#%RAML 0.8 title: Authentication API baseUri: https://apistg.np.covapp.io/authn/v3 protocols: - HTTPS schemas: - resourceReference: | { "id" : "http://api.covisint.com/schema/resourceReference", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "Schema representing links", "type" : "object", "properties" : { "id" : { "type" : "string", "description" : "The unique identifier for the resource.", "required": true }, "type" : { "type" : "string", "description" : "The type of the resource." }, "realm" : { "type" : "string", "description" : "The realm of the resource." } } } - namedResourceReference: "{\n \"id\" : \"http://api.covisint.com/schema/namedScopedResource\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"Expands on the basic resource reference and adds internationalized name and description.\",\n \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/schema/resourceReference#\"\n \ },\n \"properties\" : {\n \"name\" : { \n \"description\": \"Internationalized resource name.\",\n \"$ref\" : \"http://api.covisint.com/idm/schema/internationalString#\"\n \ },\n \"description\" : { \n \"description\": \"Internationalized resource description.\",\n \"$ref\" : \"http://api.covisint.com/idm/schema/internationalString#\"\n \ }\n }\n}\n" - resource: | { "id" : "http://api.covisint.com/schema/resource", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "Core schema", "definitions" : { "resource" : { "id" : "resource", "type" : "object", "description" : "A basic resource.", "properties" : { "id" : { "type" : "string", "maxLength" : 64, "description" : "The unique identifier for this resource.", "required": true }, "version": { "type" : "number", "minimum" : 0, "maximum" : 9223372036854775807, "description" : "The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests.", "required": false }, "creator" : { "type" : "string", "maxLength" : 64, "description" : "The creator of this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor header.", "required": true, "readonly": true }, "creatorAppId" : { "type" : "string", "maxLength" : 64, "description" : "The id of the application used to create this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor-app header.", "required": true, "readonly": true }, "creation" : { "type" : "number", "minimum" : 0, "maximum" : 9223372036854775807, "description" : "This read only property is ignored by the server and the system will overlay with the time, in milliseconds since the epoch, when this resource was created.", "required": true, "readonly": true } } } } } - resourceV2: "{\n \"id\" : \"http://api.covisint.com/schema/resourceV2\",\n \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"description\" : \"Core schema\",\n \ \"definitions\" : {\n \"resource\" : {\n \"id\" : \"resourceV2\",\n \ \"type\" : \"object\",\n \"description\" : \"A basic resource (version V2).\",\n \"properties\" : {\n \"id\" : {\n \"type\" : \"string\",\n \ \"maxLength\" : 64,\n \"description\" : \"The unique identifier for this resource.\",\n \"required\": true\n },\n \"version\": {\n \"type\" : \"string\",\n \"description\" : \"The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests.\",\n \"required\": false\n },\n \"creator\" : {\n \"type\" : \"string\",\n \ \"maxLength\" : 64,\n \"description\" : \"The creator of this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor header.\",\n \"required\": true,\n \ \"readonly\": true\n },\n \"creatorAppId\" : {\n \"type\" : \"string\",\n \"maxLength\" : 64,\n \"description\" : \"The id of the application used to create this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor-app header.\",\n \"required\": true,\n \"readonly\": true\n },\n \ \"creation\" : {\n \"type\" : \"number\",\n \"minimum\" : 0,\n \"maximum\" : 9223372036854775807,\n \"description\" : \"This read only property is ignored by the server and the system will overlay with the time, in milliseconds since the epoch, when this resource was created.\",\n \ \"required\": true,\n \"readonly\": true\n }\n }\n \ }\n } \n}\n" - realmScopedResource: "{\n \"id\" : \"http://api.covisint.com/schema/realmScopedResource\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"Expands on the base resource and adds a realm attribute.\",\n \ \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/schema/resource#\"\n \ },\n \"properties\" : {\n \"realm\" : {\n \"type\" : \"string\",\n \ \"maxLength\" : 25,\n \"pattern\" : \"^[A-Za-z0-9]{2,25}$\",\n \"description\" : \"The realm in which this resource is being created. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-realm header.\",\n \"required\": true,\n \"readonly\": true \n \ }\n }\n}\n" - realmScopedResourceV2: "{\n \"id\" : \"http://api.covisint.com/schema/realmScopedResourceV2\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"A realm scoped resource (version V2). Expands on the base resource (version V2) and adds a realm attribute.\",\n \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/schema/resourceV2#\"\n },\n \"properties\" : {\n \ \"realm\" : {\n \"type\" : \"string\",\n \"maxLength\" : 25,\n \"pattern\" : \"^[A-Za-z0-9]{2,25}$\",\n \"description\" : \"The realm in which this resource is being created. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-realm header.\",\n \"required\": true,\n \"readonly\": true \n }\n }\n} \n" - errorResponseSchema: "{\n \"id\" : \"http://api.covisint.com/schema/errorResponseSchema\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"Representation of an HTTP 4xx/5xx error response.\",\n \"properties\" : {\n \"status\" : { \n \"type\" : \"number\",\n \"minimum\" : 400,\n \ \"maximum\" : 599,\n \"description\" : \"The HTTP status code.\",\n \ \"required\": true\n },\n \"apiMessage\" : { \n \"type\" : \"string\",\n \ \"description\" : \"A helpful, human-readable description of the error, useful for basic diagnostics.\" \n },\n \"apiStatusCode\" : {\n \"type\" : \"string\",\n \"description\" : \"The API-specific status code.\"\n }\n \ }\n}\n" - serviceCode: "{\n \"id\" : \"http://api.covisint.com/schema/serviceCodes\",\n \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\": \"object\",\n \"description\": \"The site/service/location codes granted along with a service.\",\n \"properties\": {\n \"code\": { \"type\": \"string\", \"required\": true, \"maxLength\": 200, \"description\": \"The code value.\" },\n \"codeKind\": { \"type\": \"string\", \"required\": true, \"maxLength\": 36, \"description\": \"The associated business unit.