MTYxN2M0ZWEiLCJkaXNwbGF5TmFtZSI6Ilh1ZSwgRGFpc3kiLCJlbWFpbCI6IjEyM0AxMjMuY29tIn19.Wt9ad0eOsvQyMfjH7wgW3HFR2hh5DWRyNxI1DvfV59slQjVOAywFYfgftupEX3X6AnboCQ9fB8Y7lnjxz4egaV7zCRWt7cIA59eticQ-rEfBFkGwLZeBkMbyc884QCZlac9UJWEBD-rRxoa_iQTsWIM_xLqEOlwKUAatAmzA__4VkpkTEiNShyoAShCo0vPQ9UEpBho7nMyczYxW6U-gqDBSFUT6MRE95XFvvXS9CH4X8MAKaILzeje_DYIdAVhwntzIp7n3L64ZmNqw_9NWpaEs_vZ0oiwVA4FVQHoyBinyHhcUI6wtEXiWJZmxrSSfwCnNjEklSymJPniJuKpJPpIvgcCmvPZYFchwBVFTeaN6nI7y7AnQ_mCE3K1CJlW1TdEMmbQ2k9O_vHmmZIepUxPYhjnOkBE_fbAWt79n9TPfY9GUaWKUamWXoAUGXyzJomxscMuOBaDMM5lbWp9fb-1KA5ds8SgHEMDRQ3xQigIU-M8CEHGBnQ2WNC3WltCUIdvkYZmwxWfRNlMFT0KwcGXA0EAvogTDAIb-Rtn5Do4T8AbMsACwjYdJrEqJQ20g0Oy9AGuSd74zNTJkpsEuK_Bv5V8DWsPQE4bxHeTAK3zDLRyebWYONrZzSVYmLc_u1jecruw4g3rJtbfN6QoU2FLUwm4QFVYSyUgQY3UUUhM" \
--data ""
This endpoint retrieves person object information from the XXX, based on the specified filters.
HTTP Request
GET http://40.83.12.251:80/v1/{AccountStoreGuid}/Users/?filter={filter, e.g. 'Id eq 1234'}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
Parameters
| Parameter | Value |
|---|---|
| filter | {filter, e.g. 'Id eq 1234'} |
| Possible filters are: GivenName, FamilyName, UserName, Active, HonorificSuffix, MiddleName, Id, FriendlyName, OrganizationId, Title, Division, Department, EmployeeType, LocaleId, PreferredLanguage, EmployeeId |
PATCH Update Person
Example request
curl --location --request PATCH "http://40.83.12.251:80/v1/4AFAC894-8C01-4B51-95B8-9834B92B9CB4/Users/3AF825A6-5CF1-4412-A45B-7BB802FD5C9F" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI" \
--header "Content-Type: application/json" \
--data
// all the person attributes you can update
"{
\"schemas\": \"urn:ietf:Params:Scim:api:messages:2.0:PatchOp\",
\"Operations\": [
{
\"op\": \"add\",
\"path\": \"name\",
\"value\": {
\"familyName\": \"Iron\",
\"middleName\": \"S\",
\"givenName\" : \"Man\",
\"honorificSuffix\": \"Mr.\"
}
},
{
\"op\": \"replace\",
\"path\": \"user\",
\"value\": {
\"username\": \"IronManSuper\",
\"title\": \"AQ\",
\"usertype\": \"bsa\",
\"locale\": \"ko-KR\",
\"preferredLanguage\": \"Korean\",
\"active\": false
}
},
{
\"op\": \"replace\",
\"path\": \"enterpriseextension\",
\"value\": {
\"employeenumber\": \"bb\",
\"manager\": \"D399765D-FCD7-45C9-913F-2B0C9E65F8B7\",
\"division\": \"test\",
\"department\": \"qs\",
\"costCenter\": \"bb\"
}
},
{
\"op\": \"replace\",
\"path\": \"email\",
\"value\": {
\"work\": \"barrywest@company.com\",
\"personalemail\": \"barryallen@yahoo.com\"
}
},
{
\"op\": \"replace\",
\"path\": \"addresses\",
\"value\": {
\"streetaddress\": \"5499 Crosshaven drive\",
\"locality\": \"Dublin\",
\"region\": \"LA\",
\"country\": \"US\",
\"postalcode\": \"48102\"
}
},
{
\"op\": \"replace\",
\"path\": \"phoneNumbers\",
\"value\": {
\"telephone\": \"5135479938\",
\"mobilephone\": \"1234567654\",
\"work\": \"123434567e\"
}
},
{
\"op\": \"add\",
\"path\": \"orgroleorgzone\",
\"value\": \"D1DFB4CB-73E4-9757-2DC5-50D32263DEE9\"
},
{
\"op\": \"add\",
\"path\": \"managementrole\",
\"value\": \"C0DA7FE7-0299-4625-B01B-510623F2FC68\"
}
{
\"op\": \"add\",
\"path\": \"group\",
\"value\": \"0a923db9-e287-4622-885c-f8fe373ce571\"
}
]
}"
This endpoint updates person object information in the XXX.
