Configuration API

Overview

This document describes the API operations for a configuration.

Version information

Version : 1.0.0

URI scheme

Schemes : HTTPS, HTTP

Paths

Obtaining configuration from CIM

GET /api/config

Parameters

Type Name Description Schema
Query fields
optional
Fields that should be included in the response message. All fields are displayed if the param is not present. < Fields > array

Responses

HTTP Code Description Schema
200 Configuration Configuration
400 Bad request No Content
405 Unsupported method No Content
500 Api disabled No Content

Consumes

  • application/json

Produces

  • application/json

Security

Type Name
basic basic_auth

Example HTTP request

Request path
/api/config

Example HTTP response

Response 200
{
  "password_policy" : {
    "min_length" : 0,
    "max_length" : 0,
    "lower_case_char_required" : false,
    "upper_case_char_required" : false,
    "special_char_required" : false,
    "breached_password_blocked" : false
  },
  "messages" : {
    "default" : {
      "personal.general.next" : "Next",
      "personal.general.collapse" : "Collapse"
    },
    "nl" : {
      "personal.general.next" : "Volgende",
      "personal.general.collapse" : "Inklappen"
    }
  },
  "profile" : {
    "required_attributes_validation_rules" : [ {
      "any_of" : [ "BIRTH_DATE", "PHONE" ]
    } ]
  }
}

Reloading configuration from extension

POST /api/config/extension/reload

Description

The endpoint allows reloading extension messages and static resources in IdP runtime

Responses

HTTP Code Description Schema
200 Extension configuration reloaded No Content
405 Unsupported method No Content
500 Api disabled No Content

Security

Type Name
basic basic_auth

Example HTTP request

Request path
/api/config/extension/reload

Resolve information about all configured Identity Providers

GET /api/config/identity-providers

Responses

HTTP Code Description Schema
200 Configured identity providers IdentityProviderConfigResultSet
400 Bad request No Content
405 Unsupported method No Content
500 Api disabled No Content

Produces

  • application/json

Security

Type Name
basic basic_auth

Example HTTP request

Request path
/api/config/identity-providers

Example HTTP response

Response 200
{
  "result" : [ {
    "id" : "12345",
    "name" : "Facebook",
    "type" : "facebook",
    "saml_properties" : {
      "authn_context" : "urn:com:onegini:saml:facebook"
    }
  } ]
}

Update attributes configuration

POST /api/v2/attributes

Responses

HTTP Code Description Schema
204 Attributes configuration updated No Content
401 Unauthorized No Content
409 API disabled No Content

Example HTTP request

Request path
/api/v2/attributes

Fetch attributes configuration

GET /api/v2/attributes

Responses

HTTP Code Description Schema
200 Attributes configuration fetched successfully\ AttributesConfiguration
401 Unauthorized No Content
409 API disabled No Content

Example HTTP request

Request path
/api/v2/attributes

Example HTTP response

Response 200
{
  "person_creation_mandatory_fields" : {
    "first_name_required" : true,
    "last_name_required" : true,
    "mobile_number_required" : true
  },
  "sign_up_form_fields" : {
    "mobile_number_enabled" : true,
    "mobile_number_confirmation_enabled" : true,
    "email_confirmation_enabled" : true
  },
  "verification" : {
    "email_enabled" : true,
    "email_required" : true,
    "mobile_number_enabled" : true
  },
  "name_visible_on_dashboard" : true
}

Update set of CIM's configuration units

POST /api/v2/config

Responses

HTTP Code Description Schema
204 Configuration updated successfully Configuration
400 Bad request No Content
409 API disabled No Content

Consumes

  • application/json

Example HTTP request

Request path
/api/v2/config

Example HTTP response

Response 204
{
  "password_policy" : {
    "min_length" : 0,
    "max_length" : 0,
    "lower_case_char_required" : false,
    "upper_case_char_required" : false,
    "special_char_required" : false,
    "breached_password_blocked" : false
  },
  "messages" : {
    "default" : {
      "personal.general.next" : "Next",
      "personal.general.collapse" : "Collapse"
    },
    "nl" : {
      "personal.general.next" : "Volgende",
      "personal.general.collapse" : "Inklappen"
    }
  },
  "profile" : {
    "required_attributes_validation_rules" : [ {
      "any_of" : [ "BIRTH_DATE", "PHONE" ]
    } ]
  }
}

Obtain configuration from CIM

GET /api/v2/config

Responses

HTTP Code Description Schema
200 Configuration fetched successfully CIMConfiguration
409 API disabled No Content