\" }\n }\n} \n" - serviceCodes: | { "type" : "array", "description" : "The site/service/location codes granted along with the service, if any.", "items" : { "$ref" : "http://api.covisint.com/schema/serviceCode#"}, "required": false } - address: | { "id" : "http://api.covisint.com/idm/schema/address", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A container for the subject's address elements.", "properties" : { "type" : "string", "streets" : { "type" : "array", "description" : "An array of address streets (i.e. address line 1, 2, 3).", "minItems" : 0, "items" : { "type": "string", "maxLength" : 255 } }, "city" : { "type" : "string", "maxLength" : 60, "description" : "The city name." }, "state" : { "type" : "string", "maxLength" : 60, "description" : "The state/province name or code." }, "postal" : { "type" : "string", "maxLength" : 10, "description" : "The postal or zip code." }, "country" : { "type" : "string", "minLength" : 2, "maxLength" : 3, "description" : "The ISO country code. http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2"} } } - phone: "{\n \"id\" : \"http://api.covisint.com/idm/schema/phone\",\n \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \"description\" : \"A container for phone number details.\",\n \"properties\" : {\n \"number\" : { \"type\" : \"string\",\"maxLength\" : 100, \"description\" : \"The phone number.\" },\n \"type\" : { \"enum\" : [ \"main\", \"mobile\", \"fax\" ], \"description\" : \"The phone number type.\" }\n },\n \"required\" : [ \"type\" ]\n} \n" - internationalString: | { "id": "http://api.covisint.com/idm/schema/internationalString", "$schema": "http://json-schema.org/draft-04/schema", "type": "array", "description" : "An internationalized string value, supporting one or more language translations.", "minItems": 1, "items": { "type": "object", "properties": { "lang": { "type": "string", "maxLength": 10, "description": "The language or locale in which the text is written." }, "text": { "type": "string", "maxLength": 2000, "description": "The internationalized text value." } } } } - tags: | { "id": "http://api.covisint.com/idm/schema/tag", "$schema": "http://json-schema.org/draft-04/schema", "type": "array", "description" : "The tags associated with a resource. This array is read-only, and may be modified on the resource endpoint with the appropriate tagging APIs.", "minItems": 1, "items": { "type": "object", "properties": { "tagName": { "type": "string", "description": "The tag associated with a resource." } } } } - baseDefinitionResource: "{\n \"id\" : \"http://api.covisint.com/schema/baseDefinitionResource\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"A base rule definition(version V1). Expands on the base resource (version V2) and adds a realm attribute.\",\n \"extends\": {\n \"$ref\" : \"http://api.covisint.com/schema/realmScopedResourceV2#\"\n },\n \"properties\": {\n \"name\": {\n \"description\": \"The application name (internationalized).\",\n \ \"required\": true,\n \"$ref\": \"http://api.covisint.com/schema/internationalString#\"\n \ },\n \"description\": {\n \"required\": false,\n \"description\": \"The application description (internationalized).\",\n \"$ref\" : \"http://api.covisint.com/idm/schema/internationalString#\"\n \ }, \n \"properties\":{\n \"type\":\"array\",\n \"description\":\"Properties used by the implementation.\",\n \"required\":false,\n \"minItems\":0,\n \ \"items\":[ \n { \n \"anyOf\": [\n {\n \ \"type\": \"string\",\n \"description\": \"The name of the property.\",\n \"required\": true\n },\n \ {\n \"type\": \"string\",\n \"description\": \"The value of the property.\",\n \"required\": true\n }\n \ ]\n }\n ]\n }\n }\n}\n" - baseActionDefinitionResource: | { "id" : "http://api.covisint.com/schema/baseActionDefinitionResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A base action action definition. Expands on the base definition resource ", "extends": { "$ref" : "http://api.covisint.com/schema/baseDefinitionResource#" }, "properties": { "type": { "description": "Type of action definition.", "enum": [ "SEND_APPLICATION_NOTIFICATION", "SEND_COMMAND", "SEND_NOTIFICATION" ], "required": true } } } - baseTriggerDefinitionResource: | { "id" : "http://api.covisint.com/schema/baseTriggerDefinitionResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A base action trigger definition. Expands on the base definition resource ", "extends": { "$ref" : "http://api.covisint.com/schema/baseDefinitionResource#" }, "properties": { "type": { "description": "Type of trigger definition.", "enum": [ "DEVICE_SEND_EVENT", "DEVICE_LIFECYCLE_STATE_CHANGE", "DEVICE_OPERATIONAL_STATE_CHANGE" ], "required": true } } } - securityQuestions: | { "id" : "http://api.covisint.com/schema/securityQuestions/v2", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "array", "description": "Collection of security questions.", "items": { "$ref": "http://api.covisint.com/schema/securityQuestion/v2", "required": true } } - securityQuestion: "{\n \"id\" : \"http://api.covisint.com/schema/securityQuestion/v2\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"A representation of a security question.\",\n \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/idm/schema/realmScopedResource#\"\n \ },\n \"properties\" : {\n \"version\": {\n \"description\" : \"The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests. User supplied value will be ignored and will be set to the creation value.\"\n },\n \ \"owner\": {\n \"description\": \"The owner of this security question. Required only when creating or updating questions scoped to persons. For realm and organization scoped questions, this property is not required.\",\n \"$ref\": \"http://api.covisint.com/schema/resourceReference#\",\n \"required\": false\n \ },\n \"question\" : {\n \"description\": \"Internationalized security question text.\",\n \"required\": true,\n \"minItems\": 0, \n \ \"$ref\" : \"http://api.covisint.com/idm/schema/internationalString#\" \n \ }\n }\n}\n \n" - securityQuestionAccount: "{\n \"id\" : \"http://api.covisint.com/schema/securityQuestionAccount/v2\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"A representation of a security question account. An account is the pairing of zero or more question/answer that have been provided by the account holder.\",\n \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/schema/realmScopedResourceV2#\"\n \ },\n \"properties\" : {\n \"version\": {\n \"description\" : \"The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests. User supplied value will be ignored and will be set to the creation value.\"\n },\n \ \"questions\": {\n \"type\" : \"array\",\n \"description\": \"The security questions chosen for this particular account.\",\n \"required\": true,\n \"minItems\": 0,\n \"items\": {\n \"type\": \"object\",\n \ \"properties\": {\n \"question\": {\n \"description\": \"The selected question.\",\n \"$ref\": \"http://api.covisint.com/schema/resourceReference#\",\n \ \"required\": true\n },\n \"answer\" : {\n \"type\" : \"string\",\n \"maxLength\" : 255,\n \"description\" : \"The actual answer text, in the supplier's preferred locale. Required only when creating or updating the security question account.