Get signer with certificate Deprecated
Returns the signer for the tenant including the certificate, if already signed
This operation requires Admin read privileges.
Deprecation
This endpoint has been obsoleted by the transition to allowing multiple signers per tenant, which is now used to
facilitate signer key rotation. Please use GET /v2/tenants/{tenant}/signers/current for equivalent behavior.
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
Responses
Response samples
- 200
- 401
- 403
- 404
- default
{- "info": {
- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "tenant": "master",
- "name": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedAt": "2019-08-24T14:15:22Z",
- "generation": 0,
- "state": "ACTIVE"
}, - "certificate": "string"
}Trigger signer CA creation Deprecated
Trigger creation of a signer key pair and certificate.
This operation requires Admin write privileges.
Deprecation
This endpoint has been obsoleted by the transition to allowing multiple signers per tenant, which is now used to
facilitate signer key rotation. Please use POST /v2/tenants/{tenant}/signers for equivalent behavior.
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
Request Body schema: application/jsonrequired
Contains the signer's name
| name required | string non-empty The signer's name |
Responses
Request samples
- Payload
{- "name": "signer"
}Response samples
- 202
- 401
- 403
- 409
- default
{- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "tenant": "master",
- "name": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedAt": "2019-08-24T14:15:22Z",
- "generation": 0,
- "state": "ACTIVE"
}Reissue Signer Certificate Deprecated
Allows to reissue the signer for the tenant. The old key is reused for the new certificate.
This operation requires Admin write privileges.
Deprecation
This endpoint has been obsoleted by the transition to allowing multiple signers per tenant, which is now used to
facilitate signer key rotation. Please use POST /v2/tenants/{tenant}/signers/current/renew for equivalent
behavior.
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
Request Body schema: application/jsonoptional
| ignoreNotIssued | boolean Default: false If set to When setting this to |
Responses
Request samples
- Payload
{- "ignoreNotIssued": false
}Response samples
- 202
- 400
- 401
- 403
- 404
- 412
- default
{- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "tenant": "master",
- "name": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedAt": "2019-08-24T14:15:22Z",
- "generation": 0,
- "state": "ACTIVE"
}Delete signer Deprecated
Allows deleting the signer for the tenant. This can only be done if there are no certificates depending on that signer. As soon as a user or gateway certificate has been requested using that signer, deletion is no longer possible.
This method may be used to remove a signer for which the CA creation failed. It is RECOMMENDED to only run this
operation after checking that the signer certificate is ISSUED or FAILED. This can be done by
GET /v1/tenants/{tenantId}/certificates/admin/{signerId}.
This operation requires Admin write privileges.
Deprecation
This endpoint has been obsoleted by the transition to allowing multiple signers per tenant, which is now used to
facilitate signer key rotation. Please use DELETE /v2/tenants/{tenant}/signers/current for equivalent
behavior.
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
Responses
Response samples
- 400
- 401
- 403
- 404
- 409
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}List existing tenant signers
Returns signers for the tenant as a paginated list. The page number and page size can be selected using the
page and page_size parameters, respectively.
The list may be filtered using a custom filter string. See the parameter schema below for a detailed
description.
Authorization
This endpoint requires admin read privileges.
Authorizations:
path Parameters
| tenant required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
query Parameters
| page | integer <int32> >= 1 Default: 1 The page number (1-based) |
| page_size | integer <int32> [ 5 .. 100 ] Default: 20 The number of entries per page, must be between 5 and 100 |
| filter | string Filter for specific properties of a signer. A filter is a string of the format
There are special operators
Examples:
|
Responses
Response samples
- 200
- 401
- 403
- default
[- {
- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "tenant": "master",
- "name": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedAt": "2019-08-24T14:15:22Z",
- "generation": 0,
- "state": "ACTIVE"
}
]Create a new tenant signer
Creates a new signer for the tenant.
This endpoint may be used to create a signer for the first time, i.e. when there are no other signers for the
same tenant. In this case, a fresh ACTIVE signer is created and enqueued for certificate issuance.
If there's already a signer for the tenant, this endpoint triggers the creation of a new signer,
which will become the ACTIVE signer for the tenant. For the new signer, a fresh key pair is generated
according to the current signer key generation settings in the service configuration. The previous ACTIVE
signer of the tenant is transitioned into state RETIRED, where it can still be used for certificate path
validation, but no longer for creating signatures.
Authorization
This endpoint requires admin write privileges.
Authorizations:
path Parameters
| tenant required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
Request Body schema: application/jsonoptional
| name | string non-empty A readable name for the signer. Can be omitted to use the configured default naming schema |
Responses
Request samples
- Payload
{- "name": "string"
}Response samples
- 202
- 401
- 403
- default
{- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "tenant": "master",
- "name": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedAt": "2019-08-24T14:15:22Z",
- "generation": 0,
- "state": "ACTIVE"
}Get the specified tenant signer including the certificate
This endpoint returns the specified signer for the tenant.
The signerSpec may be a Signer ID in the ULID format. In that case, the signer with the given ID is returned
if it belongs to the specified tenant.
Alternatively, signerSpec may be current, which returns the latest ACTIVE signer for the tenant. If there
is no such signer, 404 is returned.
Authorization
This operation can be executed with admin read or AST Client privileges.
Authorizations:
path Parameters
| tenant required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
required | Id (string) or string The signer specification. Can be either the signer ID, or the literal string The special value |
Responses
Response samples
- 200
- 401
- 403
- 404
- default
{- "info": {
- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "tenant": "master",
- "name": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedAt": "2019-08-24T14:15:22Z",
- "generation": 0,
- "state": "ACTIVE"
}, - "certificate": "string"
}Delete the specified tenant signer and its certificate
This endpoint deletes the specified signer. Note that this is only possible if the signer CA wasn't used yet to
issue any certificate. If certificates have already been issued by the signer, it can only be retired (replaced)
or revoked. Revoking a signer is possible via POST /v2/tenants/{tenant}/signers/{signerSpec}/revoke. This
makes sure that the signer can be used neither to issue a certificate, nor to perform certificate path
validation. The signer can be replaced via POST /v2/tenants/{tenant}/signers, which will create a new signer
for the tenant that will be used to issue certificates in the future. The old signer remains available for
certificate path validation.
The signerSpec may be a Signer ID in the ULID format. In that case, the signer with the given ID is returned
if it belongs to the specified tenant.
Authorization
This endpoint requires admin write privileges.
Authorizations:
path Parameters
| tenant required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
required | Id (string) or string The signer specification. Can be either the signer ID, or the literal string The special value |
Responses
Response samples
- 400
- 401
- 403
- 404
- 409
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Get the full chain for the specified tenant signer
This endpoint returns the certificate chain of the specified signer for the tenant. This operation can only be called if the signer's certificate was already issued, otherwise an error will be returned.
The signerSpec may be a Signer ID in the ULID format. In that case, the chain for the signer with the given ID
is returned if it belongs to the specified tenant.
Alternatively, signerSpec may be current, which returns the chain for the latest ACTIVE signer for the
tenant. If there is no such signer, 404 is returned.
Authorization
This operation can be executed with admin read or AST Client privileges.
Authorizations:
path Parameters
| tenant required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
required | Id (string) or string The signer specification. Can be either the signer ID, or the literal string The special value |
Responses
Response samples
- 200
- 400
- 404
- 412
- default
{- "chain": [
- "string"
]
}Renew the specified tenant signer's certificate
Allows to renew the signer CA for the tenant. The old key is reused for the new certificate.
This endpoint can be called to keep the certificate for a certain signer alive when it is close to expiry. Additionally, it must be called after the Issuer CA has been changed to a certificate with a different key than before.
The signerSpec may be a Signer ID in the ULID format. In that case, the signer with the given ID is enqueued
for certificate renewal.
Alternatively, signerSpec may be current, which renews the latest ACTIVE signer for the tenant. If there
is no such signer, 404 is returned.
Authorization
This endpoint requires Admin write privileges.
Authorizations:
path Parameters
| tenant required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
required | Id (string) or string The signer specification. Can be either the signer ID, or the literal string The special value |
Request Body schema: application/jsonoptional
| ignoreNotIssued | boolean Default: false If set to When setting this to |
Responses
Request samples
- Payload
{- "ignoreNotIssued": false
}Response samples
- 202
- 401
- 403
- 404
- default
{- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "tenant": "master",
- "name": "string",
- "createdAt": "2019-08-24T14:15:22Z",
- "updatedAt": "2019-08-24T14:15:22Z",
- "generation": 0,
- "state": "ACTIVE"
}Revoke the specified tenant signer's certificate
Revokes a specific signer's certificate. After this operation completes, the certificate of the signer is erased from the database and the signer can't be used anymore for certificate path validation or signature validation.
This endpoint can be called in the event of key compromise or when an old (probably RETIRED signer
certificate) needs to be disabled due to security policies.