HTTP Request
PATCH http://40.83.12.251:80/v1/{AccountStoreGuid}/Users/{PersonGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
| Content-Type | application/json |
Body raw (application/json)
See Example request. The example shows all the account attributes you can update; the order of operations is not important.
Operations with a path which is orgroleorgzone, managementrole or group can only have an op value of add or remove. All other operations can have an op value of add, remove or replace.
POST Create Person
Example request
curl --location --request POST "http://40.83.12.251:80/v1/4AFAC894-8C01-4B51-95B8-9834B92B9CB4/Users" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6IkRhaXN5WHVlIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNzY0NzI4LCJuYmYiOjE1NjE3Mjg3MjgsImlhdCI6MTU2MTcyODcyOCwianRpIjoiMjBkZjg3NTItNTg3Yy00YTllLTk4MDgtYjNlMDAyNGY1NWRkIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJhMGJjZjdhNS0wMDMxLTQzMjAtYjY1MC01ZTY2MTYxN2M0ZWEiLCJkaXNwbGF5TmFtZSI6Ilh1ZSwgRGFpc3kiLCJlbWFpbCI6IjEyM0AxMjMuY29tIn19.Wt9ad0eOsvQyMfjH7wgW3HFR2hh5DWRyNxI1DvfV59slQjVOAywFYfgftupEX3X6AnboCQ9fB8Y7lnjxz4egaV7zCRWt7cIA59eticQ-rEfBFkGwLZeBkMbyc884QCZlac9UJWEBD-rRxoa_iQTsWIM_xLqEOlwKUAatAmzA__4VkpkTEiNShyoAShCo0vPQ9UEpBho7nMyczYxW6U-gqDBSFUT6MRE95XFvvXS9CH4X8MAKaILzeje_DYIdAVhwntzIp7n3L64ZmNqw_9NWpaEs_vZ0oiwVA4FVQHoyBinyHhcUI6wtEXiWJZmxrSSfwCnNjEklSymJPniJuKpJPpIvgcCmvPZYFchwBVFTeaN6nI7y7AnQ_mCE3K1CJlW1TdEMmbQ2k9O_vHmmZIepUxPYhjnOkBE_fbAWt79n9TPfY9GUaWKUamWXoAUGXyzJomxscMuOBaDMM5lbWp9fb-1KA5ds8SgHEMDRQ3xQigIU-M8CEHGBnQ2WNC3WltCUIdvkYZmwxWfRNlMFT0KwcGXA0EAvogTDAIb-Rtn5Do4T8AbMsACwjYdJrEqJQ20g0Oy9AGuSd74zNTJkpsEuK_Bv5V8DWsPQE4bxHeTAK3zDLRyebWYONrZzSVYmLc_u1jecruw4g3rJtbfN6QoU2FLUwm4QFVYSyUgQY3UUUhM" \
--data "{
\"name\": {
\"familyName\": \"Bothel\",
\"givenName\": \"Way\",
\"middleName\": \"T\",
\"honorificSuffix\": \"Mr.\"
},
\"userName\": \"BothelWayLogin\",
\"title\": \"QA\",
\"userType\": \"Abc\",
\"preferredLanguage\": \"English\",
\"locale\": \"en-US\",
\"active\": true,
\"emails\": [
{
\"type\": \"work\",
\"value\": \"testpil@mail.com\"
},
{
\"type\": \"personemail\",
\"value\": \"testpil@mail.com\"
}
],
\"phoneNumbers\": [
{
\"type\": \"telephone\",
\"value\": \"5131234567\"
},
{
\"type\": \"mobilephone\",
\"value\": \"5131234567\"
},
{
\"type\": \"work\",
\"value\": \"5131234567\"
}
],
\"password\": \"p@$$w0rd\",
\"addresses\": [
{
\"type\": \"work\",
\"locality\": \"Dublin\",
\"region\": \"Ohio\",
\"postalCode\": \"43017\",
\"country\": \"US\",
\"streetAddress\": \"4353 Tuller Road\"
}
],
\"groups\":[
{
\"type\": \"PrimaryOrgRoleOrgZone\",
\"display\": \"name of primary org role org zone\",
\"value\": \"OrgRoleOrgZoneGuid\"
},
{
\"type\": \"OrgRoleOrgZone\",
\"display\": \"name of org role org zone\",
\"value\": \"2242506D-F379-8B50-5C36-B0D7A2002B81\"
},
{
\"type\": \"ManagementRole\",
\"display\": \"name of management role\",
\"value\": \"FBAC15CE-344D-4A14-A985-4CC63886FE70\"
}
],
