#%RAML 0.8 title: Authentication API baseUri: "https://api.covisintlabs.com/authn/v4" protocols: [HTTPS] schemas: - resourceReference: | { "id" : "http://api.covisint.com/schema/resourceReference", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "Schema representing links", "type" : "object", "properties" : { "id" : { "type" : "string", "description" : "The unique identifier for the resource." }, "type" : { "type" : "string", "description" : "The type of the resource." }, "realm" : { "type" : "string", "description" : "The realm of the resource." } } , "required":[ "id" ] } - namedResourceReference: | { "id" : "http://api.covisint.com/schema/namedScopedResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Expands on the basic resource reference and adds internationalized name and description.", "extends" : { "$ref" : "http://api.covisint.com/schema/resourceReference#" }, "properties" : { "name" : { "description": "Internationalized resource name.", "$ref" : "http://api.covisint.com/idm/schema/internationalString#" }, "description" : { "description": "Internationalized resource description.", "$ref" : "http://api.covisint.com/idm/schema/internationalString#" } } } - resource: | { "id" : "http://api.covisint.com/schema/resource", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "Core schema", "definitions" : { "resource" : { "id" : "resource", "type" : "object", "description" : "A basic resource.", "properties" : { "id" : { "type" : "string", "maxLength" : 64, "description" : "The unique identifier for this resource." }, "version": { "type" : "number", "minimum" : 0, "maximum" : 9223372036854775807, "description" : "The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests." }, "creator" : { "type" : "string", "maxLength" : 64, "description" : "The creator of this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor header.", "readonly": true }, "creatorAppId" : { "type" : "string", "maxLength" : 64, "description" : "The id of the application used to create this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor-app header.", "readonly": true }, "creation" : { "type" : "number", "minimum" : 0, "maximum" : 9223372036854775807, "description" : "This read only property is ignored by the server and the system will overlay with the time, in milliseconds since the epoch, when this resource was created.", "readonly": true } } , "required":[ "id", "creator", "creatorAppId", "creation" ] } } } - resourceV2: | { "id" : "http://api.covisint.com/schema/resourceV2", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "Core schema", "definitions" : { "resource" : { "id" : "resourceV2", "type" : "object", "description" : "A basic resource (version V2).", "properties" : { "id" : { "type" : "string", "maxLength" : 64, "description" : "The unique identifier for this resource." }, "version": { "type" : "string", "description" : "The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests." }, "creator" : { "type" : "string", "maxLength" : 64, "description" : "The creator of this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor header.", "readonly": true }, "creatorAppId" : { "type" : "string", "maxLength" : 64, "description" : "The id of the application used to create this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor-app header.", "readonly": true }, "creation" : { "type" : "number", "minimum" : 0, "maximum" : 9223372036854775807, "description" : "This read only property is ignored by the server and the system will overlay with the time, in milliseconds since the epoch, when this resource was created.", "readonly": true } } , "required":[ "id", "creator", "creatorAppId", "creation" ] } } } - realmScopedResource: | { "id" : "http://api.covisint.com/schema/realmScopedResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Expands on the base resource and adds a realm attribute.", "extends" : { "$ref" : "http://api.covisint.com/schema/resource#" }, "properties" : { "realm" : { "type" : "string", "maxLength" : 25, "pattern" : "^[A-Za-z0-9]{2,25}$", "description" : "The realm in which this resource is being created. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-realm header.", "readonly": true } } , "required":[ "realm" ] } - realmScopedResourceV2: | { "id" : "http://api.covisint.com/schema/realmScopedResourceV2", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A realm scoped resource (version V2). Expands on the base resource (version V2) and adds a realm attribute.", "extends" : { "$ref" : "http://api.covisint.com/schema/resourceV2#" }, "properties" : { "realm" : { "type" : "string", "maxLength" : 25, "pattern" : "^[A-Za-z0-9]{2,25}$", "description" : "The realm in which this resource is being created. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-realm header.", "readonly": true } } , "required":[ "realm" ] } - errorResponseSchema: | { "id" : "http://api.covisint.com/schema/errorResponseSchema", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Representation of an HTTP 4xx/5xx error response.", "properties" : { "status" : { "type" : "number", "minimum" : 400, "maximum" : 599, "description" : "The HTTP status code." }, "apiMessage" : { "type" : "string", "description" : "A helpful, human-readable description of the error, useful for basic diagnostics." }, "apiStatusCode" : { "type" : "string", "description" : "The API-specific status code." } } , "required":[ "status" ] } - serviceCode: | { "id" : "http://api.covisint.com/schema/serviceCodes", "$schema" : "http://json-schema.org/draft-04/schema", "type": "object", "description": "The site/service/location codes granted along with a service.", "properties": { "code": { "type": "string", "maxLength": 200, "description": "The code value." }, "codeKind": { "type": "string", "maxLength": 36, "description": "The associated business unit." } } , "required":[ "code", "codeKind" ] } - serviceCodes: | { "type" : "array", "description" : "The site/service/location codes granted along with the service, if any.", "items" : { "$ref" : "http://api.covisint.com/schema/serviceCode#"}, "required": false } - address: | { "id" : "http://api.covisint.com/idm/schema/address", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A container for the subject's address elements.", "properties" : { "streets" : { "type" : "array", "description" : "An array of address streets (i.e. address line 1, 2, 3).", "minItems" : 0, "items" : { "type" : "string", "maxLength" : 255 } }, "city" : { "type" : "string", "maxLength" : 60, "description" : "The city name." }, "state" : { "type" : "string", "maxLength" : 60, "description" : "The state/province name or code." }, "postal" : { "type" : "string", "maxLength" : 10, "description" : "The postal or zip code." }, "country" : { "type" : "string", "minLength" : 2, "maxLength" : 3, "description" : "The ISO country code. http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2"} } } - phone: | { "id" : "http://api.covisint.com/idm/schema/phone", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A container for phone number details.", "properties" : { "number" : { "type" : "string","maxLength" : 100, "description" : "The phone number." }, "type" : { "enum" : [ "main", "mobile", "fax" ], "description" : "The phone number type." } }, "required" : [ "type" ] } - internationalString: | { "id": "http://api.covisint.com/idm/schema/internationalString", "$schema": "http://json-schema.org/draft-04/schema", "type": "array", "description" : "An internationalized string value, supporting one or more language translations.", "minItems": 1, "items": { "type": "object", "properties": { "lang": { "type": "string", "maxLength": 10, "description": "The language or locale in which the text is written." }, "text": { "type": "string", "maxLength": 2000, "description": "The internationalized text value." } } } } - tags: | { "id": "http://api.covisint.com/idm/schema/tag", "$schema": "http://json-schema.org/draft-04/schema", "type": "array", "description" : "The tags associated with a resource. This array is read-only, and may be modified on the resource endpoint with the appropriate tagging APIs.", "minItems": 1, "items": { "type": "object", "properties": { "tagName": { "type": "string", "description": "The tag associated with a resource." } } } } - baseDefinitionResource: | { "id" : "http://api.covisint.com/schema/baseDefinitionResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A base rule definition(version V1). Expands on the base resource (version V2) and adds a realm attribute.", "extends": { "$ref" : "http://api.covisint.com/schema/realmScopedResourceV2#" }, "properties": { "name": { "description": "The application name (internationalized).", "$ref": "http://api.covisint.com/schema/internationalString#" }, "description": { "description": "The application description (internationalized).", "$ref" : "http://api.covisint.com/idm/schema/internationalString#" }, "properties":{ "type":"array", "description":"Properties used by the implementation.", "minItems":0, "items":[ { "anyOf": [ { "type": "string", "description": "The name of the property." }, { "type": "string", "description": "The value of the property." } ] } ] } , "required":[ "items" ] } , "required":[ "name" ] } - baseActionDefinitionResource: | { "id" : "http://api.covisint.com/schema/baseActionDefinitionResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A base action action definition. Expands on the base definition resource ", "extends": { "$ref" : "http://api.covisint.com/schema/baseDefinitionResource#" }, "properties": { "type": { "description": "Type of action definition.", "enum": [ "SEND_APPLICATION_NOTIFICATION", "SEND_COMMAND", "SEND_NOTIFICATION" ], "required": true } } , "required":[ "type" ] } - baseTriggerDefinitionResource: | { "id" : "http://api.covisint.com/schema/baseTriggerDefinitionResource", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A base action trigger definition. Expands on the base definition resource ", "extends": { "$ref" : "http://api.covisint.com/schema/baseDefinitionResource#" }, "properties": { "type": { "description": "Type of trigger definition.", "enum": [ "DEVICE_SEND_EVENT", "DEVICE_LIFECYCLE_STATE_CHANGE", "DEVICE_OPERATIONAL_STATE_CHANGE" ] } } , "required":[ "type" ] } - dataType: | { "id" : "http://api.covisint.com/schema/dataType", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "Data type enum.", "enum":[ "string", "integer", "bool", "decimal" ] } - expression: | { "id" : "http://api.covisint.com/schema/expression#", "$schema" : "http://json-schema.org/draft-04/schema", "description" : "The DSL for defining conditional expressions.", "oneOf" : [ { "type" : "object", "properties" : { "any" : { "type" : "array", "description" : "An aggregate expression representing an 'any' condition.", "items" : { "$ref" : "http://api.covisint.com/schema/expression#" } } } }, { "type" : "object", "properties" : { "all" : { "type" : "array", "description" : "An aggregate expression representing an 'all' condition.", "items" : { "$ref" : "http://api.covisint.com/schema/expression#" } } } }, { "type" : "object", "description" : "A simple leaf-node expression. The format of this expression is: '(f:, v:())'. The supported expressions are: equal, notEqual, startsWith, endsWith, matches, greaterThan, greaterThanOrEqual, lessThan, lessThanOrEqual. The field name can be a simple field name i.e. 'id' or hierarchical field name using dot-notation like 'resource.id' / 'resource.tag[0]' . The value corresponding to the field name provided should always be a simple data type and cannot be an array or an object.", "properties" : { "expr" : { "type" : "string" } } , "required":[ "expr" ] } ] } - passwordChangesHistory: | { "id" : "http://api.covisint.com/schema/passwordChangesHistory", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an password changes history.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "eventType": { "enum" : [ "CHANGE_PASSWORD", "RESET_PASSWORD", "SPECIFY_PASSWORD"], "description": "The event type of the person." }, "passwordUpdatedUserId": { "type" : "string", "description": "The password updated user id." }, "userId": { "type" : "string", "description": "The person's registration id." }, "reason": { "type" : "string", "description": "The reason for the password change." }, "actor": { "description": "The object populates the information about actor", "$ref": "http://api.covisint.com/schema/resourceReference#" } } } - securityQuestions: | { "id" : "http://api.covisint.com/schema/securityQuestions/v2", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "array", "minItems": 1, "description": "Collection of security questions.", "items": { "$ref": "http://api.covisint.com/schema/securityQuestion/v2" } } - securityQuestion: | { "id" : "http://api.covisint.com/schema/securityQuestion/v2", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A representation of a security question.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "version": { "description" : "The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests. User supplied value will be ignored and will be set to the creation value." }, "owner": { "description": "The owner of this security question. Required only when creating or updating questions scoped to persons. For realm and organization scoped questions, this property is not required.", "$ref": "http://api.covisint.com/schema/resourceReference#" }, "question" : { "description": "Internationalized security question text.", "minItems": 0, "$ref" : "http://api.covisint.com/idm/schema/internationalString#" } }, "required":["question"] } - securityQuestionAccount: | { "id" : "http://api.covisint.com/schema/securityQuestionAccount/v2", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A representation of a security question account. An account is the pairing of zero or more question/answer that have been provided by the account holder.