The signerSpec may be a Signer ID in the ULID format. In that case, the signer with the given ID is enqueued
for certificate renewal.
Alternatively, signerSpec may be current, which renews the latest ACTIVE signer for the tenant. If there
is no such signer, 404 is returned.
Authorization
This endpoint required admin write privileges.
Authorizations:
path Parameters
| tenant required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
required | Id (string) or string The signer specification. Can be either the signer ID, or the literal string The special value |
Responses
Response samples
- 401
- 403
- 404
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Get a paginated list of certificates
Returns a paginated list of certificate information.
This operation requires Admin read privileges.
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
query Parameters
| page | integer <int32> >= 1 Default: 1 The page number (1-based) |
| page_size | integer <int32> [ 5 .. 100 ] Default: 20 The number of entries per page, must be between 5 and 100 |
| filter | string Filter for specific properties of a certificate. A filter is a string of the format
There are special operators
Examples:
|
Responses
Response samples
- 200
- 400
- 401
- 403
- default
[- {
- "certRef": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "status": "REQUESTED",
- "signer": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "user": "string",
- "client": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "requestedAt": "2019-08-24T14:15:22Z",
- "issuedAt": "2019-08-24T14:15:22Z",
- "certProfile": "AST_DEVICE"
}
]Check the status of a certificate request
Checks the status of a previously filed certificate request. If the request reference refers to a known request, the status will be returned. Otherwise, 404 is raised.
This operation requires Admin read privileges.
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
| certRef required | string (Id) ^[0-7][0-9A-HJKMNP-TV-Z]{25}$ Example: 01F6MJ6J1AA8HWB7G6XRJB709E The request reference obtained when requesting the certificate |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- default
{- "certRef": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "status": "REQUESTED",
- "signer": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "user": "string",
- "client": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "requestedAt": "2019-08-24T14:15:22Z",
- "issuedAt": "2019-08-24T14:15:22Z",
- "certProfile": "AST_DEVICE"
}Create signed SDK Config
Creates signed SDK Config
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The tenant name (equal to the realm name in IDP) |
Request Body schema: application/jsonrequired
required | Array of Base64 (string) or Base64Url (string) [ 1 .. 50 ] A list of trusted X.509 TLS certificates in base64 or base64url encoding. |
| astUrl | string <= 256 characters ^https?://[-a-zA-Z0-9+&@#/%?=~_|!:,.;]*[-a-zA... The AST gateway URL |
Array of objects (ServiceEntry) [ 0 .. 50 ] A list of AST services with their respective URLs |
Responses
Request samples
- Payload
{- "tlsBundle": [
- "MIIFFjCCAv6gAwIBAgIRAJErCErPDBinU/bWLiWnX1owDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2VhcmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMjAwOTA0MDAwMDAwWhcNMjUwOTE1MTYwMDAwWjAyMQswCQYDVQQGEwJVUzEWMBQGA1UEChMNTGV0J3MgRW5jcnlwdDELMAkGA1UEAxMCUjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7AhUozPaglNMPEuyNVZLD+ILxmaZ6QoinXSaqtSu5xUyxr45r+XXIo9cPR5QUVTVXjJ6oojkZ9YI8QqlObvU7wy7bjcCwXPNZOOftz2nwWgsbvsCUJCWH+jdxsxPnHKzhm+/b5DtFUkWWqcFTzjTIUu61ru2P3mBw4qVUq7ZtDpelQDRrK9O8ZutmNHz6a4uPVymZ+DAXXbpyb/uBxa3Shlg9F8fnCbvxK/eG3MHacV3URuPMrSXBiLxgZ3Vms/EY96Jc5lP/Ooi2R6X/ExjqmAl3P51T+c8B5fWmcBcUr2Ok/5mzk53cU6cG/kiFHaFpriV1uxPMUgP17VGhi9sVAgMBAAGjggEIMIIBBDAOBgNVHQ8BAf8EBAMCAYYwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMBIGA1UdEwEB/wQIMAYBAf8CAQAwHQYDVR0OBBYEFBQusxe3WFbLrlAJQOYfr52LFMLGMB8GA1UdIwQYMBaAFHm0WeZ7tuXkAXOACIjIGlj26ZtuMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAoYWaHR0cDovL3gxLmkubGVuY3Iub3JnLzAnBgNVHR8EIDAeMBygGqAYhhZodHRwOi8veDEuYy5sZW5jci5vcmcvMCIGA1UdIAQbMBkwCAYGZ4EMAQIBMA0GCysGAQQBgt8TAQEBMA0GCSqGSIb3DQEBCwUAA4ICAQCFyk5HPqP3hUSFvNVneLKYY611TR6WPTNlclQtgaDqw+34IL9fzLdwALduO/ZelN7kIJ+m74uyA+eitRY8kc607TkC53wlikfmZW4/RvTZ8M6UK+5UzhK8jCdLuMGYL6KvzXGRSgi3yLgjewQtCPkIVz6D2QQzCkcheAmCJ8MqyJu5zlzyZMjAvnnAT45tRAxekrsu94sQ4egdRCnbWSDtY7kh+BImlJNXoB1lBMEKIq4QDUOXoRgffuDghje1WrG9ML+Hbisq/yFOGwXD9RiX8F6sw6W4avAuvDszue5L3sz85K+EC4Y/wFVDNvZo4TYXao6Z0f+lQKc0t8DQYzk1OXVu8rp2yJMC6alLbBfODALZvYH7n7do1AZls4I9d1P4jnkDrQoxB3UqQ9hVl3LEKQ73xF1OyK5GhDDX8oVfGKF5u+decIsH4YaTw7mP3GFxJSqv3+0lUFJoi5Lc5da149p90IdshCExroL1+7mryIkXPeFM5TgO9r0rvZaBFOvV2z0gp35Z0+L4WPlbuEjN/lxPFin+HlUjr8gRsI3qfJOQFy/9rKIJR0Y/8Omwt/8oTWgy1mdeHmmjk7j1nYsvC9JSQ6ZvMldlTTKB3zhThV1+XWYp6rjd5JW1zbVWEkLNxE7GJThEUG3szgBVGP7pSWTUTsqXnLRbwHOoq7hHwg=="
], - "astUrl": "string",
}Response samples
- 200
- 400
- 401
- 403
- 404
- 412
- default
{- "sdkConfig": "string"
}Get overview information about all linked ASTClients for a given userId and tenantId
Get overview information about all linked ASTClients for a given userId and tenantId. List can be filtered.
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management An unique Id of a tenant |
query Parameters
| userId required | string [ 3 .. 255 ] characters Example: userId=123e4567-e89b-12d3-a456-42665544a3f7 An unique Id of a User |
| filter | Array of strings[[a-zA-Z]+\s*(=|\!=|\^=|\$=|\*=)\s*(""|[a-zA-Z...] Filter for specific client. This parameter is repeatable and multiple filters will be applied using logical AND. A filter is a string of the form
Examples:
|
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
- default
[- {
- "astClientId": "01FH8MDGN9W5C3RXRFNX6G164S",
- "appName": "Maverick Test Application",
- "appVersion": "0.0.1-pythondemo",
- "appPlatform": "Windows-10-10.0.19043-SP0",
- "risks": "beep-boop",
- "lockState": "NONE",
- "lastLoginAttempt": 1632819559770,
- "loginError": "string",
- "loginOutcome": "Login succeeded",
- "lastActivationAttempt": 1632819559770,
- "activationError": "string",
- "activationOutcome": "User linked successfully",
- "sdkVersion": "0.0.1-test",
- "deviceName": "Laptop-111-test",
- "clientDevice": "Huawei",
- "clientOsVersion": "1.0.0",
- "createdOn": 1632819559770,
- "lockReason": "Locked due incorrect password",
- "locales": [
- "en_GB"
]
}
]Get a list of userIds for the linked ASTClient
Get a list of userIds linked to ASTClient for the specified astClientId and tenantId
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management An unique Id of a tenant |
query Parameters
| astClientId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: astClientId=01FH8MDGN9W5C3RXRFNX6G164S An unique Id of a ASTClient in ULID-like format |
Responses
Response samples
- 200
- 400
- 401
- 403
- 500
- default
[- {
- "userId": "123e4567-e89b-12d3-a456-42665544a3f7",
- "mLoA": "none"
}
]Lock client
Lock client's ability to perform a login operation (for the specified tenantId)
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management An unique Id of a tenant |
Request Body schema: application/jsonrequired
| astClientId required | string^([0-9A-HJKMNP-TV-Z]{26})$ An unique Id of a ASTClient in ULID-like format |
| lockReason required | string |
Responses
Request samples
- Payload
{- "astClientId": "01FH8MDGN9W5C3RXRFNX6G164S",
- "lockReason": "Locked by admin"
}Response samples
- 400
- 401
- 403
- 404
- 406
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Unlock client
Unlock client's ability to perform a login operation (by astClientId for the specified tenantId)
Authorizations:
path Parameters
| astClientId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: 01FH8MDGN9W5C3RXRFNX6G164S An unique Id of a ASTClient in ULID-like format |
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management An unique Id of a tenant |
Responses
Response samples
- 400
- 401
- 403
- 404
- 406
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Unlink user Deprecated
Removes the link between the selected user and ASTClient for the specified tenantId
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management An unique Id of a tenant |
Request Body schema: application/jsonrequired
| userId required | string [ 3 .. 255 ] characters An unique Id of a User |
| astClientId required | string^([0-9A-HJKMNP-TV-Z]{26})$ An unique Id of a ASTClient in ULID-like format |
Responses
Request samples
- Payload
{- "userId": "123e4567-e89b-12d3-a456-42665544a3f7",
- "astClientId": "01FH8MDGN9W5C3RXRFNX6G164S"
}Response samples
- 400
- 401
- 403
- 404
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Delete client
Delete client by astClientId for the specified tenantId.
