U4IDS Admin API

The following tables lists the endpoints that are available through the Admin Web API

Clients

Method Resource endpoint Description
GET Client /api/v3/clients Get all registered clients
GET SimpleClient /api/v3/simpleclients Get the essential information for all registered clients. It's much faster than getting the full information about each client, so use this if you just want a list of clients.
POST Client /api/v3/clients Creates a new client
GET Client /api/v3/clients/{clientId} Get client with the given ID
PUT Client /api/v3/clients/{clientId} Update a client
DELETE Client /api/v3/clients/{clientId} Delete a client
PATCH Client /api/v3/clients/{clientId} Update a client using a Json patch document
GET string /api/v3/clients/{clientId}/lastused Returns a string containing the date and time this client was last used by IDS, e.g. "20181212 07:02:45.493"
GET Audit /api/v3/clients/{clientId}/audits Returns a list of audits for the specified client
POST Secret /api/v3/clients/{clientId}/secrets Create a new secret for the client
DELETE Secret /api/v3/clients/{clientId}/secrets/{secretId} Delete a client secret
PATCH Secret /api/v3/clients/{clientId}/secrets/{secretId} Update a secret. OBS: You can only change the description or expiration date.

Scopes

Method Resource endpoint Description
GET Scope /api/v3/scopes Get all registered scopes (including standard scopes)
POST Scope /api/v3/scopes Creates a new scope
GET Scope /api/v3/scopes/{scopeId} Get scope with the given ID
PUT Scope /api/v3/scopes/{scopeId} Update a scope
DELETE Scope /api/v3/scopes/{scopeId} Delete a scope
PATCH Scope /api/v3/scopes/{scopeId} Update a scope using a Json patch document
GET Client /api/v3/scopes/{scopeId}/clients Get all the clients that are using this scope
GET string /api/v3/scopes/{scopeId}/lastused Returns a string containing the date and time this scope was last used by IDS, e.g. "20181212 07:02:45.493"
GET Audit /api/v3/scopes/{scopeId}/audits Returns a list of audits for the specified scope
POST Secret /api/v3/scopes/{scopeId}/secrets Create a new secret for the scope
DELETE Secret /api/v3/scopes/{scopeId}/secrets/{secretId} Delete a scope secret
PATCH Secret /api/v3/scopes/{scopeId}/secrets/{secretId} Update a secret. OBS: You can only change the description or expiration date.
GET Scope /api/v3/scopes/{scopeId}/titles Get titles for all languages for this scope.
POST Scope /api/v3/scopes/{scopeId}/titles Create a title for a new language for this scope
GET Scope /api/v3/scopes/{scopeId}/titles/{scopeTitleId} Get a title for this scope
PUT Scope /api/v3/scopes/{scopeId}/titles/{scopeTitleId} Update a title for this scope
DELETE Scope /api/v3/scopes/{scopeId}/titles/{scopeTitleId} Delete a title for this scope

Tenants

Method Resource endpoint Description
GET TenantEx /api/v3/tenants Get all registered tenants
POST TenantEx /api/v3/tenants Creates a new tenant
GET TenantEx /api/v3/tenants/{tenantId} Get tenant with the given ID
PUT TenantEx /api/v3/tenants/{tenantId} Update a tenant
DELETE TenantEx /api/v3/tenants/{tenantId} Delete a tenant
PATCH TenantEx /api/v3/tenants/{tenantId} Update a tenant using a Json patch document
GET Audit /api/v3/clients/{tenantId}/audits Returns a list of audits for the specified tenant

Admin

These endpoints are used to control the size of the audits table. When it grows too large, it should be purged.

Method Resource endpoint Description
GET string /api/v3/admin/audits/statistics Returns number of audits purged, and the size of the Audits table before and after the purge.
POST PurgeInfo /api/v3/admin/audits/purge You post json describing how many audits to keep per EntityId (PurgeInfo).

This endpoint removes a SAML2 IDP from the in-memory cache to be reloaded, again, from the database.

Method Resource endpoint Description
POST CacheCommand /api/v3/admin/cache Post a json to trigger the removal of a SAML2 IDP entity from the in-memory cache (CacheCommand).

Using PATCH

JSON Patch expresses a sequence of operations to execute on a target JSON document or to a data structure that can be serialized to a similar document. The PATCH document consists of an array of JSON-objects where each object consists of one operation. Each operation is executed in the sequence they appear in the array, and each operation is based on the result of the previous operation. Evaluation is continued until all operations are successfully executed or until an error has occurred. In the result of the PATCH operation, the entire updated object will be returned.

PATCH operations

U4IDS AdminAPI supports the following PATCH operations:

Operation Path Value Description
add .../-, .../0 DTO Adds an element to a list propery. Using '-' at the end of the path will append element at the end of the list. Specifying the index value will insert the element at this index (all elements that proceed after it will be shifted right)
remove .../0 --- Removes an element from a list property. All elements that proceed after the removed element will be shifted left.
replace .../0, .../prop DTO or value Replaces en element in a list property or sets the property to a given value.

Example 1: PATCH document for appending a new entry to redirectUris of client object.

[
    { "op":"add","path":"/redirectUris/-","value":"http://unit4businessworld.xyz/Login/login.aspx" }
]

Example 2: PATCH document for removing an entry from redirectUris, index 0.

[
    { "op":"remove","path":"/redirectUris/0" }
]

Example 3: PATCH document for replacing the flow property to "Hybrid"

[
    { "op":"replace","path":"/flow","value":"Hybrid" }
]

Purge Audits

Send the following json to the /api/v3/admin/audits/purge endpoint:

{
    "count": 
    {
        "auditsToKeep": 10
    }
}

You say how many audits you want to keep per EntityId using the auditsToKeep parameter. The rest is deleted.

Cache Command

Send the following json to the /api/v3/admin/cache endpoint:

{
    "Command": "REMOVE",
    "Protocol": "SAML2",
    "Type": 1,
    "Key": "https://localhost:44372"
}

Key relates to the 'idpRegId' of the SAML2 IDP. Only Command supported and in use right now is "REMOVE". Same is true for Type and Protocol.