\",\n \"required\": false\n },\n \"index\" : {\n \"type\" : \"number\",\n \ \"description\" : \"The logical order in which this question is to be viewed with respect to other questions used by this account. If provided, should be for all questions in a sequence starting with 1.\",\n \"minValue\" : 1,\n \"required\": false\n }\n }\n }\n }\n \ }\n} \n" - authenticationRequest: "{\n \"id\" : \"http://api.covisint.com/schema/authenticationRequest\",\n \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \"description\" : \"Schema representing a authentication request resource.\",\n \"properties\" : {\n \"instant\" : { \n \"type\" : \"number\", \n \"description\" : \"The time, in milliseconds since the epoch, when the authentication request is being made. if not provided, default current time in milliseconds will be set.\"\n \ },\n \"subject\": {\n \"type\": \"string\",\n \"description\": \"The subject for which this request is being made. It can be either cuid or username.\",\n \ \"required\": true\n },\n \"subjectType\":{\n \"type\": \"string\",\n \ \"enum\": [ \"CUID\", \"LOGIN_ID\"],\n \"description\": \"The type of the subject.\",\n \"required\": false, \n \"default\": \"CUID\"\n },\n \ \"password\": {\n \"type\": \"string\",\n \"description\": \"The password for the subject to validate.\",\n \"required\": true\n },\n \"service\": {\n \"type\": \"string\",\n \"description\": \"The caller service description for the request.\",\n \"maxLength\" : 128,\n \"required\": true\n },\n \ \"subjectInet\": {\n \"type\": \"string\",\n \"description\": \"The IP address of the caller service.\",\n \"maxLength\" : 64,\n \"required\": true\n }\n }\n}\n \n" - authenticationResponse: "{\n \"id\" : \"http://api.covisint.com/schema/authenticationResponse\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"Schema representing a authentication response resource.\",\n \ \"properties\" : {\n \"instant\" : { \n \"type\" : \"number\", \n \"description\" : \"The time, in milliseconds since the epoch, when the authentication took place.\"\n \ },\n \"result\" : { \n \"type\" : \"string\",\n \"enum\" : [ \"SUCCESS\", \"UNKNOWN_SUBJECT\", \"BAD_PASSWORD\",\"LOCKED\",\"EXPIRED\",\"ERROR\" ],\n \"description\" : \"The status of the authentication request.\"\n },\n \ \"request\": {\n \"type\" : \"object\",\n \"description\": \"The authentication request reference.\",\n \"$ref\": \"http://api.covisint.com/idm/schema/authenticationRequest#\"\n \ },\n \"personId\": {\n \"type\" : \"string\",\n \"description\": \"The cuid of the person. This will be returned only if the authentication result is SUCCESS.\"\n }\n }\n}\n" - authenticationRule: "{\n \"id\" : \"http://api.covisint.com/idm/schema/authenticationRule\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"A container for authentication rule\",\n \"properties\" : {\n \"type\" : { \"enum\" : [ \"PasswordLockout\"], \"description\" : \"The authentication rule type.\" }\n },\n \"required\" : [ \"type\" ]\n} \n" - passwordLockoutRule: "{\n \"id\" : \"http://api.covisint.com/idm/schema/passwordLockoutRule\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"History rule for password policy\",\n \"extends\" : {\"$ref\" : \"http://api.covisint.com/schema/authenticationRule#\"\n },\n \ \"properties\" : {\n \"failures\" : {\"type\" : \"number\",\"description\" : \"The number of failures that can occur, with the failure lockout period, before a password credential is locked.\", \"required\": false, \"default\":3\n },\n \ \"failureWindow\" : {\"type\" : \"number\",\"description\" : \"The amount of time, in minutes, within which a set number of failures must occur for a password credential to be locked\", \"required\": false, \"default\":5\n },\n \"lockoutWindow\" : {\"type\" : \"number\",\"description\" : \"The amount of time, in minutes, before a password that was locked due to too many failed authentication attempts is automatically unlocked.\", \"required\": false, \"default\":15\n }\n }\n} \n \n" - authenticationPolicy: "{\n \"id\" : \"http://api.covisint.com/schema/authenticationPolicy\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"Schema representing an authentication policy resource.\",\n \ \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/schema/realmScopedResourceV2#\"\n \ },\n \"properties\" : {\n \"status\" : { \n \"type\" : \"string\",\n \ \"enum\" : [ \"active\", \"inactive\", \"deleted\" ],\n \"description\" : \"The status of the authentication policy.\",\n \"required\": true\n },\n \ \"name\" : {\n \"type\" : \"string\",\n \"description\": \"The name of authentication Policy.\",\n \"required\": true\n },\n \"desc\": {\n \"type\" : \"string\",\n \"description\": \"The description for authentication Policy.\"\n }, \n \"rules\" : {\n \"type\" : \"array\",\n \"description\" : \"Authentication Policy Rules\",\n \"minItems\" : 1,\n \"items\" : { \"$ref\" : \"http://api.covisint.com/idm/schema/authenticationRule#\" },\n \"required\": true\n }\n }\n}\n" - passwordRule: "{\n \"id\" : \"http://api.covisint.com/idm/schema/passwordRule\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"A container for password rule\",\n \"properties\" : {\n \"type\" : { \"enum\" : [ \"history\", \"lifetime\", \"character_class\", \"disallowed_words\", \"disallowed_characters\", \"length\"], \"description\" : \"The password rule type.\" }\n },\n \"required\" : [ \"type\" ]\n} \n" - historyRule: | { "id" : "http://api.covisint.com/idm/schema/historyRule", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "History rule for password policy", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "properties" : { "numberOfPasswords" : {"type" : "number","description" : "History for passwords to maintain", "required": true } } } - lifetimeRule: "{\n \"id\" : \"http://api.covisint.com/idm/schema/lifetimeRule\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"Lifetime rule for password policy\",\n \"extends\" : {\"$ref\" : \"http://api.covisint.com/schema/passwordRule#\"\n },\n \"properties\" : {\n \"minPasswordLifetime\" : {\"type\" : \"number\",\"description\" : \"The minimum amount of time, in days, that must pass between password changes.