IMPORTANT: Before deleting a client, all existing links must be removed.
See GET /v1/tenants/{tenantId}/users to find linked users.
See POST/v1/tenants/{tenantId}/unlink to unlink users.
Authorizations:
path Parameters
| astClientId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: 01FH8MDGN9W5C3RXRFNX6G164S An unique Id of a ASTClient in ULID-like format |
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management An unique Id of a tenant |
Responses
Response samples
- 400
- 401
- 403
- 404
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Delete user data
Delete all user-related resources - clients(if they are not related to any other users), locales, links, etc.
Authorizations:
path Parameters
| userId required | string [ 3 .. 255 ] characters Example: 123e4567-e89b-12d3-a456-42665544a3f7 An unique Id of a User |
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management An unique Id of a tenant |
Responses
Response samples
- 400
- 401
- 403
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Information about clients linked to a user
Returns information about linked clients for the given user. List can be filtered.
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management An unique Id of a tenant |
| userId required | string [ 3 .. 255 ] characters Example: 123e4567-e89b-12d3-a456-42665544a3f7 An unique Id of a User |
query Parameters
| filter | Array of strings[[a-zA-Z]+\s*(=|\!=|\^=|\$=|\*=)\s*(""|[a-zA-Z...] Filter for specific client. This parameter is repeatable and multiple filters will be applied using logical AND. A filter is a string of the form
Examples:
|
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- default
[- {
- "userId": "123e4567-e89b-12d3-a456-42665544a3f7",
- "astClientId": "01FH8MDGN9W5C3RXRFNX6G164S",
- "tenantId": "ks-management",
- "mLoA": "none",
- "linkedOn": 1632819559770,
- "mLoAUpdatedOn": 1632819559770
}
]Detailed information about a selected ASTClient
Get detailed information about ASTClient by astClientId for the specified tenantId
Authorizations:
path Parameters
| astClientId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: 01FH8MDGN9W5C3RXRFNX6G164S An unique Id of a ASTClient in ULID-like format |
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management An unique Id of a tenant |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
- default
{- "astClientId": "01FH8MDGN9W5C3RXRFNX6G164S",
- "appVersion": "0.0.1-pythondemo",
- "risks": "beep-boop",
- "lockState": "NONE",
- "createdOn": 1632819559770,
- "linkedOnOrMloaUpdated": 1632819559770,
- "lastSuccessfulVerification": 1632819559770,
- "lastFailedVerification": 1632819559770,
- "clientDevice": "Huawei",
- "clientOsVersion": "1.0.0",
- "sdkVersion": "0.0.1-test",
- "deviceName": "Laptop-333",
- "lockReason": "Locked due incorrect password"
}Force disconnect all clients belong to the user
Immediately disconnect user's clients. It will be processed without order and exists events can be lost. If a body of the request is omitted, then it disconnects ALL user's clients.
Here is the list of available actions (see the specification of a body of the request below):
ALL_CLIENTS- disconnect all user's clientsSPECIFIED_CLIENTS- disconnect the specified clientsALL_EXCEPT_SPECIFIED_CLIENTS- disconnect all except the specified clients
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management An unique Id of a tenant |
| userId required | string [ 3 .. 255 ] characters Example: 123e4567-e89b-12d3-a456-42665544a3f7 An unique Id of a User |
Request Body schema: application/json
| disconnectType | string Default: "ALL_CLIENTS" Enum: "ALL_CLIENTS" "SPECIFIED_CLIENTS" "ALL_EXCEPT_SPECIFIED_CLIENTS" The disconnect action type. |
| clientIds | Array of strings[^([0-9A-HJKMNP-TV-Z]{26})$] The list of client IDs. Required for SPECIFIED_CLIENTS and ALL_EXCEPT_SPECIFIED_CLIENTS actions. |
Responses
Request samples
- Payload
{- "disconnectType": "SPECIFIED_CLIENTS",
- "clientIds": [
- "01FH8MDGN9W5C3RXRFNX6G164S"
]
}Response samples
- 400
- 401
- 403
- 404
- 422
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Unlink user's clients
Unlink user's clients. If a body of the request is omitted, then it unlinks ALL user's clients.
Here is the list of available actions (see the specification of a body of the request below):
ALL_CLIENTS- unlink all user's clientsSPECIFIED_CLIENTS- unlink the specified clientsALL_EXCEPT_SPECIFIED_CLIENTS- unlink all except the specified clients
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management An unique Id of a tenant |
| userId required | string [ 3 .. 255 ] characters Example: 123e4567-e89b-12d3-a456-42665544a3f7 An unique Id of a User |
Request Body schema: application/json
| unlinkType | string Default: "ALL_CLIENTS" Enum: "ALL_CLIENTS" "SPECIFIED_CLIENTS" "ALL_EXCEPT_SPECIFIED_CLIENTS" The unlink action type. |
| clientIds | Array of strings[^([0-9A-HJKMNP-TV-Z]{26})$] The list of client IDs. Required for SPECIFIED_CLIENTS and ALL_EXCEPT_SPECIFIED_CLIENTS actions. |
Responses
Request samples
- Payload
{- "unlinkType": "SPECIFIED_CLIENTS",
- "clientIds": [
- "01FH8MDGN9W5C3RXRFNX6G164S"
]
}Response samples
- 400
- 401
- 403
- 404
- 422
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}List all properties for user
Get list of all properties without astClientId for specified userId.
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management The id of the tenant |
| userId required | string [ 3 .. 255 ] characters Example: 1ZN1FP8NRQ8NHB7Z1CJRZPDBX3 The id of the user |
query Parameters
| page | integer <int32> >= 1 Default: 1 The page number (1-based) |
| page_size | integer <int32> [ 5 .. 100 ] Default: 20 The number of entries per page, must be between 5 and 100 |
| filter | Array of strings[[a-zA-Z]+\s*(=|\!=|\^=|\$=|\*=)\s*(""|[a-zA-Z...] Filter for specific properties. This parameter is repeatable and multiple filters will be applied using logical AND. A filter is a string of the form
Examples:
Error could be UnknownProperty(if were added properties names for validation, or was not found compatible field extractor) or ParsingError(if some error was found in filter syntax) |
Responses
Response samples
- 200
- 401
- 403
- default
[- {
- "userId": "123e4567-e89b-12d3-a456-42665544a3f7",
- "astClientId": "01FH8MDGN9W5C3RXRFNX6G164S",
- "name": "CardNumber",
- "type": "UTF8STRING",
- "value": "1111-2222-3333-4444",
- "encryption": "NONE",
- "readOnly": "false",
- "notify": "false",
- "inKeystorage": "false",
- "cpFlags": "0",
- "visibility": [
- "CLIENT"
]
}
]List all properties for user and AST Client
Get list of all properties for specified userId and astClientId.
