Configuration API

Overview

This document describes the API operations for a configuration.

Version information

Version : 1.0.0

URI scheme

Schemes : HTTPS, HTTP

Paths

Obtaining configuration from CIM

GET /api/config

Parameters

Type Name Description Schema
Query fields
optional
Fields that should be included in the response message. All fields are displayed if the param is not present. < Fields > array

Responses

HTTP Code Description Schema
200 Configuration Configuration
400 Bad request No Content
405 Unsupported method No Content
500 Api disabled No Content

Consumes

  • application/json

Produces

  • application/json

Security

Type Name
basic basic_auth

Example HTTP request

Request path
/api/config

Example HTTP response

Response 200
{
  "password_policy" : {
    "min_length" : 0,
    "max_length" : 0,
    "lower_case_char_required" : false,
    "upper_case_char_required" : false,
    "special_char_required" : false,
    "breached_password_blocked" : false
  },
  "messages" : {
    "default" : {
      "personal.general.next" : "Next",
      "personal.general.collapse" : "Collapse"
    },
    "nl" : {
      "personal.general.next" : "Volgende",
      "personal.general.collapse" : "Inklappen"
    }
  },
  "profile" : {
    "required_attributes_validation_rules" : [ {
      "any_of" : [ "BIRTH_DATE", "PHONE" ]
    } ]
  }
}

Reloading configuration from extension

POST /api/config/extension/reload

Description

The endpoint allows reloading extension messages and static resources in IdP runtime

Responses

HTTP Code Description Schema
200 Extension configuration reloaded No Content
405 Unsupported method No Content
500 Api disabled No Content

Security

Type Name
basic basic_auth

Example HTTP request

Request path
/api/config/extension/reload

Resolve information about all configured Identity Providers

GET /api/config/identity-providers

Responses

HTTP Code Description Schema
200 Configured identity providers IdentityProviderConfigResultSet
400 Bad request No Content
405 Unsupported method No Content
500 Api disabled No Content

Produces

  • application/json

Security

Type Name
basic basic_auth

Example HTTP request

Request path
/api/config/identity-providers

Example HTTP response

Response 200
{
  "result" : [ {
    "id" : "12345",
    "name" : "Facebook",
    "type" : "facebook",
    "saml_properties" : {
      "authn_context" : "urn:com:onegini:saml:facebook"
    }
  } ]
}

Obtain configuration from CIM

GET /api/v2/config

Responses

HTTP Code Description Schema
200 Configuration fetched successfully CIMConfiguration
409 API disabled No Content

Produces

  • application/json

Security

Type Name
basic basic_auth

Example HTTP request

Request path
/api/v2/config

Example HTTP response

Response 200
{
  "custom_messages" : {
    "default" : {
      "personal.general.next" : "Next",
      "personal.general.collapse" : "Collapse"
    },
    "locales" : {
      "locales" : {
        "nl" : {
          "personal.general.next" : "Volgende",
          "personal.general.collapse" : "Inklappen"
        }
      }
    }
  }
}

Update set of CIM's configuration units

PUT /api/v2/config

Responses

HTTP Code Description Schema
204 Configuration updated successfully Configuration
400 Bad request No Content
409 API disabled No Content

Consumes

  • application/json

Example HTTP request

Request path
/api/v2/config

Example HTTP response

Response 204
{
  "password_policy" : {
    "min_length" : 0,
    "max_length" : 0,
    "lower_case_char_required" : false,
    "upper_case_char_required" : false,
    "special_char_required" : false,
    "breached_password_blocked" : false
  },
  "messages" : {
    "default" : {
      "personal.general.next" : "Next",
      "personal.general.collapse" : "Collapse"
    },
    "nl" : {
      "personal.general.next" : "Volgende",
      "personal.general.collapse" : "Inklappen"
    }
  },
  "profile" : {
    "required_attributes_validation_rules" : [ {
      "any_of" : [ "BIRTH_DATE", "PHONE" ]
    } ]
  }
}

Get custom messages for all languages and configured variants

GET /api/v2/config/custom-messages

Responses

HTTP Code Description Schema
200 Custom messages fetched successfully No Content
401 Unauthorized No Content
409 API disabled No Content
500 Internal server error No Content

