Configuration API
- Overview
- Paths
- Obtaining configuration from CIM
- Reloading configuration from extension
- Resolve information about all configured Identity Providers
- Fetch attributes configuration
- Update attributes configuration
- Update attributes configuration partially
- Obtain configuration from CIM
- Update set of CIM's configuration units
- Get custom messages for all languages and configured variants
- Update custom messages configuration
- Create or update multiple custom messages for a given locale
- Remove custom message for a given locale
- Fetch features configuration
- Update features configuration
- Update part of features configuration
- Add url to action token whitelisted urls
- Fetch whitelisted urls for action token
- Delete whitelisted url by id
- Definitions
- ActionTokenApp2WebLogin
- ActionTokenConfiguration
- ActionTokenCoupling
- ActionTokenLogin
- AttributeType
- AttributesConfiguration
- AttributesVerification
- CIMConfiguration
- Configuration
- CustomEmailValidation
- CustomMessages
- ExternallyDeliveredCode
- FeaturesConfiguration
- Fields
- IdentityProviderConfig
- IdentityProviderConfigResultSet
- InvitationVerification
- LocaleCustomMessages
- Messages
- PasswordPolicy
- PersonActivationConfiguration
- PersonCreationMandatoryAttributes
- Profile
- RequiredAttributesValidationRule
- SamlProperties
- SignUpFormFields
- Translations
- WhitelistedUrl
- WhitelistedUrls
- Security
Overview
This document describes the API operations for a configuration.
Version information
Version : 1.0.0
URI scheme
Schemes : HTTPS, HTTP
Paths
Obtaining configuration from CIM
GET /api/config
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Query | fields optional |
Fields that should be included in the response message. All fields are displayed if the param is not present. | < Fields > array |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Configuration | Configuration |
400 | Bad request | No Content |
405 | Unsupported method | No Content |
500 | Api disabled | No Content |
Consumes
application/json
Produces
application/json
Security
Type | Name |
---|---|
basic | basic_auth |
Example HTTP request
Request path
/api/config
Example HTTP response
Response 200
{
"password_policy" : {
"min_length" : 0,
"max_length" : 0,
"lower_case_char_required" : false,
"upper_case_char_required" : false,
"special_char_required" : false,
"breached_password_blocked" : false
},
"messages" : {
"default" : {
"personal.general.next" : "Next",
"personal.general.collapse" : "Collapse"
},
"nl" : {
"personal.general.next" : "Volgende",
"personal.general.collapse" : "Inklappen"
}
},
"profile" : {
"required_attributes_validation_rules" : [ {
"any_of" : [ "BIRTH_DATE", "PHONE" ]
} ]
}
}
Reloading configuration from extension
POST /api/config/extension/reload
Description
The endpoint allows reloading extension messages and static resources in IdP runtime
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Extension configuration reloaded | No Content |
405 | Unsupported method | No Content |
500 | Api disabled | No Content |
Security
Type | Name |
---|---|
basic | basic_auth |
Example HTTP request
Request path
/api/config/extension/reload
Resolve information about all configured Identity Providers
GET /api/config/identity-providers
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Configured identity providers | IdentityProviderConfigResultSet |
400 | Bad request | No Content |
405 | Unsupported method | No Content |
500 | Api disabled | No Content |
Produces
application/json
Security
Type | Name |
---|---|
basic | basic_auth |
Example HTTP request
Request path
/api/config/identity-providers
Example HTTP response
Response 200
{
"result" : [ {
"id" : "12345",
"name" : "Facebook",
"type" : "facebook",
"saml_properties" : {
"authn_context" : "urn:com:onegini:saml:facebook"
}
} ]
}
Fetch attributes configuration
GET /api/v2/attributes
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Attributes configuration fetched successfully\ | AttributesConfiguration |
401 | Unauthorized | No Content |
409 | API disabled | No Content |
Example HTTP request
Request path
/api/v2/attributes
Example HTTP response
Response 200
{
"person_creation_mandatory_fields" : {
"first_name_required" : true,
"last_name_required" : true,
"mobile_number_required" : true
},
"sign_up_form_fields" : {
"mobile_number_enabled" : true,
"mobile_number_confirmation_enabled" : true,
"email_confirmation_enabled" : true
},
"verification" : {
"email_enabled" : true,
"email_required" : true,