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management The id of the tenant |
| userId required | string [ 3 .. 255 ] characters Example: 1ZN1FP8NRQ8NHB7Z1CJRZPDBX3 The id of the user |
| astClientId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: 1ZN1FP8NRQ8NHB7Z1CJRZPDBX5 The id of the AST Client |
query Parameters
| page | integer <int32> >= 1 Default: 1 The page number (1-based) |
| page_size | integer <int32> [ 5 .. 100 ] Default: 20 The number of entries per page, must be between 5 and 100 |
| filter | Array of strings[[a-zA-Z]+\s*(=|\!=|\^=|\$=|\*=)\s*(""|[a-zA-Z...] Filter for specific properties. This parameter is repeatable and multiple filters will be applied using logical AND. A filter is a string of the form
Examples:
Error could be UnknownProperty(if were added properties names for validation, or was not found compatible field extractor) or ParsingError(if some error was found in filter syntax) |
Responses
Response samples
- 200
- 401
- 403
- default
[- {
- "userId": "123e4567-e89b-12d3-a456-42665544a3f7",
- "astClientId": "01FH8MDGN9W5C3RXRFNX6G164S",
- "name": "CardNumber",
- "type": "UTF8STRING",
- "value": "1111-2222-3333-4444",
- "encryption": "NONE",
- "readOnly": "false",
- "notify": "false",
- "inKeystorage": "false",
- "cpFlags": "0",
- "visibility": [
- "CLIENT"
]
}
]Create a property by portal
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management The id of the tenant |
Request Body schema: application/jsonrequired
| name required | string [ 3 .. 255 ] characters The name of the property |
| type required | string Enum: "OCTETSTRING" "INTEGER" "BOOLEAN" "UTF8STRING" "DATE" Information on a accepted type of property's value |
| value required | string non-empty a value of a property |
| encryption | string Default: "NONE" Enum: "NONE" "SERVER_SIDE_DB" Info that say is the stored value should be encrypted in DB and what the way |
| readOnly | boolean Default: false A flag that say is the property readOnly |
| notify | boolean Default: false A flag that say is the service notifies changes to the AST Client (e.g. using stream service) |
| inKeystorage | boolean Default: false A flag for special protection mode. I.e. property is associated with so called virtual smartcard on the AST Client. |
| cpFlags | integer Default: 0 CACHE_POLICY flags determine, how AST Client processes changes. Allowed values are 0 - NO_CACHING, 512 -SYNCHRONIZE_FROM_SDK, 768 - SYNCHRONIZE_FROM_SSMS |
| visibility | Array of strings or null Enum: "CLIENT" "INTERNAL" "EXTERNAL" |
| userId required | string [ 3 .. 255 ] characters An unique Id of a User |
| astClientId required | string^([0-9A-HJKMNP-TV-Z]{26})$ An unique Id of a ASTClient in ULID-like format |
Responses
Request samples
- Payload
{- "name": "CardNumber",
- "type": "UTF8STRING",
- "value": "1111-2222-3333-4444",
- "encryption": "NONE",
- "readOnly": "false",
- "notify": "false",
- "inKeystorage": "false",
- "cpFlags": "0",
- "visibility": [
- "CLIENT"
], - "userId": "123e4567-e89b-12d3-a456-42665544a3f7",
- "astClientId": "01FH8MDGN9W5C3RXRFNX6G164S"
}Response samples
- 201
- 400
- 401
- 403
- 406
- 409
- 500
- default
{- "id": "1ZN1FP8NRQ8NHB7Z1CJRZPDBX1"
}Info for a specific property by propertyId for portal
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management The id of the tenant |
| propertyId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: 1ZN1FP8NRQ8NHB7Z1CJRZPDBX1 The id of the property to retrieve |
Responses
Response samples
- 200
- 401
- 403
- 404
- default
{- "userId": "123e4567-e89b-12d3-a456-42665544a3f7",
- "astClientId": "01FH8MDGN9W5C3RXRFNX6G164S",
- "name": "CardNumber",
- "type": "UTF8STRING",
- "value": "1111-2222-3333-4444",
- "encryption": "NONE",
- "readOnly": "false",
- "notify": "false",
- "inKeystorage": "false",
- "cpFlags": "0",
- "visibility": [
- "CLIENT"
]
}Delete the property with given propertyId by portal
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management The id of the tenant |
| propertyId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: 1ZN1FP8NRQ8NHB7Z1CJRZPDBX1 The id of the property to retrieve |
Responses
Response samples
- 400
- 401
- 403
- 404
- 406
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Update the property with given propertyId by portal
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management The id of the tenant |
| propertyId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: 1ZN1FP8NRQ8NHB7Z1CJRZPDBX1 The id of the property to retrieve |
Request Body schema: application/jsonrequired
| name required | string [ 3 .. 255 ] characters The name of the property |
| type required | string Enum: "OCTETSTRING" "INTEGER" "BOOLEAN" "UTF8STRING" "DATE" Information on a accepted type of property's value |
| value required | string non-empty a value of a property |
| encryption | string Default: "NONE" Enum: "NONE" "SERVER_SIDE_DB" Info that say is the stored value should be encrypted in DB and what the way |
| readOnly | boolean Default: false A flag that say is the property readOnly |
| notify | boolean Default: false A flag that say is the service notifies changes to the AST Client (e.g. using stream service) |
| inKeystorage | boolean Default: false A flag for special protection mode. I.e. property is associated with so called virtual smartcard on the AST Client. |
| cpFlags | integer Default: 0 CACHE_POLICY flags determine, how AST Client processes changes. Allowed values are 0 - NO_CACHING, 512 -SYNCHRONIZE_FROM_SDK, 768 - SYNCHRONIZE_FROM_SSMS |
| visibility | Array of strings or null Enum: "CLIENT" "INTERNAL" "EXTERNAL" |
| userId required | string [ 3 .. 255 ] characters An unique Id of a User |
| astClientId required | string^([0-9A-HJKMNP-TV-Z]{26})$ An unique Id of a ASTClient in ULID-like format |
Responses
Request samples
- Payload
{- "name": "CardNumber",
- "type": "UTF8STRING",
- "value": "1111-2222-3333-4444",
- "encryption": "NONE",
- "readOnly": "false",
- "notify": "false",
- "inKeystorage": "false",
- "cpFlags": "0",
- "visibility": [
- "CLIENT"
], - "userId": "123e4567-e89b-12d3-a456-42665544a3f7",
- "astClientId": "01FH8MDGN9W5C3RXRFNX6G164S"
}Response samples
- 400
- 401
- 403
- 406
- 409
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Delete a property with given Name by portal
Delete a property by name without AstClientId for the specified userId by authorized portal user.
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management The id of the tenant |
| userId required | string [ 3 .. 255 ] characters Example: 1ZN1FP8NRQ8NHB7Z1CJRZPDBX3 The id of the user |
| propertyName required | string [ 3 .. 255 ] characters Example: CardNumber The name of the AST Client Property |
Responses
Response samples
- 400
- 401
- 403
- 404
- 406
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Delete client's property with given Name by portal
Delete a property by name for the specified userId and astClientId by authorized portal user.
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management The id of the tenant |
| userId required | string [ 3 .. 255 ] characters Example: 1ZN1FP8NRQ8NHB7Z1CJRZPDBX3 The id of the user |
| astClientId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: 1ZN1FP8NRQ8NHB7Z1CJRZPDBX5 The id of the AST Client |
| propertyName required | string [ 3 .. 255 ] characters Example: CardNumber The name of the AST Client Property |
Responses
Response samples
- 400
- 401
- 403
- 404
- 406
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}List Localizable Templates
Returns a paged list of all available templates.
The template list might be filtered for locales by specifying a standard Accept-Language
header. Furthermore, template names can be filtered using the filter query parameter.
path Parameters
| tenantId required | string non-empty The tenant scope |
query Parameters
| page | integer <int32> >= 1 Default: 1 The page number (1-based) |
| page_size | integer <int32> [ 2 .. 100 ] Default: 20 The number of entries per page, must be between 5 and 100 |
| filter | string^(\*|\*\*|[a-zA-Z]+[\w\-]*(\.[a-zA-Z]+[\w\-]*... Default: "**" A template name filter, consisting of a simple glob-like syntax. It may include literal
matching, single component wildcards Wildcards are not allowed to directly follow or precede a literal matcher. Example:
|
header Parameters
| Accept-Language | string^((\*|([a-zA-Z]{1,8}))((?<!\*)-([A-Z0-9]{1,8}... Default: * Example: de-DE,en;q=0.7 A header specifying the acceptable locales for the answer. |
Responses
Response samples
- 200
- 400
- default
[- {
- "key": "string",
- "defaultLocale": "de-DE",
- "locales": [
- "de-DE"
]
}
]Create a New Template
Creates a new template. Requires that a template with the given name doesn't exist yet.
The template definition may already include localized variants for any number of additional locales, but must at least contain a template for the default locale.
Authorizations:
path Parameters
| tenantId required | string non-empty The tenant scope |
Request Body schema: application/jsonrequired
The template definition
| key required | string (TemplateKey) <= 1024 characters ^[a-zA-Z]+[\w\-]*(\.[a-zA-Z]+[\w\-]*)*$ A template identifier Must start with a letter, followed by any number of letters, digits, - or _. Optionally, a dot followed by another template identifier might be added. |
| defaultContent required | string (TemplateContent) non-empty The template content |
Array of objects |
Responses
Request samples
- Payload
{- "key": "string",
- "defaultContent": "string",
- "locales": [
- {
- "locale": "de-DE",
- "content": "string"
}
]
}Response samples
- 400
- 401
- 403
- 409
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Retrieve Template Content
Retrieves the content of the given template. The desired locale may be passed in terms of
standard Accept-Language header. If no such header is sent, the default locale is
returned.
path Parameters
| tenantId required | string non-empty The tenant scope |
| templateKey required | string (TemplateKey) <= 1024 characters ^[a-zA-Z]+[\w\-]*(\.[a-zA-Z]+[\w\-]*)*$ The template's key |
header Parameters
| Accept-Language | string^((\*|([a-zA-Z]{1,8}))((?<!\*)-([A-Z0-9]{1,8}... Default: * Example: de-DE,en;q=0.7 A header specifying the acceptable locales for the answer. |
Responses
Response samples
- 200
- 400
- 404
- 406
- default
{- "key": "string",
- "locale": "de-DE",
- "content": "string"
}Update Template
Updates an existing template. This offers the option to update the default content, update any existing locale's content, or add new locales.
