REST API authentication - CustomerID

Summary

CustomerID REST API supports the following authentication methods

  • OAuth2 Bearer Tokens
  • HTTP Basic Authentication
  • Request URL parameters

We recommend using OAuth2 Bearer Tokens as it is more secure and provides more granular control over the users who can access the API.

OAuth2

Administrators can allow access to the API by adding users to a specific group called CustomerID API Users and configuring an application in Ubisecure SSO with desired authentication methods for requesting access tokens that can be used to access the API. Configuration instructions are in Configuring OAuth2 authentication for REST API.

Valid access token has to be provided as a Bearer token in the Authorization header of the request.

Example request
GET /customerid-rest/services/2.0/organizations/38cf2201-0503-4d37-9235-3ef9c41d3065 HTTP/1.1
Host: localhost:7443
Authorization: Bearer eyJjdHk...

HTTP Basic Authentication / Request URL parameters

This method has only a single API user account defined in configuration. The user credentials can be given in two ways: as request URL parameters (not form parameters in request content) or using HTTP basic access authentication. If you have to use this method of authentication we recommend using HTTP basic access authentication.

Name

Accepted Values

Multivalued

Mandatory

Default

Description

username

String

 

X

 

Username configured in CustomerID.

password

String

 

X

 

Password configured in CustomerID.

Examples using curl:

  • HTTP basic access authentication
    • curl -X GET -u <username>:<password> "https://localhost:7443/customerid-rest/services/2.0/users/"
  • Request URL parameters
    • curl -X GET "https://localhost:7443/eidm2/services/users/?username=<username>&password=<password>&recursive=true"