Identity Service Partner API

Version: v1

Application

Register an application

POST/api/tenants/{tenant}/applications

Example Request

{
   "homepageUrl": "https://myapp.org",
   "roles": [ids:app_admin, ids:user_admin, ids:tenant_admin],
   "theme": "default",
   "consentType": "implicit",
   "type": "confidential",
   "grantTypes": [authorization_code],
   "endpoints": [authorization, token, logout, introspection, revocation],
   "scopes": [email, phone, profile],
   "redirectUris": [https://myapp.org/callback],
   "postLogoutRedirectUris": [https://myapp.org/signed-out],
   "clientId": "my-new-app"
}

Parameters

Name	Description
`tenant`* required string (path)
`homepageUrl` string (body)
`roles` array (body)
`displayName` string (body)
`theme` string (body)
`consentType` string (body)
`type` string (body)
`grantTypes` array (body)
`endpoints` array (body)
`scopes` array (body)
`redirectUris` array (body)
`postLogoutRedirectUris` array (body)
`allowUnregisteredUsersToSignIn` boolean (body)
`hideTenantDisplayNameDuringLogIn` boolean (body)
`allowRegister` boolean (body)
`disableLoginAlerts` boolean (body)
`additionalLinks` string (body)
`definedRoles` array (body)
`clientId`* required string (body)
`applicationType` (body)

Responses

200

Success

{
   "clientId": null,
   "clientSecret": null
}

Name	Type	Description	Format
clientId	string
clientSecret	string

400

Bad Request

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Get an application's details

GET/api/tenants/{tenant}/applications/{clientId}

Parameters

Name Description

Name	Description
`clientId`* required string (path)
`tenant`* required string (path)

clientId* required

string

(path)

tenant* required

string

(path)

Responses

200

Success

{
   "displayName": null,
   "clientId": null,
   "clientSecret": null,
   "theme": null,
   "redirectUris": null,
   "postLogoutRedirectUris": null,
   "consentType": null,
   "type": null,
   "grantTypes": null,
   "endpoints": null,
   "scopes": null,
   "homepageUrl": null,
   "sampleHomepageUrl": null,
   "allowUnregisteredUsersToSignIn": false,
   "hideTenantDisplayNameDuringLogIn": false,
   "allowRegister": false,
   "disableLoginAlerts": false,
   "appSwitcherProductId": null,
   "additionalLinks": null,
   "tenant": null,
   "definedRoles": null,
   "roles": null,
   "tenants": null
}

Name	Type	Description	Format
displayName	string
clientId	string
clientSecret	string
theme	string
redirectUris	array
postLogoutRedirectUris	array
consentType	string
type	string
grantTypes	array
endpoints	array
scopes	array
homepageUrl	string
sampleHomepageUrl	string
allowUnregisteredUsersToSignIn	boolean
hideTenantDisplayNameDuringLogIn	boolean
allowRegister	boolean
disableLoginAlerts	boolean
appSwitcherProductId	string
additionalLinks	string
tenant	string
definedRoles	array
roles	array
tenants	array

400

Bad Request

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Update an Application

PATCH/api/tenants/{tenant}/applications/{clientId}

Example Request

{
   "homepageUrl": "https://myapp.org",
   "roles": [ids:app_admin, ids:user_admin, ids:tenant_admin],
   "theme": "default",
   "consentType": "implicit",
   "type": "confidential",
   "grantTypes": [authorization_code],
   "endpoints": [authorization, token, logout, introspection, revocation],
   "scopes": [email, phone, profile],
   "redirectUris": [https://myapp.org/callback],
   "postLogoutRedirectUris": [https://myapp.org/signed-out]
}

Parameters

Name	Description
`tenant`* required string (path)
`clientId`* required string (path)
`homepageUrl` string (body)
`roles` array (body)
`displayName` string (body)
`theme` string (body)
`consentType` string (body)
`type` string (body)
`grantTypes` array (body)
`endpoints` array (body)
`scopes` array (body)
`redirectUris` array (body)
`postLogoutRedirectUris` array (body)
`allowUnregisteredUsersToSignIn` boolean (body)
`hideTenantDisplayNameDuringLogIn` boolean (body)
`allowRegister` boolean (body)
`disableLoginAlerts` boolean (body)
`additionalLinks` string (body)
`definedRoles` array (body)

