IAM APIs
Health
GET /iam/health (get health status of the server)
Example:
response:
1{2 "healthy": true,3 "dependencies": {},4 "memstats": {5 "Alloc": 7,6 "HeapAlloc": 7,7 "HeapSys": 19,8 "HeapIdle": 8,9 "HeapInUse": 10,10 "TotalAlloc": 60224,11 "Sys": 27,12 "NumGC": 1265313 },14 "version": ""15}Ready
GET /iam/ready (get ready status of the server)
Example:
response:
ready:trueList Realms
GET /account/auth/realms (lists all the realms of this product)
response:
1{2 "default": "users",3 "realms": [4 "users"5 ]6}List Auth Providers
GET /account/auth/providers (lists all the auth providers)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
response:
1{2 "providers": [3 {4 "method": "post",5 "name": "password",6 "type": "challenge",7 "url": "/auth/login/password"8 }9 ]10}Login With Email
POST /account/auth/login/password (log in with password as a challenge)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23 "password": "strongpassword"4}response:
1{2 "refresh": "<refreshtoken to be substituted>",3 "token": "<token to be substituted>"4}Federation login With Email
POST /account/auth/login/adminfederation (federation log in)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23 "password": "strongpassword"4}response:
1{2 "refresh": "<refreshtoken to be substituted>",3 "token": "<token to be substituted>"4}Login with mobile
POST /account/auth/login/password (mobile log in)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "mobile": "1041917",3 "password": "strongpassword"4}response:
1{2 "refresh": "refreshtoken to be substituted",3 "token": "token to be substituted"4}Login with email otp
POST /account/auth/login/otpemail (otp log in)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23}response:
1{2 "message": "otp generated successfully"3}Approve OTP token login
POST /account/auth/login/otp02 (otp log in)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23 "otp": "something"4}response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Login password with otp mfa
POST /account/auth/login/passwordotp (password login with otp mfa)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23 "password": "something"4}response:
1{2 "message": "mfa is required"3}Approve OTP token login
POST /account/auth/login/passwordotp (approve login with otp mfa)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23 "password": "something",4 "otp": "otp"5}response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Login password with totp mfa
Currently Unsupported mfa type
POST /account/auth/login/passwordtotp (password login with totp mfa)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23 "password": "something"4}response:
1{2 "message": "mfa is required"3}Appprove mfa totp request
Currently Unsupported mfa type
POST /account/auth/login/passwordtotp (approve totp mfa login)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
1{23 "password": "something",4 "totp": "otp"5}response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Login password with hotp mfa
Currently Unsupported mfa type
POST /account/auth/login/passwordhotp (password login with hotp mfa)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23 "password": "something"4}response:
1{2 "message": "mfa is required"3}Approve mfa htop request
Currently Unsupported mfa type
POST /account/auth/login/passwordhotp (approve hotp mfa request)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
1{23 "hotp": "otp"4}response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Login password with webauthnmfa mfa
Currently Unsupported mfa type
POST /account/auth/login/passwordwebauthn (password login with passwordwebauthn mfa)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23 "password": "something"4}response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Webauthn Login Begin
POST /account/auth/webauthn/login/begin/:provider
(webauthn login begin)
Query Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
Parameters
name type data type description provider required string specifies the provider
request:
1{23 "password": "something"4}response:
contains a cookie and a body
1{2 "publicKey": "<webauthn public key>"3}Webauthn Login Finish
POST /account/auth/webauthn/login/finish/:provider
(webauthn login finish)
Query Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
Parameters
name type data type description provider required string specifies the provider
request:
1{23 "password": "something"4}response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Webauthn Register Begin
GET /account/auth/webauthn/register/begin/:provider
(webauthn register begin)
Parameters
name type data type description provider required string specifies the provider
response:
contains a cookie and a body
1{2 "publicKey": "<webauthn public key>"3}Webauthn Register Finish
POST /account/auth/webauthn/register/finish/:provider
(webauthn register finish)
Parameters
name type data type description provider required string specifies the provider
Query Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "id": "string",3 "type": "string",4 "rawID": "base64",5 "clientExtensionResults": optional{},6 "reponse": {7 "clientDataJSON": "base64",8 "attestationObject": "base64"9 },10 "transports": [11 "strings"12 ]13}response:
contains a cookie and a body
1{2 "message": "webauthn registration successful"3}Create Magic Link Login
POST /account/auth/login/magic02 (create magic link login)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23}response:
1{2 "massage": "magic link generated successfully",3 "tokenid": "<token to be substituted>"4}Approve Magic Link Login
GET /account/auth/login/magic02 (magic link login method)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken token required string token contains the key to be supplied to get the auth token
response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Check approved magic token login
POST /account/auth/check/approval/magic02 (login with the given token)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "tokenid": "01G4KPR196C8R210MZXHZNZRAK"3}response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Create Magic link numbers login
POST /account/auth/login/magicnumbers (create login with magicnumbers)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23}response:
tokenID is not present in the response if remotelogin is set to false
1{2 "message": "magic link generated successfully",3 "tokenid": "id of the user_magic_link created",4 "number": "chosen number"5}Approve Magic link numbers login
POST /account/auth/login/magicnumbers (login with the given magicnumbers)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken token required string token used to login number required string magic number required to give in the request to login
response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Check approved magic token with numbers login
POST /account/auth/check/approval/magicnumbers (login with provided token)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "tokenid": "<token to be substituted>"3}response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Refresh jwt token
POST /account/auth/jwt/refresh (refresh the token)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "token": "<token to be substituted>"3}response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Approve Kisai auth login
GET /account/auth/kisai/approve (kisai auth login)
response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Oauth Callback Provider
GET /account/auth/callback/:provider
(Oauth Callback)
Parameters
name type data type description provider required string specifies the provider
response:
1{2 "token": "<token to be substituted>",3 "refresh": "<refresh to be substituted>"4}Check mfa topt request
POST /account/auth/check/mfa/passwordtotp (check totp login is valid or not)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "name": "nameregistered",3 "totp": "559202"4}response:
1{2 "message": "totp is valid"3}Check mfa hotp request
POST /account/auth/check/mfa/passwordhotp (check htop login is valid or not)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "hotp": "123123"3}response:
1{2 "message": "hotp is valid>"3}User password reset request
POST /account/user/resetrequest (user password reset request)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23}response:
1{2 "message": "reset request generated successfully and sent to email"3}User validate token password request
GET /account/user/validatetoken/:resettoken
/:email
(validate token password request)
Url Parameters
name type data type description resettoken required string token recieved for the reset request required string email for which password reset was requested
Query Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23}response:
1{2 "message": "token is valid"3}User password reset using token request
POST /account/user/resetpasswordwithtoken (user password reset link)
