Authentication API

Managing security objects

Get all users

This is for getting all users with minimum information

GET /auth/user
Accept: application/json

Response:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "user1": { "defaultStoreId" : "production" },
  "dev1": { "defaultStoreId" : "development" }
}

Get a specific user

GET /auth/user/{username}
Accept: application/json

Response:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "user1":
  {
      "defaultStoreId" : "production",
      "accessRules": [ "CanReadData", "CanReadStructure" ],
      "storeIds": [ "production", "old_production" ]
  }
}

Get all Access Rules

GET /auth/accessrule
Accept: application/json

Response:

HTTP/1.1 200 OK
Content-Type: application/json

{
    "accessRules": [
        "CanReadData",
        "CanReadStructure",
        "CanImportStructure",
        "CanReplaceStructure"
    ],
    "impliedRules":
    {
       "CanReplaceStructure": [ "CanImportStructure" ],
       "CanImportStructure": [ "CanReadStructure" ],
       "CanReadData": [ "CanReadStructure" ]
    }
  }
}

Get all mapping store id

GET /auth/storeid
Accept: application/json

Response:

HTTP/1.1 200 OK
Content-Type: application/json

{
    "storeIds": [
        "production",
        "old_production",
        "development"
    ]
   }
}

Change user password

The password is encoded to base64 in order to pass symbol characters on the wire. This is not encryption. For encrypting HTTPS should be used.

PUT /auth/user/{username}/password HTTP/1.1
Content-Type: application/json

{ "password"="<base64 encoding of password>" }

Response:

HTTP/1.1 204 Created
Location: /auth/user/{username}

Add or Update user

PUT /auth/user/{username}
Content-Type: application/json

With body:

{
  "user1":
  {
      "defaultStoreId" : "old_production",
      "accessRules": [ "CanReadData", "CanReadStructure" ],
      "storeIds": [ "production", "old_production" ]
  }
}

Update existing user response:

HTTP/1.1 204 No Content
Location: /auth/user/{username}

Create new user response:

HTTP/1.1 201 Created
Location: /auth/user/{username}

Delete a user

DELETE /auth/user/{username}

Response:

HTTP/1.1 204 No Content

Add a mapping store id

PUT /auth/storeid/{storeid}
Content-Length: 0

Response:

HTTP/1.1 201 Created

Delete a mapping store id

DELETE /auth/storeid/{storeid}

Response:

HTTP/1.1 204 No Content

Status and First run

This is the only request that doesn't need a authorisation by default.

GET /auth/version/current
Accept: application/json

Response when the database was initialized:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "version": "1.0"
}

Response when the database was not initialized:

HTTP/1.1 303 See other
Location: /auth/version/available

Then the client can get the available versions

GET /auth/version/available
Accept: application/json

Response:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "version": "1.0"
}

And then the client can take the version and PUT it

PUT /auth/version/current
Content-Type: application/json

With body

{
  "version": "1.0"
}

Response:

HTTP/1.1 201 Created
Location: /auth/version/current

Security information

Info about the current user

GET /auth/about/me
Accept: application/json

Response:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "user1":
  {
      "defaultStoreId" : "production",
      "accessRules": [ "CanReadData", "CanReadStructure" ],
      "storeId": [ "production", "old_production" ]
  }
}