Responses

202

Accepted

{
   "displayName": null,
   "clientId": null,
   "clientSecret": null,
   "theme": null,
   "redirectUris": null,
   "postLogoutRedirectUris": null,
   "consentType": null,
   "type": null,
   "grantTypes": null,
   "endpoints": null,
   "scopes": null,
   "homepageUrl": null,
   "sampleHomepageUrl": null,
   "allowUnregisteredUsersToSignIn": false,
   "hideTenantDisplayNameDuringLogIn": false,
   "allowRegister": false,
   "disableLoginAlerts": false,
   "appSwitcherProductId": null,
   "additionalLinks": null,
   "tenant": null,
   "definedRoles": null,
   "roles": null,
   "tenants": null
}

Name	Type	Description	Format
displayName	string
clientId	string
clientSecret	string
theme	string
redirectUris	array
postLogoutRedirectUris	array
consentType	string
type	string
grantTypes	array
endpoints	array
scopes	array
homepageUrl	string
sampleHomepageUrl	string
allowUnregisteredUsersToSignIn	boolean
hideTenantDisplayNameDuringLogIn	boolean
allowRegister	boolean
disableLoginAlerts	boolean
appSwitcherProductId	string
additionalLinks	string
tenant	string
definedRoles	array
roles	array
tenants	array

Add an application to a tenant

POST/api/tenants/{tenant}/applications/{clientId}

Example Request

{
   "homepageUrl": "https://myapp.org",
   "roles": [ids:app_admin, ids:user_admin, ids:tenant_admin]
}

Parameters

Name	Description
`tenant`* required string (path)
`clientId`* required string (path)
`homepageUrl` string (body)
`roles` array (body)

Responses

200

Success

{
   "displayName": null,
   "clientId": null,
   "clientSecret": null,
   "theme": null,
   "redirectUris": null,
   "postLogoutRedirectUris": null,
   "consentType": null,
   "type": null,
   "grantTypes": null,
   "endpoints": null,
   "scopes": null,
   "homepageUrl": null,
   "sampleHomepageUrl": null,
   "allowUnregisteredUsersToSignIn": false,
   "hideTenantDisplayNameDuringLogIn": false,
   "allowRegister": false,
   "disableLoginAlerts": false,
   "appSwitcherProductId": null,
   "additionalLinks": null,
   "tenant": null,
   "definedRoles": null,
   "roles": null,
   "tenants": null
}

Name	Type	Description	Format
displayName	string
clientId	string
clientSecret	string
theme	string
redirectUris	array
postLogoutRedirectUris	array
consentType	string
type	string
grantTypes	array
endpoints	array
scopes	array
homepageUrl	string
sampleHomepageUrl	string
allowUnregisteredUsersToSignIn	boolean
hideTenantDisplayNameDuringLogIn	boolean
allowRegister	boolean
disableLoginAlerts	boolean
appSwitcherProductId	string
additionalLinks	string
tenant	string
definedRoles	array
roles	array
tenants	array

400

Bad Request

{
   "type": null,
   "title": null,
   "status": null,
   "detail": null,
   "instance": null
}

Name	Type	Format
type	string
title	string
status	integer	int32
detail	string
instance	string

ExternalLogin

Http-based SSO

POST/api/{tenant}/sso/{provider}/sign-on

Example Request

{
   "sub": ""
}

Parameters

Name	Description
`tenant`* required string (path)
`provider`* required string (path)
`sub`* required string (body)
`email` string (body)
`emailVerified` boolean (body)
`givenName` string (body)
`familyName` string (body)
`phoneNumber` string (body)
`addressLine1` string (body)
`addressLine2` string (body)
`locality` string (body)
`region` string (body)
`postalCode` string (body)
`country` string (body)

Responses

200

Returns a valid state token which can be passed to the authorize api

{
   "sessionToken": null,
   "stateToken": null,
   "next": "done",
   "principal": ,
   "items": null
}

Name	Type	Description	Format
sessionToken	string
stateToken	string
next	string
principal
items	object

401

If you failed to authenticate your call to this api

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

403

If you don't have the required role to call this api (ids:tenant_http_sso)

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

If the tenant or sso provider does no exist

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

NoAccessRedirect

GET/no-access-callback

Parameters

Name Description

Name	Description
`state` string (query)

state

string

(query)