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResourceV2#" }, "properties" : { "version": { "description" : "The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests. User supplied value will be ignored and will be set to the creation value." }, "questions": { "type" : "array", "description": "The security questions chosen for this particular account.", "minItems": 1, "items": { "type": "object", "properties": { "question": { "description": "The selected question.", "$ref": "http://api.covisint.com/schema/resourceReference#" }, "answer" : { "type" : "string", "maxLength" : 255, "description" : "The actual answer text, in the supplier's preferred locale. Required only when creating or updating the security question account." }, "index" : { "type" : "number", "description" : "The logical order in which this question is to be viewed with respect to other questions used by this account. If provided, should be for all questions in a sequence starting with 1.", "minValue" : 1 } }, "required":["question"] } } } } - authenticationRequest: | { "id" : "http://api.covisint.com/schema/authenticationRequest", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing a authentication request resource.", "properties" : { "instant" : { "type" : "number", "description" : "The time, in milliseconds since the epoch, when the authentication request is being made. if not provided, default current time in milliseconds will be set." }, "subject": { "type": "string", "description": "The subject for which this request is being made. It can be either cuid or username." }, "subjectType":{ "type": "string", "enum": [ "CUID", "LOGIN_ID"], "description": "The type of the subject.", "default": "CUID" }, "password": { "type": "string", "description": "The password for the subject to validate." }, "service": { "type": "string", "description": "The caller service description for the request.", "maxLength" : 128 }, "subjectInet": { "type": "string", "description": "The IP address of the caller service.", "maxLength" : 64 }, "languageId": { "type": "number", "description": "The language id of incoming subject." }, "isAuthedBrowser": { "type": "boolean", "description": "Is incoming subject multifactor authenticated before." }, "latitude": { "type": "number", "description":"The latitude of the geo location in signed number format." }, "longitude": { "type": "number", "description":"The longitude of the geo location in signed number format." }, "deviceId": { "type": "string", "description":"Device Id of the user." } }, "required":["isAuthedBrowser","languageId","subjectInet","service","password","subject"] } - authenticationResponse: | { "id" : "http://api.covisint.com/schema/authenticationResponse", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing a authentication response resource.", "properties" : { "instant" : { "type" : "number", "description" : "The time, in milliseconds since the epoch, when the authentication took place." }, "result" : { "type" : "string", "enum" : [ "SUCCESS", "UNKNOWN_SUBJECT", "BAD_PASSWORD","LOCKED","EXPIRED","ERROR","REMOTE_ERROR" ], "description" : "The status of the authentication request." }, "request": { "type" : "object", "description": "The authentication request reference.", "$ref": "http://api.covisint.com/idm/schema/authenticationRequest#" }, "personId": { "type" : "string", "description": "The cuid of the person. This will be returned only if the authentication result is SUCCESS." }, "mfaAuthType": { "type" : "string", "description": "The auth level of this request, value is BASIC or GRID. This will be returned only if the authentication result is SUCCESS." } } } - authenticationRule: | { "id" : "http://api.covisint.com/idm/schema/authenticationRule", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A container for authentication rule", "properties" : { "type" : { "enum" : [ "PasswordLockout"], "description" : "The authentication rule type." } }, "required" : [ "type" ] } - passwordLockoutRule: | { "id" : "http://api.covisint.com/idm/schema/passwordLockoutRule", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "History rule for password policy", "extends" : {"$ref" : "http://api.covisint.com/schema/authenticationRule#" }, "properties" : { "failures" : {"type" : "number","description" : "The number of failures that can occur, with the failure lockout period, before a password credential is locked.", "default":3 }, "failureWindow" : {"type" : "number","description" : "The amount of time, in minutes, within which a set number of failures must occur for a password credential to be locked", "default":5 }, "lockoutWindow" : {"type" : "number","description" : "The amount of time, in minutes, before a password that was locked due to too many failed authentication attempts is automatically unlocked.", "default":15 } } } - authenticationPolicy: | { "id" : "http://api.covisint.com/schema/authenticationPolicy", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an authentication policy resource.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResourceV2#" }, "properties" : { "status" : { "type" : "string", "enum" : [ "active", "inactive", "deleted" ], "description" : "The status of the authentication policy." }, "name" : { "type" : "string", "description": "The name of authentication Policy." }, "desc": { "type" : "string", "description": "The description for authentication Policy." }, "passwordless": { "type" : "string", "description": "The passwordless rule for authentication Policy. Value is 'true' or 'false'" }, "rules" : { "type" : "array", "description" : "Authentication Policy Rules", "minItems" : 1, "items" : { "$ref" : "http://api.covisint.com/idm/schema/authenticationRule#" } }, "mfaPolicyId": { "type" : "number", "format" : "long", "description": "The Mfa policy if any associated with authentication policy" } }, "required":["rules","name","status"] } - mfaPolicyAssociation: | { "id" : "http://api.covisint.com/schema/mfaPolicyAssociation", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing mfa and authentication policy association.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResourceV2#" }, "properties" : { "mfaPolicyId" : { "type" : "string", "description" : "The Mfa policy id to be associated with Authentication policy" }, "authnPolicyId" : { "type" : "string", "description": "The Authentication Policy id to be associated with Mfa policy." }, "version": { "type" : "string", "description" : "The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests." } } } - passwordRule: | { "id" : "http://api.covisint.com/idm/schema/passwordRule", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "A container for password rule", "properties" : { "type" : { "enum" : [ "history", "lifetime", "character_class", "disallowed_words", "disallowed_characters", "length", "username", "email", "sequence"], "description" : "The password rule type." } }, "required" : [ "type" ] } - historyRule: | { "id" : "http://api.covisint.com/idm/schema/historyRule", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "History rule for password policy", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "properties" : { "numberOfPasswords" : {"type" : "number","description" : "History for passwords to maintain" } }, "required":["numberOfPasswords"] } - lifetimeRule: | { "id" : "http://api.covisint.com/idm/schema/lifetimeRule", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Lifetime rule for password policy", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "properties" : { "minPasswordLifetime" : {"type" : "number","description" : "The minimum amount of time, in days, that must pass between password changes." }, "maxPasswordLifetime" : {"type" : "number","description" : "The maximum time, in days, that a password can exist before it is changed" } }, "required":["maxPasswordLifetime","minPasswordLifetime"] } - characterClassRule: | { "id" : "http://api.covisint.com/idm/schema/characterClassRule", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Character class rule for password policy", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "properties" : { "allowUpperChars" : {"type" : "boolean","description" : "If password policy allows uppercase chars." }, "allowLowerChars" : {"type" : "boolean","description" : "If password policy allows lowercase chars." }, "allowNumChars" : {"type" : "boolean","description" : "If password policy allows numbers." }, "allowSpecialChars" : {"type" : "boolean","description" : "If password policy allows special chars." }, "requiredNumberOfCharClasses" : {"type" : "boolean","description" : "If password policy requires numbers." }, "repeatingCharCount" : {"type" : "number", "description" : "The number of consecutive repeating characters to be checked in a password. Must be greater than 1."} }, "required":["allowUpperChars","allowLowerChars","allowNumChars","allowSpecialChars","requiredNumberOfCharClasses"] } - disallowedWordsRule: | { "id" : "http://api.covisint.com/idm/schema/disallowedWordsRule", "$schema" : "http://json-schema.org/draft-04/schema", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "type" : "object", "description" : "Disallowed words rule for password policy", "properties" : { "wordListId" : {"type" : "number","description" : "Unique identifier of the disallowed word list" } }, "required":["wordListId"] } - disallowedCharsRule: | { "id" : "http://api.covisint.com/idm/schema/disallowedCharsRule", "$schema" : "http://json-schema.org/draft-04/schema", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "type" : "object", "description" : "Disallowed chars rule for password policy", "properties" : { "disallowedChars" : {"type" : "string","description" : "Disallowed characters in the password" } }, "required":["disallowedChars"] } - lengthRule: | { "id" : "http://api.covisint.com/idm/schema/lengthRule", "$schema" : "http://json-schema.org/draft-04/schema", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "type" : "object", "description" : "Length rule for password policy", "properties" : { "min" : {"type" : "number","description" : "Minimum length of the password alowed." }, "max" : {"type" : "number","description" : "Maximum length of the password alowed." } }, "required":["min","max"] } - usernameRule: | { "id" : "http://api.covisint.com/idm/schema/usernameRule", "$schema" : "http://json-schema.org/draft-04/schema", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "type" : "object", "description" : "Username rule for password policy", "properties" : { "numberOfCharacters" : {"type" : "number","description" : "The number of characters from username to be matched in a password. Defaults to 4, if not specified" } } } - sequenceRule: | { "id" : "http://api.covisint.com/idm/schema/sequenceRule", "$schema" : "http://json-schema.org/draft-04/schema", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "type" : "object", "description" : "Sequence rule for password policy", "properties" : { "numberOfCharacters" : {"type" : "number","description" : "The number of sequential characters to be matched in a password. Must be greater than 2" } } } - emailRule: | { "id" : "http://api.covisint.com/idm/schema/emailRule", "$schema" : "http://json-schema.org/draft-04/schema", "extends" : {"$ref" : "http://api.covisint.com/schema/passwordRule#" }, "type" : "object", "description" : "email rule for password policy" } - passwordPolicy: | { "id" : "http://api.covisint.com/schema/passwordPolicy", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an password policy resource.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResourceV2#" }, "properties" : { "status" : { "type" : "string", "enum" : [ "active", "inactive", "deleted" ], "description" : "The status of the password policy." }, "name" : { "type" : "string", "description": "The name of password Policy." }, "desc": { "type" : "string", "description": "The description for password Policy." }, "rules" : { "type" : "array", "description" : "Password Policy Rules", "minItems" : 0, "items" : { "$ref" : "http://api.covisint.com/idm/schema/passwordRule#" } } }, "required":["name", "status"] } - password: | { "id" : "http://api.covisint.com/schema/password", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an password resource.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "subject": { "description": "The subject for which this password resource belongs to.", "$ref": "http://api.covisint.com/schema/resourceReference#" }, "password": { "type" : "string", "description": "The password string for the subject. When a password is sent in the body of a request, this property is used to transport the desired password." }, "hashAlgorithm": { "type" : "string", "description": "The algorithm which this password is hashed with. This property along with 'hashedPassword' is used to represent the stored password, when a password resource is returned in the response body." }, "hashedPassword": { "type" : "string", "description": "The subject's new password, hashed. This property along with 'hashAlgorithm' is used to represent the stored password, when a password resource is returned in the response body." }, "passwordPolicyId" : { "type" : "string", "description" : "The unique identifier for the password policy governing the password." }, "authenticationPolicyId" : { "type" : "string", "description" : "The unique identifier for the authentication policy governing the password." }, "expiration" : { "type" : "number", "description" : "The time, in milliseconds since the epoch, when the password expires." }, "locked" : { "type" : "boolean", "description" : "Whether or not the password is locked." }, "unlockInstant" : { "type" : "number", "description" : "The time, in milliseconds since the epoch, when the password will be unlocked." }, "reason": { "description": "The reason for the password change.", "type" : "string" }, "lockedTimestamp" : { "type" : "number", "description" : "The time, in milliseconds since the epoch, when the password got locked." } }, "required":["authenticationPolicyId","passwordPolicyId","subject"] } - passwordValidation: | { "id" : "http://api.covisint.com/schema/passwordValidation", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an password validation.", "properties" : { "name" : { "type" : "array", "description": "Represents password validation response.", "minItems": 1, "items": { "type": "object", "properties": { "type": { "type": "string" }, "description": { "type": "string", "maxLength": 2000 }, "passed": { "type": "boolean"} }, "required":["passed"] } } }, "required":["name"] } - pin: | { "id" : "http://api.covisint.com/schema/pin", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an pin resource.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "pin": { "type" : "string", "description": "The pin string for pin resource." } }, "required":["pin"] } - nonce: | { "id" : "http://api.covisint.com/schema/nonce", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an pin resource.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "nonce": { "type" : "string", "description": "The nonce string for nonce resource." }, "url": { "type" : "string", "description": "The url string for nonce resource." }, "CUID": { "type" : "string", "description": "The cuid string for nonce resource." }, "expireTime": { "type" : "number", "description" : "The epoc time in milliseconds, when the nonce expires." }, "status" : { "type" : "string", "enum" : [ "CREATED", "VALIDATION_SUCCESSFUL", "VALIDATION_TIMEOUT" ], "description" : "The status of the nonce." } }, "required":["status","expireTime","CUID","url","nonce"] } - tokenPayload: | { "id" : "http://api.covisint.com/idm/schema/tokenPayload/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing the id token payload.", "properties" : { "subject": { "description": "The subject to which the id token is intended for", "$ref": "http://api.covisint.com/schema/resourceReference#" } }, "required":["subject"] } - tokenRequest: | { "id" : "http://api.covisint.com/idm/schema/tokenRequest/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing a token request.