Security Service

Get access token - to be used as Bearer token header for all other API requests.

post
Authorizations
Query parameters
newPasswordstringOptional

used when a user is trying to change her password. This will be the new password.

forgotPasswordbooleanOptional

A user forgot her password. She needs to present her e-mail address in the userId and set this to true

requirementsbooleanOptional

A user forgot her password. She needs to present her e-mail address in the userId and set this to true

resendMFACodebooleanOptional
completeMFAChallengebooleanOptional
grant_typestringOptionalExample: refresh_token
Body
one ofOptional
or
or
Responses
200
successful operation
application/json
Responseone of
or
post
POST /api/v1/oauth2 HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 53

{
  "userId": "support@example.com",
  "password": "support"
}
{
  "access_token": "text",
  "refresh_token": "text",
  "token_type": "text",
  "expires_in": 1,
  "idle_timeout": 1,
  "username": "text",
  "created": 1,
  "userMustChangePassword": true,
  "errorCode": 1,
  "aclTemplate": {
    "aclTemplate": {
      "Read": true,
      "ReadWrite": true,
      "ReadWriteCreate": true,
      "Delete": true,
      "PortalLogin": true
    }
  }
}

Get access token - to be used as Bearer token header for all other API requests.

post
Authorizations
Query parameters
newPasswordstringOptional

used when a user is trying to change her password. This will be the new password.

forgotPasswordbooleanOptional

A user forgot her password. She needs to present her e-mail address in the userId and set this to true

requirementsbooleanOptional

A user forgot her password. She needs to present her e-mail address in the userId and set this to true

resendMFACodebooleanOptional
completeMFAChallengebooleanOptional
grant_typestringOptionalExample: refresh_token
Body
one ofOptional
or
or
Responses
200
successful operation
application/json
Responseone of
or
post
POST /api/v1/suboauth2 HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 53

{
  "userId": "support@example.com",
  "password": "support"
}
{
  "access_token": "text",
  "refresh_token": "text",
  "token_type": "text",
  "expires_in": 1,
  "idle_timeout": 1,
  "username": "text",
  "created": 1,
  "userMustChangePassword": true,
  "errorCode": 1,
  "aclTemplate": {
    "aclTemplate": {
      "Read": true,
      "ReadWrite": true,
      "ReadWriteCreate": true,
      "Delete": true,
      "PortalLogin": true
    }
  }
}

Revoke a token.

delete
Authorizations
Path parameters
tokenstringRequired
Responses
204
successful operation
application/json
Responseany

The requested operation was performed.

delete
DELETE /api/v1/oauth2/{token} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Revoke a token.

delete
Authorizations
Path parameters
tokenstringRequired
Responses
204
successful operation
application/json
Responseany

The requested operation was performed.

delete
DELETE /api/v1/suboauth2/{token} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Retrieve the system layout.

get
Authorizations
Responses
200
successful operation
application/json
get
GET /api/v1/systemEndpoints HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*
{
  "endpoints": [
    {
      "type": "text",
      "id": 1,
      "vendor": "text",
      "uri": "https://example.com",
      "authenticationType": "text"
    }
  ]
}

Retrieve a list of existing users as well as some information about them.

get
Authorizations
Query parameters
offsetinteger · int64Optional
limitinteger · int64Optional
filterstringOptional

Selecting this option means the newest record will be returned. Use limit to select how many.

idOnlybooleanOptional

Return only the ids.

selectstringOptional

Return only the ids.

Example: id1,id2,id3,id4,id5
nameSearchstringOptional

Name matching

emailSearchstringOptional

Name matching

Responses
200Success
get
GET /api/v1/users HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Retrieve a list of existing users as well as some information about them.

get
Authorizations
Query parameters
offsetinteger · int64Optional
limitinteger · int64Optional
filterstringOptional

Selecting this option means the newest record will be returned. Use limit to select how many.

idOnlybooleanOptional

Return only the ids.

selectstringOptional

Return only the ids.