\"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User\": {
\"employeeNumber\": \"ss\",
\"costCenter\": \"test\",
\"division\": \"test\",
\"manager\": {
\"displayName\": \"moctar\",
\"value\": \"74D51154-11AB-4058-A0C4-EE6977F0064E\"
},
\"organization\": \"5EB659C4-EF64-448A-8D32-8A45A70F184F\",
\"department\": \"Development\",
\"SchemaIdentifier\": \"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User\"
}
}"
Example response
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User" // auto-generated by SCIM service
],
"id":"ef7fd4bf-d6fb-4055-aa9a-a5183ccb404e", // auto-generated when the user is created
"userName":"AllenBarryLogin01", // a number is appended to non-unique user names
"name": {
"formatted": "Barry Allen", // auto-generated from familyName and givenName
"familyName": "Allen",
"givenName": "Barry",
"middleName": "West",
"honorificSuffix": "Mr."
},
"displayName": "Barry Allen", // auto-generated from familyName and givenName
"title": "QA",
"userType": "ABS",
"preferredLanguage": "English",
"locale": "en-US",
"active": true,
"emails": [
{
"type": "work",
"value": "testpil@mail.com"
},
{
"type": "personalemail",
"value": "testpil@mail.com"
}
],
"phonenumbers": [
{
"type": "telephone",
"value": "5131234567",
},
{
"type": "mobilephone",
"value": "5131234567",
},
{
"type": "work",
"value": "5131234567"
}],
"ims": [],
"photos": [],
"addresses":[
{
"streetAddress": "4353 Tuller Road",
"locality": "Dublin",
"region": "Ohio",
"postalCode": "43017",
"country": "US"
}
],
"groups":[
{
"type": "PrimaryOrgRoleOrgZone",
"display": "Standard Employee in Anywhere",
"value": "242506d-f379-8b50-5c36-b0d7a2002b81"
},
{
"type": "OrgRoleOrgZone",
"display": "Any Role in Anywhere",
"value": "19292004-d648-90ce-43f8-9744db008c24"
},
{
"type": "ManagementRole",
"display": "ACT-Person-CanUseInAssignments-All",
"value": "06ba8172-631c-46b5-af7d-ff791dfe4a9b"
},
{
"type": "ManagementRole",
"display":"ACT-Person-Reviewer-DirectReports",
"value": "b7a5136a-52fa-4147-94fb-6ea498d3a364"
},
{
"type": "ManagementRole",
"display":"All Access",
"value":"fbac15ce-344d-4a14-a985-4cc63886fe70"
},
{
"type": "ManagementRole",
"display": "VIS-Person-Self",
"value": "d6ea2fa1-d796-4a80-8ff0-e86fceebf9d9"
}
],
"entitlements": [],
"roles": [],
"x509Certificates": [],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"employeeNumber": "ss",
"costCenter": "test",
"organization": "5eb659c4-ef64-448a-8d32-8a45a70f184f",
"division": "test",
"department": "Development",
"manager": {
"value": "74d51154-11ab-4058-a0c4-ee6977f0064e",
"displayName": "moctar"
},
"SchemaIdentifier":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User" // auto-generated by SCIM service
},
"meta":{
"resourceType": "User", // auto-generated by SCIM service
"created": "2019-08-27T17:18:34.0088789Z", // auto-generated when user created
"lastModified": "2019-08-27T17:18:34.0088789Z" // auto-generated when user modified
}
}
This endpoint creates a new person object in the XXX.