Produces

  • application/json

Security

Type Name
basic basic_auth

Example HTTP request

Request path
/api/v2/config

Example HTTP response

Response 200
{
  "custom_messages" : {
    "default" : {
      "personal.general.next" : "Next",
      "personal.general.collapse" : "Collapse"
    },
    "locales" : {
      "locales" : {
        "nl" : {
          "personal.general.next" : "Volgende",
          "personal.general.collapse" : "Inklappen"
        }
      }
    }
  },
  "features" : {
    "login_enabled" : true,
    "sign_up_enabled" : true,
    "automated_external_identity_coupling_enabled" : true,
    "bind_multiple_external_accounts_with_one_cim_account" : true,
    "accepting_invitation_enabled" : true,
    "post_login_extra_registration_after_second_login" : true,
    "action_token" : {
      "login" : {
        "enabled" : true,
        "ttl" : 0,
        "authentication_level" : 1,
        "ui_generation_enabled" : true
      },
      "app_to_web" : {
        "enabled" : true,
        "ttl" : 60,
        "authentication_level" : 1
      },
      "coupling" : {
        "enabled" : true,
        "ttl" : 60
      },
      "whitelisted_urls" : [ {
        "id" : "string",
        "url" : "string"
      } ]
    },
    "person_activation" : {
      "enabled" : true,
      "expiration_time" : 60,
      "type" : "EMAIL",
      "externally_delivered_code" : {
        "unavailability_time" : 86400,
        "resend_code_minimum_period" : 86400,
        "force_activation_after_accepting_invitation" : true
      }
    },
    "password_reset_enabled" : true,
    "username_reminder_via_sms_enabled" : true,
    "mobile_number_validation_backend_services_enabled" : true,
    "custom_email_validation" : {
      "enabled" : true,
      "before_at_regex" : "string",
      "after_at_regex" : "string"
    },
    "migration_enabled" : true,
    "unauthenticated_migration_enabled" : true,
    "person_identifier_in_external_profile_required_for_migration" : true,
    "invitation_verification_required" : {
      "via_birthdate_enabled" : true,
      "via_sms_enabled" : true,
      "via_externally_delivered_code_enabled" : true
    },
    "allow_sign_up_without_invitation_validation" : true,
    "pin_enabled" : true,
    "sms_enabled" : true,
    "google_authenticator_step_up_authentication_enabled" : true,
    "mobile_authentication_enabled" : true,
    "step_up_authentication_method_externally_delivered_code_enabled" : true,
    "cookie_based_saml_authentication" : true,
    "person_api_enabled" : true,
    "credentials_api_enabled" : true,
    "configuration_api_enabled" : true,
    "events_api_enabled" : true,
    "statistics_api_enabled" : true,
    "session_api_enabled" : true,
    "storage_api_enabled" : true,
    "experimental_features_enabled" : true
  },
  "attributes" : {
    "person_creation_mandatory_fields" : {
      "first_name_required" : true,
      "last_name_required" : true,
      "mobile_number_required" : true
    },
    "sign_up_form_fields" : {
      "mobile_number_enabled" : true,
      "mobile_number_confirmation_enabled" : true,
      "email_confirmation_enabled" : true
    },
    "verification" : {
      "email_enabled" : true,
      "email_required" : true,
      "mobile_number_enabled" : true
    },
    "name_visible_on_dashboard" : true
  },
  "ui_extension" : {
    "base_url" : "string",
    "enable_login_redirect" : true,
    "login_path" : "string"
  },
  "step_up" : {
    "actions" : {
      "default_step_up_authentication_level" : 3,
      "dashboard_step_up_authentication_level" : 1,
      "allow_set_initial_step_up_method_enabled" : true,
      "setup_step_up_methods_authentication_level" : 3,
      "change_email_authentication_level" : 3,
      "change_password_authentication_level" : 3
    },
    "authentication_methods" : {
      "pin_authentication_level" : 3,
      "sms_authentication_level" : 3,
      "email_authentication_level" : 3,
      "google_authenticator_authentication_level" : 3,
      "push_authentication_level" : 3,
      "externally_delivered_code_authentication_level" : 3
    },
    "stategy" : "USER_PREFERENCE"
  },
  "login_methods" : {
    "login_methods" : [ {
      "id" : "string",
      "type" : "AZURE_AD_B2C",
      "name" : "string",
      "authentication_level" : 1,
      "removable" : true,
      "enabled" : true,
      "auto_activation_enabled" : true,
      "auto_email_verification" : true,
      "synchronise_attributes" : true,
      "migration_during_sign_up" : true,
      "force_creating_username_and_password_during_sign_up" : true,
      "saml_mutual_ssl_tls_attributes" : "object",
      "attribute_mappings" : [ {
        "id" : "string",
        "map_to" : "string",
        "map_from" : "string",
        "editable" : true