Authorizations:
path Parameters
| tenantId required | string non-empty The tenant scope |
| templateKey required | string (TemplateKey) <= 1024 characters ^[a-zA-Z]+[\w\-]*(\.[a-zA-Z]+[\w\-]*)*$ The template's key |
Request Body schema: application/jsonrequired
The template patch
| defaultContent | string (TemplateContent) non-empty The template content |
Array of objects |
Responses
Request samples
- Payload
{- "defaultContent": "string",
- "locales": [
- {
- "locale": "de-DE",
- "content": "string"
}
]
}Response samples
- 400
- 401
- 403
- 404
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Delete Template
Deletes an existing template altogether. All locales and the template itself are removed.
Authorizations:
path Parameters
| tenantId required | string non-empty The tenant scope |
| templateKey required | string (TemplateKey) <= 1024 characters ^[a-zA-Z]+[\w\-]*(\.[a-zA-Z]+[\w\-]*)*$ The template's key |
Responses
Response samples
- 400
- 401
- 403
- 404
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Update Template for Locale
Updates the given locale for an existing template. The locale will be added if it didn't exist before.
Authorizations:
path Parameters
| tenantId required | string non-empty The tenant scope |
| templateKey required | string (TemplateKey) <= 1024 characters ^[a-zA-Z]+[\w\-]*(\.[a-zA-Z]+[\w\-]*)*$ The template's key |
| locale required | string (LanguageTag) ^(((en-GB-oed|i-ami|i-bnn|i-default|i-enochia... Example: de-DE The template's locale to target |
Request Body schema: application/jsonrequired
The template patch
| content required | string (TemplateContent) non-empty The template content |
Responses
Request samples
- Payload
{- "content": "string"
}Response samples
- 400
- 401
- 403
- 404
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Delete Template for Locale
Deletes the given locale for a template. If the locale doesn't exist, this operation does nothing.
Authorizations:
path Parameters
| tenantId required | string non-empty The tenant scope |
| templateKey required | string (TemplateKey) <= 1024 characters ^[a-zA-Z]+[\w\-]*(\.[a-zA-Z]+[\w\-]*)*$ The template's key |
| locale required | string (LanguageTag) ^(((en-GB-oed|i-ami|i-bnn|i-default|i-enochia... Example: de-DE The template's locale to target |
Responses
Response samples
- 400
- 401
- 403
- 404
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Start a TMS
Start a TMS (transaction flow) for a specific user.
Freshness of Authentication
The user can be forced to enter his credentials again in order to be able to view/process the TMS by setting
requireFreshnessOfAuthentication to any non-negative value. The semantics are as follows:
requiresFreshnessOfAuthentication == -1- no fresh authentication is requiredrequiresFreshnessOfAuthentication ~= 0..2- the user always needs to do a fresh authenticationrequiresFreshnessOfAuthentication > 2- the user needs to enter his credentials if the last authentication is more than that many seconds older than the retrieval time of the TMS (fieldretrievedAtin the TMS status)
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The ID of the tenant to use |
Request Body schema: application/jsonrequired
Contains all parameters required to start the transaction
| userId required | string non-empty The of the user to start a TMS for |
required | object (MessageData) The message data to be displayed to the user |
object (AppFilter) An optional filter to send the TMS only to clients with a specific app | |
| astClientIds | Array of strings (Id) non-empty [^[0-7][0-9A-HJKMNP-TV-Z]{25}$] An optional client filter to send the TMS only to specific clients of the user |
| retrievalTimeout | integer <int32> >= 1 Default: 300 The number of seconds the client is allowed to take for retrieving the TMS message. |
| tmsTimeout | integer <int32> >= 1 Default: 600 The number of seconds the TMS is allowed to take for completion after retrieval. |
| requireExplicitAuthentication | boolean Default: false Whether the TMS result must be submitted with an specifically authenticated token. This requires a specific scope in the access token that can be configured in the service configuration. |
| requireFreshnessOfAuthentication | integer <int32> >= -1 Default: -1 Requires the user to authenticate within a certain time to be able to respond to the TMS. This
authentication includes presenting credentials (e.g. the password) to the IDP. If this field is set to Setting this to |
object (PushSpec) An optional, customizable push notification payload. It allows to specify a custom push notification Push Notification Title:
Push Notification Body:
Both fields can also be set to To disable sending push for this TMS or DM, set | |
| auditMessage | any An optional message that is written to auditing |
Responses
Request samples
- Payload
{- "userId": "string",
- "tmsData": {
- "text": "string",
- "external": false,
- "data": { }
}, - "appFilter": {
- "name": "string",
- "platform": "string"
}, - "astClientIds": [
- "01F6MJ6J1AA8HWB7G6XRJB709E"
], - "retrievalTimeout": 300,
- "tmsTimeout": 600,
- "requireExplicitAuthentication": false,
- "requireFreshnessOfAuthentication": -1,
- "push": {
- "skip": false,
- "title": {
- "text": "You have a new message"
}, - "body": {
- "text": "You have a new message"
}
}, - "auditMessage": null
}Response samples
- 202
- 400
- 401
- 403
- default
{- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "status": "STARTED",
- "startedAt": "2019-08-24T14:15:22Z",
- "retrievedAt": "2019-08-24T14:15:22Z",
- "completedAt": "2019-08-24T14:15:22Z",
- "retrievalTimeout": 0,
- "tmsTimeout": 0,
- "userId": "string",
- "appFilter": {
- "name": "string",
- "platform": "string"
}, - "astClientIds": [
- "01F6MJ6J1AA8HWB7G6XRJB709E"
]
}Cancel an Ongoing TMS
Requests to cancel a running TMS. This operation will fail if the TMS is already complete.
A TMS is complete if it is in ACCEPTED, REJECTED, TIMEOUT or CANCELLED state.
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The ID of the tenant to use |
| tmsId required | string (Id) ^[0-7][0-9A-HJKMNP-TV-Z]{25}$ Example: 01F6MJ6J1AA8HWB7G6XRJB709E The ID of the TMS |
Responses
Response samples
- 400
- 401
- 403
- 404
- 412
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Get TMS Status
Retrieve the status of a TMS
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The ID of the tenant to use |
| tmsId required | string (Id) ^[0-7][0-9A-HJKMNP-TV-Z]{25}$ Example: 01F6MJ6J1AA8HWB7G6XRJB709E The ID of the TMS |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- default
{- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "status": "STARTED",
- "startedAt": "2019-08-24T14:15:22Z",
- "retrievedAt": "2019-08-24T14:15:22Z",
- "completedAt": "2019-08-24T14:15:22Z",
- "retrievalTimeout": 0,
- "tmsTimeout": 0,
- "userId": "string",
- "appFilter": {
- "name": "string",
- "platform": "string"
}, - "astClientIds": [
- "01F6MJ6J1AA8HWB7G6XRJB709E"
]
}Get TMS Result
Retrieve the result of a completed TMS
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The ID of the tenant to use |
| tmsId required | string (Id) ^[0-7][0-9A-HJKMNP-TV-Z]{25}$ Example: 01F6MJ6J1AA8HWB7G6XRJB709E The ID of the TMS |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 412
- default
{- "info": {
- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "status": "STARTED",
- "startedAt": "2019-08-24T14:15:22Z",
- "retrievedAt": "2019-08-24T14:15:22Z",
- "completedAt": "2019-08-24T14:15:22Z",
- "retrievalTimeout": 0,
- "tmsTimeout": 0,
- "userId": "string",
- "appFilter": {
- "name": "string",
- "platform": "string"
}, - "astClientIds": [
- "01F6MJ6J1AA8HWB7G6XRJB709E"
]
}, - "completedBy": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "signedData": "string",
- "failureReason": {
- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}
}Send a Display Message
Send a display message to a specific user.