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResource#" }, "properties" : { "payload": { "type" : "object", "description": "The token payload reference.", "$ref": "http://api.covisint.com/idm/schema/tokenPayload/v1#" } } } - token: | { "id" : "http://api.covisint.com/idm/schema/token/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing a token resource.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResource#" }, "properties" : { "idToken": { "type" : "string", "description": "The ID token as per JWT spec." } } } - signatureAlgorithm: | { "id": "http://api.covisint.com/idm/schema/signatureAlgorithm/v1", "$schema": "http://json-schema.org/draft-04/schema", "type": "array", "description" : "JWT parameters representing signature algorithms and keys.", "minItems": 1, "items": { "type": "object", "properties": { "alg":{ "type": "string", "description": "The signing algorithm as per JWT spec.", "enum" : ["HS256", "HS384", "HS512", "RS256"] }, "key":{ "type": "string", "description": "The information about the key. This information will be available in the POST response when a policy is created for the first time." } } } } - supportedSignatureAlgorithm: | { "id": "http://api.covisint.com/idm/schema/supportedSignatureAlgorithm/v1", "$schema": "http://json-schema.org/draft-04/schema", "type": "object", "description" : "The supported JWT signature algorithms consisting of the default one for creating token.", "properties" : { "default": { "type": "string", "enum" : [ "HS256", "HS384", "HS512","RS256" ], "description": "The signing algorithm as per JWT spec which will used for creating token." }, "signatureAlgorithms" : { "description": "The supported signature algorithms.", "$ref" : "http://api.covisint.com/idm/schema/signatureAlgorithm#" } }, "required":["default"] } - encryptionAlgorithm: | { "id": "http://api.covisint.com/idm/schema/encryptionAlgorithm/v1", "$schema": "http://json-schema.org/draft-04/schema", "type": "array", "description" : "JWE configuration parameters representing encKeyAlg, enc and key.", "minItems": 1, "items": { "type": "object", "properties": { "encKeyAlg": { "type": "string", "description": "The key management algorithm as per JWE spec.", "enum" : ["dir", "RSA-OAEP-256"] }, "enc": { "type": "string", "description": "The content encryption algorithm as per JWE spec.", "enum" : ["A128CBC-HS256", "A192CBC-HS384","A256CBC-HS512", "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A192GCM", "A256GCM"] }, "key": { "type": "string", "description": "The information about the key. This information will be available in the POST response when a policy is created for the first time." } } } } - supportedEncryptionAlgorithm: | { "id": "http://api.covisint.com/idm/schema/supportedEncryptionAlgorithm/v1", "$schema": "http://json-schema.org/draft-04/schema", "type": "object", "description" : "The supported JWT encryption algorithms consisting of the default ones for creating encrypted token.", "properties" : { "defaultEncKeyAlg": { "type": "string", "description": "The default key management algorithm as per JWE spec.", "enum" : ["dir", "RSA-OAEP-256"] }, "defaultEnc": { "type": "string", "description": "The content encryption algorithm as per JWE spec.", "enum" : ["A128CBC-HS256", "A192CBC-HS384","A256CBC-HS512", "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A192GCM", "A256GCM"] }, "encryptionAlgorithms" : { "description": "The supported encryption algorithms.", "$ref" : "http://api.covisint.com/idm/schema/encryptionAlgorithm#" } }, "required":["defaultEncKeyAlg","defaultEnc"] } - tokenPolicy: | { "id" : "http://api.covisint.com/idm/schema/tokenPolicy/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing a token policy resource.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResource#" }, "properties" : { "name": { "type" : "string", "description": "The name of the token policy." }, "description": { "type" : "string", "description": "The description of the token policy." }, "issuer": { "type" : "string", "description": "The issuer of the token policy.", "default": "covisint.com" }, "expiration": { "type" : "number", "description": "The number of seconds after which the token will be expired after its creation." }, "idleTime": { "type" : "number", "description": "The number of seconds after which the JWT Cookie(containing this token) will be disabled." }, "tokenAuthenticationFailureAttempts": { "type" : "number", "description": "The token authentication failure attempts of the token policy.", "default": 1, "minimum": 1, "maximum": 10 }, "supportedSignatureAlgorithms" : { "description": "The supported signature algorithms.", "$ref" : "http://api.covisint.com/idm/schema/supportedSignatureAlgorithm#" }, "supportedEncryptionAlgorithms" : { "description": "The supported encryption algorithms.", "$ref" : "http://api.covisint.com/idm/schema/supportedEncryptionAlgorithm#" } }, "required":["idleTime","expiration","name"] } - tokenPolicyExternal: | { "id" : "http://api.covisint.com/idm/schema/tokenPolicyExternal/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing a token policy(external) resource.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResource#" }, "properties" : { "name": { "type" : "string", "description": "The name of the token policy." }, "description": { "type" : "string", "description": "The description of the token policy." }, "issuer": { "type" : "string", "description": "The issuer of the token policy.", "default": "covisint.com" }, "expiration": { "type" : "number", "description": "The number of seconds after which the token will be expired after its creation." }, "signatureAlgorithm" : { "description": "The supported signature algorithm.", "properties" : { "alg": { "type": "string", "enum" : [ "HS256", "RS256" ], "description": "The signing algorithm as per JWT spec which will used for creating token." }, "kid": { "type" : "string", "description": "The KID for Signature Algorithm." } } }, "encryptionAlgorithm" : { "description": "The supported encryption algorithm.", "properties" : { "encKeyAlg": { "type": "string", "description": "The default key management algorithm as per JWE spec.", "enum" : ["dir", "RSA-OAEP-256"] }, "enc": { "type": "string", "description": "The content encryption algorithm as per JWE spec.", "enum" : ["A128CBC-HS256", "A192CBC-HS384","A256CBC-HS512", "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A192GCM", "A256GCM"] }, "key": { "type" : "string", "description": "Encryption Key." } } } }, "required":["issuer","expiration","name","signatureAlgorithm"] } - sessionRequest: | { "id" : "http://api.covisint.com/schema/session", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an session request.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "authrequest": { "type" : "object", "description": "The authentication request reference.", "$ref": "http://api.covisint.com/idm/schema/authenticationRequest#" } }, "required":["authrequest"] } - sessionExternalRequest: | { "id" : "http://api.covisint.com/schema/sessionExternal/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an session external request.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "policyId": { "type" : "string", "description": "Token Policy Id." }, "claims": { "type" : "object", "description": "Claims for JWT", "minItems" : 0 } }, "required":["policyId"] } - sessionToken: | { "id" : "http://api.covisint.com/idm/schema/sessionToken/v1", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing a session token.", "extends" : { "$ref" : "http://api.covisint.com/schema/realmScopedResource#" }, "properties" : { "idToken": { "type" : "string", "description": "The ID token as per JWT spec." }, "xsrfToken": { "type" : "string", "description": "The XsrfToken." } }, "required":["xsrfToken","idToken"] } - nonceRequest: | { "id" : "http://api.covisint.com/schema/nonceRequest", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an nonce request.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "nonce": { "type" : "string", "description": "The nonce string for nonce resource." } }, "required":["nonce"] } - nonceResponse: | { "id" : "http://api.covisint.com/schema/nonceResponse", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an nonce response.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "idToken": { "type" : "string", "description": "The ID token." }, "xsrfToken": { "type" : "string", "description": "The XsrfToken." } }, "required":["idToken", "xsrfToken"] } - generateOtp: | { "id" : "http://api.covisint.com/schema/generateOtp", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing password reset otp request to generate.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties": { "userId": { "type": "string", "description": "The userId i.e. cuid" }, "type": { "type": "string", "description": "The type of OTP mode i.e. phone/sms/email" }, "phoneType" : { "type": "string", "description": "The phoneType i.e. mobile/phone" }, "trackingId" : { "type": "string", "description": "The otp tracking id" } }, "required" : ["userId","type","phoneType"] } - validateOtp: | { "id" : "http://api.covisint.com/schema/validateOtp", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing password reset otp request to validate.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties": { "trackingId": { "type": "string", "description": "The trackingId i.e. generated from generateOtp endpoint" }, "passCode": { "type": "string", "description": "The passCode as OTP i.e. sent in email or phone" }, "nonce" : { "type": "string", "description": "The nonce i.e. will be returned as response by validating trackingId and passCode" }, "cuid" : { "type": "string", "description": "The userId i.e. cuid as part of response" } }, "required" : ["trackingId","passCode"] } - generatelinkrequest: | { "id" : "http://api.covisint.com/schema/generatelinkrequest", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing generate link request.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "subject": { "type": "string", "description": "The subject for which this request is being made. It can be either cuid or username." }, "subjectType":{ "type": "string", "enum": [ "CUID", "LOGIN_ID"], "description": "The type of the subject.", "default": "CUID" }, "idVerifyFields":{ "type": "object", "description": "The map of idverify fields where key is the string configured in property and value as value of the key against subject. Its mandatory if password self reset mode property is configured for realm" } }, "required":["subject"] } - secretinclusionresponse: | { "id" : "http://api.covisint.com/schema/secretinclusionresponse", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing generate link response for reset password.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "secret" : { "type" : "string", "description": "The secret string for secretinclusionresponse." } }, "required" : ["secret"] } - validatelinkrequest: | { "id" : "http://api.covisint.com/schema/validatelinkrequest", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing validate link request.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "secret": { "type" : "string", "description": "The secret string for validatelinkrequest." } }, "required":["secret"] } - deletelinkrequest: | { "id" : "http://api.covisint.com/schema/deletelinkrequest", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing change password request.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "nonce": { "type" : "string", "description": "The nonce string for deletelinkrequest." }, "cuid": { "type" : "string", "description": "The cuid string for deletelinkrequest." } }, "required":["nonce", "cuid"] } - changepasswordrequest: | { "id" : "http://api.covisint.com/schema/changepasswordrequest", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing change password request.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "nonce": { "type" : "string", "description": "A valid nonce." }, "cuid": { "type" : "string", "description": "Person Id" }, "newPassword": { "type" : "string", "description": "New Password" }, "userName": { "type" : "string", "description": "UserName" } }, "required":["nonce", "cuid", "newPassword"] } - validatelinkresponse: | { "id" : "http://api.covisint.com/schema/validatelinkresponse", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing validatelinkresponse response.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "cuid": { "type" : "string", "description": "covisint unique identifier." }, "nonce": { "type" : "string", "description": "The nonce token." } }, "required":["cuid", "nonce"] } - passwordattemptscount: | { "id" : "http://api.covisint.com/schema/passwordattemptscount", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing passwordattemptscount response.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "invalidAttempts": { "type" : "number", "description": "password invalid attempts made by user." }, "attemptsLeft": { "type" : "number", "description": "password attemts left." } }, "required":["invalidAttempts", "attemptsLeft"] } - remoteConfigAssociation: | { "id" : "http://api.covisint.com/schema/remoteConfigAssociation", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing remoteConfigAssociation resource", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "remoteConfigId": { "type" : "string", "description": "remoteConfig identifier." }, "authnPolicyId": { "type" : "string", "description": "authn policy identifier." } }, "required":["remoteConfigId", "authnPolicyId"] } - userAvailableModes: | { "id" : "http://api.covisint.com/schema/userAvailableModes", "$schema" : "http://json-schema.org/draft-04/schema", "type": "object", "properties": { "availableModes": { "type": "array", "description": "These are the available Modes for user.", "items": [ { "type": "string" } ] }, "email": { "type": "string", "description": "This is the email id of user. It is encoded in format a***b@xyz.com" }, "defaultPhone": { "type": "string", "description": "This is the default phone number of user. It is encoded in format ******1234" }, "mobileNumber": { "type": "string", "description":"This is the mobile number of user. It is encoded in format ******1234" } } } - userMode: | { "id" : "http://api.covisint.com/schema/userMode", "$schema" : "http://json-schema.org/draft-04/schema", "type": "object", "properties": { "mode": { "type": "string", "description": "This is the registered mode for user." } } } - authNonce: | { "id" : "http://api.covisint.com/schema/nonce", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an pin resource.