      } ],
      "custom_attribute_mappings" : [ {
        "id" : "string",
        "attribute_to_map_from" : "string",
        "attribute_to_map_to" : "string"
      } ],
      "excluded_unmapped_attributes" : [ "string" ],
      "custom_attribute_fields" : [ {
        "id" : "string",
        "name" : "string",
        "type" : "string"
      } ],
      "azure_ad_b2c_attributes" : {
        "tenant_id" : "string",
        "application_id" : "string",
        "policy" : "string",
        "front_channel_logout_enabled" : true
      },
      "digid_attributes" : {
        "idp_metadata" : "string",
        "required_authentication_level" : "string"
      },
      "eidas_attributes" : {
        "authentication_service" : "string",
        "authentication_service_custom_value" : "string",
        "required_level_of_assurance" : "string",
        "entity_id" : "string",
        "bsn_verification_point" : "string",
        "pseudo_id_verification_point" : "string",
        "encryption_key_id" : "string",
        "signing_key_id" : "string",
        "bsn_decryption_key_id" : "string",
        "pseudo_id_decryption_key_id" : "string",
        "pseudo_id_closing_key_id" : "string",
        "idp_metadata" : "string"
      },
      "facebook_attributes" : {
        "clientId" : "string",
        "client_secret" : "string"
      },
      "google_attributes" : {
        "clientId" : "string",
        "client_secret" : "string"
      },
      "idin_attributes" : {
        "directory_url" : "string",
        "transaction_url" : "string",
        "status_url" : "string",
        "acquirer_public_certificate_id" : "string",
        "merchant_id" : "string",
        "sub_id" : "string",
        "merchant_return_host_name" : "string",
        "merchant_certificate_pair_id" : "string",
        "saml_certificate_pair_id" : "string"
      },
      "itsme_attributes" : {
        "client_id" : "string",
        "login_service_code" : "string",
        "security_level" : "string",
        "front_channel_logout_enabled" : true,
        "discovery_url" : "string",
        "metadata_expiration_time_in_seconds" : 3600,
        "scopes" : [ "string" ],
        "claims" : [ "string" ]
      },
      "kerberos_attributes" : {
        "auto_login_enabled" : true
      },
      "ladp_attributes" : {
        "server_urls" : "string",
        "base_suffix" : "string",
        "user_distinguished_name" : "string",
        "password" : "string",
        "authentication_dn_template" : "string",
        "match_pattern" : "string",
        "ip_range_enabled" : true,
        "ip_ranges" : [ "string" ],
        "attributes_to_be_fetched" : [ "string" ]
      },
      "linkedin_attributes" : {
        "clientId" : "string",
        "client_secret" : "string"
      },
      "open_id_connect_attributes" : {
        "client_authentication_method" : "string",
        "client_id" : "string",
        "manual_metadata_setup" : true,
        "discovery_url" : "string",
        "metadata_expiration_time_in_seconds" : 0,
        "authorization_url" : "string",
        "id_token_url" : "string",
        "user_info_url" : "string",
        "jwks_url" : "string",
        "issuer" : "string",
        "end_session_url" : "string",
        "front_channel_logout_enabled" : true,
        "scopes" : [ "string" ],
        "claims" : [ "string" ],
        "id_token_encryption_required" : true,
        "user_info_encryption_required" : true
      },
      "paypal_attributes" : {
        "clientId" : "string",
        "client_secret" : "string"
      },
      "twitter_attributes" : {
        "clientId" : "string",
        "client_secret" : "string"
      },
      "qr_code_attributes" : {
        "mobile_authentication_type" : "string",
        "google_play_link" : "string",
        "app_store_link" : "string",
        "deep_linking_enabled" : true,
        "deep_linking_redirect_url" : "string"
      },
      "saml_attributes" : {
        "idp_metadata" : "string",
        "comparison" : "string",
        "authentication_level_mappings" : [ {
          "authn_context_class_ref_name" : "string",
          "authentication_level" : 0
        } ]
      },
      "sign_in_with_apple_attributes" : {
        "client_id" : "string",
        "team_id" : "string",
        "key_id" : "string",
        "jwks_uri" : "string",
        "domain_verification_file_content" : "string",
        "signing_key_id" : "string",
        "scopes" : [ "string" ]
      }
    } ],
    "mobile_login" : {
      "enabled" : false,
      "show_use_mobile_to_login" : false,
      "authentication_type" : "OTP",
      "login_message" : "string",
      "allowed_login_attempts" : 5,
      "step_up_type" : "string",
      "step_up_message" : "string"
    }
  }
}