Responses

200

Success

OpDashboard

GET/_/op-dashboard

Parameters

Name	Description

Responses

200

Success

ProfileRedirect

GET/profile

Parameters

Name Description

Name	Description
`state` string (query)

state

string

(query)

Responses

200

Success

SsoProvider

GET/api/tenants/{tenant}/sso-providers

Parameters

Name Description

tenant* required

string

(path)

Responses

200

Success

{
   "name": null,
   "displayName": null,
   "authority": null,
   "clientId": null,
   "type": null,
   "metadataLocation": null,
   "signingKey": null,
   "bindingType": null,
   "singleSignOnUrl": null,
   "hidden": null,
   "getClaimsFromUserInfoEndpoint": null,
   "domains": null,
   "singleSignOutUrl": null,
   "handler": null,
   "additionalParameters": null
}

Name	Type	Description	Format
name	string
displayName	string
authority	string
clientId	string
type	string
metadataLocation	string
signingKey	string
bindingType	string
singleSignOnUrl	string
hidden	boolean
getClaimsFromUserInfoEndpoint	boolean
domains	array
singleSignOutUrl	string
handler	string
additionalParameters	object

400

Bad Request

{
   "type": null,
   "title": null,
   "status": null,
   "detail": null,
   "instance": null
}

Name	Type	Format
type	string
title	string
status	integer	int32
detail	string
instance	string

Create a new Sso Provider.

POST/api/tenants/{tenant}/sso-providers

Example Request

Parameters

Name	Description
`tenant`* required string (path)
`name` string (body)
`displayName` string (body)
`authority` string (body)
`clientId` string (body)
`clientSecret` string (body)
`type` string (body)
`metadataLocation` string (body)
`signingKey` string (body)
`bindingType` string (body)
`singleSignOnUrl` string (body)
`hidden` boolean (body)
`getClaimsFromUserInfoEndpoint` boolean (body)
`domains` array (body)
`singleSignOutUrl` string (body)
`handler` string (body)
`additionalParameters` object (body)

Responses

200

Success

{
   "name": null,
   "displayName": null,
   "authority": null,
   "clientId": null,
   "type": null,
   "metadataLocation": null,
   "signingKey": null,
   "bindingType": null,
   "singleSignOnUrl": null,
   "hidden": null,
   "getClaimsFromUserInfoEndpoint": null,
   "domains": null,
   "singleSignOutUrl": null,
   "handler": null,
   "additionalParameters": null
}

Name	Type	Description	Format
name	string
displayName	string
authority	string
clientId	string
type	string
metadataLocation	string
signingKey	string
bindingType	string
singleSignOnUrl	string
hidden	boolean
getClaimsFromUserInfoEndpoint	boolean
domains	array
singleSignOutUrl	string
handler	string
additionalParameters	object

400

Bad Request

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

Not Found

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Get a sso provider

GET/api/tenants/{tenant}/sso-providers/{provider}

Parameters

Name Description

tenant* required

string

(path)

provider* required

string

(path)

Responses

200

Returns the sso provider record

{
   "name": null,
   "displayName": null,
   "authority": null,
   "clientId": null,
   "type": null,
   "metadataLocation": null,
   "signingKey": null,
   "bindingType": null,
   "singleSignOnUrl": null,
   "hidden": null,
   "getClaimsFromUserInfoEndpoint": null,
   "domains": null,
   "singleSignOutUrl": null,
   "handler": null,
   "additionalParameters": null
}

Name	Type	Description	Format
name	string
displayName	string
authority	string
clientId	string
type	string
metadataLocation	string
signingKey	string
bindingType	string
singleSignOnUrl	string
hidden	boolean
getClaimsFromUserInfoEndpoint	boolean
domains	array
singleSignOutUrl	string
handler	string
additionalParameters	object

404

If the tenant or sso provider doesn't exist, or if this sso provider is not connected to the tenant.