Example HTTP request

Request path
/api/v2/config/custom-messages

Update custom messages configuration

PUT /api/v2/config/custom-messages

Responses

HTTP Code Description Schema
204 Custom messages updated successfully No Content
400 Bad Request No Content
401 Unauthorized No Content
409 API disabled No Content

Example HTTP request

Request path
/api/v2/config/custom-messages

Create or update multiple custom messages for a given locale

PUT /api/v2/config/custom-messages/{locale_variant}/batch

Parameters

Type Name Schema
Path locale_variant
required
string

Responses

HTTP Code Description Schema
204 Custom messages for given locale created or updated No Content
401 Unauthorized No Content
409 API disabled No Content
500 Internal server error No Content

Example HTTP request

Request path
/api/v2/config/custom-messages/string/batch

Remove custom message for a given locale

DELETE /api/v2/config/custom-messages/{locale_variant}/{message_key}

Parameters

Type Name Description Schema
Path locale_variant
required
locale with variant code string
Path message_key
required
message's key to remove string

Responses

HTTP Code Description Schema
204 Custom message with given key deleted successfully No Content
401 Unauthorized No Content
409 API disabled No Content
500 Internal server error No Content

Example HTTP request

Request path
/api/v2/config/custom-messages/string/string

Definitions

AttributeType

Type : enum (NAME, PHONE, BIRTH_DATE, EMAIL)

CIMConfiguration

Name Description Schema
custom_messages
optional
Example : "[custommessages](#custommessages)" CustomMessages

Configuration

Name Description Schema
messages
required
Example : "[messages](#messages)" Messages
password_policy
required
Example : "[passwordpolicy](#passwordpolicy)" PasswordPolicy
profile
optional
Example : "[profile](#profile)" Profile

CustomMessages

Name Description Schema
default
optional
key value map of default custom messages
Example : {<br> "personal.general.next" : "Next",<br> "personal.general.collapse" : "Collapse"<br>}
< string, string > map
locales
optional
Example : {<br> "locales" : {<br> "nl" : {<br> "personal.general.next" : "Volgende",<br> "personal.general.collapse" : "Inklappen"<br> }<br> }<br>} < string, < string, string > map > map

Fields

Type : enum (profile, messages, password_policy)

IdentityProviderConfig

Name Description Schema
id
optional
Example : "12345" string
name
optional
Example : "Facebook" string
saml_properties
optional
Example : "[samlproperties](#samlproperties)" SamlProperties
type
optional
Example : "facebook" string

IdentityProviderConfigResultSet

Name Description Schema
result
optional
Example : [ "[identityproviderconfig](#identityproviderconfig)" ] < IdentityProviderConfig > array

LocaleCustomMessages

key value map of custom messages

Name Description Schema
additionalProperties
optional
Example : "string" string

Messages

Key value map where key is the language nad value contains list of translations.

Type : < string, < string, Translations > map > map

PasswordPolicy

Name Description Schema
breached_password_blocked
required
Indicates that the password is disallowed when it has been discovered in a public data breach.
Note: this option enables sending an anonymized transformation of the user's password to the Have I Been Pwned API, which is a resource of passwords found in public data breaches. This information is sent in such a way that it cannot be linked to the original user or their password by anyone (more on how this works).
Example : false
boolean
lower_case_char_required
required
Indicates at least one lower case character is required.
Example : false
boolean
max_length
required
Indicates the maximum length of a password.
Example : 0
integer (int32)
min_length
required
Indicates the minimum length of a password.
Example : 0
integer (int32)
special_char_required
required
Indicates that at least one special character is required.
Example : false
boolean
upper_case_char_required
required
Indicates at least one upper case character is required.
Example : false
boolean

Profile

Contains profile configuration

Name Description Schema
required_attributes_validation_rules
optional
Example : [ "[requiredattributesvalidationrule](#requiredattributesvalidationrule)" ] < RequiredAttributesValidationRule > array

RequiredAttributesValidationRule

Contains list of required profile attributes. At least one of attributes is required

Name Description Schema
any_of
optional
Example : [ "BIRTH_DATE", "PHONE" ] < AttributeType > array

SamlProperties

Name Description Schema
authn_context
optional
Example : "urn:com:onegini:saml:facebook" string

Translations

Key value map where key is the message identifier and value contains translation.

Type : < string, string > map

Security

basic_auth

Type : basic