Last reviewed: 2021-07-22

Note: The term Remove used in in the APIs is exactly the same as the Delete function. Calling any API with the Remove term will result in the associated data being deleted from the database. There is no recovery function for these Remove calls.

1 Modification Operations
- 1.1 MOD001b Create Organization
- 1.2 MOD002 Remove Organization
- 1.3 MOD003b Update Organization
- 1.4 MOD004b Update User
- 1.5 MOD005 Assign Role
- 1.6 MOD006 Deassign Role
- 1.7 MOD007 Create Role
- 1.8 MOD008 Remove Role
- 1.9 MOD009 Create User
- 1.10 MOD010b Delete User
- 1.11 MOD011 Initialization
- 1.12 MOD013 Update Users
2 Request Operations
- 2.1 REQ001b List Users
- 2.2 REQ002b Query User
- 2.3 REQ003b List Organizations
- 2.4 REQ004b Query Organization
- 2.5 REQ005b Query Role

Modification Operations

MOD001b Create Organization

Description

Create a new organization, suborganization or virtual organization.

Target Type

Collection

Request URL

Request URL defines the parent of the organization to be created.

Examples

https://HOSTNAME/eidm2/services/orgs/
https://HOSTNAME/eidm2/services/orgs/ORGANIZATION/
https://HOSTNAME/eidm2/services/orgs/ORGANIZATION/SUBORG/
https://HOSTNAME/eidm2/services/orgs/VIRTUALORG/SUBVORG/
https://HOSTNAME/eidm2/services/orgs/1234567-8/
https://HOSTNAME/eidm2/services/orgs/1234567-8/123456789/

Request Method

POST

Request URL Parameters

Name	Accepted Values	Multivalued	Mandatory	Default	Description

Name	Accepted Values	Multivalued	Mandatory	Default	Description
virtual	Boolean			false	Defines whether the organization is virtual.
organizationId	String		X		Unique name of the organization to be created.
friendlyName	String		X		Human readable name of the organization.
organizationClass (or organizationType)	String from Configured Set				Organization type defining the initial configuration of the created organization. We support both the old parameter name (organizationClass) and the new parameter name (organizationType).
"custom attribute"	String	X			Organization's custom attribute and a value (multiple values are separated with comma). For example, vatnumber=12345

Curl Example

curl --insecure -X POST -u restuser:secret "https://localhost:7443/eidm2/services/orgs/?organizationId=6666666-6&friendlyName=TestOrganization"

Response Document

 <idlist>
  <Id>https://HOSTNAME/eidm2/services/org/example1/dep1</Id>
 </idlist>

MOD002 Remove Organization

Description

Remove the specified organization.

Target Type

Entity

Request URL

Request URL defines the organization to be removed. Response document contains a list of removed entities (organizations, roles, and users).

Examples

https://HOSTNAME/eidm2/services/org/ORGANIZATION
https://HOSTNAME/eidm2/services/org/ORGANIZATION/SUBORG
https://HOSTNAME/eidm2/services/org/VIRTUALORG/SUBVORG
https://HOSTNAME/eidm2/services/org/1234567-8
https://HOSTNAME/eidm2/services/org/1234567-8/123456789

Request Method

DELETE

Request URL Parameters

Name	Accepted Values	Multivalued	Mandatory	Default	Description

Name	Accepted Values	Multivalued	Mandatory	Default	Description
recursive	Boolean			false	Allow deleting organizations with sub-organizations.

Curl Example

curl --insecure -X DELETE -u restuser:secret "https://localhost:7443/eidm2/services/org/6666666-6?recursive=true"

Response Document

 <idlist>
  <Id>https://HOSTNAME/eidm2/services/org/example1/dep1</Id>
  <Id>https://HOSTNAME/eidm2/services/role/example1/OrganizationMainUser</Id>
  <Id>https://HOSTNAME/eidm2/services/role/example1/OrganizationUser</Id>
  <Id>https://HOSTNAME/eidm2/services/user/example1/abcd-1234</Id>
  <Id>https://HOSTNAME/eidm2/services/user/example1/efgh-5678</Id>
 </idlist>

MOD003b Update Organization

Description

Update the organization data. Replaces all the defined attributes, empty value removes the attribute, and missing attribute does not change the existing value.