{
   "type": null,
   "title": null,
   "status": null,
   "detail": null,
   "instance": null
}

Name	Type	Format
type	string
title	string
status	integer	int32
detail	string
instance	string

Add an existing Federated Identity Provider

POST/api/tenants/{tenant}/sso-providers/{provider}

Example Request

Parameters

Name	Description
`tenant`* required string (path)
`provider`* required string (path)
`handler` string (body)
`additionalParameters` object (body)

Responses

200

Success

{
   "name": null,
   "displayName": null,
   "authority": null,
   "clientId": null,
   "type": null,
   "metadataLocation": null,
   "signingKey": null,
   "bindingType": null,
   "singleSignOnUrl": null,
   "hidden": null,
   "getClaimsFromUserInfoEndpoint": null,
   "domains": null,
   "singleSignOutUrl": null,
   "handler": null,
   "additionalParameters": null
}

Name	Type	Description	Format
name	string
displayName	string
authority	string
clientId	string
type	string
metadataLocation	string
signingKey	string
bindingType	string
singleSignOnUrl	string
hidden	boolean
getClaimsFromUserInfoEndpoint	boolean
domains	array
singleSignOutUrl	string
handler	string
additionalParameters	object

400

Bad Request

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

Not Found

{
   "type": null,
   "title": null,
   "status": null,
   "detail": null,
   "instance": null
}

Name	Type	Format
type	string
title	string
status	integer	int32
detail	string
instance	string

Update an sso provider

PATCH/api/tenants/{tenant}/sso-providers/{provider}

Example Request

Parameters

Name	Description
`tenant`* required string (path)
`provider`* required string (path)
`displayName` string (body)
`authority` string (body)
`clientId` string (body)
`clientSecret` string (body)
`type` string (body)
`metadataLocation` string (body)
`signingKey` string (body)
`bindingType` string (body)
`singleSignOnUrl` string (body)
`hidden` boolean (body)
`getClaimsFromUserInfoEndpoint` boolean (body)
`domains` array (body)
`handler` string (body)
`singleSignOutUrl` string (body)
`additionalParameters` object (body)

Responses

200

Success

{
   "name": null,
   "displayName": null,
   "authority": null,
   "clientId": null,
   "type": null,
   "metadataLocation": null,
   "signingKey": null,
   "bindingType": null,
   "singleSignOnUrl": null,
   "hidden": null,
   "getClaimsFromUserInfoEndpoint": null,
   "domains": null,
   "singleSignOutUrl": null,
   "handler": null,
   "additionalParameters": null
}

Name	Type	Description	Format
name	string
displayName	string
authority	string
clientId	string
type	string
metadataLocation	string
signingKey	string
bindingType	string
singleSignOnUrl	string
hidden	boolean
getClaimsFromUserInfoEndpoint	boolean
domains	array
singleSignOutUrl	string
handler	string
additionalParameters	object

400

Bad Request

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

Not Found

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Remove an sso provider

DELETE/api/tenants/{tenant}/sso-providers/{provider}

Parameters

Name Description

tenant* required

string

(path)

provider* required

string

(path)

Responses

204

No Content

404

Not Found

{
   "type": null,
   "title": null,
   "status": null,
   "detail": null,
   "instance": null
}

Name	Type	Format
type	string
title	string
status	integer	int32
detail	string
instance	string

GET/api/tenants/{tenant}/sso-providers/search

Parameters

Name Description

tenant* required

string

(path)

s

string

(query)

Responses

200

Success

Tenants

Get a tenant

GET/api/tenants/{tenant}

Parameters

Name Description

tenant* required

string

(path)

Responses

200

Returns the tenant record

{
   "id": "",
   "displayName": null,
   "slug": null,
   "signInWithUsername": false,
   "signInWithEmail": false,
   "signInWithPhone": false,
   "theme": null,
   "logo": null,
   "passwordFormat": undefined,
   "ssoProviders": null,
   "emailConfirmationType": undefined,
   "features": null,
   "unsubscribeGroups": null,
   "enableMFA": false
}

Name	Type	Format
id	string	uuid
displayName	string
slug	string
signInWithUsername	boolean
signInWithEmail	boolean
signInWithPhone	boolean
theme	string
logo	string
passwordFormat	integer	int32
ssoProviders	array
emailConfirmationType	integer	int32
features	array
unsubscribeGroups	array
enableMFA	boolean

404

If the tenant does not exist

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Create or Update a tenant

PUT/api/tenants/{tenant}

Example Request

{
   "displayName": "My New Tenant",
   "type": "org_tenant",
   "theme": "default",
   "logo": "https://myapp.com/img/logo.png",
   "passwordFormat": 0,
   "trustedTenants": [my-existing-tenant, myschool-portal]
}