"mobile_number_enabled" : true
},
"name_visible_on_dashboard" : true
}
Update attributes configuration
PUT /api/v2/attributes
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Attributes Configuration updated | No Content |
401 | Unauthorized | No Content |
409 | API disabled | No Content |
Example HTTP request
Request path
/api/v2/attributes
Update attributes configuration partially
PATCH /api/v2/attributes
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Attributes Configuration updated | No Content |
401 | Unauthorized | No Content |
409 | API disabled | No Content |
Example HTTP request
Request path
/api/v2/attributes
Obtain configuration from CIM
GET /api/v2/config
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Configuration fetched successfully | CIMConfiguration |
409 | API disabled | No Content |
Produces
application/json
Security
Type | Name |
---|---|
basic | basic_auth |
Example HTTP request
Request path
/api/v2/config
Example HTTP response
Response 200
{
"custom_messages" : {
"default" : {
"personal.general.next" : "Next",
"personal.general.collapse" : "Collapse"
},
"locales" : {
"locales" : {
"nl" : {
"personal.general.next" : "Volgende",
"personal.general.collapse" : "Inklappen"
}
}
}
},
"features" : {
"login_enabled" : true,
"sign_up_enabled" : true,
"automated_external_identity_coupling_enabled" : true,
"bind_multiple_external_accounts_with_one_cim_account" : true,
"accepting_invitation_enabled" : true,
"post_login_extra_registration_after_second_login" : true,
"action_token" : {
"login" : {
"enabled" : true,
"ttl" : 0,
"authentication_level" : 0,
"ui_generation_enabled" : true
},
"app_to_web" : {
"enabled" : true,
"ttl" : 0,
"authentication_level" : 0
},
"coupling" : {
"enabled" : true,
"ttl" : 0
},
"whitelisted_urls" : [ {
"id" : "string",
"url" : "string"
} ]
},
"person_activation" : {
"enabled" : true,
"expiration_time" : 0,
"type" : "string",
"externally_delivered_code" : {
"unavailability_time" : 0,
"resend_code_minimum_period" : 0
}
},
"password_reset_enabled" : true,
"username_reminder_via_sms_enabled" : true,
"mobile_number_validation_backend_services_enabled" : true,
"custom_email_validation" : {
"enabled" : true,
"before_at_regex" : "string",
"after_at_regex" : "string"
},
"migration_enabled" : true,
"unauthenticated_migration_enabled" : true,
"person_identifier_in_external_profile_required_for_migration" : true,
"invitation_verification_required" : {
"via_birthdate_enabled" : true,
"via_sms_enabled" : true,
"via_externally_delivered_code_enabled" : true
},
"allow_sign_up_without_invitation_validation" : true,
"pin_enabled" : true,
"sms_enabled" : true,
"google_authenticator_step_up_authentication_enabled" : true,
"mobile_authentication_enabled" : true,
"step_up_authentication_method_externally_delivered_code_enabled" : true,
"id_check_enabled" : true,
"cookie_based_saml_authentication" : true,
"person_api_enabled" : true,
"credentials_api_enabled" : true,
"configuration_api_enabled" : true,
"events_api_enabled" : true,
"statistics_api_enabled" : true,
"session_api_enabled" : true,
"storage_api_enabled" : true,
"experimental_features_enabled" : true
}
}
Update set of CIM's configuration units
PUT /api/v2/config
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Configuration updated successfully | Configuration |
400 | Bad request | No Content |
409 | API disabled | No Content |
Consumes
application/json
Example HTTP request
Request path
/api/v2/config
Example HTTP response
Response 204
{
"password_policy" : {
"min_length" : 0,
"max_length" : 0,
"lower_case_char_required" : false,
"upper_case_char_required" : false,
"special_char_required" : false,
"breached_password_blocked" : false
},
"messages" : {
"default" : {
"personal.general.next" : "Next",
"personal.general.collapse" : "Collapse"
},
"nl" : {
"personal.general.next" : "Volgende",
"personal.general.collapse" : "Inklappen"
}
},
"profile" : {
"required_attributes_validation_rules" : [ {
"any_of" : [ "BIRTH_DATE", "PHONE" ]
} ]
}
}
Get custom messages for all languages and configured variants
GET /api/v2/config/custom-messages
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Custom messages fetched successfully | No Content |
401 | Unauthorized | No Content |
409 | API disabled | No Content |
500 | Internal server error | No Content |
Example HTTP request
Request path
/api/v2/config/custom-messages
Update custom messages configuration
PUT /api/v2/config/custom-messages
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Custom messages updated successfully | No Content |
