OTP Server REST operations - SSO

Create OTP list

POST /method-name/otp-list
Request parameters

  1. max-age
  2. expires
    One of expires or max-age may be given

Success – status 200

  1. <otp-list> element with <status> and <sequence> child elements

Error conditions

  1. 404
    Not Found. Invalid method-name.
  2. 405
    The http method is not valid
Example of otp-list
POST /otp.1/otp-list?expires=20130101
<otp-list id="f000d9d5-d97d-4347-b4ff-e2edb72b35fd" expires="20130101"size="50">
<sequence>
<otp index="1">123456</otp>
<otp index="2">234567</otp>
</sequence>
</otp-list>


Request parameters

  1. max-age
  2. expires
  3. batch-size

Success – status 200

  1. <batch-response> element with <otp-list> collection and <sequence> elements

Error conditions

  1. 404
    Not Found. Invalid method-name.
  2. 405
    The http method is not valid
Example of _batch
POST /otp.1/otp-list/_batch?batch-size=100
<batch-response batch-size="100">
<otp-list id="ba6206b7-2469-4b92-8022-83ce21bc3e39">
<otp-list id="d07c0903-f7c9-4b55-a22b-df51ce60bbd7">
...
</batch-response>

Associate OTP list with user identifier


PUT /method-name/otp-list/list-id
The associate operation is only possible on a list with "free" status.
Request parameters

  1. uniqueID
  2. login
  3. objectGuid

Success – status 200

  1. <otp-list> with <status> child element, does not return <sequence>

Error conditions

  1. 404
    Not Found. The uniqueID, login or objectGuid parameter does not identify a user.
  2. 403
    Forbidden. The status of the list identified by list-id is not "free".
  3. 404
    Not Found. Invalid method-name or unknown list-id.
  4. 405
    The http method is not valid.
Example of list association
PUT /otp.1/otp-list/d07c0903-f7c9-4b55-a22b-df51ce60bbd7?uniqueID=user1
<otp-list id="d07c0903-f7c9-4b55-a22b-df51ce60bbd7">
<status value="associated" index="1">
<user-info uniqueID="user1"/>
</status>
</otp-list>

Lookup OTP list status by list-id

GET /method-name/otp-list/list-id
Success – status 200

  1. <otp-list> with <status> child element, does not return <sequence>

Error conditions

  1. 404
    Not Found. Invalid method-name or unknown list-id.
  2. 405
    The http method is not valid
Example of list status lookup by list-id
GET /otp.1/otp-list/c016051b-8980-4165-8c5b-e4b5cd1bace6
<otp-list id="c016051b-8980-4165-8c5b-e4b5cd1bace6">
<status value="active" index="B1" remaining="12">
<user-info uniqueID="user1"/>
</status>
</otp-list>


Lookup OTP list status by user identifier

GET /method-name/user-info/_query

  1. Request parameters
  2. uniqueID
  3. login
  4. objectGuid

Success – status 200

  1. <user-info> with <otp-list> child element, does not return <sequence>

Success – status 204

  1. The uniqueID, login or objectGuid parameter does not identify a user.

Error conditions

  1. 404
    Not Found. Invalid method-name.
  2. 405
    The http method is not valid
Example of list status lookup by list-id
GET /otp.1/user-info/_query?uniqueID=user1
<user-info uniqueID="user1">
<otp-list id="f000d9d5-d97d-4347-b4ff-e2edb72b35fd">
<status value="active" index="56"/>
</otp-list>
<otp-list id="d38400e9-ce9e-4f93-bef7-6e2d65d2cbf9">
<status value="associated" index="1"/>
</otp-list>
</user-info>

Query OTP lists matching condition

GET /method-name/otp-list/_query
To be implemented. Not currently available in version 1.0.

Delete OTP list

DELETE /method-name/otp-list/list-id
Success – status 204

  1. The list is removed from the OTP Server.

Error conditions

  1. 404
    Not Found. Invalid method-name or unknown list-id.
  2. 405
    The http method is not valid