Get custom messages for all languages and configured variants

GET /api/v2/config/custom-messages

Responses

HTTP Code Description Schema
200 Custom messages fetched successfully No Content
401 Unauthorized No Content
409 API disabled No Content
500 Internal server error No Content

Example HTTP request

Request path
/api/v2/config/custom-messages

Update custom messages configuration

PUT /api/v2/config/custom-messages

Responses

HTTP Code Description Schema
204 Custom messages updated successfully No Content
400 Bad Request No Content
401 Unauthorized No Content
409 API disabled No Content

Example HTTP request

Request path
/api/v2/config/custom-messages

Create or update multiple custom messages for a given locale

PUT /api/v2/config/custom-messages/{locale_variant}/batch

Parameters

Type Name Schema
Path locale_variant
required
string

Responses

HTTP Code Description Schema
204 Custom messages for given locale created or updated No Content
401 Unauthorized No Content
409 API disabled No Content
500 Internal server error No Content

Example HTTP request

Request path
/api/v2/config/custom-messages/string/batch

Remove custom message for a given locale

DELETE /api/v2/config/custom-messages/{locale_variant}/{message_key}

Parameters

Type Name Description Schema
Path locale_variant
required
locale with variant code string
Path message_key
required
message's key to remove string

Responses

HTTP Code Description Schema
204 Custom message with given key deleted successfully No Content
401 Unauthorized No Content
409 API disabled No Content
500 Internal server error No Content

Example HTTP request

Request path
/api/v2/config/custom-messages/string/string

Update features configuration

POST /api/v2/config/features

Responses

HTTP Code Description Schema
204 Features config updated successfully No Content
409 API disabled No Content

Example HTTP request

Request path
/api/v2/config/features

Fetch features configuration

GET /api/v2/config/features

Responses

HTTP Code Description Schema
200 Features config fetched successfully No Content
409 API disabled No Content
500 Internal server error No Content
content No Content

Example HTTP request

Request path
/api/v2/config/features

Add url to action token whitelisted urls

POST /api/v2/config/features/action-token/whitelisted-urls

Responses

HTTP Code Description Schema
201 Whitelisted url added successfully No Content
409 API disabled No Content
500 Internal server error No Content

Example HTTP request

Request path
/api/v2/config/features/action-token/whitelisted-urls

Fetch whitelisted urls for action token

GET /api/v2/config/features/action-token/whitelisted-urls

Responses

HTTP Code Description Schema
200 Whitelisted urls fetched successfully No Content
409 API disabled No Content
500 Internal server error No Content
content No Content

Example HTTP request

Request path
/api/v2/config/features/action-token/whitelisted-urls

Delete whitelisted url by id

DELETE /api/v2/config/features/action-token/whitelisted-urls/{url-id}

Parameters

Type Name Schema
Path url-id
required
string

Responses

HTTP Code Description Schema
204 whitelisted url deleted No Content
401 Unauthorized No Content
409 API disabled No Content
500 Internal server error No Content

Example HTTP request

Request path
/api/v2/config/features/action-token/whitelisted-urls/string

Get Configuration for login methods

GET /api/v2/config/login-methods

Responses

HTTP Code Description Schema
200 Login methods fetched successfully No Content
401 Unauthorized No Content
409 API disabled No Content
500 Internal server error No Content

Tags

  • login_methods

Example HTTP request

Request path
/api/v2/config/login-methods

Update step-up configuration

POST /api/v2/config/step-up

Responses

HTTP Code Description Schema
204 Configuration updated successfully No Content
400 Bad Request No Content
401 Unauthorized No Content
409 API disabled No Content

Tags

  • step-up

Example HTTP request

Request path
/api/v2/config/step-up

Get step-up configuration

GET /api/v2/config/step-up

Responses

HTTP Code Description Schema
200 Step-up configuration fetched successfully No Content
409 API disabled No Content
500 Internal server error No Content

Tags

  • step-up

Example HTTP request

Request path
/api/v2/config/step-up

Update UI Extension configuration

POST /api/v2/config/ui-extension

Responses

HTTP Code Description Schema
204 UI Extension configuration updated successfully No Content
400 Bad Request No Content
401 Unauthorized No Content
409 API disabled No Content

Tags

  • ui_extension

Example HTTP request

Request path
/api/v2/config/ui-extension

Get UI Extension configuration

GET /api/v2/config/ui-extension

Responses

HTTP Code Description Schema
200 UI Extension configuration fetched successfully No Content
401 Unauthorized No Content
409 API disabled No Content
500 Internal server error No Content

Tags

  • ui_extension

Example HTTP request

Request path
/api/v2/config/ui-extension

Definitions

ActionTokenApp2WebLogin

Name Description Schema
authentication_level
optional
Example : 1 integer
enabled
optional
Example : true boolean
ttl
optional
Example : 60 integer

ActionTokenConfiguration

Name Description Schema
app_to_web
optional
Example : "[actiontokenapp2weblogin](#actiontokenapp2weblogin)" ActionTokenApp2WebLogin
coupling
optional
Example : "[actiontokencoupling](#actiontokencoupling)" ActionTokenCoupling
login
optional
Example : "[actiontokenlogin](#actiontokenlogin)" ActionTokenLogin
whitelisted_urls
optional
redirect url whitelist
Example : [ "[whitelistedurl](#whitelistedurl)" ]
< WhitelistedUrl > array

ActionTokenCoupling

Name Description Schema
enabled
optional
Example : true boolean
ttl
optional
Example : 60 integer

ActionTokenLogin

Name Description Schema
authentication_level
optional
Example : 1 integer
enabled
optional
Example : true boolean
ttl
optional
Example : 0 integer
ui_generation_enabled
optional
Example : true boolean

AttributeType

Type : enum (NAME, PHONE, BIRTH_DATE, EMAIL)