400 | Bad Request | No Content |
401 | Unauthorized | No Content |
409 | API disabled | No Content |
Example HTTP request
Request path
/api/v2/config/custom-messages
Create or update multiple custom messages for a given locale
PUT /api/v2/config/custom-messages/{locale_variant}/batch
Parameters
Type | Name | Schema |
---|---|---|
Path | locale_variant required |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Custom messages for given locale created or updated | No Content |
401 | Unauthorized | No Content |
409 | API disabled | No Content |
500 | Internal server error | No Content |
Example HTTP request
Request path
/api/v2/config/custom-messages/string/batch
Remove custom message for a given locale
DELETE /api/v2/config/custom-messages/{locale_variant}/{message_key}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path | locale_variant required |
locale with variant code | string |
Path | message_key required |
message's key to remove | string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Custom message with given key deleted successfully | No Content |
401 | Unauthorized | No Content |
409 | API disabled | No Content |
500 | Internal server error | No Content |
Example HTTP request
Request path
/api/v2/config/custom-messages/string/string
Fetch features configuration
GET /api/v2/config/features
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Features config fetched successfully | No Content |
409 | API disabled | No Content |
500 | Internal server error | No Content |
content | No Content |
Example HTTP request
Request path
/api/v2/config/features
Update features configuration
PUT /api/v2/config/features
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Features config updated successfully | No Content |
409 | API disabled | No Content |
Example HTTP request
Request path
/api/v2/config/features
Update part of features configuration
PATCH /api/v2/config/features
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | Features config updated successfully | No Content |
409 | API disabled | No Content |
Example HTTP request
Request path
/api/v2/config/features
Add url to action token whitelisted urls
POST /api/v2/config/features/action-token/whitelisted-urls
Responses
HTTP Code | Description | Schema |
---|---|---|
201 | Whitelisted url added successfully | No Content |
409 | API disabled | No Content |
500 | Internal server error | No Content |
Example HTTP request
Request path
/api/v2/config/features/action-token/whitelisted-urls
Fetch whitelisted urls for action token
GET /api/v2/config/features/action-token/whitelisted-urls
Responses
HTTP Code | Description | Schema |
---|---|---|
200 | Whitelisted urls fetched successfully | No Content |
409 | API disabled | No Content |
500 | Internal server error | No Content |
content | No Content |
Example HTTP request
Request path
/api/v2/config/features/action-token/whitelisted-urls
Delete whitelisted url by id
DELETE /api/v2/config/features/action-token/whitelisted-urls/{url-id}
Parameters
Type | Name | Schema |
---|---|---|
Path | url-id required |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
204 | whitelisted url deleted | No Content |
401 | Unauthorized | No Content |
409 | API disabled | No Content |
500 | Internal server error | No Content |
Example HTTP request
Request path
/api/v2/config/features/action-token/whitelisted-urls/string
Definitions
ActionTokenApp2WebLogin
Name | Description | Schema |
---|---|---|
authentication_level optional |
Example : 0 |
integer |
enabled optional |
Example : true |
boolean |
ttl optional |
Example : 0 |
integer |
ActionTokenConfiguration
Name | Description | Schema |
---|---|---|
app_to_web optional |
Example : "[actiontokenapp2weblogin](#actiontokenapp2weblogin)" |
ActionTokenApp2WebLogin |
coupling optional |
Example : "[actiontokencoupling](#actiontokencoupling)" |
ActionTokenCoupling |
login optional |
Example : "[actiontokenlogin](#actiontokenlogin)" |
ActionTokenLogin |
whitelisted_urls optional |
redirect url whitelist Example : [ "[whitelistedurl](#whitelistedurl)" ] |
< WhitelistedUrl > array |
ActionTokenCoupling
Name | Description | Schema |
---|---|---|
enabled optional |
Example : true |
boolean |
ttl optional |
Example : 0 |
integer |
ActionTokenLogin
Name | Description | Schema |
---|---|---|
authentication_level optional |
Example : 0 |
integer |
enabled optional |
Example : true |
boolean |
ttl optional |
Example : 0 |
integer |
ui_generation_enabled optional |
Example : true |
boolean |