Query Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{23 "token": "<token> ",4 "password": "<new password>"5}response:
1{2 "message": "password reset successful"3}User update password
POST /account/auth/updatepassword (update password)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "currentpassword": "<current password>",3 "password": "<new password>"4}response:
1{2 "message": "password update successful"3}User add totp mfa provider
POST /account/auth/add/mfa/passwordtotp (add totp to logged in user)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "name": "device01"3}response:
1{2 "message": "totp mfa registered successfully",3 "uri": "<totpUri>",4}User add hotp mfa provider
POST /account/auth/add/mfa/passwordhotp (add htop to logged in user)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "name": "device01"3}response:
1{2 "message": "hotp mfa registered successfully",3 "uri": "<hotpUri>",4}User remove totp/hotp/webauthnmfa mfa provider
POST /account/auth/remove/mfa/passwordtotp (remove mfa for account)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
response:
1{2 "message": "mfa removed successfully"3}API key with expiry and capabilities
POST /account/auth/apikey (add api key to a service)
request:
1{2 "service": "<service to add the api key to>",3 "expiry": 30,4 "capabilities": {5 "read": "allow"6 }7}response:
1{2 "capabilities": {3 "read": "allow"4 },5 "createdby": "<email logged in with>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "expiresat": "<expiry timestamp>",10 "id": "<id>",11 "key": "<base64 encoded key>",12 "secret": "<base64 encoded secret>",13 "service": "<service this api key is valid at>",14 "updatedby": "<email logged in with>",15 "updatedon": "<timestamp>"16}API keys by service name
GET /account/auth/apikey (list api keys to a service)
Parameters
name type data type description service required string selects the service to list the api keys for
response:
1{2 "apikeys": [3 {4 "capabilities": {5 "read": "allow"6 },7 "createdby": "<email logged in with>",8 "createdon": "<timestamp>",9 "deletedby": null,10 "deletedon": null,11 "expiresat": "<expiry timestamp>",12 "id": "<id>",13 "key": "<base64 encoded key>",14 "secret": "<base64 encoded secret>",15 "service": "<service this api key is valid at>",16 "updatedby": "<email logged in with>",17 "updatedon": "<timestamp>"18 }19 ]20}API keys by id
GET /account/auth/apikey (list api keys by id)
Parameters
name type data type description id required string selects the api key to return by its id
response:
1{2 "apikeys": {3 "capabilities": {4 "read": "allow"5 },6 "createdby": "<email logged in with>",7 "createdon": "<timestamp>",8 "deletedby": null,9 "deletedon": null,10 "expiresat": "<expiry timestamp>",11 "id": "<id>",12 "key": "<base64 encoded key>",13 "secret": "<base64 encoded secret>",14 "service": "<service this api key is valid at>",15 "updatedby": "<email logged in with>",16 "updatedon": "<timestamp>"17 }18}Admin create user
POST /account/admin/user (create a user to the realm)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "firstname": "<first name>",3 "middlename": "<middle name>",4 "lastname": "<last name>",5 "email": "<email>",6 "active": true,7 "additional fields": "defined in the realm"8}response:
1{2 "data": {3 "users": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "displayname": "<display name>",10 "email": "<user's email>",11 "firstname": "<first name>",12 "id": "<id>",13 "lastname": "<last name>",14 "locked": false,15 "meta": {},16 "middlename": "<middle name>",17 "mobile": null,18 "properties": {},19 "tags": null,20 "updatedby": "<admin email>",21 "updatedon": "<timestamp>",22 "version": 123 }24 }25}Admin update user
PUT /account/admin/user (update the details of the user with id)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
request:
1{2 "id": "<user's id>",3 "<key to change>": "<new value>"4}response:
1{2 "data": {3 "users": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "displayname": "<display name>",10 "email": "<user's email>",11 "firstname": "<first name>",12 "id": "<id>",13 "lastname": "<last name>",14 "locked": false,15 "meta": {},16 "middlename": "<middle name>",17 "mobile": null,18 "properties": {},19 "tags": null,20 "updatedby": "<admin email>",21 "updatedon": "<timestamp>",22 "version": 223 }24 }25}Admin get user by email
GET /account/admin/user/email/:useremail
(get user details by the email)
Url Parameters