Authorizations:
path Parameters
| tenantId required | string (Tenant) [ 1 .. 255 ] characters Example: master The ID of the tenant to use |
Request Body schema: application/jsonrequired
Contains all parameters required to start the transaction
| userId required | string non-empty The of the user to start a TMS for |
required | object (MessageData) The message data to be displayed to the user |
object (AppFilter) An optional filter to send the TMS only to clients with a specific app | |
| astClientIds | Array of strings (Id) non-empty [^[0-7][0-9A-HJKMNP-TV-Z]{25}$] An optional client filter to send the TMS only to specific clients of the user |
| displayMessageTimeout | integer <int32> >= 1 Default: 600 The number of seconds the display message is available for clients to retrieve |
object (PushSpec) An optional, customizable push notification payload. It allows to specify a custom push notification Push Notification Title:
Push Notification Body:
Both fields can also be set to To disable sending push for this TMS or DM, set | |
| auditMessage | any An optional message that is written to auditing |
Responses
Request samples
- Payload
{- "userId": "string",
- "displayMessageData": {
- "text": "string",
- "external": false,
- "data": { }
}, - "appFilter": {
- "name": "string",
- "platform": "string"
}, - "astClientIds": [
- "01F6MJ6J1AA8HWB7G6XRJB709E"
], - "displayMessageTimeout": 600,
- "push": {
- "skip": false,
- "title": {
- "text": "You have a new message"
}, - "body": {
- "text": "You have a new message"
}
}, - "auditMessage": null
}Response samples
- 202
- 400
- 401
- 403
- 404
- default
{- "id": "01F6MJ6J1AA8HWB7G6XRJB709E"
}List all architectures according to given platform name
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| platformName required | string [ 3 .. 10 ] characters Example: Android Name of a App platform to retrieve architectures |
Responses
Response samples
- 200
- 401
- 500
- default
[- {
- "architectureName": "string"
}
]List all versions using pagination
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
query Parameters
| page | integer <int32> [ 1 .. 21474837 ] Default: 1 Number of the requested page, starting at 1 |
| pageSize | integer <int32> [ 1 .. 100 ] Default: 20 Number of items per page, maximum is 100. |
| appName | string [ 1 .. 32 ] characters Example: appName=Payment application Name of an App |
| platform | string >= 3 characters Example: platform=Android Platform name of an App |
| versionLock | boolean Lock state of a Version |
| isCheckIntegrity | boolean isCheckIntegrity flag of a version |
| versionStr | string Example: versionStr=1.2.3 String representation of a Version number. |
| textSearch | string String parameter to search for a text on app version properties like App Name, Platform, version. TextSearch filter will be applied to the property whose filter is not explicitly set in the request query parameter. For example, if appName query parameter is set to Super App and TextSearch is with Mac, then it will return all app versions whose appName is SuperApp and platform or versionStr contains Mac. |
| isTextSearch | boolean Deprecated Default: false Boolean parameter that indicates to perform text search.
Default |
Responses
Response samples
- 200
- 401
- 500
- default
{- "data": [
- {
- "architectureIntegrities": [
- {
- "isRegistered": true,
- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "versionId": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "architecture": "string"
}
], - "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "tenantId": "vertx",
- "version": "1108101562371",
- "sdkVersion": "1.2.333",
- "appName": "string",
- "platform": "string",
- "versionStr": "1.2.3",
- "registerUserId": "string",
- "versionLock": true,
- "isCheckIntegrity": true
}
], - "totalCount": 0
}Create a version
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
Request Body schema: application/jsonrequired
| appName required | string [ 3 .. 255 ] characters Name of an App. |
| platform required | string [ 1 .. 100 ] characters Platform name of an App version. |
| versionStr required | string^\d+\.\d+\.\d+$ String representation of a version number. |
| registerUserId required | string [ 1 .. 255 ] characters an Id of a user, by which app version can be registered (in case of default 'registrationUser' registration policy). |
| versionLock | boolean Lock flag of a Version. |
| isCheckIntegrity | boolean Check Integrity flag of a Version. |
Responses
Request samples
- Payload
{- "appName": "string",
- "platform": "string",
- "versionStr": "1.2.3",
- "registerUserId": "string",
- "versionLock": true,
- "isCheckIntegrity": true
}Response samples
- 401
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Hierarchical representation of app-version and its properties using pagination
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
query Parameters
| page | integer <int32> [ 1 .. 21474837 ] Default: 1 Number of the requested page, starting at 1 |
| pageSize | integer <int32> [ 1 .. 100 ] Default: 20 Number of items per page, maximum is 100. |
| appName | string [ 1 .. 32 ] characters Example: appName=Payment application Name of an App. Also, possible to search for appName which contains given search text, using |
| platform | string [ 3 .. 10 ] characters Example: platform=Android Platform name of an App. Also, possible to search for platform name which contains given search text, using |
| versionLock | boolean Lock state of a Version |
| isCheckIntegrity | boolean isCheckIntegrity flag of a version |
| versionStr | string^%{0,1}\d+\.*\d*\.*\d*%{0,1}$ Example: versionStr=%1.2.3% String representation of a Version number. Also, possible to search for version which contains given search text, using |
Responses
Response samples
- 200
- 401
- 500
- default
{- "apps": [
- {
- "appName": "string",
- "platforms": [
- {
- "platformId": 0,
- "platformName": "string",
- "versions": [
- {
- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "versionStr": "1.2.3",
- "versionLock": true,
- "isCheckIntegrity": true,
- "registerState": [
- "string"
]
}
]
}
]
}
]
}List distinct version numbers using pagination
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
query Parameters
| page | integer <int32> [ 1 .. 21474837 ] Default: 1 Number of the requested page, starting at 1 |
| pageSize | integer <int32> [ 1 .. 100 ] Default: 20 Number of items per page, maximum is 100. |
| appName | string [ 1 .. 32 ] characters Example: appName=Payment application Name of an App. Also, possible to search for appName which contains given search text, using |
| platform | string [ 3 .. 10 ] characters Example: platform=Android Platform name of an App. Also, possible to search for platform name which contains given search text, using |
| versionLock | boolean Lock state of a Version |
| isCheckIntegrity | boolean isCheckIntegrity flag of a version |
| versionStr | string^%{0,1}\d+\.*\d*\.*\d*%{0,1}$ Example: versionStr=%1.2.3% String representation of a Version number. Also, possible to search for version which contains given search text, using |
| orderByVersion | string Enum: "asc" "desc" Example: orderByVersion=asc Parameter to specify the result list should be sorted by version number using ascending or descending order. |
Responses
Response samples
- 200
- 401
- 500
- default
{- "versions": [
- "1.2.3"
]
}Info for a specific version
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| versionId required | string^[0-9A-Za-z]{26}$ Example: 01F6MJ6J1AA8HWB7G6XRJB709E ID of a Version |
Responses
Response samples
- 200
- 401
- default
{- "architectureIntegrities": [
- {
- "isRegistered": true,
- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "versionId": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "architecture": "string"
}
], - "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "tenantId": "vertx",
- "version": "1108101562371",
- "sdkVersion": "1.2.333",
- "appName": "string",
- "platform": "string",
- "versionStr": "1.2.3",
- "registerUserId": "string",
- "versionLock": true,
- "isCheckIntegrity": true
}Update a version
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| versionId required | string^[0-9A-Za-z]{26}$ Example: 01F6MJ6J1AA8HWB7G6XRJB709E ID of a Version |
Request Body schema: application/jsonrequired
| appName required | string [ 3 .. 255 ] characters Name of an App. |
| platform required | string [ 1 .. 100 ] characters Platform name of an App version. |
| versionStr required | string^\d+\.\d+\.\d+$ String representation of a version number. |
