...
...
Info |
---|
Last reviewed: 2021-07-22 |
Tip |
---|
Note: The term Remove used in in the APIs is exactly the same as the Delete function. Calling any API with the Remove term will result in the associated data being deleted from the database. There is no recovery function for these Remove calls. |
Table of Contents | ||
---|---|---|
|
...
POST
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
virtual | Boolean |
false | Defines whether the organization is virtual. | ||
organizationId | String |
X |
Unique name of the organization to be created. | |
friendlyName | String |
X |
Human readable name of the organization. | ||
organizationClass (or organizationType) | String from Configured Set |
Organization type defining the initial configuration of the created organization. We support both the old parameter name (organizationClass) and the new parameter name (organizationType). | ||||
"custom attribute" | String | X |
Organization's custom attribute and a value (multiple values are separated with comma). For example, vatnumber=12345 |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X POST -u restuser:secret "https://localhost:7443/eidm2/services/orgs/?organizationId=6666666-6&friendlyName=TestOrganization" |
...
DELETE
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
recursive | Boolean |
false | Allow deleting organizations with sub-organizations. |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X DELETE -u restuser:secret "https://localhost:7443/eidm2/services/org/6666666-6?recursive=true" |
...
PUT
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
friendlyName | String |
Human readable name of the organization. | |||
organizationClass (or organizationType) | String from Configured Set |
Organization type defining the initial configuration of the created organization. We support both the old parameter name (organizationClass) and the new parameter name (organizationType). | |||
"custom attribute" | String | X |
Organization's custom attribute and a value (multiple values are separated with comma). These attributes must have been defined in eidm2.properties (data.organization.fields or ui.admin.organizationinfo.fields.order) For example, organizationid=12345 |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X PUT -u restuser:secret "https://localhost:7443/eidm2/services/org/6666666-6/?friendlyName=TestOrganizationRENAME" |
...
PUT
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
uid | String |
User login name. | |||
String |
User email address. | |||
firstname | String |
First name of the user. | |||
surname | String |
Surname of the user. | ||||
mobile | String |
Mobile phone number. | |||||
locale | String | Locale | |||
hetu | String |
Social Security Number (henkilötunnus) | |||
pwd | String |
New password. | |
otp.state (Deprecated) | String |
New OTP state. This parameter is deprecated. OTP related REST services will be provided by OTP Server. | |||
pwd.activated | Boolean |
Defines if the password authentication method is actived for the user or not. | |||
sms.activated (Deprecated) | Boolean |
Defines if the SMS OTP authentication method is actived for the user or not. This parameter is deprecated. SMS OTP related REST services will be provided by OTP Server. | ||||
otp.activated (Deprecated) | Boolean |
Defines if the OTP authentication method is actived for the user or not. This parameter is deprecated. OTP related REST services will be provided by OTP Server. | |||
create | Boolean |
Allow create | |||
disable | Boolean |
Disable User | |||
enable | Boolean |
Enable User | |||
roles.remove | Boolean |
Remove roles | |||
mandates.remove | Boolean |
Remove Mandates | |||
"custom attribute" | String | X |
User's custom attribute and a value (multiple values are separated with comma). These attributes must have been defined in eidm2.properties (data.user.fields, ui.selfservice.userinfo.fields.order, ui.admin.userinfo.fields.order or ui.admin.approvalinfo.fields.order) For example, age=45 |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X PUT -u restuser:secret "https://localhost:7443/eidm2/services/user/6666666-6/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/?mobile=%2B358401234567891" |
...
POST
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
user | Entity Name |
X |
User who the role is assigned for. |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X POST -u restuser:secret "https://localhost:7443/eidm2/services/assignments/6666666-6/TestRole/?user=6666666-6/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" |
...
DELETE
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
user | Entity Name |
X |
User who the role is deassign from. |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X DELETE -u restuser:secret "https://localhost:7443/eidm2/services/assignments/6666666-6/TestRole/?user=6666666-6/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" |
...
PUT
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
memberOf | String |
The created role will be member of this role |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X PUT -u restuser:secret "https://localhost:7443/eidm2/services/role/6666666-6/TestRole" |
...
POST
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
uid | String |
X (depending on configuration) |
User login name. | |
String |
X |
User email address. | ||
firstname | String |
X |
First name of the user. | ||
surname | String |
X |
Surname of the user. | ||
mobile | String |
Mobile phone number. | ||||
hetu | String |
Social Security Number (henkilötunnus) | ||||
pwd | String |
Initialize the default password authentication method for the user with the specified password. If missing, the password method is not initialized for the user. | ||||
pwd.activated | Boolean |
Defines if the password authentication method is actived for the user or not. | |||
sms.activated (Deprecated) | Boolean |
false | Defines if the SMS OTP authentication method is actived for the user or not. This parameter is deprecated. SMS OTP related REST services will be provided by OTP Server. | |||
otp.activated (Deprecated) | Boolean |
false | Defines if the OTP authentication method is actived for the user or not. This parameter is deprecated. OTP related REST services will be provided by OTP Server. | |||
locale | String |
Locale definition. It is used when selecting the right language for email notifications. | |||
"custom attribute" | String | X |
User's custom attribute and a value (multiple values are separated with comma). These attributes must have been defined in eidm2.properties (data.user.fields, ui.selfservice.userinfo.fields.order, ui.admin.userinfo.fields.order or ui.admin.approvalinfo.fields.order) For example, age=45 |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X POST -u restuser:secret "https://localhost:7443/eidm2/services/users/6666666-6?uid=leena&firstname=Leena&surname=Laine&email=leena.laine@example.com&pwd=Password1" |
...
