Account API
Endpoint Index
Action | Endpoint |
---|---|
Authenticate a standard account | POST /account/authenticate |
Authenticate an admin account | POST /account/authenticateAdmin |
Authenticate a client or tenant admin account (SSO) | POST /account/sso/authenticateClient |
Renew an authentication token | POST /account/renewAuthentication |
Unlock an account that has been locked out due to failed login attempts | POST /account/unlock |
Update a password | PATCH /account/v1/accounts/password |
Authentication
POST /account/authenticate
Name | Position | Type | Required |
---|---|---|---|
body | body | AuthenticateRequest | optional |
hostName | query | string | optional |
tenantName | query | string | optional |
Note
Use /authenticate
for authenticating as a regular user (in which case you must specify a tenantName
or hostName
), or for an administration account for deploying configurations (in which case you should not specify a tenantName
or hostName
.)
POST /account/authenticateAdmin
Name | Position | Type | Required |
---|---|---|---|
body | body | AuthenticateRequest | optional |
hostName | query | string | optional |
tenantLocator | query | string | optional |
tenantName | query | string | optional |
Note
Use /authenticateAdmin
for authenticating as a “tenant administrator.” It’s the equivalent of logging in as an administrator in the Socotra Administration UI to modify users, maintain external integrations, and query plugin logs. You must specify one of the tenantLocator, hostName, or tenantName. This type of account token cannot be used to deploy configurations.
Note
Values for hostName
and tenantName
can be included in either the query string or the AuthenticateRequest
POST /account/sso/authenticateClient
Name | Position | Type | Required |
---|---|---|---|
request | body | SsoClientAuthenticateRequest | required |
POST /account/renewAuthentication
requiredpassword stringusername stringoptionalhostName stringtenantName string
requiredexpiresTimestamp timestampauthorizationToken string
requiredclientId stringclientSecret stringoptionalhostName string
requiredexpiresTimestamp timestampauthorizationToken string
Account Lockout Reset
POST /account/unlock
Name | Position | Type | Required |
---|---|---|---|
request | body | AccountUnlockRequest | required |
void
Note
To unlock any account you must be authenticated as an admin user.
requiredusername stringoptionalhostName stringtenantName string
Note
To unlock a tenant user account you must specify both the username and hostname in the request. To unlock another admin user you must specify only the username.
Password Change
A user can change their password with the following endpoint:
PATCH /account/v1/accounts/password
Name | Position | Type | Required |
---|---|---|---|
passwordRequest | body | PasswordChangeRequest | required |
void
requiredoldPassword stringpassword stringoptionallogout boolean
The logout
property, if set to true
, will logout all sessions for the user upon the password change. The default value is false
.
Note
Note that the path for the above endpoint is /accounts
and not /account
.