Target Type

Entity

Request URL

Request URL defines the organization to be updated.

Examples

https://HOSTNAME/eidm2/services/org/ORGANIZATION
https://HOSTNAME/eidm2/services/org/ORGANIZATION/SUBORG
https://HOSTNAME/eidm2/services/org/VIRTUALORG
https://HOSTNAME/eidm2/services/org/VIRTUALORG/SUBVORG

Request Method

PUT

Request URL Parameters

Name	Accepted Values	Multivalued	Mandatory	Default	Description

Name	Accepted Values	Multivalued	Description
friendlyName	String		Human readable name of the organization.
organizationClass (or organizationType)	String from Configured Set		Organization type defining the initial configuration of the created organization. We support both the old parameter name (organizationClass) and the new parameter name (organizationType).
"custom attribute"	String	X	Organization's custom attribute and a value (multiple values are separated with comma). These attributes must have been defined in eidm2.properties (data.organization.fields or ui.admin.organizationinfo.fields.order) For example, organizationid=12345

Curl Example

curl --insecure -X PUT -u restuser:secret "https://localhost:7443/eidm2/services/org/6666666-6/?friendlyName=TestOrganizationRENAME"

Response Document

 <idlist>
  <Id>https://HOSTNAME/eidm2/services/org/example1/dep1</Id>
 </idlist>

MOD004b Update User

Description

Update the user information. By default, does not create a new user if the user does not exist. This may be overridden with parameter create. Replaces all the defined attributes, empty value removes the attribute, and missing attribute does not change the existing value. Setting an empty password disables the password method for the user.

Target Type

Entity

Request URL

Request URL defines the user to be updated.

Examples

https://HOSTNAME/eidm2/services/user/ORGANIZATION/USER
https://HOSTNAME/eidm2/services/user/ORGANIZATION/SUBORG/USER

Request Method

PUT

Request URL Parameters

Name	Accepted Values	Multivalued	Mandatory	Default	Description

Name	Accepted Values	Multivalued	Description
uid	String		User login name.
email	String		User email address.
firstname	String		First name of the user.
surname	String		Surname of the user.
mobile	String		Mobile phone number.
locale	String		Locale
hetu	String		Social Security Number (henkilötunnus)
pwd	String		New password.
otp.state (Deprecated)	String		New OTP state. This parameter is deprecated. OTP related REST services will be provided by OTP Server.
pwd.activated	Boolean		Defines if the password authentication method is actived for the user or not.
sms.activated (Deprecated)	Boolean		Defines if the SMS OTP authentication method is actived for the user or not. This parameter is deprecated. SMS OTP related REST services will be provided by OTP Server.
otp.activated (Deprecated)	Boolean		Defines if the OTP authentication method is actived for the user or not. This parameter is deprecated. OTP related REST services will be provided by OTP Server.
create	Boolean		Allow create
disable	Boolean		Disable User
enable	Boolean		Enable User
roles.remove	Boolean		Remove roles
mandates.remove	Boolean		Remove Mandates
"custom attribute"	String	X	User's custom attribute and a value (multiple values are separated with comma). These attributes must have been defined in eidm2.properties (data.user.fields, ui.selfservice.userinfo.fields.order, ui.admin.userinfo.fields.order or ui.admin.approvalinfo.fields.order) For example, age=45

Curl Example

curl --insecure -X PUT -u restuser:secret "https://localhost:7443/eidm2/services/user/6666666-6/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX/?mobile=%2B358401234567891"

Response Document

 <idlist>
  <Id>https://HOSTNAME/eidm2/services/user/example1/user1</Id>
 </idlist>

MOD005 Assign Role

Description

Assign a role for the user.

Target Type

Collection

Request URL

Request URL defines the role to be assigned for a user.

Examples

https://HOSTNAME/eidm2/services/assignments/ORGANIZATION/ROLE
https://HOSTNAME/eidm2/services/assignments/ORGANIZATION/SUBORG/ROLE
https://HOSTNAME/eidm2/services/assignments/VIRTUALORG/ROLE

Request Method

POST

Request URL Parameters

Name	Accepted Values	Multivalued	Mandatory	Default	Description

Name	Accepted Values	Multivalued	Mandatory	Default	Description
user	Entity Name		X		User who the role is assigned for.

