User Authentication API
Create Authentication Token
Authenticate a user by supplying their login credentials.
If successful, the response consists of access token and refresh token. Access tokens carry the necessary information to access a resource directly. Refresh tokens carry the information necessary to get a new access token.
Whenever the user wants to access a protected route or resource, the user agent should send the access token, typically in the Authorization header using the Bearer schema.
The content of the header should look like the following: **Authorization: Bearer "accessToken"
The server’s protected routes will check for a valid token in the Authorization header, and if it’s present, the user will be allowed to access protected resources.
Since tokens are credentials, great care must be taken to prevent security issues. In general, you should not keep tokens longer than required.
The access token is being created with a validity time of 15 minutes. When access token is expired you should ask for new one and send to the server refresh token.
Certificate Authentication
If certificate authentication is enabled the response will be a 307 status code with a Location header. The Location will contain a URL to POST the same request. This URL will require TLS client authentication.
Once a success status code is returned, the original URL should be used. The TLS client authenticaiton URL is only needed when accuiring the access token.
HTTP request
POST /auth/pwd HTTP/1.1
Content-Type: application/json;charset=UTF-8
Accept: application/json;charset=UTF-8
Host: localhost:8080
{
"username": "airone",
"password": "admin1"
}HTTP response
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
{
"accessToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhaXJvbmUiLCJBdXRob3JpdGllcyI6WyJST0xFX1VTRVIiXSwiZXhwIjoxNTUwODUyMDI4LCJpYXQiOjE1NTA4NTE0Mjh9.cLPBNj7I0txdx1OCjNg6my4-6LvdBo2rGLzDMA9WGQQvkBVMjlCrsPKOB_DyMfz4VlU4_GAjiYaeuH0XV_TvhA",
"refreshToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhaXJvbmUiLCJBdXRob3JpdGllcyI6WyJST0xFX1JFRlJFU0hfVE9LRU4iXSwiZXhwIjoxNTYwODUxNDI4LCJpYXQiOjE1NTA4NTE0Mjh9.ofrvk_TSVrAihcTrRd4P_acoXXmlCoslhR6K-hoB0KjdvAE8nR603KQ4b8JAd8Xq2ll6ob4FqmiGWDjiSQmy_w"
}Request fields
| Variable | Type | Optional |
|---|---|---|
|
|
false |
|
|
false |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Access Token |
|
|
Refresh Token |
Refresh Authentication Token
Create new access token using the refresh token. This prevents the need for the original authentication credentials.
HTTP request
POST /auth/refresh HTTP/1.1
Accept: application/json;charset=UTF-8
Host: localhost:8080
eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhaXJvbmUiLCJBdXRob3JpdGllcyI6WyJST0xFX1JFRlJFU0hfVE9LRU4iXSwiZXhwIjoxNTYwODUzNDU1LCJpYXQiOjE1NTA4NTM0NTV9.NaMR18SYxvmvGX5v46fwuhNVYaK6mPKTpakh4orV3_cNIO4YrHb-_bujOhbVxZILlrJ4SJz0bEjuTqBGnNno1AHTTP response
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
{
"accessToken": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhaXJvbmUiLCJBdXRob3JpdGllcyI6WyJST0xFX1VTRVIiXSwiZXhwIjoxNTUwODU0MTE0LCJpYXQiOjE1NTA4NTM1MTR9.tCUrUTMrDMCBtA9TZvYmtuHMlGIM01zMfMdHT3nGhuol5H01YVTv8hf_r7FKIuwiUzjC5isc7xf_ZM8YR5fbtA"
}Request parameters
| Parameter | Description | Optional |
|---|---|---|
|
Refresh token |
false |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Access Token |
Reset Password Request
Request a password reset for the specified user. The user will be sent an email with a link to page to complete the password reset. The link will contain an password reset authorization code.
The response contains true if the password reset was successfully requested and an email has been sent. If the email had been requested within the past 15 minutes the response will contain false.
HTTP request
POST /auth/reset?login=test_login HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 4
trueQuery parameters
| Parameter | Description |
|---|---|
|
Login |
Reset Password
Reset a user’s password to a new password. The reset is authorized if the code field in the request matches the most recent code sent by a request to reset the password.
HTTP request
POST /auth/update HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Content-Length: 155
Host: localhost:8080
{
"updatedPassword" : {
"newPassword" : "password1",
"repeatedNewPassword" : "password1"
},
"code" : "bed76301-92ff-413b-9f7a-bb876183cb79"
}HTTP response
HTTP/1.1 204 No Content
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersRequest fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
code |
String |
code |
false |
|
updatedPassword |
Object |
Updated Password |
false |
|
updatedPassword.newPassword |
String |
Min length of the password is managed on ecosystem level. Must not be empty |
New Password. Other password policy requirements (like min length) managed on ecosystem level. |
false |
updatedPassword.repeatedNewPassword |
String |
Min length of the password is managed on ecosystem level. Must not be empty |
Repeated New Password. Other password policy requirements (like min length) managed on ecosystem level. |
false |
Check Verification Code
Checks if a verification code is valid. The response contains true if the verification code is valid and false otherwise.