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "cuid": { "type" : "string", "description": "The cuid string for nonce resource." }, "expireTime": { "type" : "number", "description" : "The epoc time in milliseconds, when the nonce expires." }, "status" : { "type" : "string", "enum" : [ "CREATED", "VALIDATION_SUCCESSFUL", "VALIDATION_TIMEOUT" ], "description" : "The status of the nonce." }, "authResult" : { "type" : "object", "description" : "The session request reference", "$ref": "http://api.covisint.com/idm/schema/sessionRequest#" }, "lastUpdatedUserId" :{ "type" : "string", "description": "CUID of lastupdated user" }, "lastUpdatedTime" :{ "type" : "number", "description": "The epoc time in milliseconds, when the nonce was updated." } }, "required":["cuid","authResult"] } - userEntitlementEvent: | { "id" : "http://api.covisint.com/schema/userEntitlement", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an pin resource.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "cuid": { "type" : "string", "description": "The cuid string for entitlement resource." }, "eventName": { "type" : "string", "description" : "The eventName for the cuid." }, "id" : { "type" : "string", "maxLength" : 100, "description" : "The unique identifier for this resource." }, "version": { "type" : "string", "description" : "The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests." }, "creator" : { "type" : "string", "maxLength" : 64, "description" : "The creator of this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor header.", "readonly": true }, "creatorAppId" : { "type" : "string", "maxLength" : 64, "description" : "The id of the application used to create this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor-app header.", "readonly": true }, "creation" : { "type" : "number", "minimum" : 0, "maximum" : 9223372036854775807, "description" : "This read only property is ignored by the server and the system will overlay with the time, in milliseconds since the epoch, when this resource was created.", "readonly": true }, "realm" : { "type" : "string", "maxLength" : 25, "pattern" : "^[A-Za-z0-9]{2,25}$", "description" : "The realm in which this resource is being created. This is mandatory if x-realm header is NOT available" } }, "required":["cuid","eventName"] } - orgEntitlementEvent: | { "id" : "http://api.covisint.com/schema/userEntitlement", "$schema" : "http://json-schema.org/draft-04/schema", "type" : "object", "description" : "Schema representing an pin resource.", "extends" : { "$ref" : "http://api.covisint.com/idm/schema/realmScopedResource#" }, "properties" : { "gblCovOrgId": { "type" : "string", "description": "The gblCovOrgId string for entitlement resource." }, "eventName": { "type" : "string", "description" : "The eventName for the organization." }, "id" : { "type" : "string", "maxLength" : 100, "description" : "The unique identifier for this resource." }, "version": { "type" : "string", "description" : "The current version for this resource. Exists once the resource has been saved. This is mandatory for PUT requests, but should not be supplied for POST requests." }, "creator" : { "type" : "string", "maxLength" : 64, "description" : "The creator of this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor header.", "readonly": true }, "creatorAppId" : { "type" : "string", "maxLength" : 64, "description" : "The id of the application used to create this resource. This read-only field is ignored by the server, and is overlayed with the value supplied in the x-requestor-app header.", "readonly": true }, "creation" : { "type" : "number", "minimum" : 0, "maximum" : 9223372036854775807, "description" : "This read only property is ignored by the server and the system will overlay with the time, in milliseconds since the epoch, when this resource was created.", "readonly": true }, "realm" : { "type" : "string", "maxLength" : 25, "pattern" : "^[A-Za-z0-9]{2,25}$", "description" : "The realm in which this resource is being created. This is mandatory if x-realm header is NOT available" } }, "required":["gblCovOrgId","eventName"] } traits: - secured: displayName: secured - unsecured: displayName: unsecured - getResponse: displayName: getResponse - getSearchResponse: displayName: getSearchResponse - postResponse: displayName: postResponse - deleteResponse: displayName: deleteResponse - putResponse: displayName: putResponse - putResponseV2: displayName: putResponseV2 - putCreateResponse: displayName: putCreateResponse - taskResponse: displayName: taskResponse - pagableRequest: displayName: pagableRequest - taggable: displayName: taggable - sortable: displayName: sortable - searchable: displayName: searchable /persons/{personId}/accounts: description: "Endpoint for a person's accounts. [Since:2.0]" uriParameters: personId: description: The unique id of the person. type: string required: true repeat: false is: [secured] /securityQuestion: is: [secured] get: description: "Returns the person's security question account. [flow-name:authn-get-person-securityquestion][policy:RETRIEVE_PERSONSECURITYQUESTIONS]" headers: Accept: description: Media type for a person security question account. type: string required: true repeat: false example: application/vnd.com.covisint.platform.person.account.securityQuestion.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false responses: "200": description: The person's chosen security questions were successfully retrieved. body: application/vnd.com.covisint.platform.person.account.securityQuestion.v1+json: schema: securityQuestionAccount "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:resource:missing - A resource with the following ID was not found: {resourceId} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] put: description: "Updates a person's security questions account (or creates one if it doesn't exist).[flow-name:authn-update-person-securityquestion][policy:UPDATE_PERSONSECURITYQUESTIONS]" headers: Accept: description: Media type for a person security question account. type: string required: true repeat: false example: application/vnd.com.covisint.platform.person.account.securityQuestion.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.person.account.securityQuestion.v1+json: schema: securityQuestionAccount responses: "200": description: The person's security question account was updated successfully (or created if it didn't already exist). body: application/vnd.com.covisint.platform.person.account.securityQuestion.v1+json: schema: securityQuestionAccount "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} + security.question.account.invalid.fixed.questions - Only {count} unique fixed questions are allowed + security.question.account.invalid.fixed.question.index - Set unique index for all fixed questions in a sequence starting with '1' OR do not set index for any question + security.question.account.invalid.challenge.question- Only {count} challenge question(s) are allowed + security.question.account.invalid.fixed.question.id.format - Invalid fixed question id format. Valid format is 'realmId:questionId', where questionId is a number + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "409": description: | There is a conflict in identifying the resource being acted on. There are two categories. (1) The unique identifier in the URL and in the body are different. (2) The current version of the resource being updated and the version sent in the body of the request. This may be an indication that the resource has changed since the client loaded it. The conflict should be resolved and the update resubmitted with the current version of the resource. + framework:resource:conflict + framework:resource:conflict:id - The ID of the resource in the request, {requestedId}, does not match the ID of the given resource, {resourceId} + framework:resource:conflict:version - The version of the provided resource, {requestVersion}, does not match the current version of the resource, {latestVersion} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [putResponse] /securityQuestions: description: "Endpoint for security questions used to verify a person's account. [Since:2.0]" is: [secured] get: description: "Search for available security questions. If the owner query parameters are not specified, then all available security questions will be returned. [flow-name:authn-search-securityquestions][policy:RETRIEVE_SECURITYQUESTIONS]" headers: Accept: description: Media type for a security question resource. type: string required: true repeat: false example: application/vnd.com.covisint.platform.securityquestion.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: owner.id: description: Filter on the id of the resource owning the question. For example, the person id or organization id. This query parameter is only required if owner.type is specified. type: string required: false repeat: false owner.type: description: Filter on the type of the resource owning the question. For example, person or organization. This query paramer is only required if owner.id is specified. type: string required: false repeat: false page: description: Which page to return in the paginated results. The first page is page 1. type: integer required: false repeat: false minimum: 1 default: 1 pageSize: description: How many items per page in the paginated results. type: integer required: false repeat: false minimum: 1 maximum: 2E+2 default: 50 responses: "200": description: All matching security questions were successfully retrieved. body: application/vnd.com.covisint.platform.securityquestion.v1+json: schema: securityQuestions "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + securityquestions.multiple.owner.id.invalid - Muliple owner ids {ownerId(s)} are not allowed + securityquestions.multiple.owner.type.invalid - Muliple owner types {ownerId(s)} are not allowed + securityquestions.owner.id.invalid - Owner id {ownerId} invalid if owner type is not mentioned + securityquestions.owner.type.invalid - Owner type {ownerType} invalid if owner id is not mentioned + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:request:param:invalid - The following parameter should not be part of the request: {queryParameterName} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getSearchResponse, pagableRequest, secured] /{id}: description: "Endpoint for security questions of a specific user.[policy:RETRIEVE_SECURITYQUESTION]" uriParameters: id: description: The unique id of the person. type: string required: true repeat: false is: [secured] put: description: "Updates a security question, creating it when it doesn't exist. Currently, only person-scoped security questions are supported. Clears the person scoped question if an empty question array is supplied. In all the scenarios, the person scoped answer gets overwritten.[flow-name:authn-update-securityquestion]" headers: Accept: description: Media type for a person security question account. type: string required: true repeat: false example: application/vnd.com.covisint.platform.securityquestion.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.securityquestion.v1+json: schema: securityQuestion responses: "200": description: The person scoped question was updated successfully (or created if it didn't already exist). body: application/vnd.com.covisint.platform.securityquestion.v1+json: schema: securityQuestion "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} + security.question.invalid.owner.type - Invalid owner type for challenge question. Valid value is: person + security.question.one.question.text.allowed - Only 1 question text is allowed + security.question.challenge.question.not.allowed - Challenge question is not allowed + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:resource:missing - The following resources were not found: {resources} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "409": description: | There is a conflict in identifying the resource being acted on. There are two categories. (1) The unique identifier in the URL and in the body are different. (2) The current version of the resource being updated and the version sent in the body of the request. This may be an indication that the resource has changed since the client loaded it. The conflict should be resolved and the update resubmitted with the current version of the resource. + framework:resource:conflict + framework:resource:conflict:id - The ID of the resource in the request, {requestedId}, does not match the ID of the given resource, {resourceId} + framework:resource:conflict:version - The version of the provided resource, {requestVersion}, does not match the current version of the resource, {latestVersion} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [putResponse] /policies: description: "collection endpoint for authentication policy resources.[Since:4.3]" is: [secured] get: description: "Performs a search for authentication policy resources.[flow-name:authn-search-authn-policies][Since:4.5][policy:RETRIEVE_AUTHENTICATIONPOLICIES]" headers: Accept: description: Media type. type: string required: true repeat: false Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: id: description: Retrieve only authentication policies with the specified ids. The search is case-insensitive. Multiple parameters are supported and the search results will be a union. type: string required: false repeat: false name: description: Retrieve group templates with the specified name. Wildcard search is supported using asterisk (*). Multiple parameters are supported and the search results will be a union. type: string required: false repeat: false fromDate: description: Retrieve attribute types with the specified dateTime. Range search is supported. Multiple parameter values can be provided, in which case any matching audits will be returned. type: string required: false repeat: false toDate: description: Retrieve attribute types with the specified dateTime. Range search is supported. Multiple parameter values can be provided, in which case any matching audits will be returned. type: string required: false repeat: false sortBy: description: Sort the search results. type: string required: false repeat: false enum: [creation] responses: "200": description: All authentication policies that satisfy the query parameters were successfully retrieved (response collection may be empty). body: application/vnd.com.covisint.platform.authn.policy.v1+json: schema: authenticationPolicy "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] post: description: "Creates an authentication policy.