Example: id1,id2,id3,id4,id5
nameSearchstringOptional

Name matching

emailSearchstringOptional

Name matching

Responses
200Success
get
GET /api/v1/subusers HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Retrieve the information for a single user.

get
Authorizations
Path parameters
idstring · uuidRequired
Responses
200Success
get
GET /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Create a single user.

post
Authorizations
Path parameters
idinteger · int64Required
Query parameters
email_verificationbooleanOptional
Body
idstring · uuidOptional
namestringOptional
descriptionstringOptional
avatarstring · uriOptional
emailstring · emailOptional
validatedbooleanOptional
validationEmailstring · emailOptional
validationDateinteger · int64Optional
createdinteger · int64Optional
validationURIstringOptional
changePasswordbooleanOptional
lastLogininteger · int64Optional
currentLoginURIstringOptional
lastPasswordChangeinteger · int64Optional
lastEmailCheckinteger · int64Optional
currentPasswordstringOptional
lastPasswordsstring[]Optional
waitingForEmailCheckbooleanOptional
locationstring · uuidOptional
ownerstring · uuidOptional
suspendedbooleanOptional
blackListedbooleanOptional
localestringOptional
userRolestring · enumOptionalPossible values:
oauthTypestring · enumOptionalPossible values:
oauthUserInfostringOptional
securityPolicystringOptional
securityPolicyChangeinteger · int64Optional
modifiedinteger · int64Optional
signupUUIDstring · uuidOptional
Responses
200Success
post
POST /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 963

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "avatar": "https://example.com",
  "email": "name@gmail.com",
  "validated": true,
  "validationEmail": "name@gmail.com",
  "validationDate": 1,
  "created": 1,
  "validationURI": "text",
  "changePassword": true,
  "lastLogin": 1,
  "currentLoginURI": "text",
  "lastPasswordChange": 1,
  "lastEmailCheck": 1,
  "currentPassword": "text",
  "lastPasswords": [
    "text"
  ],
  "waitingForEmailCheck": true,
  "notes": [
    {
      "created": 1,
      "createdBy": "text",
      "note": "text"
    }
  ],
  "location": "123e4567-e89b-12d3-a456-426614174000",
  "owner": "123e4567-e89b-12d3-a456-426614174000",
  "suspended": true,
  "blackListed": true,
  "locale": "text",
  "userRole": "root",
  "oauthType": "internal",
  "oauthUserInfo": "text",
  "securityPolicy": "text",
  "securityPolicyChange": 1,
  "modified": 1,
  "userTypeProprietaryInfo": {
    "mobiles": [
      {
        "number": "text",
        "verified": true,
        "primary": true
      }
    ],
    "authenticatorSecret": "text",
    "mfa": {
      "enabled": true,
      "method": "sms"
    }
  },
  "signupUUID": "123e4567-e89b-12d3-a456-426614174000"
}

No content

Modify a single user.

put
Authorizations
Path parameters
idinteger · int64Required
Query parameters
email_verificationbooleanOptional
forgotPasswordbooleanOptionalDefault: false
resetMFAbooleanOptionalDefault: false
Body
idstring · uuidOptional
namestringOptional
descriptionstringOptional
avatarstring · uriOptional
emailstring · emailOptional
validatedbooleanOptional
validationEmailstring · emailOptional
validationDateinteger · int64Optional
createdinteger · int64Optional
validationURIstringOptional
changePasswordbooleanOptional
lastLogininteger · int64Optional
currentLoginURIstringOptional
lastPasswordChangeinteger · int64Optional
lastEmailCheckinteger · int64Optional
currentPasswordstringOptional
lastPasswordsstring[]Optional
waitingForEmailCheckbooleanOptional
locationstring · uuidOptional
ownerstring · uuidOptional
suspendedbooleanOptional
blackListedbooleanOptional
localestringOptional
userRolestring · enumOptionalPossible values:
oauthTypestring · enumOptionalPossible values:
oauthUserInfostringOptional
securityPolicystringOptional
securityPolicyChangeinteger · int64Optional
modifiedinteger · int64Optional
signupUUIDstring · uuidOptional
Responses
200Success
put
PUT /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 963