HTTP Request
POST http://40.83.12.251:80/v1/{AccountStoreGuid}/Users
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
| Content-Type | application/json |
Body raw (application/json)
See Example request. Attributes are explained in the table below.
Details:
| Attribute | Description | Type | Mandatory | Default value |
|---|---|---|---|---|
name |
Person name details | |||
name.familyName |
Family name | string | Y | |
name.givenName |
Given name | string | Y | |
name.middleName |
Middle name | string | N | null |
name.honorificSuffix |
Title | string | N | null |
userName |
User name (if not supplied, auto-generated from familyName and givenName) | string | N | |
title |
Job title | string | N | null |
userType |
User type | string | N | null |
preferredLanguage |
Preferred language | string | N | null |
locale |
User locale, possible values are 'en-US', 'en-GB', 'de-DE', 'ar-SA', 'ca-ES', 'zh-CN', 'fr-FR', 'ja-JP', 'ko-KR', 'pt-BR', 'es-ES', 'th-TH', 'it-IT', 'pl-PL', 'ru-RU', 'nl-NL', 'fr-CH' or 'de-CH' | string | N | null |
active |
Is account active? | bool | N | true |
emails |
List of email addresses | array | N | null |
emails.type |
Type of email address ('work' or 'personalemail') | string | N | |
emails.value |
Email address | string | N | |
phoneNumbers |
List of phone numbers | array | N | null |
phoneNumbers.type |
Type of phone number ('work','telephone' or 'mobilephone') | string | N | |
phoneNumbers.value |
Email address | string | N | null |
password |
Password | string | Y | |
addresses |
List of postal addresses | array | N | null |
addresses.type |
Type of address (must be 'work') | string | N | |
addresses.locality |
Locality | string | N | |
addresses.region |
Region | string | N | |
addresses.postalCode |
Postal code | string | N | |
addresses.country |
Country | string | N | |
addresses.streetAddress |
Street address | string | N | |
groups |
List of groups | array | N | null |
groups.type |
Type of group ('PrimaryOrgRoleOrgZone', 'OrgRoleZone' or 'ManagementRole') | string | N | Temporary role and location for PrimaryOrgRoleOrgZone, null for the others |
groups.display |
Name of the group | string | N | |
groups.value |
Group GUID | string | N | |
urn... |
See note below. | |||
urn....employeeNumber |
Employee number | string | N | null |
urn....costCenter |
Cost center | string | N | null |
urn....division |
Division | string | N | null |
urn....manager |
Manager details | N | null | |
urn....manager.displayName |
Manager name | string | N | null |
urn....manager.value |
Manager person GUID | string | N | null |
urn....organization |
Organization GUID (must be either null or '5EB659C4-EF64-448A-8D32-8A45A70F184F') | string | N | null |
urn....department |
Department name | string | N | null |
urn....SchemaIdentifier |
Schema ID (default value is 'urn:ietf:params:scim:schemas:extension:enterprise:2.0:User') | string | N | null |
Note: The attribute abbreviated to urn... in this table is written in its full form as urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.
DEL Delete Person
Example request
curl --location --request DELETE "http://40.83.12.251:80/v1/4AFAC894-8C01-4B51-95B8-9834B92B9CB4/Users/3AF825A6-5CF1-4412-A45B-7BB802FD5C9F" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI"
This endpoint deletes the specified person object from the XXX.
HTTP Request
DEL http://40.83.12.251:80/v1/{AccountStoreGuid}/Users/{PersonGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
Groups
GET Get Group
Example request
curl --location --request GET "http://40.83.12.251:80/v1/1C31542A-73B6-46A9-A701-816F2599BF46/Groups/206678E0-E286-4F0C-A9DB-191E7331E3E0" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI"
This endpoint retrieves group information for a given user group.