[flow-name:authn-create-authn-policies][Since:4.18]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.policy.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.authn.policy.v1+json: schema: authenticationPolicy responses: "200": description: The authentication policy was successfully created body: application/vnd.com.covisint.platform.authn.policy.v1+json: schema: authenticationPolicy "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:data:invalid - The following information should not be part of the resource: {resourceFieldName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /{id}: description: individual resource endpoint for authentication policy. uriParameters: id: description: Unique identifyer of the authentication policy type: string required: true repeat: false maxLength: 36 is: [secured] get: description: "Returns the authentication policy by its id.[flow-name:authn-get-authn-policy][Since:4.3][policy:RETRIEVE_AUTHENTICATIONPOLICY]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.policy.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false responses: "200": description: The authentication policy was successfully retrieved body: application/vnd.com.covisint.platform.authn.policy.v1+json: schema: authenticationPolicy "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] delete: description: "Removes the authentication policy by its id.[flow-name:authn-delete-authn-policy][Since:4.18][policy:DELETE_AUTHENTICATIONPOLICIY]" headers: Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false responses: "204": description: The authentication policy was successfully removed. "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema put: description: "Updates the authentication policy by its id.[flow-name:authn-update-authn-policy][Since:4.33][policy:UPDATE_AUTHENTICATIONPOLICIES]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.policy.v1+json Content-Type: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.policy.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.authn.policy.v1+json: schema: authenticationPolicy responses: "200": description: The authentication policy was successfully updated. body: application/vnd.com.covisint.platform.authn.policy.v1+json: schema: authenticationPolicy "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:data:invalid - The following information should not be part of the resource: {resourceFieldName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + invalid.authentication.policy.name - Policy {resource.name} already exists body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:resource:missing : A resource with the following ID was not found- {id} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /mfapolicy/associate: description: "collection endpoint for associating mfa policy with authn policy [Since:4.3]" is: [secured] post: description: "Creates an association between mfa and authentication policy.[flow-name:create-mfa-policy-association][Since:4.3][policy:CREATE_MFAPOLICY_ASSOCIATION]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.mfa.policy.association.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.authn.mfa.policy.association.v1+json: schema: mfaPolicyAssociation responses: "200": description: The mfa and authentication policy association was successfully created body: application/vnd.com.covisint.platform.authn.mfa.policy.association.v1+json: schema: mfaPolicyAssociation "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + err.mfa.policy.association - Mfa policy association already present for authn policy id: {authnPolicyId} + err.mfa.policy.association - mfa policy id is invalid: {mfaPolicyId} + err.mfa.policy.association - authn policy id is invalid: {authnPolicyId} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /{id}: uriParameters: id: displayName: id type: string required: true repeat: false put: description: "Updates the association between mfa and authentication policy.[flow-name:update-mfa-policy-association][Since:4.3][policy:UPDATE_MFAPOLICY_ASSOCIATION]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.mfa.policy.association.v1+json body: application/vnd.com.covisint.platform.authn.mfa.policy.association.v1+json: schema: mfaPolicyAssociation responses: "200": description: The mfa and authentication policy association was successfully created body: application/vnd.com.covisint.platform.authn.mfa.policy.association.v1+json: schema: mfaPolicyAssociation "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:resource:missing - A resource with the following ID was not found- {authnPolicyId} + err.mfa.policy.association - mfa policy id is invalid: {mfaPolicyId} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "409": description: | There was a problem with the client's request. ___ Substatus codes are mentioned below: + framework:resource:conflict:id - The ID of the resource in the request, {id}, does not match the ID of the given resource, {id}; delete: description: "Removes the mfa policy association by authentication policy id.[flow-name:delete-mfa-policy-association][Since:4.3][policy:DELETE_MFAPOLICY_ASSOCIATION]" responses: "204": description: The mfa association was successfully removed. "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:resource:missing - A resource with the following ID was not found- {authnPolicyId} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /passwords: description: "collection endpoint for password resources [Since:2.1]" is: [secured] /{id}: description: individual resource endpoint for password. uriParameters: id: description: Unique identifier of the password type: string required: true repeat: false maxLength: 36 is: [secured] get: description: "Returns the password by its id.[flow-name:authn-get-password] [Since:4.0]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false responses: "200": description: The password was successfully retrieved body: application/vnd.com.covisint.platform.password.v1+json: schema: passwordPolicy "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] put: description: "Creates or updates a password resource.This end point will create new password resource if it doesnot exist else will update the existing password resource.[flow-name:authn-put-password-policy][Since:4.0][policy:UPDATE_PASSWORD]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: mode: description: Mode desccribes the context under which a password resource is getting updated. type: string required: false repeat: false enum: [SPECIFY, CHANGE, RESET] body: application/vnd.com.covisint.platform.password.v1+json: schema: password responses: "200": description: The password policy was successfully created or updated. body: application/vnd.com.covisint.platform.password.v1+json: schema: password "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:data:invalid - The following information should not be part of the resource: {resourceFieldName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:resource:missing - The following resources were not found: {resourceFieldName(s) - resourceFieldValue(s)} + framework:request:data:invalid - You are not allowed to the password for the application user. + current.password.missing - When changing a password, the current password must be supplied body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /{personId}/attempts/count: description: individual resource endpoint for password attempts. uriParameters: personId: description: get invalid attempts of password by user. type: string required: true repeat: false maxLength: 36 is: [secured] get: description: "returns the password attempts count by personid.[flow-name:authn-get-password-attempts-count] [Since:4.5][policy:GET_PASSWORDS_ATTEMPTS_COUNT]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.attempts.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false responses: "200": description: attempts of password was successfully retrieved body: application/vnd.com.covisint.platform.password.attempts.v1+json: schema: passwordattemptscount "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] /changeHistory: description: "Endpoint used to get password changes history. [Since:3.1]" is: [secured] get: description: "Endpoint used to get password changes history.[flow-name:authn-password-change-history][policy:RETRIEVE_PASSWORDCHANGE]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.password.change.history.req.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: userId: description: The person's registration id. type: string required: true repeat: false eventType: description: The event type of the person. type: string required: false repeat: false passwordUpdatedUserId: description: The password updated user id. type: string required: false repeat: false responses: "200": description: The password changes history was successfully retrieved body: application/vnd.com.covisint.platform.authn.password.change.history.req.v1+json: schema: passwordChangesHistory "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + person.userId.missing - The user id is missing: {userId} + person.multiple.userId.not.allowed - Multiple userId are not allowed. + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:data:invalid - The following information should not be part of the resource: {resourceFieldName} + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] /policies: description: "collection endpoint for password policy resources [Since:4.0]" is: [secured] get: description: "Performs a search for password policy resources.[Since:4.18][flow-name:authn-get-password-policies]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.policy.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: id: description: Retrieve only password policies with the specified ids. The search is case-insensitive. Multiple parameters are supported and the search results will be a union. type: string required: false repeat: false name: description: Retrieve group templates with the specified name. Wildcard search is supported using asterisk (*). Multiple parameters are supported and the search results will be a union. type: string required: false repeat: false fromDate: description: Retrieve attribute types with the specified dateTime. Range search is supported. Multiple parameter values can be provided, in which case any matching audits will be returned. type: string required: false repeat: false toDate: description: Retrieve attribute types with the specified dateTime. Range search is supported. Multiple parameter values can be provided, in which case any matching audits will be returned. type: string required: false repeat: false sortBy: description: Sort the search results. type: string required: false repeat: false enum: [creation] responses: "200": description: All password policies that satisfy the query parameters were successfully retrieved (response collection may be empty). body: application/vnd.com.covisint.platform.password.policy.v1+json: schema: passwordPolicy "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] post: description: "Creates a password policy.[Since:4.18][flow-name:authn-create-password-policy][policy:CREATE_PASSWORDPOLICY]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.policy.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.password.policy.v1+json: schema: passwordPolicy responses: "200": description: The password policy was successfully created body: application/vnd.com.covisint.platform.password.policy.v1+json: schema: passwordPolicy "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:data:invalid - The following information should not be part of the resource: {resourceFieldName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [postResponse] /{id}: description: "individual resource endpoint for password policy. [Since:4.0]" uriParameters: id: description: Unique identifier of the password policy. type: string required: true repeat: false maxLength: 36 get: description: "Returns the password policy by its id.[Flow-Name:authn-get-password-policy][Since:4.0][policy:RETRIEVE_PASSWORDPOLICY]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.policy.v1+json SolutionInstanceId: description: The solution instance id. type: string required: true repeat: false example: abcd123e-0109-441c-8a20-123a456b789c ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false responses: "200": description: The password policy was successfully retrieved body: application/vnd.com.covisint.platform.password.policy.v1+json: schema: passwordPolicy "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse, unsecured] delete: description: "Removes the password policy by its id.[Since:4.18][Flow-Name:authn-delete-password-policy][policy:DELETE_PASSWORDPOLICY]" responses: "204": description: The password policy was successfully removed. "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /tasks: /authenticate: description: "endpoint used to authenticate the person.[Since:1.0]" is: [unsecured, postResponse] post: description: "authenticate the person.[Flow-Name:authn-password-authenticate]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.password.resp.v1+json SolutionInstanceId: description: The solution instance id. type: string required: true repeat: false example: abcd123e-0109-441c-8a20-123a456b789c ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.authn.password.req.v1+json: schema: authenticationRequest responses: "200": description: Returns the response post authentication. body: application/vnd.com.covisint.platform.authn.password.resp.v1+json: schema: authenticationResponse "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + password.authentication.request.instant.invalid - Request instant must be greater than zero. + password.authentication.request.subject.type.invalid - Invalid subject type. Valid values are CUID, LOGIN_ID. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /expire: description: "endpoint used to expire password resource.[Since:1.0]" is: [secured] get: description: "expire password resource.[flow-name:authn-expire-password][policy:EXPIRE_PERSONPASSWORD]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: subject: description: the subject id. type: string required: true repeat: false responses: "200": description: Returns the expired password resource. body: application/vnd.com.covisint.platform.password.v1+json: schema: password "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + password.not.found- Could not retrieve password for subject. + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] post: description: "expire password resource. [flow-name:authn-password-expire][Since:4.0][policy:EXPIRE_PERSONPASSWORD]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: subject: description: the subject id. type: string required: true repeat: false responses: "200": description: Returns the expired password resource. body: application/vnd.com.covisint.platform.password.v1+json: schema: password "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + password.not.found- Could not retrieve password for subject. + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /lock: description: "endpoint used to lock password resource.