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "avatar": "https://example.com",
  "email": "name@gmail.com",
  "validated": true,
  "validationEmail": "name@gmail.com",
  "validationDate": 1,
  "created": 1,
  "validationURI": "text",
  "changePassword": true,
  "lastLogin": 1,
  "currentLoginURI": "text",
  "lastPasswordChange": 1,
  "lastEmailCheck": 1,
  "currentPassword": "text",
  "lastPasswords": [
    "text"
  ],
  "waitingForEmailCheck": true,
  "notes": [
    {
      "created": 1,
      "createdBy": "text",
      "note": "text"
    }
  ],
  "location": "123e4567-e89b-12d3-a456-426614174000",
  "owner": "123e4567-e89b-12d3-a456-426614174000",
  "suspended": true,
  "blackListed": true,
  "locale": "text",
  "userRole": "root",
  "oauthType": "internal",
  "oauthUserInfo": "text",
  "securityPolicy": "text",
  "securityPolicyChange": 1,
  "modified": 1,
  "userTypeProprietaryInfo": {
    "mobiles": [
      {
        "number": "text",
        "verified": true,
        "primary": true
      }
    ],
    "authenticatorSecret": "text",
    "mfa": {
      "enabled": true,
      "method": "sms"
    }
  },
  "signupUUID": "123e4567-e89b-12d3-a456-426614174000"
}

No content

Delete a single user.

delete
Authorizations
Path parameters
idinteger · int64Required
Responses
204
The requested operation was performed.
application/json
delete
DELETE /api/v1/user/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Retrieve the information for a single user.

get
Authorizations
Path parameters
idstring · uuidRequired
Responses
200Success
get
GET /api/v1/subuser/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Create a single user.

post
Authorizations
Path parameters
idinteger · int64Required
Query parameters
email_verificationbooleanOptional
Body
idstring · uuidOptional
namestringOptional
descriptionstringOptional
avatarstring · uriOptional
emailstring · emailOptional
validatedbooleanOptional
validationEmailstring · emailOptional
validationDateinteger · int64Optional
createdinteger · int64Optional
validationURIstringOptional
changePasswordbooleanOptional
lastLogininteger · int64Optional
currentLoginURIstringOptional
lastPasswordChangeinteger · int64Optional
lastEmailCheckinteger · int64Optional
currentPasswordstringOptional
lastPasswordsstring[]Optional
waitingForEmailCheckbooleanOptional
locationstring · uuidOptional
ownerstring · uuidOptional
suspendedbooleanOptional
blackListedbooleanOptional
localestringOptional
userRolestring · enumOptionalPossible values:
oauthTypestring · enumOptionalPossible values:
oauthUserInfostringOptional
securityPolicystringOptional
securityPolicyChangeinteger · int64Optional
modifiedinteger · int64Optional
signupUUIDstring · uuidOptional
Responses
200Success
post
POST /api/v1/subuser/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 963

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "avatar": "https://example.com",
  "email": "name@gmail.com",
  "validated": true,
  "validationEmail": "name@gmail.com",
  "validationDate": 1,
  "created": 1,
  "validationURI": "text",
  "changePassword": true,
  "lastLogin": 1,
  "currentLoginURI": "text",
  "lastPasswordChange": 1,
  "lastEmailCheck": 1,
  "currentPassword": "text",
  "lastPasswords": [
    "text"
  ],
  "waitingForEmailCheck": true,
  "notes": [
    {
      "created": 1,
      "createdBy": "text",
      "note": "text"
    }
  ],
  "location": "123e4567-e89b-12d3-a456-426614174000",
  "owner": "123e4567-e89b-12d3-a456-426614174000",
  "suspended": true,
  "blackListed": true,
  "locale": "text",
  "userRole": "root",
  "oauthType": "internal",
  "oauthUserInfo": "text",
  "securityPolicy": "text",
  "securityPolicyChange": 1,
  "modified": 1,
  "userTypeProprietaryInfo": {
    "mobiles": [
      {
        "number": "text",
        "verified": true,
        "primary": true
      }
    ],
    "authenticatorSecret": "text",
    "mfa": {
      "enabled": true,
      "method": "sms"
    }
  },
  "signupUUID": "123e4567-e89b-12d3-a456-426614174000"
}

No content

Modify a single user.