Curl Example

curl --insecure -X POST -u restuser:secret "https://localhost:7443/eidm2/services/assignments/6666666-6/TestRole/?user=6666666-6/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"

Response Document

<idlist/>

MOD006 Deassign Role

Description

Deassign a role from the user.

Target Type

Collection

Request URL

Request URL defines the role to be deassign from a user.

Examples

https://HOSTNAME/eidm2/services/assignments/ORGANIZATION/ROLE
https://HOSTNAME/eidm2/services/assignments/ORGANIZATION/SUBORG/ROLE
https://HOSTNAME/eidm2/services/assignments/VIRTUALORG/ROLE

Request Method

DELETE

Request URL Parameters

Name	Accepted Values	Multivalued	Mandatory	Default	Description

Name	Accepted Values	Multivalued	Mandatory	Default	Description
user	Entity Name		X		User who the role is deassign from.

Curl Example

curl --insecure -X DELETE -u restuser:secret "https://localhost:7443/eidm2/services/assignments/6666666-6/TestRole/?user=6666666-6/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"

Response Document

<idlist/>

MOD007 Create Role

Description

Create a role.

Target Type

Entity

Request URL

Request URL defines the role to be created.

Examples

https://HOSTNAME/eidm2/services/role/ORGANIZATION/ROLE
https://HOSTNAME/eidm2/services/role/ORGANIZATION/SUBORG/ROLE
https://HOSTNAME/eidm2/services/role/VIRTUALORG/SUBVORG/ROLE

Request Method

PUT

Request URL Parameters

Name	Accepted Values	Multivalued	Mandatory	Default	Description

Name	Accepted Values	Multivalued	Mandatory	Default	Description
memberOf	String				The created role will be member of this role

Curl Example

curl --insecure -X PUT -u restuser:secret "https://localhost:7443/eidm2/services/role/6666666-6/TestRole"

Response Document

 <idlist>
  <Id>https://HOSTNAME/eidm2/services/role/testorg/testrole</Id>
 </idlist>

MOD008 Remove Role

Description

Remove a role from an organization or a virtual organization.

Target Type

Entity

Request URL

Request URL defines the role to be removed.

Examples

https://HOSTNAME/eidm2/services/role/ORGANIZATION/ROLE
https://HOSTNAME/eidm2/services/role/ORGANIZATION/SUBORG/ROLE
https://HOSTNAME/eidm2/services/role/VIRTUALORG/SUBVORG/ROLE

Request Method

DELETE

Request URL Parameters

No request specific request URL parameters.

Curl Example

curl --insecure -X DELETE -u restuser:secret "https://localhost:7443/eidm2/services/role/6666666-6/TestRole"

Response Document

 <idlist>
  <Id>https://HOSTNAME/eidm2/services/role/testorg/testrole</Id>
 </idlist>

MOD009 Create User

Description

Create a new user. Creates a random unique identifier for the user.

NOTE: Be careful to store users only in normal organizations - not virtual, because the system does not currently validate automatically whether the organization is virtual and this will create an inconsistency situation that must be resolved with direct database operations.

REST API 1.0 - CustomerID

Modification Operations

MOD001b Create Organization

Description

Target Type

Request URL

Examples

Request Method

Request URL Parameters

Curl Example

Response Document

MOD002 Remove Organization

Description

Target Type

Request URL

Examples

Request Method

Request URL Parameters

Curl Example

Response Document

MOD003b Update Organization

Description

Target Type

Request URL

Examples

Request Method

Request URL Parameters

Curl Example

Response Document

MOD004b Update User

Description

Target Type

Request URL

Examples

Request Method

Request URL Parameters

Curl Example

Response Document

MOD005 Assign Role

Description

Target Type

Request URL

Examples

Request Method

Request URL Parameters

Curl Example

Response Document

MOD006 Deassign Role

Description

Target Type

Request URL

Examples

Request Method

Request URL Parameters

Curl Example

Response Document

MOD007 Create Role

Description

Target Type

Request URL

Examples

Request Method

Request URL Parameters

Curl Example

Response Document

MOD008 Remove Role

Description

Target Type

Request URL

Examples

Request Method

Request URL Parameters

Curl Example

Response Document

MOD009 Create User

Description

Target Type