[Since:1.0] [Visibility:public]" is: [secured, postResponse] post: description: "lock password resource.[flow-name:password-lock][policy:LOCK_PERSONPASSWORD]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.v1+json X-SYSTEMEVENTTYPE: description: Event type type: string required: false repeat: false example: AUTO_LOCK Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: subject: description: the subject id. type: string required: true repeat: false reason: description: reason for lock type: string required: false repeat: false responses: "200": description: Returns the locked password resource. body: application/vnd.com.covisint.platform.password.v1+json: schema: password "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + password.multiple.subjects.not.allowed- Multiple subjects are not allowed. + password.not.found- Could not retrieve password for {subject}. + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /unlock: description: "endpoint used to unlock password resource.[Since:1.0][Visibility:public]" is: [secured, postResponse] post: description: "unlock password resource.[flow-name:password-unlock][policy:UNLOCK_PERSONPASSWORD]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: subject: description: the subject id. type: string required: true repeat: false responses: "200": description: Returns the unlocked password resource. body: application/vnd.com.covisint.platform.password.v1+json: schema: password "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + password.multiple.subjects.not.allowed- Multiple subjects are not allowed. + password.not.found- Could not retrieve password for {subject}. + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /reset: is: [secured, postResponse] post: description: "Reset the password. This is applicable when admin wants to reset the password without supplying the old and new password.[Since:4.0][flow-name:authn-reset-password][policy:RESET_PASSWORD]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: subject: description: the subject id. type: string required: true repeat: false responses: "200": description: The password was successfully reset. body: application/vnd.com.covisint.platform.password.v1+json: schema: password "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + password.subject.invalid - The password with the subject does not exist body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /reset/full: is: [secured, postResponse] post: description: "Reset the password. This is applicable when admin wants to reset the password without supplying the old and new password. This endpoint returns full password of user in the response body.[Since:4.4][flow-name:authn-reset-full-password][policy:FULL_RESET_PASSWORD]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: subject: description: the subject id. type: string required: true repeat: false responses: "200": description: The password was successfully reset. body: application/vnd.com.covisint.platform.password.v1+json: schema: password "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + password.subject.invalid - The password with the subject does not exist body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /specify: is: [secured, postResponse] post: description: "Specify a new password. This is applicable when the admin tries to change the password without supplying the old password.[Since:4.0][Since:4.0][flow-name:authn-specify-password][policy:SPECIFY_PASSWORD]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.password.v1+json: schema: password responses: "200": description: The password was successfully specified. body: application/vnd.com.covisint.platform.password.v1+json: schema: password "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + password.subject.invalid - The password with the subject does not exist body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /authn/nonce: description: "Endpoint used to create Create Nonce.[Since:3.0]" is: [secured] /validate: description: "Individual resource endpoint for nonce. [Since:3.0]" is: [unsecured] put: description: "Individual endpoint used to validate nonce resource. [Flow-Name:authn-validate-nonce]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.nonce.v1+json SolutionInstanceId: description: The solution instance id. type: string required: true repeat: false example: abcd123e-0109-441c-8a20-123a456b789c ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: cuid: description: Validate Nonce resource based on given CUID. type: string required: false repeat: false nonce: description: Validate Nonce resource based on give Nonce Id. type: integer required: true repeat: false responses: "202": description: The nonce was successfully validated. "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [nonce or cuid] + nonce:data:expired - The nonce id used to validate has expired. Use valid nonce to validate. + nonce:data:invalid - The provided nonce/CUID is Invalid. Use valid nonce/CUID to validate. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] /token/tasks/validate: description: "Validates the ID token and return claims as payload in the token.[Since:3.0]" is: [postResponse] post: description: "validates the ID token and return claims as payload in the token.[flow-name:authn-validate-jwt]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.token.payload.v1+json body: application/vnd.com.covisint.platform.token.v1+json: schema: token responses: "200": description: Returns the id token as token response. body: application/vnd.com.covisint.platform.token.payload.v1+json: schema: tokenPayload "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + token.decryption.key.missing - No key found for decryption in the configuration + token.decryption.key.invalid - No valid key found for decryption + token.signature.key.missing - No key found for signature verification in the configuration + token.signature.key.invalid - Invalid key found for signature verification in the configuration + token.expiry.invalid - Token is expired + token.validation.failed - The validation of the token is failed + error.authn.jwt.aud.invalid - Aud is Invalid + error.authn.jwt.iss.invalid - Issuer is Invalid body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "412": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + token.validation.precondition.failed - The claims mfaRequired: {} and mfaAuthenticated: {} are invalid body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /token/tasks/invalidate: description: invalidates the ID token. get: description: "invalidates the ID token and return claims as payload in the token.[Since:4.0][flow-name:authn-invalidate-jwt][Visibility:public]" queryParameters: type: description: The default value of type is log out which is used to skip the validation of invalidate token. type: string required: false repeat: false client_id: description: The clientId coming from OIDC RP-Initiated logout request, to be provided when invalidating IdToken(OIDC). type: string required: false repeat: false body: application/vnd.com.covisint.platform.token.v1+json: schema: token responses: "204": description: The token was successful invalidated "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + token.decryption.key.missing - No key found for decryption in the configuration + token.decryption.key.invalid - No valid key found for decryption + token.signature.key.missing - No key found for signature verification in the configuration + token.signature.key.invalid - Invalid key found for signature verification in the configuration + token.expiry.invalid - Token is expired + token.validation.failed - The validation of the token is failed + token.validation.failed - IdToken is invalid + error.user.delete.tokens - There was an error while revoking user tokens body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] post: description: "validates the ID token and return claims as payload in the token.[flow-name:authn-invalidate-idtoken][Since:3.0]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.token.payload.v1+json queryParameters: type: description: The default value of type is log out which is used to skip the validation of invalidate token. type: string required: false repeat: false client_id: description: The clientId coming from OIDC RP-Initiated logout request, to be provided when invalidating IdToken(OIDC). type: string required: false repeat: false body: application/vnd.com.covisint.platform.token.v1+json: schema: token responses: "204": description: The token was successful invalidated "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + token.decryption.key.missing - No key found for decryption in the configuration + token.decryption.key.invalid - No valid key found for decryption + token.signature.key.missing - No key found for signature verification in the configuration + token.signature.key.invalid - Invalid key found for signature verification in the configuration + token.expiry.invalid - Token is expired + token.validation.failed - The validation of the token has failed + token.validation.failed - IdToken is invalid + error.user.delete.tokens - There was an error while revoking user tokens body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [postResponse] /token/generate/external: description: "Generates a JWT Token based on the token policy.[Since:4.18][Visibility:public]" post: description: "Generates JWT token. [Flow-Name:create-jwt-external][policy:GENERATE_JWT_EXTERNAL]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.session.external.req.v1+json; Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.authn.session.external.req.v1+json: schema: sessionExternalRequest responses: "200": description: The xsrfToken and JWT Token successfully retrieved. body: application/vnd.com.covisint.platform.session.token.v1+json: schema: sessionToken "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: | User Unauthorized Substatus codes are mentioned below: + authentication.failure - Username or password is invalid + authentication.failure - Username or password is invalid , invalidAttempts : {invalidAttempts}, attemptsLeft : {attemptsLeft} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [postResponse, secured] /external/token/tasks/validate: description: "Validates the ID token and return ID token.[Since:4.18][Visibility:public]" is: [postResponse] post: description: "Validates the ID token and return ID token.[flow-name:validate-jwt-external][policy:VALIDATE_JWT_EXTERNAL]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.session.token.v1+json body: application/vnd.com.covisint.platform.session.token.v1+json: schema: token responses: "200": description: Returns the id token as token response. body: application/vnd.com.covisint.platform.session.token.v1+json: schema: tokenPayload "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + token.decryption.key.missing - No key found for decryption in the configuration + token.decryption.key.invalid - No valid key found for decryption + token.signature.key.missing - No key found for signature verification in the configuration + token.signature.key.invalid - Invalid key found for signature verification in the configuration + token.expiry.invalid - Token is expired + token.validation.failed - The validation of the token is failed body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "412": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + token.validation.precondition.failed - The claims mfaRequired: {} and mfaAuthenticated: {} are invalid body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /token/policies: get: description: "Searches token policies according to the filter criteria provided. [flow-name:search-token-policies][Since:3.0][policy:RETRIEVE_TOKENPOLICIES]" headers: Accept: description: Media type for token policy. type: string required: true repeat: false example: application/vnd.com.covisint.platform.token.policy.v1+json queryParameters: page: description: Which page to return in the paginated results. The first page is page 1. type: integer required: false repeat: false minimum: 1 default: 1 pageSize: description: How many items per page in the paginated results. type: integer required: false repeat: false minimum: 1 maximum: 2E+2 default: 50 responses: "200": description: All matching token policies were successfully retrieved. body: application/vnd.com.covisint.platform.token.policy.v1+json: schema: tokenPolicy "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getSearchResponse, pagableRequest] post: description: "Creates a new token policy. [flow-name:create-token-policy][Since:3.0][policy:CREATE_TOKENPOLICY]" headers: Accept: description: Media type for token policy. type: string required: true repeat: false example: application/vnd.com.covisint.platform.token.policy.v1+json body: application/vnd.com.covisint.platform.token.policy.v1+json: schema: tokenPolicy responses: "201": description: A new token policy was created and is returned in the response body. body: application/vnd.com.covisint.platform.token.policy.v1+json: schema: tokenPolicy "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} + token.policy.exists - The token policy is already existing for this realm {realm}. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [postResponse] /{id}: description: Individual endpoint for token policy resources. uriParameters: id: description: The token policy's unique identifier. type: string required: true repeat: false put: description: "Updates name, description, issuer and tokenAuthenticationFailureAttempts of the token policy.