put
Authorizations
Path parameters
idinteger · int64Required
Query parameters
email_verificationbooleanOptional
forgotPasswordbooleanOptionalDefault: false
resetMFAbooleanOptionalDefault: false
Body
idstring · uuidOptional
namestringOptional
descriptionstringOptional
avatarstring · uriOptional
emailstring · emailOptional
validatedbooleanOptional
validationEmailstring · emailOptional
validationDateinteger · int64Optional
createdinteger · int64Optional
validationURIstringOptional
changePasswordbooleanOptional
lastLogininteger · int64Optional
currentLoginURIstringOptional
lastPasswordChangeinteger · int64Optional
lastEmailCheckinteger · int64Optional
currentPasswordstringOptional
lastPasswordsstring[]Optional
waitingForEmailCheckbooleanOptional
locationstring · uuidOptional
ownerstring · uuidOptional
suspendedbooleanOptional
blackListedbooleanOptional
localestringOptional
userRolestring · enumOptionalPossible values:
oauthTypestring · enumOptionalPossible values:
oauthUserInfostringOptional
securityPolicystringOptional
securityPolicyChangeinteger · int64Optional
modifiedinteger · int64Optional
signupUUIDstring · uuidOptional
Responses
200Success
put
PUT /api/v1/subuser/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 963

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "text",
  "description": "text",
  "avatar": "https://example.com",
  "email": "name@gmail.com",
  "validated": true,
  "validationEmail": "name@gmail.com",
  "validationDate": 1,
  "created": 1,
  "validationURI": "text",
  "changePassword": true,
  "lastLogin": 1,
  "currentLoginURI": "text",
  "lastPasswordChange": 1,
  "lastEmailCheck": 1,
  "currentPassword": "text",
  "lastPasswords": [
    "text"
  ],
  "waitingForEmailCheck": true,
  "notes": [
    {
      "created": 1,
      "createdBy": "text",
      "note": "text"
    }
  ],
  "location": "123e4567-e89b-12d3-a456-426614174000",
  "owner": "123e4567-e89b-12d3-a456-426614174000",
  "suspended": true,
  "blackListed": true,
  "locale": "text",
  "userRole": "root",
  "oauthType": "internal",
  "oauthUserInfo": "text",
  "securityPolicy": "text",
  "securityPolicyChange": 1,
  "modified": 1,
  "userTypeProprietaryInfo": {
    "mobiles": [
      {
        "number": "text",
        "verified": true,
        "primary": true
      }
    ],
    "authenticatorSecret": "text",
    "mfa": {
      "enabled": true,
      "method": "sms"
    }
  },
  "signupUUID": "123e4567-e89b-12d3-a456-426614174000"
}

No content

Delete a single user.

delete
Authorizations
Path parameters
idinteger · int64Required
Responses
204
The requested operation was performed.
application/json
delete
DELETE /api/v1/subuser/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Retrieve the avatar associated with a user ID.

get
Authorizations
Path parameters
idstring · uuidRequired
Responses
200
Successfully retrieved the avatar
Responsestring · binary
get
GET /api/v1/avatar/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*
binary

Create an avatar associated with a user ID.

post
Authorizations
Path parameters
idstring · uuidRequired
Body
string · binaryOptional
Responses
200
The requested operation was performed.
application/json
post
POST /api/v1/avatar/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: image/jpeg
Accept: */*
Content-Length: 8

"binary"
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Remove an avatar associated with a user ID.

delete
Authorizations
Path parameters
idstring · uuidRequired
Responses
204
The requested operation was performed.
application/json
delete
DELETE /api/v1/avatar/{id} HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Send test email with the system.

post
Authorizations
Body
fromstring · emailOptional
subjectstringOptional
recipientsstring · email[]Optional
textstringOptional
Responses
200
The requested operation was performed.
application/json
post
POST /api/v1/email HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 88

{
  "from": "name@gmail.com",
  "subject": "text",
  "recipients": [
    "name@gmail.com"
  ],
  "text": "text"
}
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Send test email with the system.

post
Authorizations
Query parameters
validateNumberbooleanOptional
completeValidationbooleanOptional
validationCodestringOptional
Body
fromstringOptional
tostringOptional
textstringOptional
Responses
200
The requested operation was performed.
application/json
post
POST /api/v1/sms HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 41

