Many of the administrative functions are exposed through RESTful APIs, including:
-
management of user attributes
-
management of users and provisioning
-
management of identity and service providers
-
management of authentication schemes
-
management of access policies
-
computing a user's access rights for a URL
-
management of mail and web templates
-
management and validation of Digipass tokens linked to the user model
-
management of various settings
-
self-service calls
-
branding.
Authentication and Authorization Flows
Noticeably absent from the previous list is the functionality to start the necessary authentication and authorization flows when accessing a service. These flows are handled by the Orchestrator. The Orchestrator also manages sessions.
Accessing REST Calls
The REST API is organized in five parts:
|
API |
Path |
Comment |
|---|---|---|
|
hostname/idhub/admin/api/v1/* |
Requires a session (optional authorization rules may apply) |
|
|
hostname/idhub/installation/* |
No session required |
|
|
hostname/idhub/login |
Basic user / password authentication only |
|
|
hostname/idhub/public/api/v1/* |
No session required |
|
|
hostname/idhub/selfservice/api/v1/* |
Some calls require a session |