HTTP Request
GET http://40.83.12.251:80/v1/{AccountStoreGuid}/Groups/{GroupGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
GET Query Group
Example request
curl --location --request GET "http://40.83.12.251:80/v1/1C31542A-73B6-46A9-A701-816F2599BF46/Groups/?filter=Id%20eq%201234" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI"
This endpoint retrieves group information for a given user group, based on the specified filters.
HTTP Request
GET http://40.83.12.251:80/v1/{AccountStoreGuid}/Groups/?filter={filter, e.g. Id eq 1234}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
Parameters
| Parameter | Value |
|---|---|
| filter | {filter, e.g. 'Id eq 1234'} |
| Possible filters are: DisplayName, Id |
PATCH Update Group
Example request
curl --location --request PATCH "http://40.83.12.251:80/v1/1C31542A-73B6-46A9-A701-816F2599BF46/Groups/206678E0-E286-4F0C-A9DB-191E7331E3E0" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI" \
--data "{
\"schemas\": [
\"urn:ietf:params:scim:api:messages:2.0:PatchOp\"
],
\"Operations\": [
{
\"op\": \"add\",
\"path\": \"members\",
\"value\": [
{
\"type\": \"account\",
\"value\": \"6EDF2CE6-DF62-4E04-925B-D82A5E439F4F\"
}
]
}
]
}"
This endpoint updates group information for a given user group.
HTTP Request
PATCH http://40.83.12.251:80/v1/{AccountStoreGuid}/Groups/{GroupGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
| Content-Type | application/json |
Body raw (application/json)
See Example request. We only support membership updates for groups.
Operations must have an op value of add or remove.
POST Create Group
Example request
curl --location --request POST "http://40.83.12.251:80/v1/1C31542A-73B6-46A9-A701-816F2599BF46/Groups" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI" \
--data "{
\"displayName\": \"My group\",
\"urn:ietf:params:scim:schemas:extension:XXXGroup:2.0:Group\":
{
\"objectType\": \"Group\",
\"groupType\": \"Generic Group\"
}
}"
This endpoint creates a new user group in the account store.
HTTP Request
POST http://40.83.12.251:80/v1/{AccountStoreGuid}/Groups
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
| Content-Type | application/json |
Body raw (application/json)
See Example request. Attributes are explained in the table below.
| Attribute | Description | Type | Mandatory |
|---|---|---|---|
displayName |
Name of group | string | Y |
urn... |
See note below | string | Y |
urn....objectType |
Must be 'Group' | string | Y |
urn....groupType |
Must be 'SecurityUniversal', 'SecurityGlobal', 'SecurityDomainLocal', 'BuiltInLocal', 'SystemCreated', 'DistributionGlobal', 'DistributionDomainLocal', 'DistributionUniversal', 'Generic Group', 'posixGroup', 'groupOfEntries', 'groupOfNames', 'groupOfUniqueNames', 'RBACOnly', 'ProfileGroup', 'PrimaryRoleGroup', 'Office 365 Group', 'RoleGroup', 'SAPSingleRole', 'SAPCompositeRole', 'SAPSingleProfile', 'SAPCompositeProfile', 'SAPTransaction', 'ServiceNowGroup', 'SF Permission Set', 'SharePointOnlineGroup', 'Permission', 'ADOBE_USER_GROUP', 'ADOBE_PRODUCT_PROFILE'. 'ADOBE_SYSADMIN_GROUP', 'ADOBE_DEPLOYMENT_ADMIN_GROUP', 'ADOBE_SUPPORT_ADMIN_GROUP', 'ADOBE_PRODUCT_ADMIN_GROUP', 'ADOBE_PROFILE_ADMIN_GROUP', 'ADOBE_USER_ADMIN_GROUP', 'DESIGN_TIME_ROLE' or 'RUN_TIME_ROLE' | string | Y |
Note: The attribute abbreviated to urn... in this table is written in its full form as urn:ietf:params:scim:schemas:extension:XXXGroup:2.0:Group.
DEL Delete Group
Example request
curl --location --request DELETE "http://40.83.12.251:80/v1/1C31542A-73B6-46A9-A701-816F2599BF46/Groups/206678E0-E286-4F0C-A9DB-191E7331E3E0" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5N206678E0-E286-4F0C-A9DB-191E7331E3E0zQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI"
This endpoint deletes the specified user group from the account store.