{
  "from": "text",
  "to": "text",
  "text": "text"
}
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Get the list of recorded preferences for a user

get
Authorizations
Responses
200Success
get
GET /api/v1/userPreferences HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Set the list of recorded preferences for a user

post
Authorizations
Body
modifiedinteger · int64Optional
Responses
200Success
post
POST /api/v1/userPreferences HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 53

{
  "modified": 1,
  "data": [
    {
      "tag": "text",
      "value": "text"
    }
  ]
}

No content

Retrieve the cyrrent setting for MFA

get
Authorizations
Responses
200Success
get
GET /api/v1/submfa HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*
200Success

No content

Retrieve the cyrrent setting for MFA

put
Authorizations
Query parameters
startValidationbooleanOptional
completeValidationbooleanOptional
challengeCodestringOptional
Body
idstring · uuidOptional
typestring · enumOptionalPossible values:
emailstring · emailOptional
smsstringOptional
Responses
200Success
put
PUT /api/v1/submfa HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 101

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "type": "disabled",
  "email": "name@gmail.com",
  "sms": "text"
}

No content

Retrieve the Authenticator QR Code

get
Authorizations
Query parameters
resetbooleanOptionalDefault: false
Responses
200
QRCode
image/svg+xml
Responsestring · binary
get
GET /api/v1/totp HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*
binary

Send the first security code to validate your setup

put
Authorizations
Query parameters
valueinteger · int64Required
indexinteger · int64RequiredExample: 1,2,3
Responses
200
Succesful posting of response.
application/json
put
PUT /api/v1/totp HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*
{
  "nextIndex": 1,
  "moreCodes": true
}

This call allows a new subscriber to register themselves and their devices.

post
Authorizations
Query parameters
emailstring · emailRequired
signupUUIDstring · uuidRequired
Responses
200Success
post
POST /api/v1/signup HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

modify the signup command in play

put
Authorizations
Query parameters
signupUUIDstring · uuidRequired
operationstring · enumRequiredPossible values:
Body
reasonstringOptional
timeinteger · int64Optional
errorCodeinteger · int32Optional
Responses
200
The requested operation was performed.
application/json
put
PUT /api/v1/signup HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 40

{
  "reason": "text",
  "time": 1,
  "errorCode": 1
}
{
  "Operation": "text",
  "Details": "text",
  "Code": 1
}

Retrieve the list of security profiles for a specific service type.

get
Authorizations
Query parameters
offsetintegerOptional

Pagination start (starts at 1. If not specified, 1 is assumed)

limitintegerOptional

Maximum number of entries to return (if absent, no limit is assumed)

filterstringOptional

Filter the results

Responses
200Success
get
GET /api/v1/securityProfiles HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Retrieve the basic system information. This information is used between services only.

get
Authorizations
Responses
200Success
get
GET /api/v1/systemServices HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Allows any microservice to validate a token and get security policy for a specific user.

get
Authorizations
Query parameters
tokenstringRequired
Responses
200Success
get
GET /api/v1/validateToken HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Allows any microservice to validate a token and get security policy for a specific user.

get
Authorizations
Query parameters
tokenstringRequired
Responses
200Success
get
GET /api/v1/validateSubToken HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*

No content

Retrieve different values from the running service.

get
Authorizations
Query parameters
commandstring · enumRequired

Get a value

Possible values:
Responses
200
Successful command execution
application/json
Responseone of
get
GET /api/v1/system HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Accept: */*
{
  "version": "text",
  "uptime": 1,
  "start": 1,
  "os": "text",
  "processors": 1,
  "hostname": "text",
  "certificates": [
    {
      "filename": "text",
      "expires": 1
    }
  ]
}

Perform some system wide commands.

post
Authorizations
Body
one ofOptional
or
or
or
or
Responses
200
Successful command execution
application/json
Responseone of
or
or
post
POST /api/v1/system HTTP/1.1
Host: localhost:16001
Authorization: Bearer JWT
Content-Type: application/json
Accept: */*
Content-Length: 70

{
  "command": "setloglevel",
  "subsystems": [
    {
      "tag": "text",
      "value": "text"
    }
  ]
}
{
  "taglist": [
    {
      "tag": "text",
      "value": "text"
    }
  ]
}