AttributesConfiguration

Name Description Schema
name_visible_on_dashboard
optional
Example : true boolean
person_creation_mandatory_fields
optional
Example : "[personcreationmandatoryattributes](#personcreationmandatoryattributes)" PersonCreationMandatoryAttributes
sign_up_form_fields
optional
Example : "[signupformfields](#signupformfields)" SignUpFormFields
verification
optional
Example : "[attributesverification](#attributesverification)" AttributesVerification

AttributesVerification

Name Description Schema
email_enabled
optional
Example : true boolean
email_required
optional
Example : true boolean
mobile_number_enabled
optional
Example : true boolean

AzureAdB2cAttributes

Name Description Schema
application_id
optional
Example : "string" string
front_channel_logout_enabled
optional
Example : true boolean
policy
optional
Example : "string" string
tenant_id
optional
Example : "string" string

BaseOAuthAttributes

Name Description Schema
clientId
optional
Example : "string" string
client_secret
optional
Example : "string" string

CIMConfiguration

Name Description Schema
attributes
optional
Example : "[attributesconfiguration](#attributesconfiguration)" AttributesConfiguration
custom_messages
optional
Example : "[custommessages](#custommessages)" CustomMessages
features
optional
Example : "[featuresconfiguration](#featuresconfiguration)" FeaturesConfiguration
login_methods
optional
Example : "[loginmethodsconfiguration](#loginmethodsconfiguration)" LoginMethodsConfiguration
step_up
optional
Example : "[stepupconfiguration](#stepupconfiguration)" StepUpConfiguration
ui_extension
optional
Example : "[uiextensionconfiguration](#uiextensionconfiguration)" UIExtensionConfiguration

Configuration

Name Description Schema
messages
required
Example : "[messages](#messages)" Messages
password_policy
required
Example : "[passwordpolicy](#passwordpolicy)" PasswordPolicy
profile
optional
Example : "[profile](#profile)" Profile

CustomAttributeField

Name Description Schema
id
optional
Example : "string" string
name
optional
Example : "string" string
type
optional
Example : "string" enum (TEXT, NUMBER, CHECKBOX)

CustomAttributesMapping

Name Description Schema
attribute_to_map_from
optional
Example : "string" string
attribute_to_map_to
optional
Example : "string" string
id
optional
Example : "string" string

CustomEmailValidation

Name Description Schema
after_at_regex
optional
regex for validating domain part of email
Example : "string"
string
before_at_regex
optional
regex for validating local part of email
Example : "string"
string
enabled
optional
Example : true boolean

CustomMessages

Name Description Schema
default
optional
key value map of default custom messages
Example : {<br> "personal.general.next" : "Next",<br> "personal.general.collapse" : "Collapse"<br>}
< string, string > map
locales
optional
Example : {<br> "locales" : {<br> "nl" : {<br> "personal.general.next" : "Volgende",<br> "personal.general.collapse" : "Inklappen"<br> }<br> }<br>} < string, < string, string > map > map

DigidAttributes

Name Description Schema
idp_metadata
optional
Example : "string" string
required_authentication_level
optional
Example : "string" enum (BASIC, MIDDLE, SUBSTANTIAL, HIGH)

EidasAttributes

Name Description Schema
authentication_service
optional
Example : "string" enum (NONE, ACCEPTANCE, PRODUCTION, CUSTOM)
authentication_service_custom_value
optional
Example : "string" string
bsn_decryption_key_id
optional
Example : "string" string
bsn_verification_point
optional
Example : "string" string
encryption_key_id
optional
Example : "string" string
entity_id
optional
Example : "string" string
idp_metadata
optional
Example : "string" string
pseudo_id_closing_key_id
optional
Example : "string" string
pseudo_id_decryption_key_id
optional
Example : "string" string
pseudo_id_verification_point
optional
Example : "string" string
required_level_of_assurance
optional
Example : "string" enum (NON_EXISTENT, LOW, LOW_PLUS, SUBSTANTIAL, HIGH)
signing_key_id
optional
Example : "string" string

ExternallyDeliveredCode

Name Description Schema
force_activation_after_accepting_invitation
optional
Example : true boolean
resend_code_minimum_period
optional
Example : 86400 integer
unavailability_time
optional
Example : 86400 integer

FacebookAttributes

Polymorphism : Composition

Name Description Schema
clientId
optional
Example : "string" string
client_secret
optional
Example : "string" string