name type data type description useremail required string email of the user to get
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
response:
1{2 "data": {3 "users": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "displayname": "<display name>",10 "email": "<user's email>",11 "firstname": "<first name>",12 "id": "<id>",13 "lastname": "<last name>",14 "locked": false,15 "meta": {},16 "middlename": "<middle name>",17 "mobile": null,18 "properties": {},19 "tags": null,20 "updatedby": "<admin email>",21 "updatedon": "<timestamp>",22 "version": 223 }24 }25}Admin get user by id
GET /account/admin/user/id/:id
(get user details by the id)
Url Parameters
name type data type description id required string id of the user to get
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
response:
1{2 "data": {3 "users": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "displayname": "<display name>",10 "email": "<user's email>",11 "firstname": "<first name>",12 "id": "<id>",13 "lastname": "<last name>",14 "locked": false,15 "meta": {},16 "middlename": "<middle name>",17 "mobile": null,18 "properties": {},19 "tags": null,20 "updatedby": "<admin email>",21 "updatedon": "<timestamp>",22 "version": 223 }24 }25}Admin delete user by id
DELETE /account/admin/user/id/:id
(delete user by the id)
Url Parameters
name type data type description id required string id of the user to delete
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
response:
"user deleted"Admin list users
GET /account/admin/users (list the users in the realm)
Parameters
name type data type description version optional integer specifies the version of the user object to get realm optional string specifies the realm to be operated on, else default realm is taken
response:
1{2 "data": {3 "users": [4 {5 "active": true,6 "createdby": "<admin email>",7 "createdon": "<timestamp>",8 "deletedby": null,9 "deletedon": null,10 "displayname": "<display name>",11 "email": "<user's email>",12 "firstname": "<first name>",13 "id": "<id>",14 "lastname": "<last name>",15 "locked": false,16 "meta": {},17 "middlename": "<middle name>",18 "mobile": null,19 "properties": {},20 "tags": null,21 "updatedby": "<admin email>",22 "updatedon": "<timestamp>",23 "version": 224 }25 ]26 }27}Admin lock user by email
GET /account/admin/user/lock (lock the user)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken optional string specifies the email to be locked
response:
1{2 "data": {3 "users": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "displayname": "<display name>",10 "email": "<user's email>",11 "firstname": "<first name>",12 "id": "<id>",13 "lastname": "<last name>",14 "locked": true,15 "meta": {},16 "middlename": "<middle name>",17 "mobile": null,18 "properties": {},19 "tags": null,20 "updatedby": "<admin email>",21 "updatedon": "<timestamp>",22 "version": 123 }24 }25}Admin unlock user by email
GET /account/admin/user/unlock (unlock the user)
Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken optional string specifies the email to be unlock
response:
1{2 "data": {3 "users": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "displayname": "<display name>",10 "email": "<user's email>",11 "firstname": "<first name>",12 "id": "<id>",13 "lastname": "<last name>",14 "locked": false,15 "meta": {},16 "middlename": "<middle name>",17 "mobile": null,18 "properties": {},19 "tags": null,20 "updatedby": "<admin email>",21 "updatedon": "<timestamp>",22 "version": 123 }24 }25}Admin Create Tenant
POST /account/admin/tenant (create a tenant)
request:
1{2 "slug": "lq",3 "displayname": "lq-admin",4 "namespace": "kisai",5 "domain": "kisai.io",6 "active": true7}response:
1{2 "data": {3 "tenant": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "id": "<id>",10 "updatedby": "<admin email>",11 "updatedon": "<timestamp>",12 "version": 1,13 "slug": "lq",14 "displayname": "lq-admin",15 "namespace": "kisai",16 "domain": "kisai.io",17 "properties": {},18 "active": true19 }20 }21}Admin Update Tenant
PUT /account/admin/tenant (update a tenant)
request:
1{2 "slug": "lq",3 "active": false4}response:
1{2 "data": {3 "tenant": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "id": "<id>",10 "updatedby": "<admin email>",11 "updatedon": "<timestamp>",12 "version": 1,13 "slug": "lq",14 "displayname": "lq-admin",15 "namespace": "kisai",16 "domain": "kisai.io",17 "properties": {},18 "active": false19 }20 }21}Admin Get Tenant by slug