HTTP Request
DEL http://40.83.12.251:80/v1/{AccountStoreGuid}/Groups/{GroupGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
Management Roles
GET Get Management Role
Example request
curl --location --request GET "http://40.83.12.251:80/v1/4AFAC894-8C01-4B51-95B8-9834B92B9CB4/Groups/624B1EC6-66F5-4724-848D-1055863B111B" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI"
This endpoint retrieves Management Role information from the XXX.
HTTP Request
GET http://40.83.12.251:80/v1/{AccountStoreGuid}/Groups/{ManagementRoleGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
PATCH Update Management Role
Example request
curl --location --request PATCH "http://40.83.12.251:80/v1/4AFAC894-8C01-4B51-95B8-9834B92B9CB4/Groups/624B1EC6-66F5-4724-848D-1055863B111B" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI" \
--data "{
\"schemas\": [
\"urn:ietf:params:scim:api:messages:2.0:PatchOp\"
],
\"Operations\": [
{
\"op\": \"add\",
\"path\": \"members\",
\"value\": [
{
\"type\": \"person\",
\"Value\": \"11e6fcc8-d64b-4b37-a75f-a7bb6c9cefd5\"
}
]
}
]
}"
This endpoint updates Management Role information for a specific role in the XXX.
HTTP Request
PATCH http://40.83.12.251:80/v1/{AccountStoreGuid}/Groups/{ManagementRoleGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
| Content-Type | application/json |
Body raw (application/json)
See Example request. See Example request. We only support membership updates for Management Roles.
Operations must have an op value of add or remove.
POST Create Management Role
Example request
curl --location --request POST "http://40.83.12.251:80/v1/4AFAC894-8C01-4B51-95B8-9834B92B9CB4/Groups" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI" \
--data "{
\"displayName\": \"test create managementRole\",
\"urn:ietf:params:scim:schemas:extension:XXXGroup:2.0:Group\":
{
\"objectType\": \"Management Role\",
\"groupType\": \"Generic\",
\"parent\": \"99D29856-9ECC-499B-8301-1C5F24EC770E\",
\"location\": \"561E7230-C935-4E14-894A-76DE41852FAB\"
}
}"
This endpoint creates a new Management Role in the XXX.
HTTP Request
POST http://40.83.12.251:80/v1/{AccountStoreGuid}/Groups
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
| Content-Type | application/json |
Body raw (application/json)
See Example request. Attributes are explained in the table below.
| Attribute | Description | Type | Mandatory |
|---|---|---|---|
displayName |
Name of management role | string | Y |
urn... |
See note below | string | Y |
urn....objectType |
Must be 'Management Role' | string | Y |
urn....groupType |
Must be 'Generic', 'Project', 'Contract', 'Team', 'SharePoint', 'Notifications', 'FeatureSet', 'Role Mining', 'BusinessTask', 'Software', 'Visibility', 'Activity' or 'DistributionList' | string | Y |
urn....parent |
Management role definition GUID | string | Y |
urn....location |
Target organization zone GUID | string | Y |
Note: The attribute abbreviated to urn... in this table is written in its full form as urn:ietf:params:scim:schemas:extension:XXXGroup:2.0:Group.
DEL Delete Management Role
Example request
curl --location --request DELETE "http://40.83.12.251:80/v1/4AFAC894-8C01-4B51-95B8-9834B92B9CB4/Groups/624B1EC6-66F5-4724-848D-1055863B111B" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI"
This endpoint deletes the specified Management Role from the XXX.
HTTP Request
DEL http://40.83.12.251:80/v1/{AccountStoreGuid}/Groups/{ManagementRoleGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
Business Roles
GET Get Business Role and Location
Example request
curl --location --request GET "http://40.83.12.251:80/v1/4AFAC894-8C01-4B51-95B8-9834B92B9CB4/Groups/17BCAB8D-E5B0-91AC-2640-C806533F5605" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI"
This endpoint retrieves Business Role and Location information from the XXX.
