OTP Server REST operations - SSO
Create OTP list
POST /method-name/otp-list
Request parameters
- max-age
- expires
One of expires or max-age may be given
Success – status 200
- <otp-list> element with <status> and <sequence> child elements
Error conditions
- 404
Not Found. Invalid method-name. - 405
The http method is not valid
Example of otp-list
POST /otp.1/otp-list?expires=20130101 <otp-list id="f000d9d5-d97d-4347-b4ff-e2edb72b35fd" expires="20130101"size="50"> <sequence> <otp index="1">123456</otp> <otp index="2">234567</otp> </sequence> </otp-list>
Request parameters
- max-age
- expires
- batch-size
Success – status 200
- <batch-response> element with <otp-list> collection and <sequence> elements
Error conditions
- 404
Not Found. Invalid method-name. - 405
The http method is not valid
Example of _batch
POST /otp.1/otp-list/_batch?batch-size=100 <batch-response batch-size="100"> <otp-list id="ba6206b7-2469-4b92-8022-83ce21bc3e39"> <otp-list id="d07c0903-f7c9-4b55-a22b-df51ce60bbd7"> ... </batch-response>
Associate OTP list with user identifier
PUT /method-name/otp-list/list-id
The associate operation is only possible on a list with "free" status.
Request parameters
- uniqueID
- login
- objectGuid
Success – status 200
- <otp-list> with <status> child element, does not return <sequence>
Error conditions
- 404
Not Found. The uniqueID, login or objectGuid parameter does not identify a user. - 403
Forbidden. The status of the list identified by list-id is not "free". - 404
Not Found. Invalid method-name or unknown list-id. - 405
The http method is not valid.
Example of list association
PUT /otp.1/otp-list/d07c0903-f7c9-4b55-a22b-df51ce60bbd7?uniqueID=user1 <otp-list id="d07c0903-f7c9-4b55-a22b-df51ce60bbd7"> <status value="associated" index="1"> <user-info uniqueID="user1"/> </status> </otp-list>
Lookup OTP list status by list-id
GET /method-name/otp-list/list-id
Success – status 200
- <otp-list> with <status> child element, does not return <sequence>
Error conditions
- 404
Not Found. Invalid method-name or unknown list-id. - 405
The http method is not valid
Example of list status lookup by list-id
GET /otp.1/otp-list/c016051b-8980-4165-8c5b-e4b5cd1bace6 <otp-list id="c016051b-8980-4165-8c5b-e4b5cd1bace6"> <status value="active" index="B1" remaining="12"> <user-info uniqueID="user1"/> </status> </otp-list>
Lookup OTP list status by user identifier
GET /method-name/user-info/_query
- Request parameters
- uniqueID
- login
- objectGuid
Success – status 200
- <user-info> with <otp-list> child element, does not return <sequence>
Success – status 204
- The uniqueID, login or objectGuid parameter does not identify a user.
Error conditions
- 404
Not Found. Invalid method-name. - 405
The http method is not valid
Example of list status lookup by list-id
GET /otp.1/user-info/_query?uniqueID=user1 <user-info uniqueID="user1"> <otp-list id="f000d9d5-d97d-4347-b4ff-e2edb72b35fd"> <status value="active" index="56"/> </otp-list> <otp-list id="d38400e9-ce9e-4f93-bef7-6e2d65d2cbf9"> <status value="associated" index="1"/> </otp-list> </user-info>
Query OTP lists matching condition
GET /method-name/otp-list/_query
To be implemented. Not currently available in version 1.0.
Delete OTP list
DELETE /method-name/otp-list/list-id
Success – status 204
- The list is removed from the OTP Server.
Error conditions
- 404
Not Found. Invalid method-name or unknown list-id. - 405
The http method is not valid