Back to top

nevisIDM Authentication REST API (v1)

Introduction

The nevisIDM Authentication REST API enables to authenticate users using their credentials.

Recovery Code

Recovery Code REST Service to authenticate users with recovery codes.

Recovery Code login DTO

The Recovery Code login DTO has the following parameter:

  • code - The recovery code (string).

Recovery Code login

Login with Recovery Code
POST/{clientExtId}/users/{userExtId}/recovery-codes/login/

Log in with a recovery code of the user with the given external ID.

Each code can be used only once.

since 2.78

Required permissions

AccessControl.CredentialView, AccessControl.CredentialModify, AccessControl.CredentialChangeState

Example URI

POST https://your-host/nevisidm/api/auth/v1/1000/users/1234/recovery-codes/login/
URI Parameters
HideShow
clientExtId
string (required) Example: 1000

ExtID of the client.

userExtId
string (required) Example: 1234

ExtID of the user.

Request
HideShow
Headers
Content-Type: application/json
Body
{
  "code": "abcd-efgh-1234-5678"
}
Response  204
HideShow
Headers
Content-Type: application/json

Password

Password REST Service to authenticate users with password credential.

Password Login DTO

The password login DTO has the following parameters:

  • password - The password to be verified (string).

Login Status DTO

The login status DTO has the following parameters:

  • statusCode - Indicates login status after processing update login information (integer).

  • description - Human readable login status information (string).

Password login

Login with password credential
POST/{clientExtId}/users/{userExtId}/password/login/

Log in with the defined password credential of the user.

since 2.88

Required permissions

AccessControl.CredentialView, AccessControl.CredentialModify, AccessControl.CredentialChangeState

Example URI

POST https://your-host/nevisidm/api/auth/v1/1000/users/1234/password/login/
URI Parameters
HideShow
clientExtId
string (required) Example: 1000

ExtID of the client.

userExtId
string (required) Example: 1234

ExtID of the user.

Request
HideShow
Headers
Content-Type: application/json
Body
{
  "password": "1StrongPassword!"
}
Response  200
HideShow
Headers
Content-Type: application/json
Body
{
  "statusCode": 5,
  "description": "Login Ok"
}
Response  404
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "There is no client with external identifier 'nonExistingClient'"
    }
  ]
}
Response  404
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "There is no user with external identifier 'nonExistingUser' in client 'Default'"
    }
  ]
}
Response  404
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "No password credential defined for user '9999999442'"
    }
  ]
}
Response  422
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.credentialNotActive",
      "message": "The password credential is not active (current state 'disabled') of user '9999999442'"
    }
  ]
}

Device Password

Device Password REST Service to authenticate users with device password credential.

Device Password Login DTO

The device password login DTO has the following parameters:

  • password - The password to be verified (string).

  • credentialExtId - Credential’s external identifier (aka. device identifier) (string).

Login Status DTO

The login status DTO has the following parameters:

  • statusCode - Indicates login status after processing update login information (integer).

  • description - Human readable login status information (string).

Password login

Login with device password credential
POST/{clientExtId}/users/{userExtId}/device-password/login/

Log in with the defined device password credential of the user.

since 2.88

Required permissions

AccessControl.CredentialView, AccessControl.CredentialModify, AccessControl.CredentialChangeState

Example URI

POST https://your-host/nevisidm/api/auth/v1/1000/users/1234/device-password/login/
URI Parameters
HideShow
clientExtId
string (required) Example: 1000

ExtID of the client.

userExtId
string (required) Example: 1234

ExtID of the user.

Request
HideShow
Headers
Content-Type: application/json
Body
{
  "password": "1StrongPassword!"
  "credentialExtId": "user1-devicePassword1"
}
Response  200
HideShow
Headers
Content-Type: application/json
Body
{
  "statusCode": 5,
  "description": "Login Ok"
}
Response  404
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "There is no client with external identifier 'nonExistingClient'"
    }
  ]
}
Response  404
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "There is no user with external identifier 'nonExistingUser' in client 'Default'"
    }
  ]
}
Response  404
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "No device password defined for user '9999999442' with extId 'user1-devicePassword1'"
    }
  ]
}
Response  422
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.credentialNotActive",
      "message": "The device password is not active (current state 'disabled') of user '9999999442'"
    }
  ]
}

Context Password

Context Password REST Service to authenticate users with context password credential.

Context Password Login DTO

The password login DTO has the following parameters:

  • password - The password to be verified (string).

  • context - Credential’s context (string).

Login Status DTO

The login status DTO has the following parameters:

  • statusCode - Indicates login status after processing update login information (integer).

  • description - Human readable login status information (string).

Password login

Login with context password credential
POST/{clientExtId}/users/{userExtId}/context-password/login/

Log in with the defined context password credential of the user.

since 2.88

Required permissions

AccessControl.CredentialView, AccessControl.CredentialModify, AccessControl.CredentialChangeState

Example URI

POST https://your-host/nevisidm/api/auth/v1/1000/users/1234/context-password/login/
URI Parameters
HideShow
clientExtId
string (required) Example: 1000

ExtID of the client.

userExtId
string (required) Example: 1234

ExtID of the user.

Request
HideShow
Headers
Content-Type: application/json
Body
{
  "password": "1StrongPassword!"
  "context": "user1-context1"
}
Response  200
HideShow
Headers
Content-Type: application/json
Body
{
  "statusCode": 5,
  "description": "Login Ok"
}
Response  404
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "There is no client with external identifier 'nonExistingClient'"
    }
  ]
}
Response  404
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "There is no user with external identifier 'nonExistingUser' in client 'Default'"
    }
  ]
}
Response  404
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.noRecord",
      "message": "No context password defined for user '9999999442' with context 'user1-context1'"
    }
  ]
}
Response  422
HideShow
Headers
Content-Type: application/json
Body
{
  "errors": [
    {
      "code": "errors.credentialNotActive",
      "message": "The context password is not active (current state 'disabled') in context 'user1-context1' of user '9999999442'"
    }
  ]
}

Generated by aglio on 06 Feb 2023