Parameters

Name	Description
`tenant`* required string (path)
`displayName`* required string (body)
`type` string (body)
`theme` string (body)
`logo` string (body)
`signInWithUsername` boolean (body)
`signInWithEmail` boolean (body)
`signInWithPhone` boolean (body)
`passwordFormat` integer (body)
`emailConfirmationType` integer (body)
`trustedTenants` array (body)

Responses

200

If the tenant was created or updated successfully

400

If there was a validation error

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Create a tenant

POST/api/tenants

Example Request

{
   "displayName": "My New Tenant",
   "type": "org_tenant",
   "theme": "default",
   "logo": "https://myapp.com/img/logo.png",
   "passwordFormat": 0,
   "trustedTenants": [my-existing-tenant, myschool-portal],
   "slug": "my-new-tenant"
}

Parameters

Name	Description
`displayName`* required string (body)
`type` string (body)
`theme` string (body)
`logo` string (body)
`signInWithUsername` boolean (body)
`signInWithEmail` boolean (body)
`signInWithPhone` boolean (body)
`passwordFormat` integer (body)
`emailConfirmationType` integer (body)
`trustedTenants` array (body)
`slug` string (body)

Responses

200

If the tenant was created successfully

400

If there was a validation error

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Users

Get updated user information

GET/api/tenants/{tenant}/users/{id}

Parameters

Name Description

id* required

string

(path)

tenant* required

string

(path)

Responses

200

Returns the user record

{
   "id": "",
   "userName": "marie.foley526",
   "givenName": "Marie",
   "familyName": "Foley",
   "email": "[email protected]",
   "emailConfirmed": true,
   "phoneNumber": "17757227923",
   "phoneNumberConfirmed": false,
   "status": "active",
   "lastLogin": null,
   "addressA": null,
   "addressB": null,
   "stateOrProvince": null,
   "city": null,
   "postalCode": null,
   "country": null,
   "picture": null,
   "meta": null
}

Name	Type	Format
id	string	uuid
userName	string
givenName	string
familyName	string
email	string
emailConfirmed	boolean
phoneNumber	string
phoneNumberConfirmed	boolean
status	string
lastLogin	string	date-time
addressA	string
addressB	string
stateOrProvince	string
city	string
postalCode	string
country	string
picture	string
meta	object

403

If you do not have access to this tenant or user

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

If the user or tenant do not exist

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Update an existing user

PATCH/api/tenants/{tenant}/users/{id}

Example Request

{
   "status": "active",
   "addressLine1": "1234 Example St.",
   "city": "Townville",
   "postalCode": "12345",
   "familyName": "Smith"
}

Parameters

Name	Description
`id`* required string (path)
`tenant`* required string (path)
`email` string (body)
`emailConfirmed` boolean (body)
`status` string (body)
`phoneNumber` string (body)
`addressA` string (body)
`addressLine1` string (body)
`addressB` string (body)
`addressLine2` string (body)
`stateOrProvince` string (body)
`city` string (body)
`postalCode` string (body)
`country` string (body)
`givenName` string (body)
`familyName` string (body)
`userName` string (body)
`clientId` string (body)
`meta` object (body)
`picture` string (body)
`initials` string (body)
`initialsBackground` string (body)

Responses

204

If the user was successfully updated

400

If the request was invalid

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

403

If you do not have access to this tenant or user

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

If the user or tenant do not exist

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Delete a specified user

DELETE/api/tenants/{tenant}/users/{id}

Parameters

Name Description

id* required

string

(path)

tenant* required

string

(path)

Responses

204

If the user was successfully removed from your tenant

403

If you do not have access to this tenant or user

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

If the user or tenant do not exist

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Get user information by email

GET/api/tenants/{tenant}/users

Parameters

Name Description

email

string

(query)

tenant* required

string

(path)

Responses

200

Returns the user record

{
   "id": "",
   "userName": "marie.foley526",
   "givenName": "Marie",
   "familyName": "Foley",
   "email": "[email protected]",
   "emailConfirmed": true,
   "phoneNumber": "17757227923",
   "phoneNumberConfirmed": false,
   "status": "active",
   "lastLogin": null,
   "addressA": null,
   "addressB": null,
   "stateOrProvince": null,
   "city": null,
   "postalCode": null,
   "country": null,
   "picture": null,
   "meta": null
}