FeaturesConfiguration

Name Description Schema
accepting_invitation_enabled
optional
Example : true boolean
action_token
optional
Example : "[actiontokenconfiguration](#actiontokenconfiguration)" ActionTokenConfiguration
allow_sign_up_without_invitation_validation
optional
Example : true boolean
automated_external_identity_coupling_enabled
optional
Example : true boolean
bind_multiple_external_accounts_with_one_cim_account
optional
Example : true boolean
configuration_api_enabled
optional
Example : true boolean
cookie_based_saml_authentication
optional
Example : true boolean
credentials_api_enabled
optional
Example : true boolean
custom_email_validation
optional
Example : "[customemailvalidation](#customemailvalidation)" CustomEmailValidation
events_api_enabled
optional
Example : true boolean
experimental_features_enabled
optional
Example : true boolean
google_authenticator_step_up_authentication_enabled
optional
Example : true boolean
invitation_verification_required
optional
Example : "[invitationverification](#invitationverification)" InvitationVerification
login_enabled
optional
Example : true boolean
migration_enabled
optional
Example : true boolean
mobile_authentication_enabled
optional
Example : true boolean
mobile_number_validation_backend_services_enabled
optional
Example : true boolean
password_reset_enabled
optional
Example : true boolean
person_activation
optional
Example : "[personactivationconfiguration](#personactivationconfiguration)" PersonActivationConfiguration
person_api_enabled
optional
Example : true boolean
person_identifier_in_external_profile_required_for_migration
optional
Example : true boolean
pin_enabled
optional
Example : true boolean
post_login_extra_registration_after_second_login
optional
Example : true boolean
session_api_enabled
optional
Example : true boolean
sign_up_enabled
optional
Example : true boolean
sms_enabled
optional
Example : true boolean
statistics_api_enabled
optional
Example : true boolean
step_up_authentication_method_externally_delivered_code_enabled
optional
Example : true boolean
storage_api_enabled
optional
Example : true boolean
unauthenticated_migration_enabled
optional
Example : true boolean
username_reminder_via_sms_enabled
optional
Example : true boolean

Fields

Type : enum (profile, messages, password_policy)

GoogleAttributes

Polymorphism : Composition

Name Description Schema
clientId
optional
Example : "string" string
client_secret
optional
Example : "string" string

IdentityProviderConfig

Name Description Schema
id
optional
Example : "12345" string
name
optional
Example : "Facebook" string
saml_properties
optional
Example : "[samlproperties](#samlproperties)" SamlProperties
type
optional
Example : "facebook" string

IdentityProviderConfigResultSet

Name Description Schema
result
optional
Example : [ "[identityproviderconfig](#identityproviderconfig)" ] < IdentityProviderConfig > array

IdinAttributes

Name Description Schema
acquirer_public_certificate_id
optional
Example : "string" string
directory_url
optional
Example : "string" string
merchant_certificate_pair_id
optional
Example : "string" string
merchant_id
optional
Example : "string" string
merchant_return_host_name
optional
Example : "string" string
saml_certificate_pair_id
optional
Example : "string" string
status_url
optional
Example : "string" string
sub_id
optional
Example : "string" string
transaction_url
optional
Example : "string" string

InvitationVerification

Name Description Schema
via_birthdate_enabled
optional
Example : true boolean
via_externally_delivered_code_enabled
optional
Example : true boolean
via_sms_enabled
optional
Example : true boolean

ItsmeAttributes

Name Description Schema
claims
optional
Example : [ "string" ] < string > array
client_id
optional
Example : "string" string
discovery_url
optional
Example : "string" string
front_channel_logout_enabled
optional
Example : true boolean
login_service_code
optional
Example : "string" string
metadata_expiration_time_in_seconds
optional
Example : 3600 integer
scopes
optional
Example : [ "string" ] < string > array
security_level
optional
Example : "string" enum (BASIC, ADVANCED)

KerberosAttributes

Name Description Schema
auto_login_enabled
optional
Example : true boolean

LdapAttributes

Name Description Schema
attributes_to_be_fetched
optional
Example : [ "string" ] < string > array
authentication_dn_template
optional
Example : "string" string
base_suffix
optional
Example : "string" string
ip_range_enabled
optional
Example : true boolean
ip_ranges
optional
Example : [ "string" ] < string > array
match_pattern
optional
Example : "string" string
password
optional
Example : "string" string
server_urls
optional
Example : "string" string
user_distinguished_name
optional
Example : "string" string

LinkedInAttributes

Polymorphism : Composition

Name Description Schema
clientId
optional
Example : "string" string
client_secret
optional
Example : "string" string