AttributeType
Type : enum (NAME, PHONE, BIRTH_DATE, EMAIL)
AttributesConfiguration
Name | Description | Schema |
---|---|---|
name_visible_on_dashboard optional |
Example : true |
boolean |
person_creation_mandatory_fields optional |
Example : "[personcreationmandatoryattributes](#personcreationmandatoryattributes)" |
PersonCreationMandatoryAttributes |
sign_up_form_fields optional |
Example : "[signupformfields](#signupformfields)" |
SignUpFormFields |
verification optional |
Example : "[attributesverification](#attributesverification)" |
AttributesVerification |
AttributesVerification
Name | Description | Schema |
---|---|---|
email_enabled optional |
Example : true |
boolean |
email_required optional |
Example : true |
boolean |
mobile_number_enabled optional |
Example : true |
boolean |
CIMConfiguration
Name | Description | Schema |
---|---|---|
custom_messages optional |
Example : "[custommessages](#custommessages)" |
CustomMessages |
features optional |
Example : "[featuresconfiguration](#featuresconfiguration)" |
FeaturesConfiguration |
Configuration
Name | Description | Schema |
---|---|---|
messages required |
Example : "[messages](#messages)" |
Messages |
password_policy required |
Example : "[passwordpolicy](#passwordpolicy)" |
PasswordPolicy |
profile optional |
Example : "[profile](#profile)" |
Profile |
CustomEmailValidation
Name | Description | Schema |
---|---|---|
after_at_regex optional |
regex for validating domain part of email Example : "string" |
string |
before_at_regex optional |
regex for validating local part of email Example : "string" |
string |
enabled optional |
Example : true |
boolean |
CustomMessages
Name | Description | Schema |
---|---|---|
default optional |
key value map of default custom messages Example : {<br> "personal.general.next" : "Next",<br> "personal.general.collapse" : "Collapse"<br>} |
< string, string > map |
locales optional |
Example : {<br> "locales" : {<br> "nl" : {<br> "personal.general.next" : "Volgende",<br> "personal.general.collapse" : "Inklappen"<br> }<br> }<br>} |
< string, < string, string > map > map |
ExternallyDeliveredCode
Name | Description | Schema |
---|---|---|
resend_code_minimum_period optional |
Example : 0 |
integer |
unavailability_time optional |
Example : 0 |
integer |
FeaturesConfiguration
Name | Description | Schema |
---|---|---|
accepting_invitation_enabled optional |
Example : true |
boolean |
action_token optional |
Example : "[actiontokenconfiguration](#actiontokenconfiguration)" |
ActionTokenConfiguration |
allow_sign_up_without_invitation_validation optional |
Example : true |
boolean |
automated_external_identity_coupling_enabled optional |
Example : true |
boolean |
bind_multiple_external_accounts_with_one_cim_account optional |
Example : true |
boolean |
configuration_api_enabled optional |
Example : true |
boolean |
cookie_based_saml_authentication optional |
Example : true |
boolean |
credentials_api_enabled optional |
Example : true |
boolean |
custom_email_validation optional |
Example : "[customemailvalidation](#customemailvalidation)" |
CustomEmailValidation |
events_api_enabled optional |
Example : true |
boolean |
experimental_features_enabled optional |
Example : true |
boolean |
google_authenticator_step_up_authentication_enabled optional |
Example : true |
boolean |
id_check_enabled optional |
Example : true |
boolean |
invitation_verification_required optional |
Example : "[invitationverification](#invitationverification)" |
InvitationVerification |
login_enabled optional |
Example : true |
boolean |
migration_enabled optional |
Example : true |
boolean |
mobile_authentication_enabled optional |
Example : true |
boolean |
mobile_number_validation_backend_services_enabled optional |
Example : true |
boolean |
password_reset_enabled optional |
Example : true |
boolean |
person_activation optional |
Example : "[personactivationconfiguration](#personactivationconfiguration)" |
PersonActivationConfiguration |
person_api_enabled optional |
Example : true |
boolean |
person_identifier_in_external_profile_required_for_migration optional |
Example : true |
boolean |
pin_enabled optional |
Example : true |
boolean |
post_login_extra_registration_after_second_login optional |
Example : true |
boolean |
session_api_enabled optional |
Example : true |
boolean |
sign_up_enabled optional |
Example : true |
boolean |
sms_enabled optional |
Example : true |
boolean |
statistics_api_enabled optional |
Example : true |
boolean |
step_up_authentication_method_externally_delivered_code_enabled optional |
