nevisIDM Authentication REST API (v1)
Introduction
The nevisIDM Authentication REST API enables to authenticate users using their credentials.
Recovery Code ¶
Recovery Code REST Service to authenticate users with recovery codes.
Recovery Code login DTO
The Recovery Code login DTO has the following parameter:
- code - The recovery code (string).
Recovery Code login ¶
Login with Recovery CodePOST/{clientExtId}/users/{userExtId}/recovery-codes/login/
Log in with a recovery code of the user with the given external ID.
Each code can be used only once.
Required permissions
AccessControl.CredentialView, AccessControl.CredentialModify, AccessControl.CredentialChangeState
Example URI
- clientExtId
string
(required) Example: 1000ExtID of the client.
- userExtId
string
(required) Example: 1234ExtID of the user.
Headers
Content-Type: application/json
Body
{
"code": "abcd-efgh-1234-5678"
}
204
Headers
Content-Type: application/json
Password ¶
Password REST Service to authenticate users with password credential.
Password Login DTO
The password login DTO has the following parameters:
- password - The password to be verified (string).
Login Status DTO
The login status DTO has the following parameters:
-
statusCode - Indicates login status after processing update login information (integer).
-
description - Human readable login status information (string).
Password login ¶
Login with password credentialPOST/{clientExtId}/users/{userExtId}/password/login/
Log in with the defined password credential of the user.
Required permissions
AccessControl.CredentialView, AccessControl.CredentialModify, AccessControl.CredentialChangeState
Example URI
- clientExtId
string
(required) Example: 1000ExtID of the client.
- userExtId
string
(required) Example: 1234ExtID of the user.
Headers
Content-Type: application/json
Body
{
"password": "1StrongPassword!"
}
200
Headers
Content-Type: application/json
Body
{
"statusCode": 5,
"description": "Login Ok"
}
404
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.noRecord",
"message": "There is no client with external identifier 'nonExistingClient'"
}
]
}
404
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.noRecord",
"message": "There is no user with external identifier 'nonExistingUser' in client 'Default'"
}
]
}
404
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.noRecord",
"message": "No password credential defined for user '9999999442'"
}
]
}
422
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.credentialNotActive",
"message": "The password credential is not active (current state 'disabled') of user '9999999442'"
}
]
}
Device Password ¶
Device Password REST Service to authenticate users with device password credential.
Device Password Login DTO
The device password login DTO has the following parameters:
-
password - The password to be verified (string).
-
credentialExtId - Credential’s external identifier (aka. device identifier) (string).
Login Status DTO
The login status DTO has the following parameters:
-
statusCode - Indicates login status after processing update login information (integer).
-
description - Human readable login status information (string).
Password login ¶
Login with device password credentialPOST/{clientExtId}/users/{userExtId}/device-password/login/
Log in with the defined device password credential of the user.
Required permissions
AccessControl.CredentialView, AccessControl.CredentialModify, AccessControl.CredentialChangeState
Example URI
- clientExtId
string
(required) Example: 1000ExtID of the client.
- userExtId
string
(required) Example: 1234ExtID of the user.
Headers
Content-Type: application/json
Body
{
"password": "1StrongPassword!"
"credentialExtId": "user1-devicePassword1"
}
200
Headers
Content-Type: application/json
Body
{
"statusCode": 5,
"description": "Login Ok"
}
404
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.noRecord",
"message": "There is no client with external identifier 'nonExistingClient'"
}
]
}
404
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.noRecord",
"message": "There is no user with external identifier 'nonExistingUser' in client 'Default'"
}
]
}
404
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.noRecord",
"message": "No device password defined for user '9999999442' with extId 'user1-devicePassword1'"
}
]
}
422
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.credentialNotActive",
"message": "The device password is not active (current state 'disabled') of user '9999999442'"
}
]
}
Context Password ¶
Context Password REST Service to authenticate users with context password credential.
Context Password Login DTO
The password login DTO has the following parameters:
-
password - The password to be verified (string).
-
context - Credential’s context (string).
Login Status DTO
The login status DTO has the following parameters:
-
statusCode - Indicates login status after processing update login information (integer).
-
description - Human readable login status information (string).
Password login ¶
Login with context password credentialPOST/{clientExtId}/users/{userExtId}/context-password/login/
Log in with the defined context password credential of the user.
Required permissions
AccessControl.CredentialView, AccessControl.CredentialModify, AccessControl.CredentialChangeState
Example URI
- clientExtId
string
(required) Example: 1000ExtID of the client.
- userExtId
string
(required) Example: 1234ExtID of the user.
Headers
Content-Type: application/json
Body
{
"password": "1StrongPassword!"
"context": "user1-context1"
}
200
Headers
Content-Type: application/json
Body
{
"statusCode": 5,
"description": "Login Ok"
}
404
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.noRecord",
"message": "There is no client with external identifier 'nonExistingClient'"
}
]
}
404
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.noRecord",
"message": "There is no user with external identifier 'nonExistingUser' in client 'Default'"
}
]
}
404
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.noRecord",
"message": "No context password defined for user '9999999442' with context 'user1-context1'"
}
]
}
422
Headers
Content-Type: application/json
Body
{
"errors": [
{
"code": "errors.credentialNotActive",
"message": "The context password is not active (current state 'disabled') in context 'user1-context1' of user '9999999442'"
}
]
}