| registerUserId required | string [ 1 .. 255 ] characters an Id of a user, by which app version can be registered (in case of default 'registrationUser' registration policy). |
| versionLock | boolean Lock flag of a Version. |
| isCheckIntegrity | boolean Check Integrity flag of a Version. |
Responses
Request samples
- Payload
{- "appName": "string",
- "platform": "string",
- "versionStr": "1.2.3",
- "registerUserId": "string",
- "versionLock": true,
- "isCheckIntegrity": true
}Response samples
- 401
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}delete specific version
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| versionId required | string^[0-9A-Za-z]{26}$ Example: 01F6MJ6J1AA8HWB7G6XRJB709E ID of a Version |
Responses
Response samples
- 401
- 404
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}lock/unlock specific version
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| versionId required | string^[0-9A-Za-z]{26}$ Example: 01F6MJ6J1AA8HWB7G6XRJB709E ID of a Version |
Request Body schema: application/jsonrequired
| versionLock required | boolean Locked flag of a Version. |
Responses
Request samples
- Payload
{- "versionLock": true
}Response samples
- 200
- 401
- default
{- "architectureIntegrities": [
- {
- "isRegistered": true,
- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "versionId": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "architecture": "string"
}
], - "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "tenantId": "vertx",
- "version": "1108101562371",
- "sdkVersion": "1.2.333",
- "appName": "string",
- "platform": "string",
- "versionStr": "1.2.3",
- "registerUserId": "string",
- "versionLock": true,
- "isCheckIntegrity": true
}Delete App Registration
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| versionId required | string^[0-9A-Za-z]{26}$ Example: 01F6MJ6J1AA8HWB7G6XRJB709E ID of a Version |
query Parameters
| architectureName | string [ 3 .. 10 ] characters Example: architectureName=x86 Architecture Name of an App |
Responses
Response samples
- 401
- 404
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Get list of registered architectures
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| versionId required | string^[0-9A-Za-z]{26}$ Example: 01F6MJ6J1AA8HWB7G6XRJB709E ID of a Version |
Responses
Response samples
- 200
- 401
- default
[- {
- "isRegistered": true,
- "id": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "versionId": "01F6MJ6J1AA8HWB7G6XRJB709E",
- "architecture": "string"
}
]Get a list of Apps
Get a list of Apps
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
query Parameters
| page | integer <int32> [ 1 .. 21474837 ] Default: 1 Number of the requested page, starting at 1 |
| pageSize | integer <int32> [ 1 .. 100 ] Default: 20 Number of items per page, maximum is 100. |
| appName | string [ 1 .. 32 ] characters Example: appName=Payment application Name of an App |
Responses
Response samples
- 200
- 400
- 401
- 403
- 500
- default
{- "tenantId": "ks-management",
- "appName": "Maverick Payment",
- "pushNotificationConfig": {
- "categories": [
- "chat"
], - "androidApiKey": "string",
- "iosApnsCertificate": "string",
- "iosApnsPrivateKey": "string",
- "iosBundleId": "string",
- "iosIsDevelopment": true,
- "hpkClientId": "string",
- "hpkClientSecret": "string",
- "fcmServiceAccountJSON": "eyAiY2xpZW50X2lkIjogImNsaWVudC1pZCIsICJjbGllbnRfc2VjcmV0IjogInNlY3JldCJ9"
}
}Save App configuration with app-name and optionally push notification config
Save App configuration with app-name and optionally push notification config
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| appName required | string [ 1 .. 32 ] characters Example: Payment application Name of an App |
Request Body schema: application/jsonrequired
| categories required | Array of strings (PushCategories) non-empty unique Items Enum: "chat" "payment" "tms" |
| androidApiKey | string or null |
| iosApnsCertificate | string or null This field is MANDATORY if any of |
| iosApnsPrivateKey | string or null This field is MANDATORY if any of |
| iosBundleId | string or null This field is MANDATORY if any of |
| iosIsDevelopment | boolean or null This field is MANDATORY if any of |
| hpkClientId | string or null This field is MANDATORY if |
| hpkClientSecret | string or null This field is MANDATORY if |
| fcmServiceAccountJSON | string or null JSON file provided by Google in Base64-encoded string. |
Responses
Request samples
- Payload
{- "categories": [
- "chat"
], - "androidApiKey": "string",
- "iosApnsCertificate": "string",
- "iosApnsPrivateKey": "string",
- "iosBundleId": "string",
- "iosIsDevelopment": true,
- "hpkClientId": "string",
- "hpkClientSecret": "string",
- "fcmServiceAccountJSON": "eyAiY2xpZW50X2lkIjogImNsaWVudC1pZCIsICJjbGllbnRfc2VjcmV0IjogInNlY3JldCJ9"
}Response samples
- 400
- 401
- 403
- 404
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Update App configuration
Update App configuration
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| appName required | string [ 1 .. 32 ] characters Example: Payment application Name of an App |
Request Body schema: application/jsonrequired
| categories required | Array of strings (PushCategories) non-empty unique Items Enum: "chat" "payment" "tms" |
| androidApiKey | string or null |
| iosApnsCertificate | string or null This field is MANDATORY if any of |
| iosApnsPrivateKey | string or null This field is MANDATORY if any of |
| iosBundleId | string or null This field is MANDATORY if any of |
| iosIsDevelopment | boolean or null This field is MANDATORY if any of |
| hpkClientId | string or null This field is MANDATORY if |
| hpkClientSecret | string or null This field is MANDATORY if |
| fcmServiceAccountJSON | string or null JSON file provided by Google in Base64-encoded string. |
Responses
Request samples
- Payload
{- "categories": [
- "chat"
], - "androidApiKey": "string",
- "iosApnsCertificate": "string",
- "iosApnsPrivateKey": "string",
- "iosBundleId": "string",
- "iosIsDevelopment": true,
- "hpkClientId": "string",
- "hpkClientSecret": "string",
- "fcmServiceAccountJSON": "eyAiY2xpZW50X2lkIjogImNsaWVudC1pZCIsICJjbGllbnRfc2VjcmV0IjogInNlY3JldCJ9"
}Response samples
- 400
- 401
- 403
- 404
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Get App for given app-name
Get App for given app-name
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| appName required | string [ 1 .. 32 ] characters Example: Payment application Name of an App |
Responses
Response samples
- 200
- 400
- 401
- 403
- 500
- default
{- "tenantId": "ks-management",
- "appName": "Maverick Payment",
- "pushNotificationConfig": {
- "categories": [
- "chat"
], - "androidApiKey": "string",
- "iosApnsCertificate": "string",
- "iosApnsPrivateKey": "string",
- "iosBundleId": "string",
- "iosIsDevelopment": true,
- "hpkClientId": "string",
- "hpkClientSecret": "string",
- "fcmServiceAccountJSON": "eyAiY2xpZW50X2lkIjogImNsaWVudC1pZCIsICJjbGllbnRfc2VjcmV0IjogInNlY3JldCJ9"
}
}Delete App for given app-name, also delete related versions
Delete App for given app-name, also delete related versions
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| appName required | string [ 1 .. 32 ] characters Example: Payment application Name of an App |
Responses
Response samples
- 400
- 401
- 403
- 404
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}List Apps with it's latest version information using pagination
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
query Parameters
| page | integer <int32> [ 1 .. 21474837 ] Default: 1 Number of the requested page, starting at 1 |
| pageSize | integer <int32> [ 1 .. 100 ] Default: 20 Number of items per page, maximum is 100. |
| appName | string [ 1 .. 32 ] characters Example: appName=Payment application Name of an App |
| platform | string >= 3 characters Example: platform=Android Platform name of an App |
| category | Array of strings <= 3 items Example: category=chat Array of App Push Notifications Categories |
| credential | Array of strings <= 3 items Example: credential=apns Array of App Push Notifications Credentials |
| textSearch | string String parameter to search for a text on app version properties like App Name, Platform, version, app categories, app credential types. TextSearch filter will be applied to the property whose filter is not explicitly set in the request query parameter. For example, if appName query parameter is set to Super App and TextSearch is with Mac, then it will return all app versions whose appName is SuperApp and (platform or versionStr or app categories or app credential types) contains Mac. |
| isTextSearch | boolean Deprecated Default: false Boolean parameter that indicates to perform text search.