Example : true |
boolean |
storage_api_enabled optional |
Example : true |
boolean |
unauthenticated_migration_enabled optional |
Example : true |
boolean |
username_reminder_via_sms_enabled optional |
Example : true |
boolean |
Fields
Type : enum (profile, messages, password_policy)
IdentityProviderConfig
Name | Description | Schema |
---|---|---|
id optional |
Example : "12345" |
string |
name optional |
Example : "Facebook" |
string |
saml_properties optional |
Example : "[samlproperties](#samlproperties)" |
SamlProperties |
type optional |
Example : "facebook" |
string |
IdentityProviderConfigResultSet
Name | Description | Schema |
---|---|---|
result optional |
Example : [ "[identityproviderconfig](#identityproviderconfig)" ] |
< IdentityProviderConfig > array |
InvitationVerification
Name | Description | Schema |
---|---|---|
via_birthdate_enabled optional |
Example : true |
boolean |
via_externally_delivered_code_enabled optional |
Example : true |
boolean |
via_sms_enabled optional |
Example : true |
boolean |
LocaleCustomMessages
key value map of custom messages
Name | Description | Schema |
---|---|---|
additionalProperties optional |
Example : "string" |
string |
Messages
Key value map where key is the language nad value contains list of translations.
Type : < string, < string, Translations > map > map
PasswordPolicy
Name | Description | Schema |
---|---|---|
breached_password_blocked required |
Indicates that the password is disallowed when it has been discovered in a public data breach. Note: this option enables sending an anonymized transformation of the user's password to the Have I Been Pwned API, which is a resource of passwords found in public data breaches. This information is sent in such a way that it cannot be linked to the original user or their password by anyone (more on how this works). Example : false |
boolean |
lower_case_char_required required |
Indicates at least one lower case character is required. Example : false |
boolean |
max_length required |
Indicates the maximum length of a password. Example : 0 |
integer (int32) |
min_length required |
Indicates the minimum length of a password. Example : 0 |
integer (int32) |
special_char_required required |
Indicates that at least one special character is required. Example : false |
boolean |
upper_case_char_required required |
Indicates at least one upper case character is required. Example : false |
boolean |
PersonActivationConfiguration
Name | Description | Schema |
---|---|---|
enabled optional |
Example : true |
boolean |
expiration_time optional |
Example : 0 |
integer |
externally_delivered_code optional |
Example : "[externallydeliveredcode](#externallydeliveredcode)" |
ExternallyDeliveredCode |
type optional |
Example : "string" |
enum (EMAIL, EXTERNALLY_DELIVERED_CODE) |
PersonCreationMandatoryAttributes
Name | Description | Schema |
---|---|---|
first_name_required optional |
Example : true |
boolean |
last_name_required optional |
Example : true |
boolean |
mobile_number_required optional |
Example : true |
boolean |
Profile
Contains profile configuration
Name | Description | Schema |
---|---|---|
required_attributes_validation_rules optional |
Example : [ "[requiredattributesvalidationrule](#requiredattributesvalidationrule)" ] |
< RequiredAttributesValidationRule > array |
RequiredAttributesValidationRule
Contains list of required profile attributes. At least one of attributes is required
Name | Description | Schema |
---|---|---|
any_of optional |
Example : [ "BIRTH_DATE", "PHONE" ] |
< AttributeType > array |
SamlProperties
Name | Description | Schema |
---|---|---|
authn_context optional |
Example : "urn:com:onegini:saml:facebook" |
string |
SignUpFormFields
Name | Description | Schema |
---|---|---|
email_confirmation_enabled optional |
Example : true |
boolean |
mobile_number_confirmation_enabled optional |
Example : true |
boolean |
mobile_number_enabled optional |
Example : true |
boolean |
Translations
Key value map where key is the message identifier and value contains translation.
Type : < string, string > map
WhitelistedUrl
Name | Description | Schema |
---|---|---|
id optional read-only |
id of a given url Example : "string" |
string (uuid) |
url optional |
url value Example : "string" |
string |
WhitelistedUrls
Name | Description | Schema |
---|---|---|
whitelisted_urls optional |
redirect url whitelist Example : [ "[whitelistedurl](#whitelistedurl)" ] |
< WhitelistedUrl > array |
Security
basic_auth
Type : basic