\", \"required\": true\n },\n \"maxPasswordLifetime\" : {\"type\" : \"number\",\"description\" : \"The maximum time, in days, that a password can exist before it is changed\", \"required\": true\n }\n }\n} \n" - characterClassRule: | { "id" : "http://api.covisint.com/idm/schema/characterClassRule", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Character class rule for password policy", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "properties" : { "allowUpperChars" : {"type" : "boolean","description" : "If password policy allows uppercase chars.", "required": true }, "allowLowerChars" : {"type" : "boolean","description" : "If password policy allows lowercase chars.", "required": true }, "allowNumChars" : {"type" : "boolean","description" : "If password policy allows numbers.", "required": true }, "allowSpecialChars" : {"type" : "boolean","description" : "If password policy allows special chars.", "required": true }, "requiredNumberOfCharClasses" : {"type" : "boolean","description" : "If password policy requires numbers.", "required": true } } } - disallowedWordsRule: | { "id" : "http://api.covisint.com/idm/schema/disallowedWordsRule", "$schema" : "http://json-schema.org/draft-04/schema", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "type" : "object", "description" : "Disallowed words rule for password policy", "properties" : { "wordListId" : {"type" : "number","description" : "Unique identifier of the disallowed word list", "required": true } } } - disallowedCharsRule: | { "id" : "http://api.covisint.com/idm/schema/disallowedCharsRule", "$schema" : "http://json-schema.org/draft-04/schema", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "type" : "object", "description" : "Disallowed chars rule for password policy", "properties" : { "disallowedChars" : {"type" : "string","description" : "Disallowed characters in the password", "required": true } } } - lengthRule: | { "id" : "http://api.covisint.com/idm/schema/lengthRule", "$schema" : "http://json-schema.org/draft-04/schema", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "type" : "object", "description" : "Length rule for password policy", "properties" : { "min" : {"type" : "number","description" : "Minimum length of the password alowed.", "required": true }, "max" : {"type" : "number","description" : "Maximum length of the password alowed.", "required": true } } } - passwordPolicy: "{\n \"id\" : \"http://api.covisint.com/schema/passwordPolicy\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"Schema representing an password policy resource.\",\n \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/schema/realmScopedResourceV2#\"\n \ },\n \"properties\" : {\n \"status\" : { \n \"type\" : \"string\",\n \ \"enum\" : [ \"active\", \"inactive\", \"deleted\" ],\n \"description\" : \"The status of the password policy.\",\n \"required\": true\n },\n \ \"name\" : {\n \"type\" : \"string\",\n \"description\": \"The name of password Policy.\",\n \"required\": true\n },\n \"desc\": {\n \"type\" : \"string\",\n \"description\": \"The description for password Policy.\"\n \ }, \n \"rules\" : {\n \"type\" : \"array\",\n \"description\" : \"Password Policy Rules\",\n \"minItems\" : 0,\n \"items\" : { \"$ref\" : \"http://api.covisint.com/idm/schema/passwordRule#\" },\n \"required\": false\n }\n }\n}\n" - password: "{\n \"id\" : \"http://api.covisint.com/schema/password\",\n \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \"description\" : \"Schema representing an password resource.\",\n \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/idm/schema/realmScopedResource#\"\n },\n \"properties\" : {\n \"subject\": { \n \"description\": \"The subject for which this password resource belongs to.\",\n \"$ref\": \"http://api.covisint.com/schema/resourceReference#\",\n \ \"required\": true\n },\n \"password\": {\n \"type\" : \"string\",\n \ \"description\": \"The password string for the subject. When a password is sent in the body of a request, this property is used to transport the desired password.\"\n },\n \"hashAlgorithm\": {\n \"type\" : \"string\",\n \ \"description\": \"The algorithm which this password is hashed with. This property along with 'hashedPassword' is used to represent the stored password, when a password resource is returned in the response body.\"\n },\n \"hashedPassword\": {\n \"type\" : \"string\",\n \"description\": \"The subject's new password, hashed. This property along with 'hashAlgorithm' is used to represent the stored password, when a password resource is returned in the response body.\"\n },\n \ \"passwordPolicyId\" : { \n \"type\" : \"string\", \n \"description\" : \"The unique identifier for the password policy governing the password.\",\n \ \"required\": true\n },\n \"authenticationPolicyId\" : { \n \"type\" : \"string\", \n \"description\" : \"The unique identifier for the authentication policy governing the password.\",\n \"required\": true\n },\n \"expiration\" : { \n \"type\" : \"number\", \n \"description\" : \"The time, in milliseconds since the epoch, when the password expires.\"\n },\n \"locked\" : {\n \"type\" : \"boolean\",\n \"description\" : \"Whether or not the password is locked.\"\n \ },\n \"unlockInstant\" : { \n \"type\" : \"number\", \n \"description\" : \"The time, in milliseconds since the epoch, when the password will be unlocked.\"\n \ }\n }\n}\n" - passwordValidation: | { "id" : "http://api.covisint.com/schema/passwordValidation", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an password validation.", "properties" : { "name" : { "type" : "array", "description": "Represents password validation response.", "required": true, "minItems": 1, "items": { "type": "object", "properties": { "type": { "type": "string" }, "description": { "type": "string", "maxLength": 2000 }, "passed": { "type": "boolean", "required": true } } } } } } - pin: "{\n \"id\" : \"http://api.covisint.com/schema/pin\",\n \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \ \"type\" : \"object\",\n \"description\" : \"Schema representing an pin resource.\",\n \ \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/idm/schema/realmScopedResource#\"\n \ },\n \"properties\" : {\n \"pin\": { \n \"type\" : \"string\",\n \"description\": \"The pin string for pin resource.\",\n \"required\": true\n }\n }\n}\n" - nonce: "{\n \"id\" : \"http://api.covisint.com/schema/nonce\",\n \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \"description\" : \"Schema representing an pin resource.\",\n \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/idm/schema/realmScopedResource#\"\n },\n \"properties\" : {\n \"nonce\": { \n \"type\" : \"string\",\n \"description\": \"The nonce string for nonce resource.\",\n \"required\": true\n },\n \"url\": { \n \"type\" : \"string\",\n \"description\": \"The url string for nonce resource.\",\n \"required\": true\n },\n \"CUID\": { \n \"type\" : \"string\",\n \"description\": \"The cuid string for nonce resource.\",\n \ \"required\": true\n },\n \"expireTime\": { \n \"type\" : \"number\", \n \"description\" : \"The time, in milliseconds, when the nonce expires.\",\n \ \"required\": true\n },\n \"status\" : { \n \"type\" : \"string\",\n \ \"enum\" : [ \"CREATED\", \"VALIDATION_SUCCESSFUL\", \"VALIDATION_TIMEOUT\" ],\n \"description\" : \"The status of the nonce.