GET /account/admin/tenant/slug/:slug
(get a tenant by slug)
Parameters
name type data type description slug required string select the tenant to return based on slug
response:
1{2 "data": {3 "tenant": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "id": "<id>",10 "updatedby": "<admin email>",11 "updatedon": "<timestamp>",12 "version": 1,13 "slug": "lq",14 "displayname": "lq-admin",15 "namespace": "kisai",16 "domain": "kisai.io",17 "properties": {},18 "active": false19 }20 }21}Admin Get Tenants
GET /account/admin/tenant (get tenants)
response:
1{2 "data": {3 "tenant": [4 {5 "active": true,6 "createdby": "<admin email>",7 "createdon": "<timestamp>",8 "deletedby": null,9 "deletedon": null,10 "id": "<id>",11 "updatedby": "<admin email>",12 "updatedon": "<timestamp>",13 "version": 1,14 "slug": "lq",15 "displayname": "lq-admin",16 "namespace": "kisai",17 "domain": "kisai.io",18 "properties": {},19 "active": false20 }21 ]22 }23}Admin Delete Tenant by slug
DELETE /account/admin/tenant/slug/:slug
(delete a tenant by slug)
Parameters
name type data type description slug required string select the tenant to delete based on slug
response:
1{2 "data": {3 "tenant": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": "<admin email>",8 "deletedon": "<timestamp>",9 "id": "<id>",10 "updatedby": "<admin email>",11 "updatedon": "<timestamp>",12 "version": 1,13 "slug": "lq",14 "displayname": "lq-admin",15 "namespace": "kisai",16 "domain": "kisai.io",17 "properties": {},18 "active": false19 }20 }21}Admin Create Role
Post/account/admin/role (create a role)
request:
1{2 "displayname": "dev3",3 "slug": "dev3",4 "active": true5}response:
1{2 "data": {3 "role": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": "<admin email>",8 "deletedon": "<timestamp>",9 "displayname": "dev3",10 "id": "<id>",11 "properties": {},12 "slug": "dev3",13 "updatedby": "<admin email>",14 "updatedon": "<timestamp>",15 "version": 116 }17 }18}Admin Update Role
PUT /account/admin/role (update a role)
request:
1{2 "id": "<id>",3 "active": false4}response:
1{2 "data": {3 "role": {4 "active": false,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": "<admin email>",8 "deletedon": "<timestamp>",9 "displayname": "dev3",10 "id": "<id>",11 "properties": {},12 "slug": "dev3",13 "updatedby": "<admin email>",14 "updatedon": "<timestamp>",15 "version": 216 }17 }18}Admin Get Role by slug
GET /account/admin/role/:slug
(get a role by slug)
URL Parameters
name type data type description slug required string select the role to get based on slug
response:
1{2 "data": {3 "role": {4 "active": false,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": "<admin email>",8 "deletedon": "<timestamp>",9 "displayname": "dev3",10 "id": "<id>",11 "properties": {},12 "slug": "dev3",13 "updatedby": "<admin email>",14 "updatedon": "<timestamp>",15 "version": 216 }17 }18}Admin Get Roles
GET /account/admin/role (get all roles)
response:
1{2 "data": {3 "role": [4 {5 "active": false,6 "createdby": "<admin email>",7 "createdon": "<timestamp>",8 "deletedby": "<admin email>",9 "deletedon": "<timestamp>",10 "displayname": "dev3",11 "id": "<id>",12 "properties": {},13 "slug": "dev3",14 "updatedby": "<admin email>",15 "updatedon": "<timestamp>",16 "version": 217 }18 ]19 }20}Admin Delete Role by slug
DELETE /account/admin/role/:slug
(delete a role by slug)
URL Parameters
name type data type description slug required string select the role to delete based on slug
response:
1{2 "data": {3 "role": {4 "active": false,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": "<admin email>",8 "deletedon": "<timestamp>",9 "displayname": "dev3",10 "id": "<id>",11 "properties": {},12 "slug": "dev3",13 "updatedby": "<admin email>",14 "updatedon": "<timestamp>",15 "version": 216 }17 }18}Admin get users for tenant
GET /account/admin/tenant/slug/:slug
/users (get user details by the tenant slug)
Url Parameters
name type data type description slug required string select the tenant to get users based on slug
response:
1{2 "data": {3 "users": [4 {5 "active": true,6 "createdby": "<admin email>",7 "createdon": "<timestamp>",8 "deletedby": null,9 "deletedon": null,10 "displayname": "<display name>",11 "email": "<user's email>",12 "firstname": "<first name>",13 "id": "<id>",14 "lastname": "<last name>",15 "locked": false,16 "meta": {},17 "middlename": "<middle name>",18 "mobile": null,19 "properties": {},20 "tags": null,21 "updatedby": "<admin email>",22 "updatedon": "<timestamp>",23 "version": 224 }25 ]26 }27}Admin add role to user
