Skip to end of metadata
Go to start of metadata

UIB Services

UserIdentityBackend have two type of available services

  1. Authenticate applications and users
  2. Administration of resources:
    • user(s)
    • application(s)

Details of the API is documented below


Authenticate applications and users

Authentication and authorization are XML over HTTP/HTTPS endpoints. (RPC oriented, not resource oriented.)

1. Authenticate application will return an application entity if authentication is successful.

2. Authenticate user will return a user entity if authentication is successful. This operation requires a valid applicationTokenID (application must be authenticated).

  • Input: Currently POST is used with UserCredential as xml inputstream in the body. Can/should be changed to a GET operation.
  • Output: -UserData-
ApplicationToken and UserToken is created and managed by [SecurityTokenService] which is the session controller in Whydah.

Manage user/application credentials


Administration of resources (Resources available for UserAdminWebApp - UAWA and UserAdminService - UAS only

There are four resources available: user, users (collection of users), application and applications (collection of applications).
All require valid applicationToken and valid userToken. For applications without logged in users, an application specific system user should be used.

UIB will validate the tokens on every request, but is allowed to keep a cache of tokens to reduce number of round-trips to SecurityTokenService - STS. Caching respects the token timeout values.

User
Users
Application
Applications
  • List all:

Return Applications_json

  • Search for applications. Add when needed

Health check

  • HTTP endpoint available, db, ldap and lucene available.
    • 204 - ok, no content
    • 5xx Server Error - if db, ldap or lucene is not working.
  • STS separate test
Labels:
None
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
  1. Apr 23, 2014

    _Which userTokenId do you expect here? I'e' the user's own usertokenId is ubnknown in the key use-cases... _

    1. Apr 12, 2014

      userTokenId of the user making the change. This can be an administrator.

      1. Apr 23, 2014

        we have 2 use-cases here

        a) An Administrator uses the reset password option in Whydah [UserAdminWebApp] (or similar) => We have a UserTokenID
        b) An user has forgotten his/her password from [SSOLoginWebApp] (or similar) => We do not have any UserTokenID, only a username