\",\n \"required\": true\n }\n }\n}\n" - tokenPayload: | { "id" : "http://api.covisint.com/idm/schema/tokenPayload/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing the id token payload.", "properties" : { "subject": { "description": "The subject to which the id token is intended for", "$ref": "http://api.covisint.com/schema/resourceReference#", "required": true } } } - tokenRequest: | { "id" : "http://api.covisint.com/idm/schema/tokenRequest/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing a token request.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResource#" }, "properties" : { "payload": { "type" : "object", "description": "The token payload reference.", "$ref": "http://api.covisint.com/idm/schema/tokenPayload/v1#" } } } - token: | { "id" : "http://api.covisint.com/idm/schema/token/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing a token resource.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResource#" }, "properties" : { "idToken": { "type" : "string", "description": "The ID token as per JWT spec.", "required": false } } } - signatureAlgorithm: | { "id": "http://api.covisint.com/idm/schema/signatureAlgorithm/v1", "$schema": "http://json-schema.org/draft-04/schema", "type": "array", "description" : "JWT parameters representing signature algorithms and keys.", "minItems": 1, "items": { "type": "object", "properties": { "alg":{ "type": "string", "description": "The signing algorithm as per JWT spec.", "enum" : ["HS256", "HS384", "HS512", "RS256"] }, "key":{ "type": "string", "description": "The information about the key. This information will be available in the POST response when a policy is created for the first time." } } } } - supportedSignatureAlgorithm: "{\n \"id\": \"http://api.covisint.com/idm/schema/supportedSignatureAlgorithm/v1\",\n \ \"$schema\": \"http://json-schema.org/draft-04/schema\",\n \"type\": \"object\",\n \ \"description\" : \"The supported JWT signature algorithms consisting of the default one for creating token.\",\n \"properties\" : {\n \"default\": { \n \"type\": \"string\",\n \"enum\" : [ \"HS256\", \"HS384\", \"HS512\",\"RS256\" ],\n \"description\": \"The signing algorithm as per JWT spec which will used for creating token.\",\n \"required\": true\n },\n \"signatureAlgorithms\" : {\n \"description\": \"The supported signature algorithms.\",\n \"$ref\" : \"http://api.covisint.com/idm/schema/signatureAlgorithm#\",\n \"required\": false\n }\n }\n}\n" - encryptionAlgorithm: | { "id": "http://api.covisint.com/idm/schema/encryptionAlgorithm/v1", "$schema": "http://json-schema.org/draft-04/schema", "type": "array", "description" : "JWE configuration parameters representing encKeyAlg, enc and key.", "minItems": 1, "items": { "type": "object", "properties": { "encKeyAlg": { "type": "string", "description": "The key management algorithm as per JWE spec.", "enum" : ["dir", "RSA-OAEP-256"] }, "enc": { "type": "string", "description": "The content encryption algorithm as per JWE spec.", "enum" : ["A128CBC-HS256", "A192CBC-HS384","A256CBC-HS512", "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A192GCM", "A256GCM"] }, "key": { "type": "string", "description": "The information about the key. This information will be available in the POST response when a policy is created for the first time." } } } } - supportedEncryptionAlgorithm: | { "id": "http://api.covisint.com/idm/schema/supportedEncryptionAlgorithm/v1", "$schema": "http://json-schema.org/draft-04/schema", "type": "object", "description" : "The supported JWT encryption algorithms consisting of the default ones for creating encrypted token.", "properties" : { "defaultEncKeyAlg": { "type": "string", "description": "The default key management algorithm as per JWE spec.", "enum" : ["dir", "RSA-OAEP-256"], "required" : true }, "defaultEnc": { "type": "string", "description": "The content encryption algorithm as per JWE spec.", "enum" : ["A128CBC-HS256", "A192CBC-HS384","A256CBC-HS512", "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A192GCM", "A256GCM"], "required" : true }, "encryptionAlgorithms" : { "description": "The supported encryption algorithms.", "$ref" : "http://api.covisint.com/idm/schema/encryptionAlgorithm#", "required": false } } } - tokenPolicy: "{\n \"id\" : \"http://api.covisint.com/idm/schema/tokenPolicy/v1\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"Schema representing a token policy resource.\",\n \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/schema/realmScopedResource#\"\n \ },\n \"properties\" : {\n \"name\": {\n \"type\" : \"string\",\n \"description\": \"The name of the token policy.\",\n \"required\": true\n },\n \"description\": {\n \"type\" : \"string\",\n \"description\": \"The description of the token policy.\"\n },\n \"issuer\": {\n \"type\" : \"string\",\n \"description\": \"The issuer of the token policy.\",\n \"default\": \"covisint.com\"\n },\n \ \"expiration\": {\n \"type\" : \"number\",\n \"description\": \"The number of seconds after which the token will be expired after its creation.\",\n \ \"required\": true\n },\n \"tokenAuthenticationFailureAttempts\": {\n \"type\" : \"number\",\n \"description\": \"The token authentication failure attempts of the token policy.\",\n \"default\": 1,\n \"minimum\": 1,\n \"maximum\": 10\n },\n \"supportedSignatureAlgorithms\" : {\n \ \"description\": \"The supported signature algorithms.\",\n \"$ref\" : \"http://api.covisint.com/idm/schema/supportedSignatureAlgorithm#\",\n \"required\": false\n },\n \"supportedEncryptionAlgorithms\" : {\n \"description\": \"The supported encryption algorithms.\",\n \"$ref\" : \"http://api.covisint.com/idm/schema/supportedEncryptionAlgorithm#\",\n \ \"required\": false\n }\n }\n}\n \n" - sessionRequest: | { "id" : "http://api.covisint.com/schema/session", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an session request.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "authrequest": { "type" : "object", "description": "The authentication request reference.", "$ref": "http://api.covisint.com/idm/schema/authenticationRequest#", "required": true } } } - sessionToken: "{\n \"id\" : \"http://api.covisint.com/idm/schema/sessionToken/v1\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"Schema representing a session token.\",\n \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/schema/realmScopedResource#\"\n \ },\n \"properties\" : {\n \"idToken\": {\n \"type\" : \"string\",\n \ \"description\": \"The ID token as per JWT spec.\",\n \"required\": true\n },\n \"xsrfToken\": {\n \"type\" : \"string\",\n \"description\": \"The XsrfToken.\",\n \"required\": true\n } \n }\n}\n" - nonceRequest: "{\n \"id\" : \"http://api.covisint.com/schema/nonceRequest\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"Schema representing an nonce request.