Name	Type	Format
id	string	uuid
userName	string
givenName	string
familyName	string
email	string
emailConfirmed	boolean
phoneNumber	string
phoneNumberConfirmed	boolean
status	string
lastLogin	string	date-time
addressA	string
addressB	string
stateOrProvince	string
city	string
postalCode	string
country	string
picture	string
meta	object

400

If the request was invalid

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

403

If you do not have access to this tenant or user

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Invite new user

POST/api/tenants/{tenant}/users

Example Request

{
   "email": "[email protected]",
   "username": "jdoe21",
   "givenName": "Jane",
   "familyName": "Doe",
   "phoneNumber": "(123) 456-7890",
   "addressA": "1234 Example St.",
   "city": "Townville",
   "postalCode": "12345"
}

Parameters

Name	Description
`tenant`* required string (path)
`email`* required string (body)
`username` string (body)
`givenName` string (body)
`familyName` string (body)
`phoneNumber` string (body)
`addressA` string (body)
`addressB` string (body)
`stateOrProvince` string (body)
`city` string (body)
`postalCode` string (body)
`country` string (body)
`clientId` string (body)
`guest` boolean (body)
`migration` boolean (body)
`emailTemplateId` string (body)
`emailTemplateData` object (body)
`inviteFromTenants` array (body)
`meta` object (body)

Responses

200

Returns the newly created user record

{
   "id": "",
   "givenName": null,
   "familyName": null,
   "email": null,
   "emailConfirmed": false,
   "phoneNumber": null,
   "phoneNumberConfirmed": false
}

Name	Type	Format
id	string	uuid
givenName	string
familyName	string
email	string
emailConfirmed	boolean
phoneNumber	string
phoneNumberConfirmed	boolean

400

If the user already exists, or some other validation error

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

403

If you do not have access to this tenant or user

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

If the tenant does not exist

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Board an existing user to this tenant

POST/api/tenants/{tenant}/users/board

Example Request

{
   "userName": "jane.doe",
   "givenName": "Jane",
   "familyName": "Doe",
   "passwordHash": "Cjok3....ajsoidj",
   "email": "[email protected]",
   "emailConfirmed": true,
   "phoneNumber": "(123) 456-7890",
   "phoneNumberConfirmed": false
}

Parameters

Name	Description
`tenant`* required string (path)
`userName` string (body)
`givenName` string (body)
`familyName` string (body)
`passwordHash` string (body)
`email` string (body)
`emailConfirmed` boolean (body)
`phoneNumber` string (body)
`phoneNumberConfirmed` boolean (body)
`userLoginInfo` array (body)
`addressA` string (body)
`addressB` string (body)
`stateOrProvince` string (body)
`city` string (body)
`postalCode` string (body)
`country` string (body)
`clientId` string (body)
`passwordFormat` integer (body)

Responses

201

Returns the newly created user record

{
   "id": "",
   "userName": "marie.foley526",
   "givenName": "Marie",
   "familyName": "Foley",
   "email": "[email protected]",
   "emailConfirmed": true,
   "phoneNumber": "17757227923",
   "phoneNumberConfirmed": false,
   "status": "active",
   "lastLogin": null,
   "addressA": null,
   "addressB": null,
   "stateOrProvince": null,
   "city": null,
   "postalCode": null,
   "country": null,
   "picture": null,
   "meta": null
}

Name	Type	Format
id	string	uuid
userName	string
givenName	string
familyName	string
email	string
emailConfirmed	boolean
phoneNumber	string
phoneNumberConfirmed	boolean
status	string
lastLogin	string	date-time
addressA	string
addressB	string
stateOrProvince	string
city	string
postalCode	string
country	string
picture	string
meta	object

400

If the user already exists, or some other validation error

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

403

If you do not have access to this tenant or user

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

If the tenant does not exist

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Update the password for the specified user

POST/api/tenants/{tenant}/users/{id}/update-password

Example Request

{
   "oldPassword": "",
   "newPassword": ""
}

Parameters

Name	Description
`tenant`* required string (path)
`id`* required string (path)
`oldPassword`* required string (body)
`newPassword`* required string (body)

Responses

204

If the password update was successful

400

If the password update failed

403

If you do not have access to this tenant or user

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

If the user or tenant do not exist

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Send a password reset email to the specified user

POST/api/tenants/{tenant}/users/{id}/forgot-password

Example Request

Parameters

Name Description

tenant* required

string

(path)

id* required

string

(path)

clientId

string

(body)