POST /account/admin/role/add/user (add role to user)
request:
1{23 "role": "dev2",4 "starttime": "2019-08-26T08:00:05Z"5}response:
1{2 "data": {3 "users": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "displayname": "<display name>",10 "email": "<user's email>",11 "firstname": "<first name>",12 "id": "<id>",13 "lastname": "<last name>",14 "locked": false,15 "meta": {},16 "middlename": "<middle name>",17 "mobile": null,18 "properties": {19 "roles": [20 {21 "name": "dev2"22 }23 ]24 },25 "tags": null,26 "updatedby": "<admin email>",27 "updatedon": "<timestamp>",28 "version": 229 }30 }31}Admin remove role to user
POST /account/admin/role/remove/user (remove role to user)
request:
1{23 "role": "dev2"4}response:
1{2 "data": {3 "users": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "displayname": "<display name>",10 "email": "<user's email>",11 "firstname": "<first name>",12 "id": "<id>",13 "lastname": "<last name>",14 "locked": false,15 "meta": {},16 "middlename": "<middle name>",17 "mobile": null,18 "properties": {},19 "tags": null,20 "updatedby": "<admin email>",21 "updatedon": "<timestamp>",22 "version": 223 }24 }25}Admin Get Users for role
GET /account/admin/role/slug/:slug
/users (get users for role)
Url Parameters
name type data type description slug required string role’s slug
response:
1{2 "data": {3 "users":4 [5 {6 "active": true,7 "createdby": "<admin email>",8 "createdon": "<timestamp>",9 "deletedby": null,10 "deletedon": null,11 "displayname": "<display name>",12 "email": "<user's email>",13 "firstname": "<first name>",14 "id": "<id>",15 "lastname": "<last name>",16 "locked": false,17 "meta": {},18 "middlename": "<middle name>",19 "mobile": null,20 "properties": {21 "roles": [22 {23 "name": "dev2"24 }25 ]26 },27 "tags": null,28 "updatedby": "<admin email>",29 "updatedon": "<timestamp>",30 "version": 231 }32 ]33 }34}Admin Create realm
POST /account/admin/realm (create a realm)
request:
1{2 "name": "users",3 "realmtype": "default",4 "properties": {}5}response:
1{2 "data": {3 "realm": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "name": "users",10 "realmtype": "default",11 "properties": {},12 "id": "<id>",13 "updatedby": "<admin email>",14 "updatedon": "<timestamp>",15 "version": 116 }17 }18}Admin Get realm by ID
GET /account/admin/realm/:id
(get realm by id)
Url Parameters
name type data type description id required string realm id
response:
1{2 "data": {3 "realm": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "name": "users",10 "realmtype": "default",11 "properties": {},12 "id": "<id>",13 "updatedby": "<admin email>",14 "updatedon": "<timestamp>",15 "version": 116 }17 }18}Admin Update Realm
PUT /account/admin/realm (update realm)
request:
1{2 "id": "<id of the realm>",3 "name": "users2",4 "<key to change>": "<value to change>"5}response:
1{2 "data": {3 "realm": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "name": "users2",10 "realmtype": "default",11 "properties": {},12 "id": "<id>",13 "updatedby": "<admin email>",14 "updatedon": "<timestamp>",15 "version": 216 }17 }18}Admin Delete Realm By ID
DELETE /account/admin/realm/:id
(delete realm by ID)
Url Parameters
name type data type description id required string realm id
response:
1{2 "data": {3 "realm": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": "<admin email>",8 "deletedon": "<timestamp>",9 "name": "users2",10 "properties": {},11 "realm_history": null,12 "realmtype": "default",13 "id": "<id>",14 "updatedby": "<admin email>",15 "updatedon": "<timestamp>",16 "version": 217 }18 }19}Admin Get realms
GET /account/admin/realm (get all realms)
response:
1{2 "data": {3 "realm": {4 "active": true,5 "createdby": "<admin email>",6 "createdon": "<timestamp>",7 "deletedby": null,8 "deletedon": null,9 "name": "users",10 "realmtype": "default",11 "properties": {},12 "id": "<id>",13 "updatedby": "<admin email>",14 "updatedon": "<timestamp>",15 "version": 216 }17 }18}Index IAM users
POST /account/index/users (reindex IAM users)
response:
"re-indexed successfully"User Valid jwt token
GET /account/auth/validate (user validate jwt token)
response:
1{2 "user": {3 "aud": "janus",4 "cluster": "dev01-forge-cluster-01-nikithenv01",5 "customer": "tenb",6 "dc": "dev01-forge-01",7 "env": "nikithenv01",8 "exp": 1697399734,9 "flowtype": "normal",10 "iat": 1697393734,11 "product": "surveyapp",12 "realm": "users",13 "roles": "",14 "tenant": "nineb",15 "ulid": "01HCT8SWSVR2NB0DG4EFW33K32",16 "user": "<email>",17 "userdisplayname": "admin ",18 "useremail": "<email>",19 "userfullname": " ",20 "userid": "01GGCG5ZPVXWA17JFGTS1HD03F",21 "useridentity": "email"22 }23}User auth refresh session