Default |
Responses
Response samples
- 200
- 401
- default
{- "data": [
- {
- "appName": "string",
- "pushNotificationConfig": {
- "categories": [
- "chat"
], - "credentials": [
- "APNS"
]
}, - "platforms": [
- {
- "name": "string",
- "latestVersion": "1.2.3",
- "latestVersionId": "01F6MJ6J1AA8HWB7G6XRJB709E"
}
]
}
], - "totalCount": 0
}Gets a list of policies by tenant
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
Responses
Response samples
- 200
- 401
- 500
- default
[- {
- "name": "string",
- "assignments": [
- {
- "id": 1,
- "policyName": "string",
- "appName": "string",
- "platform": "Android",
- "architectureName": "x86"
}
], - "type": "quorum",
- "parameters": {
- "quorumSize": 1,
- "totalRequiredVotes": 1
}
}
]Gets a specific policy details
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| policyName required | string [ 1 .. 50 ] characters Example: Quorum policy 100 Name of a Policy |
Responses
Response samples
- 200
- 401
- 500
- default
{- "name": "string",
- "assignments": [
- {
- "id": 1,
- "policyName": "string",
- "appName": "string",
- "platform": "Android",
- "architectureName": "x86"
}
], - "type": "quorum",
- "parameters": {
- "quorumSize": 1,
- "totalRequiredVotes": 1
}
}Creates a new policy
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| policyName required | string [ 1 .. 50 ] characters Example: Quorum policy 100 Name of a Policy |
Request Body schema: application/jsonrequired
| type required | string Enum: "quorum" "registrationUser" policy type |
object additional parameters object |
Responses
Request samples
- Payload
{- "type": "quorum",
- "parameters": {
- "quorumSize": 1,
- "totalRequiredVotes": 1
}
}Response samples
- 401
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Updates a policy
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| policyName required | string [ 1 .. 50 ] characters Example: Quorum policy 100 Name of a Policy |
Request Body schema: application/jsonrequired
| type required | string Enum: "quorum" "registrationUser" policy type |
object additional parameters object |
Responses
Request samples
- Payload
{- "type": "quorum",
- "parameters": {
- "quorumSize": 1,
- "totalRequiredVotes": 1
}
}Response samples
- 401
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Deletes a policy
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| policyName required | string [ 1 .. 50 ] characters Example: Quorum policy 100 Name of a Policy |
Responses
Response samples
- 401
- 404
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Creates a new policy assignment
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| policyName required | string [ 1 .. 50 ] characters Example: Quorum policy 100 Name of a Policy |
Request Body schema: application/jsonrequired
| appName required | string [ 1 .. 32 ] characters Name of an App |
| platform | string [ 3 .. 10 ] characters Platform name (optional) of an App |
| architectureName | string [ 3 .. 10 ] characters Architecture name (optional) of an App version |
Responses
Request samples
- Payload
{- "appName": "string",
- "platform": "Android",
- "architectureName": "x86"
}Response samples
- 401
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Deletes a policy assignment
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: ks-management ID of a Tenant |
| assignmentId required | string^[0-9A-Za-z]{26}$ Example: 01F6MJ6J1AA8HWB7G6XRJB709E ID of a Policy assignment |
Responses
Response samples
- 401
- 404
- 500
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}Create a Nonce
Create a Nonce for user
Information about the optional expectedUserId property in request body payload:
- Optional request body payload property
expectedUserIdused for enable additional checking in run callback endpoint process - In case when
expectedUserIdnot null anduserIdnot match toexpectedUserId, callback endpointPUT /v1/tenants/{tenantId}/clients/eventsreturns response with code 403 and suitable error
Information about the callback:
method: HTTP POST
type: application/json
Callback data:
- timestampMillis: Creation timestamp in milliseconds, type: number, format: int64
- nonce: Nonce ID, type: string
- portalSessionId: Tracking Id, type: string, maxLength: 255
- loginEvent: The login event data in callback, type: object
- astClientId: AST Client id in ULID format, type: string
- userId: User id, type: string, minLength: 1, maxLength: 255
Example:
{
"timestampMillis": 1712053389839,
"nonce": "01HTF57W1JXYPD3WE75XR7TZGQ",
"portalSessionId": "94a58058-8a7a-4339-8ca1-6a586b2b66e1",
"loginEvent": {
"astClientId": "01HTF58BGBPVDZCNTXS6ZBYE5H",
"userId: "be58b4d6-da29-4bf5-81d0-8c6d551f295d"
}
}
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: vertx The id of the tenant |
query Parameters
| type | string Default: "default" Enum: "default" "short" A nonce type |
Request Body schema: application/jsonrequired
| action required | string Enum: "LOGIN_NONCE" "TMS_NONCE" The action for which nonce is going to be created |
required | object The payload containing all needed information for nonce creation |
Responses
Request samples
- Payload
{- "action": "LOGIN_NONCE",
- "payload": {
- "portalSessionId": "portalSessionId",
- "expectedUserId": "c4241cd2-7fdf-4200-b0b3-1cd97067c6c6",
- "timeout": 2650615161452,
- "credential": {
- "user": "testUser",
- "secret": "testPassword"
}
}
}Response samples
- 201
- 400
- 500
- 502
- default
{- "nonce": "1ZN1FP8NRQ8NHB7Z1CJRZPDBX1",
- "type": "LOGIN_NONCE",
- "expiresAt": 2650615161452
}Create a webhook
Create a new webhook
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: vertx The id of the tenant |
Request Body schema: application/jsonrequired
| filter required | string (The webhook filter) [ 3 .. 4000 ] characters The filter is a string of the form
The filter by several fields or values can be specified using logical operators and brackets. The logical operator can be one of several aliases for
Brackets:
Examples:
|
| callbackUrl required | string <uri> <= 4000 characters The URL on which the portal expects a HTTP callback |
| authType | string Default: "BASIC" Enum: "NONE" "BASIC" The authentication type |
BasicAuthCredentials (object) Authentication credentials. Required if the authentication type is not | |
| active | boolean Default: true Is a webhook active |
Responses
Request samples
- Payload
{- "filter": "type=domain and event=TMS_RESULT_AVAILABLE",
- "authType": "NONE",
- "authCredentials": {
- "username": "alice",
- "password": "p@ssw0rd"
}, - "active": "true"
}Response samples
- 201
- 400
- 401
- 403
- 500
- 502
- default
{- "id": "01FH8MDGN9W5C3RXRFNX6G164S",
- "tenantId": "ks-management",
- "filter": "type=domain and event=TMS_RESULT_AVAILABLE",
- "authType": "BASIC",
- "authCredentials": {
- "username": "alice",
- "password": "p@ssw0rd"
}, - "active": "true",
- "createdAt": "2023-09-20T13:21:48Z",
- "createdBy": "bob",
- "modifiedAt": "2023-09-20T15:21:48Z",
- "modifiedBy": "carol"
}Find webhooks
Find webhooks
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: vertx The id of the tenant |
query Parameters
| page | integer <int32> >= 1 Default: 1 The page number (1-based) |
| page_size | integer <int32> [ 5 .. 100 ] Default: 20 The number of entries per page, must be between 5 and 100 |
| filter | Array of strings[[a-zA-Z]+\s*(=|\!=|\^=|\$=|\*=)\s*(""|[a-zA-Z...] Filter for specific webhook. This parameter is repeatable and multiple filters will be applied using logical AND. A filter is a string of the form
Examples:
|
Responses
Response samples
- 200
- 400
- 401
- 403
- 500
- 502
- default
[- {
- "id": "01FH8MDGN9W5C3RXRFNX6G164S",
- "tenantId": "ks-management",
- "filter": "type=domain and event=TMS_RESULT_AVAILABLE",
- "authType": "BASIC",
- "authCredentials": {
- "username": "alice",
- "password": "p@ssw0rd"
}, - "active": "true",
- "createdAt": "2023-09-20T13:21:48Z",
- "createdBy": "bob",
- "modifiedAt": "2023-09-20T15:21:48Z",
- "modifiedBy": "carol"
}
]Get a webhook
Get a webhook
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: vertx The id of the tenant |
| webhookId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: 01FH8MDGN9W5C3RXRFNX6G164S An unique ID of a webhook in ULID-like format |
Responses
Response samples
- 200
- 400
- 401
- 403
- 404
- 500
- 502
- default
{- "id": "01FH8MDGN9W5C3RXRFNX6G164S",
- "tenantId": "ks-management",
- "filter": "type=domain and event=TMS_RESULT_AVAILABLE",
- "authType": "BASIC",
- "authCredentials": {
- "username": "alice",
- "password": "p@ssw0rd"
}, - "active": "true",
- "createdAt": "2023-09-20T13:21:48Z",
- "createdBy": "bob",
- "modifiedAt": "2023-09-20T15:21:48Z",
- "modifiedBy": "carol"
}Update a webhook
Update a webhook
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: vertx The id of the tenant |
| webhookId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: 01FH8MDGN9W5C3RXRFNX6G164S An unique ID of a webhook in ULID-like format |
Request Body schema: application/jsonrequired
| filter required | string (The webhook filter) [ 3 .. 4000 ] characters The filter is a string of the form
The filter by several fields or values can be specified using logical operators and brackets. The logical operator can be one of several aliases for
Brackets:
Examples:
|
| callbackUrl required | string <uri> <= 4000 characters The URL on which the portal expects a HTTP callback |
| authType | string Default: "BASIC" Enum: "NONE" "BASIC" The authentication type |
BasicAuthCredentials (object) Authentication credentials. Required if the authentication type is not | |
| active | boolean Default: true Is a webhook active |
Responses
Request samples
- Payload
{- "filter": "type=domain and event=TMS_RESULT_AVAILABLE",
- "authType": "NONE",
- "authCredentials": {
- "username": "alice",
- "password": "p@ssw0rd"
}, - "active": "true"
}Response samples
- 200
- 400
- 401
- 403
- 404
- 500
- 502
- default
{- "id": "01FH8MDGN9W5C3RXRFNX6G164S",
- "tenantId": "ks-management",
- "filter": "type=domain and event=TMS_RESULT_AVAILABLE",
- "authType": "BASIC",
- "authCredentials": {
- "username": "alice",
- "password": "p@ssw0rd"
}, - "active": "true",
- "createdAt": "2023-09-20T13:21:48Z",
- "createdBy": "bob",
- "modifiedAt": "2023-09-20T15:21:48Z",
- "modifiedBy": "carol"
}Delete a webhook
Delete a webhook
Authorizations:
path Parameters
| tenantId required | string [ 3 .. 255 ] characters Example: vertx The id of the tenant |
| webhookId required | string^([0-9A-HJKMNP-TV-Z]{26})$ Example: 01FH8MDGN9W5C3RXRFNX6G164S An unique ID of a webhook in ULID-like format |
Responses
Response samples
- 400
- 401
- 403
- 404
- 500
- 502
- default
{- "message": "Some error message",
- "code": "402",
- "subsystem": 519
}