Responses

204

If the user was sent a password reset email

403

If you do not have access to this tenant or user

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

If the user or tenant do not exist

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

GET/api/tenants/{tenant}/users/{id}/roles

Parameters

Name Description

id* required

string

(path)

tenant* required

string

(path)

Responses

403

Forbidden

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

POST/api/tenants/{tenant}/users/{id}/roles

Example Request

{
   "roleName": ""
}

Parameters

Name Description

id* required

string

(path)

tenant* required

string

(path)

roleName* required

string

(body)

Responses

403

Forbidden

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

DELETE/api/tenants/{tenant}/users/{id}/roles/{roleName}

Parameters

Name Description

id* required

string

(path)

tenant* required

string

(path)

roleName* required

string

(path)

Responses

403

Forbidden

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Webhooks

Get all webhook subscriptions

GET/api/tenants/{tenant}/webhooks

Parameters

Name Description

tenant* required

string

(path)

Responses

200

Returns a list of webhook subscriptions

{
   "url": "https://myapp.com/webhook-listener",
   "eventSubscriptions": [account.profile_updated, account.email_updated],
   "id": "b93a8728-f59a-469d-8fc3-923769a590a0",
   "isEnabled": true
}

Name	Type	Description	Format
url	string
eventSubscriptions	array
id	string
isEnabled	boolean

400

If the tenant does not exist or you do not have access

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Register a new webhook

POST/api/tenants/{tenant}/webhooks

Example Request

{
   "url": "https://myapp.com/webhook-listener",
   "eventSubscriptions": [account.profile_updated, account.email_updated],
   "secretToken": "yiQpIH ... 4IYc"
}

Parameters

Name	Description
`tenant`* required string (path)
`url`* required string (body)
`eventSubscriptions`* required array (body)
`secretToken` string (body)

Responses

200

Returns the new webhook

{
   "url": "https://myapp.com/webhook-listener",
   "eventSubscriptions": [account.profile_updated, account.email_updated],
   "id": "b93a8728-f59a-469d-8fc3-923769a590a0",
   "isEnabled": true
}

Name	Type	Description	Format
url	string
eventSubscriptions	array
id	string
isEnabled	boolean

400

If the tenant does not exist or you do not have access

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Get a single webhook subscription

GET/api/tenants/{tenant}/webhooks/{id}

Parameters

Name Description

tenant* required

string

(path)

id* required

string

(path)

Responses

200

Returns the requested webhook

{
   "url": "https://myapp.com/webhook-listener",
   "eventSubscriptions": [account.profile_updated, account.email_updated],
   "id": "b93a8728-f59a-469d-8fc3-923769a590a0",
   "isEnabled": true
}

Name	Type	Description	Format
url	string
eventSubscriptions	array
id	string
isEnabled	boolean

400

If the tenant does not exist or you do not have access

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

404

If the subscription does not exist

Update a webhook

PATCH/api/tenants/{tenant}/webhooks/{id}

Example Request

{
   "url": "https://myapp.com/webhook-listener",
   "eventSubscriptions": [account.profile_updated, account.email_updated],
   "secretToken": "yiQpIH ... 4IYc",
   "isEnabled": true
}

Parameters

Name	Description
`tenant`* required string (path)
`id`* required string (path)
`url`* required string (body)
`eventSubscriptions`* required array (body)
`secretToken` string (body)
`isEnabled` boolean (body)

Responses

200

Returns the editted webhook

{
   "url": "https://myapp.com/webhook-listener",
   "eventSubscriptions": [account.profile_updated, account.email_updated],
   "id": "b93a8728-f59a-469d-8fc3-923769a590a0",
   "isEnabled": true
}

Name	Type	Description	Format
url	string
eventSubscriptions	array
id	string
isEnabled	boolean

400

If the tenant does not exist or you do not have access

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array

Delete a webhook

DELETE/api/tenants/{tenant}/webhooks/{id}

Parameters

Name Description

tenant* required

string

(path)

id* required

string

(path)

Responses

204

The webhook was successfully deleted

400

If the tenant does not exist or you do not have access

{
   "type": null,
   "identifier": "",
   "message": null,
   "responseCode": null,
   "errors": null
}

Name	Type	Format
type	string
identifier	string	uuid
message	string
responseCode	string
errors	array