[flow-name:update-token-policy][Since:3.0]" headers: Accept: description: Media type for token policy. type: string required: true repeat: false example: application/vnd.com.covisint.platform.token.policy.v1+json body: application/vnd.com.covisint.platform.token.policy.v1+json: schema: tokenPolicy responses: "200": description: The token policy was successfully updated. body: application/vnd.com.covisint.platform.token.policy.v1+json: schema: tokenPolicy "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "409": description: | There is a conflict in identifying the resource being acted on. There are two categories. (1) The unique identifier in the URL and in the body are different. (2) The current version of the resource being updated and the version sent in the body of the request. This may be an indication that the resource has changed since the client loaded it. The conflict should be resolved and the update resubmitted with the current version of the resource. + framework:resource:conflict + framework:resource:conflict:id - The ID of the resource in the request, {requestedId}, does not match the ID of the given resource, {resourceId} + framework:resource:conflict:version - The version of the provided resource, {requestVersion}, does not match the current version of the resource, {latestVersion} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [putResponse] delete: description: "Deletes the token policy by id.[flow-name:delete-token-policy][Since:4.20][Visibility:public]" responses: "204": description: The token policy was successfully deleted. "404": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:resource:missing - A resource with the following ID was not found: {fieldSpecificError(s)} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /token/policy/external: post: description: "Creates a new token policy. [flow-name:create-token-policy-external][Since:4.18][Visibility:public]" headers: Accept: description: Media type for token policy. type: string required: true repeat: false example: application/vnd.com.covisint.platform.token.policy.external.v1+json body: application/vnd.com.covisint.platform.token.policy.external.v1+json: schema: tokenPolicyExternal responses: "201": description: A new token policy was created and is returned in the response body. body: application/vnd.com.covisint.platform.token.policy.external.v1+json: schema: tokenPolicyExternal "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} + token.policy.exists - The token policy is already existing for this realm {realm}. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [postResponse] /{id}: description: Individual endpoint for token policy resources. uriParameters: id: description: The token policy's unique identifier. type: string required: true repeat: false get: description: "Searches for the token policy according based on the id provided. [flow-name:get-token-policy-external][Since:4.18][Visibility:public]" headers: Accept: description: Media type for token policy. type: string required: true repeat: false example: application/vnd.com.covisint.platform.token.policy.external.v1+json queryParameters: page: description: Which page to return in the paginated results. The first page is page 1. type: integer required: false repeat: false minimum: 1 default: 1 pageSize: description: How many items per page in the paginated results. type: integer required: false repeat: false minimum: 1 maximum: 2E+2 default: 50 responses: "200": description: Token policy will be retrieved based on the Id body: application/vnd.com.covisint.platform.token.policy.v1+json: schema: tokenPolicyExternal "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getSearchResponse, pagableRequest] put: description: "Updates name, description, issuer, signatureAlgorithm and encryptionAlgorithm of the token policy.[flow-name:update-token-policy-external][Since:4.18][Visibility:public]" headers: Accept: description: Media type for token policy. type: string required: true repeat: false example: application/vnd.com.covisint.platform.token.policy.external.v1+json body: application/vnd.com.covisint.platform.token.policy.external.v1+json: schema: tokenPolicyExternal responses: "200": description: The token policy was successfully updated. body: application/vnd.com.covisint.platform.token.policy.external.v1+json: schema: tokenPolicyExternal "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:resource:data:illegal - The following information was illegal from the resource: {fieldSpecificError(s)} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "409": description: | There is a conflict in identifying the resource being acted on. There are two categories. (1) The unique identifier in the URL and in the body are different. (2) The current version of the resource being updated and the version sent in the body of the request. This may be an indication that the resource has changed since the client loaded it. The conflict should be resolved and the update resubmitted with the current version of the resource. + framework:resource:conflict + framework:resource:conflict:id - The ID of the resource in the request, {requestedId}, does not match the ID of the given resource, {resourceId} + framework:resource:conflict:version - The version of the provided resource, {requestVersion}, does not match the current version of the resource, {latestVersion} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [putResponse] delete: description: "Deletes token policy based on ID.[flow-name:delete-token-policy-external][Since:4.18][Visibility:public]" responses: "204": description: The token policy was successfully deleted. "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /sessionToken/tasks/generate: description: "Generates a JWT Token based on password credentials.[Since:4.17][Visibility:public]" post: description: "Authenticate the user name and password.After successful authentication,creates a JWT. [Flow-Name:authn-create-session-token][policy:GENERATE_SESSIONTOKEN]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.session.v1+json;includepasswordfailureattempts=true SolutionInstanceId: description: The solution instance id. type: string required: true repeat: false example: abcd123e-0109-441c-8a20-123a456b789c ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.authn.session.v1+json: schema: sessionRequest responses: "200": description: The JWT Token successfully retrieved. body: application/vnd.covisint.platform.session.token.v1+json: schema: sessionToken "401": description: | User Unauthorized Substatus codes are mentioned below: + error.authn.unknown.subject - Username or password is invalid + error.authn.password.locked - Subject's password account is in locked status + error.authn.authentication.failure - Password authentication failed + error.authn.password.expired - The subject password was expired and time set for expiration + error.authn.person.suspended - Subject is Suspended + error.authn.password.must.change - Subject's password is expired + error.authn.idp.not.found - No idp configuration found for auth domain + error.authn.invalid.password - Username or password is invalid , invalidAttempts : {invalidAttempts}, attemptsLeft : {attemptsLeft} "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + error.authn.duplicate.username - Auth domain is not configured + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:param:missing - Missing request parameter: {queryParameterName} + framework:request:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:data:invalid - The following information should not be part of the resource: {resourceFieldName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [postResponse, unsecured] /sessionToken/tasks/validate: description: "Validates JWT Token which must also contain the passed xsrfToken as a claim.[Since:3.0][Visibility:public]" post: description: "Validates JWT Token with the xsrfToken as a claim. [Flow-Name:authn-validate-session-token]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.covisint.platform.session.token.v1+json SolutionInstanceId: description: The solution instance id. type: string required: true repeat: false example: abcd123e-0109-441c-8a20-123a456b789c ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.session.token.v1+json: schema: sessionToken responses: "200": description: Successfully validated the JWT Token. body: application/vnd.covisint.platform.session.token.v1+json: schema: sessionToken "401": description: The token is expired with time or inactivated. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + token.idToken.missing - Secure token is missing. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [postResponse, unsecured] /sessionToken/nonce/validate: description: "Validates nonce request and return nonce as a response with id token and xsrf token. [Since:3.0][Visibility:public]" post: description: "Validates nonce request and return nonce as a response with id token and xsrf token.[flow-name:authn-validate-sessiontoken-nonce]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.nonce.response.v1+json SolutionInstanceId: description: The solution instance id. type: string required: true repeat: false example: abcd123e-0109-441c-8a20-123a456b789c ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.nonce.request.v1+json: schema: nonceRequest responses: "200": description: The nonce request is validated and nonce with id token and xsrf token is returned. body: application/vnd.com.covisint.platform.nonce.response.v1+json: schema: nonceResponse "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application]. + nonce:data:expired - The nonce id used to validate has expired. + nonce:data:invalid - The provided nonce/CUID is Invalid. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [postResponse, unsecured] /password/reset/generate/otp: description: "collection endpoint for generating otp as tracking id to reset user password [Since:4.20]" post: description: "The api to generate OTP as tracking id. [Flow-name:authn-reset-generate-otp][Visibility:public][policy:GENERATE_RESET_OTP]" headers: Accept: description: Media type for validation. type: string required: true repeat: false example: application/json Content-Type: description: Media type for validation. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.reset.generateotprequest.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.password.reset.generateotprequest.v1+json: schema: generateOtp example: | { "userId": "cuid1234", "type": "PHONE", "phoneType": "MOBILE" } responses: "200": description: Added otp as tracking id in response. body: application/vnd.com.covisint.platform.password.reset.generateotprequest.v1+json: schema: generateOtp example: | { "trackingId": 1488205915095 } "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:resource:data:missing - The following information was missing from the resource- {userId, type and phoneType} + user.not.found - A resource with the following ID was not found- {userId} + invalid.requestor.type - Supported types: PHONE, SMS, EMAIL. + invalid.requestor.phone.type - Supported phone types: PHONE, MOBILE. + error.person.status - Only a person with status active or locked allowed to generate otp. + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [secured] /password/reset/validate/otp: description: "collection endpoint to validate otp against trackingId and passCode to reset user password [Since:4.20]" post: description: "The api to validate OTP against trackingId and passCode. [Flow-name:authn-reset-validate-otp][Visibility:public][policy:VALIDATE_RESET_OTP]" headers: Accept: description: Media type for validation. type: string required: true repeat: false example: application/json Content-Type: description: Media type for validation. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.reset.validateresetotp.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.password.reset.validateresetotp.v1+json: schema: validateOtp example: | { "trackingId": "b40f58a3-69bf-4cd8-8e86-91d26441de2d", "passCode": "276077" } responses: "200": description: Added otp as tracking id in response. body: application/vnd.com.covisint.platform.password.reset.validateresetotp.v1+json: schema: validateOtp example: | { "nonce": "40f58a3-69bfy7-ghj57d", "cuid": "En85gtY" } "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:resource:data:missing - The following information was missing from the resource- {trackingId and passCode} + trackingId.questions.personId - Invalid questions or trackingId + trackingId.passCode.personId - Invalid passCode or trackingId. + expired.passcode - Your pascode is expired!!!! + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:resource:missing - A resource with the following ID was not found- {trackingId} "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [secured] /password/tasks/reset/generatelink: description: "collection endpoint for generating link to send email to reset user password [Since:4.0]" post: description: "collection endpoint for generating link to send email to reset user password [flow-name:authn-reset-generatelink][policy:GENERATE_RESET_LINK]" headers: Content-Type: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.reset.generatelinkrequest.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.password.reset.generatelinkrequest.v1+json: schema: generatelinkrequest responses: "200": description: Added secret as base64 encoded in response if mediatype included (includeSecret=true) or mail will be sent whithout response if mediatype is not included. body: application/vnd.com.covisint.platform.password.reset.generatelinkrequest.v1+json: schema: secretinclusionresponse "204": description: Email is generated and sent to user. "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + user.status.invalid - Only active and locked users are allowed + err.idverify.fields.not.configured - Idverify fields property is not configured + err.idverify.fields.email.missing - Email is missing in idverify.fields property + err.configured.idverify.fields.missing - All the configured idVerify fields are not supplied + err.configured.idverify.fields.invalid.value - Invalid values for idVerifyFields body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [secured] /password/tasks/reset/validatelink: description: "collection endpoint for validating email link posted is valid and less than 2 hrs since email was sent to reset user password [Since:4.0]" post: description: "validating email link posted is valid and less than 2 hrs since email was sent.[flow-name:authn-reset-validatelink][policy:VALIDATE_RESET_LINK]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.reset.validatelinkresponse.v1+json Content-Type: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.reset.validatelinkrequest.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.password.reset.validatelinkrequest.v1+json: schema: validatelinkrequest responses: "200": description: Returns the nonce and cuid token as token response. body: application/vnd.com.covisint.platform.password.reset.validatelinkresponse.v1+json: schema: validatelinkresponse "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + user.reset.invalid.code - Email link invalid. Please ensure the email link was validated within 2 hrs of receipt or generate new link body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [secured] /password/tasks/reset/changepassword: description: "collection endpoint for changing user password, if the nonce token did not expire and password met the policy requirements [Since:4.0]" post: description: "change user password, if the nonce token did not expire and password met the policy requirements.[flow-name:authn-reset-changepassword][policy:RESET_PASSWORD_LINK]" headers: Content-Type: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.reset.changepasswordrequest.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.password.reset.changepasswordrequest.v1+json: schema: changepasswordrequest responses: "204": description: The nonce token is validated and user password is changed. "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + nonce:data:expired - The nonce id used to validate has expired. + nonce:data:invalid - The provided nonce/password is Invalid. + password.subject.invalid - Password subject invalid. + invalid.password.error - Password does not confirm to policy + reset.secret.expired - Secret not valid or Expired + reset.invalid.user.name - The userName supplied was incorrect, please try again. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [secured] /password/tasks/reset/deletelink: description: "collection endpoint for deleting link and send no response [Since:4.0]" post: description: "collection endpoint for deleting link and send no response [flow-name:authn-reset-deletelink][policy:DELETE_PASSWORD_LINK]" headers: Content-Type: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.password.reset.deletelinkrequest.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.password.reset.deletelinkrequest.v1+json: schema: deletelinkrequest responses: "204": description: reset link is deleted from reset_link table and added to reset_link_audit table as status deleted. "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:resource:data:missing - The following information was missing from the resource: {resourceFieldName(s)} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + nonce:data:expired - The nonce id used to validate has expired. + nonce:data:invalid - The provided nonce/CUID is Invalid. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [secured] /remoteconfig/association: description: "collection endpoint for remote auth provider config association resources [Since:4.14]" is: [secured] get: description: "Performs a search for remote auth provider config association resources. [Since:4.14][flow-name:authn-search-remoteConfigAssociation][policy:GET_REMOTECONFIG_ASSOCIATION]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.remote.auth.provider.config.association.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: id: description: Retrieve only resources with the specified ids. The search is case-insensitive. Multiple parameters are supported and the search results will be a union. type: string required: false repeat: false authnPolicyId: description: Filter on resources with specified authnPolicyId. type: string required: false repeat: false remoteConfigId: description: Filter on resources with specified remoteConfigId. type: string required: false repeat: false sortBy: description: Sort the search results. type: string required: false repeat: false enum: [creation, +creation, "-creation"] responses: "200": description: All remote auth provider config association resources that satisfy the query parameters were successfully retrieved (response collection may be empty). body: application/vnd.com.covisint.platform.remote.auth.provider.config.association.v1+json: schema: remoteConfigAssociation "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] post: description: "Creates a remote auth provider config association resource.[Since:4.14][flow-name:authn-create-remoteConfigAssociation][policy:CREATE_REMOTECONFIG_ASSOCIATION]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.remote.auth.provider.config.association.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.remote.auth.provider.config.association.v1+json: schema: remoteConfigAssociation responses: "201": description: The resource was successfully created body: application/vnd.com.covisint.platform.remote.auth.provider.config.association.v1+json: schema: remoteConfigAssociation "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:invalid - Remote Config Association already present for authn policy id {authnPolicyId} + framework:request:data:invalid - remote config id is invalid: {remoteConfigId} + framework:request:data:invalid - authn policy id invalid: {authnPolicyId} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [postResponse] /{id}: description: Individual remote auth provider config association resource. uriParameters: id: description: The remote auth provider config association resource unique identifier. type: string required: true repeat: false put: description: "Updates a remote auth provider config association resource.[flow-name:authn-update-remoteConfigAssociation][Since:4.14][policy:UPDATE_REMOTECONFIG_ASSOCIATION]" headers: Accept: description: Media type for remote auth provider config association resource. type: string required: true repeat: false example: application/vnd.com.covisint.platform.remote.auth.provider.config.association.v1+json body: application/vnd.com.covisint.platform.remote.auth.provider.config.association.v1+json: schema: remoteConfigAssociation responses: "200": description: remote auth provider config association resource was successfully updated. body: application/vnd.com.covisint.platform.remote.auth.provider.config.association.v1+json: schema: remoteConfigAssociation "400": description: | There was a problem with the client's request ___ Substatus codes and error messages are mentioned below: + framework:request + framework:request:io + framework:request:io:read - Invalid input. There was an error while parsing. + framework:request:io:read:parsing + framework:request:io:write + framework:request:header:missing - Missing request header: {headerName} + framework:request:data:invalid - remote config id is invalid: {remoteConfigId} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "409": description: | There is a conflict in identifying the resource being acted on. There are two categories. (1) The unique identifier in the URL and in the body are different. (2) The current version of the resource being updated and the version sent in the body of the request. This may be an indication that the resource has changed since the client loaded it. The conflict should be resolved and the update resubmitted with the current version of the resource. + framework:resource:conflict + framework:resource:conflict:id - The ID of the resource in the request, {requestedId}, does not match the ID of the given resource, {resourceId} + framework:resource:conflict:version - The version of the provided resource, {requestVersion}, does not match the current version of the resource, {latestVersion} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [putResponse] get: description: "Returns the remote auth provider config association resource by its id.[flow-name:authn-get-remoteConfigAssociation][Since:4.14][policy:GET_REMOTECONFIG_ASSOCIATION]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.remote.auth.provider.config.association.v1+json responses: "200": description: The remote auth provider config association resource was successfully retrieved body: application/vnd.com.covisint.platform.remote.auth.provider.config.association.v1+json: schema: remoteConfigAssociation "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] delete: description: "Removes the remote auth provider config association resource by its id.[flow-name:authn-delete-remoteConfigAssociation][Since:4.14][policy:DELETE_REMOTECONFIG_ASSOCIATION]" responses: "204": description: The remote auth provider config association resource was successfully removed. "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /mfa/persons: description: Endpoints for users MFA configuration. is: [secured] /{personId}/modes: description: End point for getting available mfa modes for user. uriParameters: personId: displayName: personId type: string required: true repeat: false is: [secured] get: description: "Gives avaiable modes for user.[Since:4.15][Flow-name:authn-get-mfa-modes][Visibility:public][policy:PERSON_AVAILABLE_MFA_MODES]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.mfa.user.modes.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false responses: "200": body: application/vnd.com.covisint.platform.mfa.user.modes.v1+json: schema: userAvailableModes "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /{personId}/mode: description: End point for getting selected mfa mode for user. uriParameters: personId: displayName: personId type: string required: true repeat: false is: [secured] get: description: "Get mfa selected mode for user.[Since:4.15][Flow-name:authn-get-mfa-mode][Visibility:public]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.mfa.user.mode.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false responses: "200": body: application/vnd.com.covisint.platform.mfa.user.mode.v1+json: schema: userMode "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema /task/auth/nonce: description: "collection endpoint for auth nonce resources [Since:4.14]" is: [secured] post: description: "Creates a auth nonce resource.[Since:4.14][flow-name:authn-create-authNonce]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.auth.nonce.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false body: application/vnd.com.covisint.platform.authn.auth.nonce.v1+json: schema: authNonce responses: "201": description: Auth nonce created successfully. body: application/vnd.com.covisint.platform.authn.auth.nonce.v1+json: schema: authNonce "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:request:io:read - Invalid input. There was an error while parsing. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [postResponse] get: description: "Performs search for auth nonce resource.[Since:4.14][flow-name:authn-search-authNonce]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.auth.nonce.v1+json Authorization: description: Access token that is obtained from the /token endpoint of the OAuth API. type: string required: true repeat: false pattern: "^Bearer .*$" example: Bearer ZCtYUGpYRXpET0JvVE1rZzlWV3I1Yk ContextCode: description: Its an string value, which would be given precendence over realm in order to fetch any properties in IAM, its an optional header. type: string required: false repeat: false queryParameters: id: description: Retrieve auth nonce for given id. type: string required: false repeat: false cuid: description: Retrieve auth nonce for given cuid. type: string required: false repeat: false responses: "200": description: All auth nonce that satisfy the query parameters were successfully retrieved (response collection may be empty). body: application/vnd.com.covisint.platform.authn.auth.nonce.v1+json: schema: authNonce "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "401": description: Unauthenticated request. This is returned if the access token is missing, invalid, or expired. Access tokens are obtained through the /token endpoint of the Oauth API. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "403": description: Unauthorized request. The requestor is not authorized to perform the requested operation. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [getResponse] /validate: put: description: "Validate the auth nonce resource and issue the JWT token.[Since:4.14][flow-name:authn-validate-authNonce]" headers: Accept: description: Media type. type: string required: true repeat: false example: application/vnd.com.covisint.platform.authn.auth.nonce.v1+json queryParameters: id: description: Retrieve auth nonce for given id. type: string required: true repeat: false cuid: description: Retrieve auth nonce for given cuid. type: string required: true repeat: false responses: "200": description: Validates the nonce based on parameters and issue the JWT if validated successfully. body: application/vnd.covisint.platform.session.token.v1+json: schema: sessionToken "400": description: | There was a problem with the client's request ___ Substatus codes are mentioned below: + framework:request:header:missing - Missing request header: {headerName} + framework:request:invalid:header:value - Invalid x-requestor header value. Valid values are [person, application] + framework:request:io:read - Invalid input. There was an error while parsing. + nonce:data:expired - The nonce id used to validate has expired. Use valid nonce to validate. + nonce:data:invalid - The provided nonce/CUID is Invalid. Use valid nonce/CUID to validate. body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "404": description: | The URI requested is invalid or the resource requested does not exist. ___ Substatus codes and error messages are mentioned below: + (If a resource id is a URI parameter) framework:resource:missing - A resource with the following ID was not found: {resourceId} + No message for an invalid URI body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "406": description: | Unable to produce content of specified 'Accept' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to produce content of type {acceptMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "409": description: | There is a conflict in identifying the resource being acted on. There are two categories. (1) The unique identifier in the URL and in the body are different. (2) The current version of the resource being updated and the version sent in the body of the request. This may be an indication that the resource has changed since the client loaded it. The conflict should be resolved and the update resubmitted with the current version of the resource. + framework:resource:conflict + framework:resource:conflict:id - The ID of the resource in the request, {requestedId}, does not match the ID of the given resource, {resourceId} + framework:resource:conflict:version - The version of the provided resource, {requestVersion}, does not match the current version of the resource, {latestVersion} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "415": description: | Unable to consume content of specified 'Content-Type' media type ___ Substatus codes and error messages are mentioned below: + framework:request:unsupported:mediatype - The server is unable to consume content of type {contentMediaType} body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema "500": description: | An unknown server error occurred ___ Substatus codes and error messages are mentioned below: + framework:unknown body: application/vnd.com.covisint.error.v1+json: schema: errorResponseSchema is: [putResponse]