POST
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
resetRepository | Boolean |
false | Removes all organizations, users, and roles from the repository. | ||
initializeDatabase | Boolean |
false | Creates the missing mandatory repository structures and roles. Also, updates the repository to reflect the changed configuration. | ||
synchronizeData | Boolean |
false | Try to create those items into SQL database that are missing from it but present in LDAP. | |||
initializeOrganizations | Boolean |
false | Create roles to organizations based on organization type definitions. Only creates the missing roles but does not remove anything. | |||
clearUniqueFields | Boolean |
false | Clears unique field data from validators. | |||
updateSamlApMetadata | Boolean |
false | Write SAML AP metadata generated based on the identity file to SSO authentication method configuration. | |||
refreshRoleHierarchyRules | Boolean |
false | Updates roles' memberships with other roles to comply with the current Role Hierarchy Rules. Should be run if Role Hierarchy Rules are changed. |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X POST -u restuser:secret "https://localhost:7443/eidm2/services/init/?resetRepository=true&initializeDatabase=true" |
...
PUT
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
disableUsers | Boolean |
Disables all users in organization. | ||||
enableUsers | Boolean |
Enables all users in organization. | ||||
deleteUsers | Boolean |
Removes all users in organization. | |||
removeRoles | Boolean |
Removes all roles and mandate delegations from all users in organization. | ||||
removeMandates | Boolean |
Removes mandates these users have assigned to other users, mandate delegations received and direct mandate receivals. |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X PUT -u restuser:secret "https://localhost:7443/eidm2/services/users/6666666-6/?disableUsers=true" |
...
GET
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
entities | Boolean |
false | Return list of entities instead of id list. | |||
recursive | Boolean |
false | Include users from the suborganizations. |
String
String | Include only users with matching email address. Wildcard '*' is allowed. | ||||
mobile | String |
Include only users with matching mobile phone number. Wildcard '*' is allowed. | |||
maxResults | Integer |
No Limit | Limit the maximum number of results. Exceeding the limit results in request error with error code 12. A value of zero means no limit. | ||
assignments | Boolean |
false | Include role assignments. Effective only if entities is true. | |||
authInfo | Boolean |
false | Include authentication credentials. Used for backup or provisioning. Effective only if entities is true. | ||||
uniqueIdAsCn | Boolean | false | Specify true if you want the API to return plain CN as the uniqueID of the user instead of the Entity Name including the organization path. Applicable only when entities=true . |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X GET -u restuser:secret "https://localhost:7443/eidm2/services/users/?recursive=true" |
...
GET
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
assignments | Boolean |
true | Retrieve role assignments. | |||
groups | Boolean |
true | Retrieve group assignments. | ||
authInfo | Boolean |
false | Include authentication credentials. Used for backup or provisioning. |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X GET -u restuser:secret "https://localhost:7443/eidm2/services/user/6666666-6/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX" |
...
GET
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
entities | Boolean |
false | Return list of entities instead of id list. | |||
recursive |
Boolean
Boolean | false | Include organizations from the suborganizations. | ||
internal | Boolean |
false | Include CustomerID internal organizations. | ||
roles | Boolean |
false | List roles available in the organization. | ||
assignments | Boolean |
false | Discover users in roles. Effective only if roles is true. | ||
assignmentEntities | Boolean |
false | Return user-elements instead of userid-list. Effective only if assignments is true. | ||
applicationCount | Boolean |
false | Show pending user application count for organizations (and possibly it's suborganizations). Effective only if entities is true. | |||
recursiveApplicationCount | Boolean |
false | Whether to include applications in suborganizations to the count (see applicationCount above). Effective only if applicationCount is true. | ||
friendlyName | String |
Include only organizations with friendly name matching the specified filter. Wildcard '*' is allowed in filter string. | |||
organizationClass | String from Configured Set |
Include only organizations of the specified organization class. Wildcards are not allowed. | ||||
maxResults | Integer |
No Limit | Limit the maximum number of results. Exceeding the limit results in request error with error code 12. A value of zero means no limit. | ||
exportMode | Boolean |
false | Include all information required for backups and provisioning. Effective only if entities is true. |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X GET -u restuser:secret "https://localhost:7443/eidm2/services/orgs/?entities=true" |
...
GET
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
---|---|---|---|---|---|
roles | Boolean |
false | Resolve roles available in the organization. | ||
assignments | Boolean |
false | Discover users in roles. Effective only if roles is true. | ||
assignmentEntities | Boolean |
false | Return user-elements instead of userid-list. Effective only if assignments is true. | |||
applicationCount | Boolean |
false | Return pending user application count for organization (and possibly it's suborganizations) | ||
recursiveApplicationCount | Boolean |
false | Whether to include applications in suborganizations to the count (see applicationCount above) | ||
pendingOrganizations | Boolean |
false | Returns data of new suborganizations (count, oldest, newest, url for processing) under the current organization, i.e. organizations where no user has yet been approved. | ||
exportMode | Boolean |
false | Include all information required for backups and provisioning. |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X GET -u restuser:secret "https://localhost:7443/eidm2/services/org/6666666-6/" |
...
GET
Request URL Parameters
Name | Accepted Values | Multivalued | Mandatory | Default | Description |
assignments | Boolean |
false | Discover users in the role. Also hierarchical role membership counts, so user A that is a member of role A that is a member of role B is returned when querying the role B. | |||
assignmentEntities | Boolean |
false | Return user-elements instead of userid-list. Effective only if assignments is true. |
Curl Example
Code Block | ||
---|---|---|
| ||
curl --insecure -X GET -u restuser:secret "https://localhost:7443/eidm2/services/role/6666666-6/TestRole/?assignments=true" |
...