Autonomous Identity 2022.11.11

Config

The following are Autonomous Identity config endpoint:

GET /api/config

GET /api/config

Get the configuration. This endpoint is mainly used by the Autonomous Identity UI microservice to get values stored in Consul. [All]

Endpoint

/api/config

Headers

Content-Type      application/json

Example Request

curl --request GET "https://autoid-api.forgerock.com/api/config" \
--header "Content-Type: application/json"

Example Response

{
  "thresholds": {
    "top": 1.01,
    "high": 0.75,
    "medium": 0.35,
    "low": 0,
    "autoAccess": 0.5
  },
  "volumeThresholds": {
    "high": 90,
    "low": 20
  },
  "mostAssignedStats": {
    "count": 100
  },
  "highVolumeStats": {
    "high": {
      "minScore": 0.9,
      "minUsersCount": 100
    },
    "low": {
      "maxScore": 0.2,
      "minUsersCount": 100
    }
  },
  "authorizers": {
    "ldap": true,
    "oidc": false
  }
}

GET /api/admin/reloadUIConfig

GET /api/admin/reloadUIConfig

Reload justification and filterable attributes configuration from JAS. [User, Supervisor, Ent Owner, App Owner, Admin]

Endpoint

/api/admin/reloadUIConfig

Headers

Content-Type      /

Example Request

curl --request GET "https://autoid-api.forgerock.com/api/admin/reloadUIConfig" \
-H  "accept: /"

POST /api/admin/updateUser

POST /api/admin/updateUser

Update credentials for a user.

Endpoint

/api/admin/updateUser

Authorization

<Bearer Token JWT-value>

Body

{
	email: “john.doe@forgerock.com”,
	password: “password”,
	groups: [“Zoran Supervisor”, “Zoran Role Engineer”]
}

Example Request

curl --location --request POST 'https://autoid-api.forgerock.com/api/admin/updateUser' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <token>' \
--data-raw '{
    “email”: “john.doe@forgerock.com”,
    “password”: “password”,
	“groups”: [“Zoran Supervisor”, “Zoran Role Engineer”]
}'

Example Response

{ message: 'success' }

POST /api/admin/updateSelf

POST /api/admin/updateSelf

Update credentials for a user.

Endpoint

/api/admin/updateSelf

Authorization

<Bearer Token JWT-value>

Body

{
	email: “john.doe@forgerock.com”,
	password: “password”,
	groups: [“Zoran Supervisor”, “Zoran Role Engineer”]
}

Example Request

curl --location --request POST 'https://autoid-api.forgerock.com/api/admin/updateSelf' \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer <token>' \
--data-raw '{
    “email”: “john.doe@forgerock.com”,
	“password”: “password”,
	“groups”: [“Zoran Supervisor”, “Zoran Role Engineer”]
}'

Example Response

{ message: 'success' }

POST /api/admin/disableUser

POST /api/admin/disableUser

Disable user account.

Endpoint

/api/admin/disableuser

Authorization

<Bearer Token JWT-value>

Body

{
	email: “john.doe@forgerock.com“
}

Example Request

curl --location --request POST 'https://autoid-api.forgerock.com/api/admin/disableUser' \
--header 'Content-type: application/json' \
--header 'Authorization: Bearer <token>' \
--data-raw '{
	“email”: “john.doe@forgerock.com”
}'

Example Response

{ message: 'success' }

POST /api/admin/enableUser

POST /api/admin/enableUser

Enable a user account.

Endpoint

/api/admin/enableUser

Authorization

<Bearer Token JWT-value>

Body

{
	email: “john.doe@forgerock.com”
}

Example Request

curl --location --request POST "https://autoid-api.forgerock.com/api/admin/enableUser" \
--header  "Content-Type: application/json" \
--header  "Authorization: Bearer <token>" \
--data-raw '{
    “email”: “john.doe@forgerock.com”
}'

Example Response

{ message: 'success' }

POST /api/admin/createUser

POST /api/admin/createUser

Create credentials for a user

Endpoint

/api/admin/createUser

Authorization

<Bearer Token JWT-value>

Body

{
	dn: “cn=john.doe@forgerock.com,ou=People,dc=zoran,dc=com”,gidNumber: “321”,
	email: “john.doe@forgerock.com“,
	password: “password”,
	controls: [],
	displayName: “John Doe”,
	uid: “john.doe”,
	groups: [“Zoran Admin”]
}

Example Request

curl --request POST "https://autoid-api.forgerock.com/api/admin/createUser" \
--header  "Content-Type: application/json" \
--header  "Authorization: Bearer <token>" \
--data-raw '{
	dn: “cn=john.doe@forgerock.com,ou=People,dc=zoran,dc=com”,gidNumber: “321”,
	email: “john.doe@forgerock.com“,
	password: “password”,
	controls: [],
	displayName: “John Doe”,
	uid: “john.doe”,
	groups: [“Zoran Admin”]
}'

Example Response

{ message: 'success' }

POST /api/admin/createApiToken

POST /api/admin/createApiToken

Create API credentials (token) for a user.