HTTP Request
GET http://40.83.12.251:80/v1/{AccountStoreGuid}/Groups/{OrgRoleOrgZoneGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
PATCH Update Business Role and Location
Example request
curl --location --request PATCH "http://40.83.12.251:80/v1/4AFAC894-8C01-4B51-95B8-9834B92B9CB4/Groups/17BCAB8D-E5B0-91AC-2640-C806533F5605" \
--header "Content-Type: application/json" \
--header "Authorization: Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6Im1yVGE3cG1DQUR3ZWZSX2NQMGpUbzkyVjd2YyIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL3Nzby5lbXBvd2VyaWFtLmNvbSIsInN1YiI6ImVtcG93ZXJpZGFkbWluIiwiYXVkIjoiNmMzZTc0YjYtN2RmYi00NDFmLWFjMmUtNTE5Y2ViMzUzYTcwIiwiZXhwIjoxNTYxNjEyOTc0LCJuYmYiOjE1NjE1NzY5NzQsImlhdCI6MTU2MTU3Njk3NCwianRpIjoiZWI1YTM4OWUtMzE3Ni00MTg5LTlmODUtZDc2MzRhYzRhYTRjIiwiYXR0cmliIjp7InBlcnNvbkd1aWQiOiJlYzI4ODNmZC1hYWFhLTQ3YzItYTY1ZS1lYTczMzU2OTBiMzIiLCJkaXNwbGF5TmFtZSI6IkVtcG93ZXJJRCBBZG1pbiIsImVtYWlsIjoidGVzdEBlbWFpbC5jb20ifX0.oThy9mrL50mmROIixA2lkNi_2pyohxVXBD_CgcqdbvCEfdeiYqTemu8wKCIcB_9XM2J-Q6_W6PLdefsYU8gYWWXyDVAcoa5WCzryjt5Iimc5XOEIsLJcPBsV6pyglOmlnoz-wDLRy3r4Qs0vgi8vj9qlWMXhpEHYYuzYGD_7wH3ordloEH9tMHASPc0Pa9r-WLA3Kc9go_N5gFQ_8HAsjcAQkpi1BgGYJet27gGw4f2MxrB1Wiob4mM6Fo6KKYKfWfVWLgDX3wYcPLTLJgrfwZgPjhgYxwxUWuSYom5tV5M_p1nJsyeOoYn6QGU-F2BATzll3HuSkiXefkj-AmWZQizX6ITUFWzkBVYzy88rDVNxQx0VTAk62sEiqNjKgSvns7Pwji7qzgXPEMieJ-qYa3JicfbdVVTlITCrgOLyIQYNzDeYk8OzCDJBmw11GkIO2wyf3jwRcD6lq3ujbGfHE5kwmxlO3D0dk1RNu0OZhr9XX6OE8kYj5_IDn-H8eEGi_L5LaBvEcFliDrk-FETtg8o-PHFp_ygNA2XpG36W1C9_R_xHJ3QQp5Zr09-_-8448yZOlBL_6OArhtffIr-MuPZqocH5uxxT-Kkc3C2e1n4gOAyGzt1jOADV3MVRdLBuGEa95lg0N7QrAMkVmFPL7VMxD6exCQxEqZx-sGMe4UI" \
--data "{
\"schemas\": [
\"urn:ietf:params:scim:api:messages:2.0:PatchOp\"
],
\"Operations\": [
{
\"op\": \"add\",
\"path\": \"members\",
\"value\": [
{
\"type\": \"person\",
\"value\": \"11e6fcc8-d64b-4b37-a75f-a7bb6c9cefd5\"
}
]
}
]
}"
This endpoint updates Business Role and Location information in the XXX.
HTTP Request
PATCH http://40.83.12.251:80/v1/{AccountStoreGuid}/Groups/{OrgRoleOrgZoneGuid}
Headers
| Parameter | Value |
|---|---|
| Authorization | Bearer <Access Token Returned by Access Token (Password)> |
| Content-Type | application/json |
Body raw (application/json)
See Example request. See Example request. We only support membership updates for Business Roles and Locations.
Operations must have an op value of add or remove.
Response codes
XXX API uses the following response codes:
| Response code | Meaning |
|---|---|
| 200 | Success |
| 204 | No Content -- Success code for DELETE endpoints |
| 400 | Bad Request -- Your request is invalid |
| 401 | Unauthorized |
| 404 | Not Found -- The specified resource could not be found |
| 500 | Internal Server Error |