LocaleCustomMessages

key value map of custom messages

Name Description Schema
additionalProperties
optional
Example : "string" string

LoginMethod

Name Description Schema
attribute_mappings
optional
Example : [ "[loginmethodsattributemapping](#loginmethodsattributemapping)" ] < LoginMethodsAttributeMapping > array
authentication_level
optional
Example : 1 integer
auto_activation_enabled
optional
Example : true boolean
auto_email_verification
optional
Example : true boolean
azure_ad_b2c_attributes
optional
Example : "[azureadb2cattributes](#azureadb2cattributes)" AzureAdB2cAttributes
custom_attribute_fields
optional
Example : [ "[customattributefield](#customattributefield)" ] < CustomAttributeField > array
custom_attribute_mappings
optional
Example : [ "[customattributesmapping](#customattributesmapping)" ] < CustomAttributesMapping > array
digid_attributes
optional
Example : "[digidattributes](#digidattributes)" DigidAttributes
eidas_attributes
optional
Example : "[eidasattributes](#eidasattributes)" EidasAttributes
enabled
optional
Example : true boolean
excluded_unmapped_attributes
optional
Example : [ "string" ] < string > array
facebook_attributes
optional
Example : "[facebookattributes](#facebookattributes)" FacebookAttributes
force_creating_username_and_password_during_sign_up
optional
Example : true boolean
google_attributes
optional
Example : "[googleattributes](#googleattributes)" GoogleAttributes
id
optional
Example : "string" string
idin_attributes
optional
Example : "[idinattributes](#idinattributes)" IdinAttributes
itsme_attributes
optional
Example : "[itsmeattributes](#itsmeattributes)" ItsmeAttributes
kerberos_attributes
optional
Example : "[kerberosattributes](#kerberosattributes)" KerberosAttributes
ladp_attributes
optional
Example : "[ldapattributes](#ldapattributes)" LdapAttributes
linkedin_attributes
optional
Example : "[linkedinattributes](#linkedinattributes)" LinkedInAttributes
migration_during_sign_up
optional
Example : true boolean
name
optional
Example : "string" string
open_id_connect_attributes
optional
Example : "[openidconnectattributes](#openidconnectattributes)" OpenIdConnectAttributes
paypal_attributes
optional
Example : "[paypalattributes](#paypalattributes)" PaypalAttributes
qr_code_attributes
optional
Example : "[qrcodeattributes](#qrcodeattributes)" QrCodeAttributes
removable
optional
Example : true boolean
saml_attributes
optional
Example : "[samlattributes](#samlattributes)" SamlAttributes
saml_mutual_ssl_tls_attributes
optional
Example : "object" object
sign_in_with_apple_attributes
optional
Example : "[signinwithappleattributes](#signinwithappleattributes)" SignInWithAppleAttributes
synchronise_attributes
optional
Example : true boolean
twitter_attributes
optional
Example : "[twitterattributes](#twitterattributes)" TwitterAttributes
type
optional
Example : "AZURE_AD_B2C" enum (AZURE_AD_B2C, BANK_ID, DIGID, EIDAS, FACEBOOK, GOOGLE, IDIN, ITSME, KERBEROS, LDAP, LINKEDIN, OPEN_ID_CONNECT, PAYPAL, QR_CODE, SAML, SIGN_IN_WITH_APPLE, TWITTER, USERNAME_AND_PASSWORD)

LoginMethodsAttributeMapping

Name Description Schema
editable
optional
Example : true boolean
id
optional
Example : "string" string
map_from
optional
Example : "string" string
map_to
optional
Example : "string" string

LoginMethodsConfiguration

Name Description Schema
login_methods
optional
Example : [ "[loginmethod](#loginmethod)" ] < LoginMethod > array
mobile_login
optional
Example : "[mobilelogin](#mobilelogin)" MobileLogin

Messages

Key value map where key is the language nad value contains list of translations.

Type : < string, < string, Translations > map > map

MobileLogin

Name Description Schema
allowed_login_attempts
optional
Example : 5 integer
authentication_type
optional
Example : "OTP" string
enabled
optional
Example : false boolean
login_message
optional
Example : "string" string
show_use_mobile_to_login
optional
Example : false boolean
step_up_message
optional
Example : "string" string
step_up_type
optional
Example : "string" string

OpenIdConnectAttributes

Name Description Schema
authorization_url
optional
Example : "string" string
claims
optional
Example : [ "string" ] < string > array
client_authentication_method
optional
Example : "string" enum (CLIENT_SECRET_BASIC, PRIVATE_KEY_JWT)
client_id
optional
Example : "string" string
discovery_url
optional
Example : "string" string
end_session_url
optional
Example : "string" string
front_channel_logout_enabled
optional
Example : true boolean
id_token_encryption_required
optional
Example : true boolean
id_token_url
optional
Example : "string" string
issuer
optional
Example : "string" string
jwks_url
optional
Example : "string" string
manual_metadata_setup
optional
Example : true boolean
metadata_expiration_time_in_seconds
optional
Example : 0 integer
scopes
optional
Example : [ "string" ] < string > array
user_info_encryption_required
optional
Example : true boolean
user_info_url
optional
Example : "string" string

PasswordPolicy

Name Description Schema
breached_password_blocked
required
Indicates that the password is disallowed when it has been discovered in a public data breach.
Note: this option enables sending an anonymized transformation of the user's password to the Have I Been Pwned API, which is a resource of passwords found in public data breaches. This information is sent in such a way that it cannot be linked to the original user or their password by anyone (more on how this works).
Example : false
boolean
lower_case_char_required
required
Indicates at least one lower case character is required.
Example : false
boolean
max_length
required
Indicates the maximum length of a password.
Example : 0
integer (int32)
min_length
required
Indicates the minimum length of a password.
Example : 0
integer (int32)
special_char_required
required
Indicates that at least one special character is required.
Example : false
boolean
upper_case_char_required
required
Indicates at least one upper case character is required.
Example : false
boolean