Endpoint

/api/admin/createApiToken

Authorization

<Bearer Token JWT-value>

Body

{
	name: “John Doe“,
	description: “description”,
	expiration: “2021-08-12T12:00:00.000Z”
}

Example Request

curl --request POST "https://autoid-api.forgerock.com/api/admin/createApiToken" \
--header  "Content-Type: application/json" \
--header  "Authorization: Bearer <token>" \
--data-raw '{
	name: “John Doe“,
	description: “description”,
	expiration: “2021-08-12T12:00:00.000Z”
}’

Example Response

{ token: uuid }

POST /api/admin/revokeApiToken

POST /api/admin/revokeApiToken

Revoke API credentials for a user.

Endpoint

/api/admin/revokeApiToken

Authorization

<Bearer Token JWT-value>

Body

{
	token: “11b57769-d436-4357-bc1c-0e0b9c6a49b6“
}

Example Request

curl --location --request POST "https://autoid-api.forgerock.com/api/admin/revokeApiToken" \
--header  "Content-Type: application/json" \
--header  "Authorization: Bearer <token>" \
--data-raw '{
	token: “11b57769-d436-4357-bc1c-0e0b9c6a49b6“
}’

Example Response

{ message: 'User token disabled' }

GET /api/admin/verifyApiToken/{token}

GET /api/admin/verifyApiToken/{token}

Verify that an API token is valid

Endpoint

/api/admin/verifyApiToke

Authorization

<Bearer Token JWT-value>

Example Request

curl --request GET "https://autoid-api.forgerock.com/api/admin/verifyApiToken/da0b5228-1e11-4278-ad1c-f0938fccdf82" \
--header  "Content-Type: application/json" \
--header  "Authorization: Bearer <token>"

Example Response

{
  "name": "John Doe",
  "description": "description",
  "expiration": "2021-08-17T12:00:00.000Z",
  "is_valid": true,
  "creator": "bob.rodgers@forgerock.com",
  "modifier": "bob.rodgers@forgerock.com"
}

GET /api/admin/getTokens

GET /api/admin/getTokens

Get a list of tokens.

Endpoint

/api/admin/getTokens

Authorization

<Bearer Token JWT-value>

Body

{
		maxResults: 6,
		offset: 5
}

Example Request

curl --request GET "https://autoid-api.forgerock.com/api/admin/getTokens" \
--header  "Content-Type: application/json" \
--header  "Authorization: Bearer <token>" \
--data-raw '{
	maxResults: 6,
	offset: 5
}’

Example Response

[{
  “token”: “da0b5228-1e11-4278-ad1c-f0938fccdf82”,
  "name": "John Doe",
  "description": "description",
  "expiration": "2021-08-17T12:00:00.000Z",
  "is_valid": true,
  "creator": "bob.rodgers@forgerock.com",
  "modifier": "bob.rodgers@forgerock.com"
}]

GET /api/admin/getUsers

GET /api/admin/getUsers

Get a list of users.

Endpoint

/api/admin/getUsers

Authorization

<Bearer Token JWT-value>

Body

{
	maxResults: 6,
	offset: 5,
	sortBy: uid | displayName | gidNumber
}

Example Request

curl --location --request GET "https://autoid-api.forgerock.com/api/admin/getUsers" \
--header  "Content-Type: application/json" \
--header  "Authorization: Bearer <token>" \
--data-raw '{
	maxResults: 6,
    offset: 5,
    sortBy: uid
}’

Example Response

[{
    "controls": [],
    "displayName": "David Elliott",
    "email": "david.elliott@forgerock.com",
    "dn": "cn=david.elliott@forgerock.com,ou=People,dc=zoran,dc=com",
    "gidNumber": "809",
    "uid": "david.elliott",
    "_groups": [
      "Zoran Entitlement Owner"
    ],
    "enabled": true
}]