GET /account/auth/session/refresh (user auth refresh session)
Query Parameters
name type data type description refreshtoken required boolean refresh the token
response:
1{2 "user": {3 "aud": "janus",4 "cluster": "dev01-forge-cluster-01-nikithenv01",5 "customer": "tenb",6 "dc": "dev01-forge-01",7 "env": "nikithenv01",8 "exp": 1697399734,9 "flowtype": "normal",10 "iat": 1697393734,11 "product": "surveyapp",12 "realm": "users",13 "roles": "",14 "tenant": "nineb",15 "ulid": "01HCT8SWSVR2NB0DG4EFW33K32",16 "user": "<email>",17 "userdisplayname": "admin ",18 "useremail": "<email>",19 "userfullname": " ",20 "userid": "01GGCG5ZPVXWA17JFGTS1HD03F",21 "useridentity": "email"22 }23}Get user preferences
POST /account/user/preferences/notification (get user preferences)
Query Parameters
name type data type description realm optional string specifies the realm to be operated on, else default realm is taken
response:
1{2 "user": {3 "firstname": "<firstname>",4 "lastname": "<lastname>",5 "email": "<email>",6 "mobile": "<mobile>",7 "preferences": {}8 }9}Execute Authorize Rule
POST /account/authorize (execute authorize rule)
request:
1{2 "module": "/iam/access",3 "rule": "admin",4 "payload": {}5}response:
1{2 "result": [3 "true"4 ]5}User logout
GET /account/auth/logout (User logout)
response:
1{2 "status": "success",3 "message": "logged out"4}Admin get all user tags
GET /account/admin/user/tag/:name
(get users with tag)
URL Parameters
name type data type description name required string name of the tag
response:
1{2 "data": {3 "users":4 [5 {6 "active": true,7 "createdby": "<admin email>",8 "createdon": "<timestamp>",9 "deletedby": null,10 "deletedon": null,11 "displayname": "<display name>",12 "email": "<user's email>",13 "firstname": "<first name>",14 "id": "<id>",15 "lastname": "<last name>",16 "locked": false,17 "meta": {},18 "middlename": "<middle name>",19 "mobile": null,20 "properties": {},21 "tags": [22 "<name>"23 ],24 "updatedby": "<admin email>",25 "updatedon": "<timestamp>",26 "version": 227 }28 ]29 }30}User Signup
POST /account/user/signup (New user signup)
Example
request:
1{2 "firstname": "Firstname",3 "middlename": "",4 "lastname": "Lastname",56 "active": true7}response:
1{2 "data": {3 "users": {4 "active": true,5 "createdby": "anonymous",6 "createdon": "2023-10-30T14:52:13+04:00",7 "deletedby": null,8 "deletedon": null,9 "displayname": "Firstname Lastname",1011 "firstname": "Firstname",12 "id": "01HE03CW81XC3D0WZR9SPNKX0E",13 "lastname": "Lastname",14 "locked": false,15 "meta": {},16 "middlename": "",17 "mobile": null,18 "password": null,19 "properties": {},20 "tags": null,21 "updatedby": "anonymous",22 "updatedon": "2023-10-30T14:52:13+04:00",23 "version": 124 }25 }26}List Other Users
GET /account/user/list (List all users)
Example
response:
1{2 "data": {3 "users": [4 {5 "displayname": "admin ",67 "id": "01GGCG5ZPVXWA17JFGTS1HD03F"8 },9 {10 "displayname": "name name",1112 "id": "01HCSAPQ9T81KRMTVAR8K2B97Y"13 },14 {15 "displayname": "Firstname Lastname",1617 "id": "01HE03CW81XC3D0WZR9SPNKX0E"18 }19 ]20 }21}Get User Details
GET /account/user (Get logged in user’s details)
Example
response:
1{2 "user": {3 "createdby": "system",4 "createdon": "2020-07-14T21:30:24.286221+04:00",5 "deletedby": null,6 "deletedon": null,7 "displayname": "admin ",89 "firstname": "admin",10 "id": "01GGCG5ZPVXWA17JFGTS1HD03F",11 "lastname": " ",12 "meta": {},13 "middlename": " ",14 "mobile": null,15 "properties": {},16 "tags": null,17 "updatedby": "system",18 "updatedon": "2020-07-14T21:30:24.286221+04:00",19 "version": 120 }21}Update User Details
PUT /account/user (Update logged in user’s details)
Example
request:
1{2 "firstname": "admin",3 "middlename": "admin",4 "lastname": "admin",5 "displayname": "admin admin admin"6}response:
1{2 "user": {3 "createdby": "system",4 "createdon": "2020-07-14T21:30:24.286221+04:00",5 "deletedby": null,6 "deletedon": null,7 "displayname": "admin admin admin",89 "firstname": "admin",10 "id": "01GGCG5ZPVXWA17JFGTS1HD03F",11 "lastname": "admin",12 "meta": {},13 "middlename": "admin",14 "mobile": null,15 "properties": {},16 "tags": null,1718 "updatedon": "2023-10-30T15:14:17+04:00",19 "version": 220 }21}