PaypalAttributes

Polymorphism : Composition

Name Description Schema
clientId
optional
Example : "string" string
client_secret
optional
Example : "string" string

PersonActivationConfiguration

Name Description Schema
enabled
optional
Example : true boolean
expiration_time
optional
Example : 60 integer
externally_delivered_code
optional
Example : "[externallydeliveredcode](#externallydeliveredcode)" ExternallyDeliveredCode
type
optional
Example : "EMAIL" enum (EMAIL, EXTERNALLY_DELIVERED_CODE)

PersonCreationMandatoryAttributes

Name Description Schema
first_name_required
optional
Example : true boolean
last_name_required
optional
Example : true boolean
mobile_number_required
optional
Example : true boolean

Profile

Contains profile configuration

Name Description Schema
required_attributes_validation_rules
optional
Example : [ "[requiredattributesvalidationrule](#requiredattributesvalidationrule)" ] < RequiredAttributesValidationRule > array

QrCodeAttributes

Name Description Schema
app_store_link
optional
Example : "string" string
deep_linking_enabled
optional
Example : true boolean
deep_linking_redirect_url
optional
Example : "string" string
google_play_link
optional
Example : "string" string
mobile_authentication_type
optional
Example : "string" string

RequiredAttributesValidationRule

Contains list of required profile attributes. At least one of attributes is required

Name Description Schema
any_of
optional
Example : [ "BIRTH_DATE", "PHONE" ] < AttributeType > array

SamlAttributes

Name Description Schema
authentication_level_mappings
optional
Example : [ "[samlauthenticationlevelmapping](#samlauthenticationlevelmapping)" ] < SamlAuthenticationLevelMapping > array
comparison
optional
Example : "string" enum (EXACT, MINIMUM, MAXIMUM, BETTER)
idp_metadata
optional
Example : "string" string

SamlAuthenticationLevelMapping

Name Description Schema
authentication_level
optional
Example : 0 integer
authn_context_class_ref_name
optional
Example : "string" string

SamlMutualSslTlsAttributes

Name Description Schema
client_key_pair_id
optional
Example : "string" string
server_certificate_id
optional
Example : "string" string

SamlProperties

Name Description Schema
authn_context
optional
Example : "urn:com:onegini:saml:facebook" string

SignInWithAppleAttributes

Name Description Schema
client_id
optional
Example : "string" string
domain_verification_file_content
optional
Example : "string" string
jwks_uri
optional
Example : "string" string
key_id
optional
Example : "string" string
scopes
optional
Example : [ "string" ] < string > array
signing_key_id
optional
Example : "string" string
team_id
optional
Example : "string" string

SignUpFormFields

Name Description Schema
email_confirmation_enabled
optional
Example : true boolean
mobile_number_confirmation_enabled
optional
Example : true boolean
mobile_number_enabled
optional
Example : true boolean

StepUpActionsConfiguration

Name Description Schema
allow_set_initial_step_up_method_enabled
optional
Example : true boolean
change_email_authentication_level
optional
Example : 3 integer
change_password_authentication_level
optional
Example : 3 integer
dashboard_step_up_authentication_level
optional
Example : 1 integer
default_step_up_authentication_level
optional
Example : 3 integer
setup_step_up_methods_authentication_level
optional
Example : 3 integer

StepUpAuthenticationMethodsConfiguration

Name Description Schema
email_authentication_level
optional
Example : 3 integer
externally_delivered_code_authentication_level
optional
Example : 3 integer
google_authenticator_authentication_level
optional
Example : 3 integer
pin_authentication_level
optional
Example : 3 integer
push_authentication_level
optional
Example : 3 integer
sms_authentication_level
optional
Example : 3 integer

StepUpConfiguration

Name Description Schema
actions
optional
Example : "[stepupactionsconfiguration](#stepupactionsconfiguration)" StepUpActionsConfiguration
authentication_methods
optional
Example : "[stepupauthenticationmethodsconfiguration](#stepupauthenticationmethodsconfiguration)" StepUpAuthenticationMethodsConfiguration
stategy
optional
Example : "USER_PREFERENCE" enum (USER_PREFERENCE, STRONGEST_AVAILABLE)

Translations

Key value map where key is the message identifier and value contains translation.

Type : < string, string > map

TwitterAttributes

Polymorphism : Composition

Name Description Schema
clientId
optional
Example : "string" string
client_secret
optional
Example : "string" string

UIExtensionConfiguration

Name Description Schema
base_url
optional
Example : "string" string
enable_login_redirect
optional
Example : true boolean
login_path
optional
Example : "string" string

WhitelistedUrl

Name Description Schema
id
optional
read-only
id of a given url
Example : "string"
string (uuid)
url
optional
url value
Example : "string"
string

WhitelistedUrls

Name Description Schema
whitelisted_urls
optional
redirect url whitelist
Example : [ "[whitelistedurl](#whitelistedurl)" ]
< WhitelistedUrl > array

Security

basic_auth

Type : basic