\",\n \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/idm/schema/realmScopedResource#\"\n \ },\n \"properties\" : {\n \"nonce\": { \n \"type\" : \"string\",\n \ \"description\": \"The nonce string for nonce resource.\",\n \"required\": true\n }\n }\n}\n" - nonceResponse: "{\n \"id\" : \"http://api.covisint.com/schema/nonceResponse\",\n \ \"$schema\" : \"http://json-schema.org/draft-04/schema\",\n \"type\" : \"object\",\n \ \"description\" : \"Schema representing an nonce response.\",\n \"extends\" : {\n \"$ref\" : \"http://api.covisint.com/idm/schema/realmScopedResource#\"\n \ },\n \"properties\" : {\n \"idToken\": {\n \"type\" : \"string\",\n \ \"description\": \"The ID token.\",\n \"required\": true\n },\n \ \"xsrfToken\": {\n \"type\" : \"string\",\n \"description\": \"The XsrfToken.\",\n \"required\": true\n } \n }\n}\n" traits: - secured: usage: Apply this to any method that needs to be secured. Requests with this trait require authentication using a bearer token. headers: Authorization: description: Access token that is obtained from the /token endpoint of the oauth API. pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk required: true responses: 401: &6 description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema 403: &7 description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema - unsecured: usage: Apply this to any method that needs to be unsecured. Requests with this trait does not require any authentication. headers: SolutionInstanceId: description: The solution instance id. example: ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk required: true responses: 400: description: Bad request. Please provide the valid solution instance id. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema - getResponse: responses: 404: &3 description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema 406: &1 description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema 500: &2 description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema - getSearchResponse: responses: 406: *1 500: *2 - postResponse: responses: 406: *1 415: &4 description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema 500: *2 - deleteResponse: responses: 500: *2 - putResponse: responses: 404: *3 406: *1 409: &5 description: | There is a conflict in identifying the resource being acted on. There are two categories. (1) The unique identifier in the URL and in the body are different. (2) The current version of the resource being updated and the version sent in the body of the request. This may be an indication that the resource has changed since the client loaded it. The conflict should be resolved and the update resubmitted with the current version of the resource. + framework:resource:conflict + framework:resource:conflict:id - The ID of the resource in the request, {requestedId}, does not match the ID of the given resource, {resourceId} + framework:resource:conflict:version - The version of the provided resource, {requestVersion}, does not match the current version of the resource, {latestVersion} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema 415: *4 500: *2 - putResponseV2: responses: 404: *3 406: *1 409: description: | There is a conflict in identifying the resource being acted on. The unique identifier in the URL and body are different. + framework:resource:conflict + framework:resource:conflict:id - The ID of the resource in the request, {requestedId}, does not match the ID of the given resource, {resourceId} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema 415: *4 500: *2 - putCreateResponse: responses: 406: *1 409: *5 415: *4 500: *2 - taskResponse: responses: 401: *6 403: *7 500: *2 - pagableRequest: queryParameters: page: description: Which page to return in the paginated results. The first page is page 1. type: integer required: false minimum: 1 default: 1 pageSize: description: How many items per page in the paginated results. type: integer required: false minimum: 1 default: 50 maximum: 200 - taggable: queryParameters: tag: description: Get the resource based on specified tag. Multiple parameters are allowed and the search results will be a union. type: string required: false - sortable: queryParameters: sortBy: description: Sort the results based on some criteria. example: +creation, -name (These will sort by creation ascending, name descending. If "+/-" prefix is omitted, then an ascending sort is assumed). type: string required: false - searchable: description: Search resources based on the given filter parameters. Search is case-insensitive. <> <> "/securityQuestions": is: - secured description: Endpoint for security questions used to verify a person's account. get: is: - getSearchResponse - pagableRequest description: Search for available security questions. If the owner query parameters are not specified, then all available security questions will be returned. headers: Accept: description: Media type for a security question resource. example: application/vnd.com.covisint.platform.securityquestion.v1+json type: string required: true queryParameters: owner.id: description: Filter on the id of the resource owning the question. For example, the person id or organization id. This query parameter is only required if owner.type is specified. type: string required: false owner.type: description: Filter on the type of the resource owning the question. For example, person or organization. This query paramer is only required if owner.id is specified. type: string required: false responses: 200: description: All matching security questions were successfully retrieved. body: application/vnd.com.covisint.platform.securityquestion.v1+json: schema: securityQuestions 400: description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + securityquestions.multiple.owner.id.invalid - Muliple owner ids {ownerId(s)} are not allowed + securityquestions.multiple.owner.type.invalid - Muliple owner types {ownerId(s)} are not allowed + securityquestions.owner.id.invalid - Owner id {ownerId} invalid if owner type is not mentioned + securityquestions.owner.type.invalid - Owner type {ownerType} invalid if owner id is not mentioned + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:request:param:invalid - The following parameter should not be part of the request: {queryParameterName} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/{id}": description: Endpoint for security questions of a specific user. uriParameters: id: description: The unique id of the person. type: string required: true is: - secured put: is: - putResponse description: Updates a security question, creating it when it doesn't exist. Currently, only person-scoped security questions are supported. Clears the person scoped question if an empty question array is supplied. In all the scenarios, the person scoped answer gets overwritten. headers: Accept: description: Media type for a person security question account. example: application/vnd.com.covisint.platform.securityquestion.v1+json type: string required: true body: application/vnd.com.covisint.platform.securityquestion.v1+json: schema: securityQuestion responses: 200: description: The person scoped question was updated successfully (or created if it didn't already exist). body: application/vnd.com.covisint.platform.securityquestion.v1+json: schema: securityQuestion 400: description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} + security.question.invalid.owner.type - Invalid owner type for challenge question. Valid value is: person + security.question.one.question.text.allowed - Only 1 question text is allowed + security.question.challenge.question.not.allowed - Challenge question is not allowed + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:resource:missing - The following resources were not found: {resources} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/authn/nonce": is: - secured description: Endpoint used to create Create Nonce. post: description: Individual API used to create Nonce. headers: Accept: description: Media type. example: application/vnd.com.covisint.platform.authn.nonce.v1+json type: string required: true body: application/vnd.com.covisint.platform.authn.nonce.v1+json: schema: nonce responses: 201: description: The nonce was successfully created. body: application/vnd.com.covisint.platform.authn.nonce.v1+json: schema: nonce 400: description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [nonce, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/token/tasks/generate": is: - postResponse description: Generates the ID token. post: description: generates the ID token. headers: Accept: description: Media type. example: application/vnd.com.covisint.platform.token.v1+json type: string required: true body: application/vnd.com.covisint.platform.token.request.v1+json: schema: tokenRequest responses: 200: description: Returns the id token as token response. body: application/vnd.com.covisint.platform.token.v1+json: schema: token 400: description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + token.payload.missing - Payload is missing in the token + token.payload.subject.missing - Subject is missing in the payload. + token.payload.signing.or.encryption.missing - The signing algorithm or encryption algorithms is missing from the resource + token.payload.exp.invalid - The expiration time is invalid + token.signature.algorithm.configuration.not.supported - The token signature algorithm {signAlg} is not supported in this context configuration + token.encryption.algorithm.configuration.not.supported - The token encryption algorithm is not supported in this context configuration + token.key.management.algorithm.configuration.not.supported - The token key management algorithm is not supported in this context configuration body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/token/tasks/validate": is: - postResponse description: Validates the ID token and return claims as payload in the token. post: description: validates the ID token and return claims as payload in the token. headers: Accept: description: Media type. example: application/vnd.com.covisint.platform.token.payload.v1+json type: string required: true body: application/vnd.com.covisint.platform.token.v1+json: schema: token responses: 200: description: Returns the id token as token response. body: application/vnd.com.covisint.platform.token.payload.v1+json: schema: tokenPayload 400: description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + token.decryption.key.missing - No key found for decryption in the configuration + token.decryption.key.invalid - No valid key found for decryption + token.signature.key.missing - No key found for signature verification in the configuration + token.signature.key.invalid - Invalid key found for signature verification in the configuration + token.expiry.invalid - Token is expired + token.validation.failed - The validation of the token is failed body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/token/policies": get: is: - getSearchResponse - pagableRequest description: Searches token policies according to the filter criteria provided. headers: Accept: description: Media type for token policy. example: application/vnd.com.covisint.platform.token.policy.v1+json type: string required: true responses: 200: description: All matching token policies were successfully retrieved. body: application/vnd.com.covisint.platform.token.policy.v1+json: schema: tokenPolicy 400: description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema post: is: - postResponse description: Creates a new token policy. headers: Accept: description: Media type for token policy. example: application/vnd.com.covisint.platform.token.policy.v1+json type: string required: true body: application/vnd.com.covisint.platform.token.policy.v1+json: schema: tokenPolicy responses: 201: description: A new token policy was created and is returned in the response body. body: application/vnd.com.covisint.platform.token.policy.v1+json: schema: tokenPolicy 400: description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} + token.policy.exists - The token policy is already existing for this realm {realm}. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/{id}": description: Individual endpoint for token policy resources. uriParameters: id: description: The token policy's unique identifier. type: string required: true put: is: - putResponse description: Updates name, description and tokenAuthenticationFailureAttempts of the token policy. headers: Accept: description: Media type for token policy. example: application/vnd.com.covisint.platform.token.policy.v1+json type: string required: true body: application/vnd.com.covisint.platform.token.policy.v1+json: schema: tokenPolicy responses: 200: description: The token policy was successfully updated. body: application/vnd.com.covisint.platform.token.policy.v1+json: schema: tokenPolicy 400: description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/sessionToken/tasks/generate": description: Generates a xsrfToken and JWT Token based on password credentials. post: is: - postResponse description: Authenticate the user name and password.After successful authentication,create xsrfToken-a random UUID, to track the session. headers: Accept: description: Media type. example: application/vnd.com.covisint.platform.authn.session.v1+json type: string required: true body: application/vnd.com.covisint.platform.authn.session.v1+json: schema: sessionRequest responses: 200: description: The xsrfToken and JWT Token successfully retrieved. body: application/vnd.covisint.platform.session.token.v1+json: schema: sessionToken 400: description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:data:invalid - The following information should not be part of the resource: {resourceFieldName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/sessionToken/tasks/validate": description: Validates JWT Token which must also contain the passed xsrfToken as a claim. post: description: Validates JWT Token with the xsrfToken as a claim. headers: Accept: description: Media type. example: application/vnd.covisint.platform.session.token.v1+json type: string required: true body: application/vnd.com.covisint.platform.session.token.v1+json: schema: sessionToken responses: 200: description: Successfully validated the JWT Token. body: application/vnd.covisint.platform.session.token.v1+json: schema: sessionToken 400: description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + token.idToken.missing - Secure token is missing. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/persons/{personId}/accounts/securityQuestion": is: - secured get: is: - getResponse description: Returns the person's security question account. headers: Accept: description: Media type for a person security question account. type: string required: true example: application/vnd.com.covisint.platform.person.account.securityQuestion.v1+json responses: 200: description: The person's chosen security questions were successfully retrieved. body: application/vnd.com.covisint.platform.person.account.securityQuestion.v1+json: schema: securityQuestionAccount 400: description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:resource:missing - A resource with the following ID was not found: {resourceId} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema put: is: - putResponse description: Updates a person's security questions account (or creates one if it doesn't exist). headers: Accept: description: Media type for a person security question account. example: application/vnd.com.covisint.platform.person.account.securityQuestion.v1+json type: string required: true body: application/vnd.com.covisint.platform.person.account.securityQuestion.v1+json: schema: securityQuestionAccount responses: 200: description: The person's security question account was updated successfully (or created if it didn't already exist). body: application/vnd.com.covisint.platform.person.account.securityQuestion.v1+json: schema: securityQuestionAccount 400: description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} + security.question.account.invalid.fixed.questions - Only {count} unique fixed questions are allowed + security.question.account.invalid.fixed.question.index - Set unique index for all fixed questions in a sequence starting with '1' OR do not set index for any question + security.question.account.invalid.challenge.question- Only {count} challenge question(s) are allowed + security.question.account.invalid.fixed.question.id.format - Invalid fixed question id format. Valid format is 'realmId:questionId', where questionId is a number + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/passwords/tasks/authenticate": is: - secured - postResponse description: endpoint used to authenticate the person. post: description: authenticate the person. headers: Accept: description: Media type. example: application/vnd.com.covisint.platform.authn.password.resp.v1+json type: string required: true body: application/vnd.com.covisint.platform.authn.password.req.v1+json: schema: authenticationRequest responses: 200: description: Returns the response post authentication. body: application/vnd.com.covisint.platform.authn.password.resp.v1+json: schema: authenticationResponse 400: description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + password.authentication.request.instant.invalid - Request instant must be greater than zero. + password.authentication.request.subject.type.invalid - Invalid subject type. Valid values are CUID, LOGIN_ID. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/passwords/tasks/expire": is: - secured description: endpoint used to expire password resource. get: is: - getResponse description: expire password resource. headers: Accept: description: Media type. example: application/vnd.com.covisint.platform.password.v1+json type: string required: true queryParameters: subject: description: the subject id. type: string required: true responses: 200: description: Returns the expired password resource. body: application/vnd.com.covisint.platform.password.v1+json: schema: password 400: description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + password.not.found- Could not retrieve password for subject. + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema post: description: expire password resource. headers: Accept: description: Media type. example: application/vnd.com.covisint.platform.password.v1+json type: string required: true queryParameters: subject: description: the subject id. type: string required: true responses: 200: description: Returns the expired password resource. body: application/vnd.com.covisint.platform.password.v1+json: schema: password 400: description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + password.not.found- Could not retrieve password for subject. + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/passwords/tasks/lock": is: - secured - postResponse description: endpoint used to lock password resource. post: description: lock password resource. headers: Accept: description: Media type. example: application/vnd.com.covisint.platform.password.v1+json type: string required: true queryParameters: subject: description: the subject id. type: string required: true responses: 200: description: Returns the locked password resource. body: application/vnd.com.covisint.platform.password.v1+json: schema: password 400: description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + password.multiple.subjects.not.allowed- Multiple subjects are not allowed. + password.not.found- Could not retrieve password for {subject}. + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "/passwords/tasks/unlock": is: - secured - postResponse description: endpoint used to unlock password resource. post: description: unlock password resource. headers: Accept: description: Media type. example: application/vnd.com.covisint.platform.password.v1+json type: string required: true queryParameters: subject: description: the subject id. type: string required: true responses: 200: description: Returns the unlocked password resource. body: application/vnd.com.covisint.platform.password.v1+json: schema: password 400: description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + password.multiple.subjects.not.allowed- Multiple subjects are not allowed. + password.not.found- Could not retrieve password for {subject}. + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema