Single Sign-On API

The following APIs provide programmatic support for managing Single Sign-On.

Endpoint Index

Action	Endpoint
Add a Client	POST /auth/clients
Get a Client	GET /auth/clients/{clientUuid}
Regenerate the Client Secret	PUT /auth/clients/{clientUuid}/regenerateSecret
Remove a Client	DELETE /auth/clients/{clientUuid}
Get Roles Defined in the Tenant	GET /auth/roles
Get a List of Tenants	GET /auth/tenants

Client API

Add a Client¶

POST /auth/clients

Request:

Name	Position	Type	Required
clientModelIn	body	SsoClientResponse	required

Response: SsoClientResponse

SsoClientResponse¶

required
clientId string
role string

optional
clientSecret string
clientUuid string
namespace string

Get a Client¶

GET /auth/clients/{clientUuid}

Request:

Name	Position	Type	Required
clientUuid	path	string	required

Response: SsoClientResponse

Regenerate the Client Secret¶

PUT /auth/clients/{clientUuid}/regenerateSecret

Request:

Name	Position	Type	Required
clientUuid	path	string	required

Response: string

Remove a Client¶

DELETE /auth/clients/{clientUuid}

Request:

Name	Position	Type	Required
clientUuid	path	string	required

Response: void

Roles API

Get Roles Defined in the Tenant¶

GET /auth/roles

Response: [SsoRoleModel]

SsoRoleModel¶

required
role string

optional
accountType string account.internal | account.tenant.employee | account.tenant.read.only.user | account.tenant.claims.only.user | bootstrap | account.useRoles
accountTypeDisplayName string
namespace string
namespaceRoleType string  | namespace.owner | namespace.user
namespaceRoleTypeDisplayName string
tenantHostname string

Tenants API

Get a List of Tenants¶

GET /auth/tenants

Response: [SsoTenantResponse]

SsoTenantResponse¶

required
locator string
name string
hostname string
timeCreatedInMillisSinceEpoch integer

optional
useRolesAndPermissions boolean