HTTP request
POST /auth/validate-code?code=bed76301-92ff-413b-9f7a-bb876183cb79 HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 4
trueQuery parameters
| Parameter | Description |
|---|---|
|
Check if the verification code has expired |
Authorities API
Get authorities by user
View a list of all Authorities by Ecosystem and Current User", response = Iterable.class.
User must be authenticated with role 'ADMIN' or 'USER'.
HTTP request
GET /api/v1/authorities/allowed HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 185
[ {
"id" : 1,
"ecosystemId" : 2,
"signerCertificateId" : 3,
"ecosystemName" : "Name",
"balance" : 500,
"enabled" : true,
"profileId" : 1,
"profileName" : "Prof Name"
} ]Response fields
| Path | Type | Description |
|---|---|---|
|
|
Id |
|
|
Ecosystem Id |
|
|
Signer Certificate Id |
|
|
EcosystemName |
|
|
Balance |
|
|
Enabled |
|
|
Profile Id |
|
|
Profile Name |
Get authority used balance
User must be authenticated with role 'ADMIN' or 'USER'.
Returns authority used balance.
HTTP request
GET /api/v1/authorities/1/balanceused/1?userId=1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 4
2000Path parameters
| Parameter | Description |
|---|---|
|
Authority Id |
|
Organization Id |
Response body
2000Get authority available balance
User must be authenticated with role 'USER'.
Returns authority available balance.
HTTP request
GET /api/v1/authorities/1/balanceavailable/3?authorityId=1&organizationId=1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 4
2000Path parameters
| Parameter | Description |
|---|---|
|
Authority Id |
|
Organization Id |
Response body
2000Get user authority available balance
User must be authenticated with role 'USER'. Returns user authority available balance.
HTTP request
GET /api/v1/authorities/1/balanceavailable?authorityId=1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 4
2000Path parameters
| Parameter | Description |
|---|---|
|
Authority Id |
Response body
2000Batch API
Batch grid list
Get list all the 'Batches' in organization.
User must be authenticated with role 'USER' and has permission to read this batch.
HTTP request
POST /api/v1/batches?profileId=1 HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Content-Length: 340
Host: localhost:8080
{
"filter" : {
"batchId" : 1,
"fromDate" : "1970-01-01T00:00:00.001Z",
"toDate" : "1970-01-01T00:00:00.001Z",
"sizeFrom" : 0,
"sizeTo" : 0,
"status" : 0,
"batchName" : "Batch name",
"pagingSettings" : {
"pageIndex" : 0,
"pageSize" : 0,
"totalCount" : 0
}
},
"sortColumns" : null
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 407
{
"batches" : [ {
"batchId" : 1,
"orderNumber" : 10,
"creationDate" : "Wed Mar 27 12:52:38 EDT 2024",
"profile" : "Profile",
"size" : 10,
"status" : "Normal",
"active" : true,
"batchName" : "Batch Name",
"rejectReason" : "Reason",
"generatorParametersValues" : { },
"userId" : 10,
"downloadable" : true,
"rejectable" : false
} ],
"totalCount" : 10
}Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
filter |
Object |
Filter |
false |
|
filter.batchId |
Number |
Must not be null |
Batch ID |
false |
filter.fromDate |
Varies |
Must not be null |
From Date |
false |
filter.toDate |
Varies |
Must not be null |
To Date |
false |
filter.sizeFrom |
Number |
Must not be null |
Size From |
false |
filter.sizeTo |
Number |
Must not be null |
Size To |
false |
filter.status |
Number |
Must not be null |
Status |
false |
filter.batchName |
String |
Must not be null |
Batch Name |
false |
filter.pagingSettings |
Object |
Paging Settings |
false |
|
filter.pagingSettings.pageIndex |
Number |
Must not be null |
Page Index |
false |
filter.pagingSettings.pageSize |
Number |
Must not be null |
Page Size |
false |
filter.pagingSettings.totalCount |
Number |
Must not be null |
Total Count |
false |
sortColumns |
Null |
Sort Columns |
false |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Batch ID |
|
|
Order Number |
|
|
Creation Date |
|
|
Profile |
|
|
Size |
|
|
Status |
|
|
Is Rejectable |
|
|
Is active |
|
|
Batch Name |
|
|
Reject Reason |
|
|
Generator Parameters Values |
|
|
User ID |
|
|
Is Downloadable |
|
|
totalCount |
More details about batch statuses see in this chapter
Get Batch by ID
Get batch information by batchId.
User must be authenticated with role 'USER' and has permission to read this batch.
HTTP request
GET /api/v1/batches/1 HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 336
{
"batchId" : 1,
"orderNumber" : 10,
"creationDate" : "Wed Mar 27 12:52:38 EDT 2024",
"profile" : "Profile",
"size" : 10,
"status" : "Normal",
"active" : true,
"batchName" : "Batch Name",
"rejectReason" : "Reason",
"generatorParametersValues" : { },
"userId" : 10,
"downloadable" : true,
"rejectable" : false
}Path parameters
| Parameter | Description |
|---|---|
|
Batch ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Batch ID |
|
|
Order Number |
|
|
Creation date |
|
|
Profile |
|
|
Size |
|
|
Status |
|
|
Is active |
|
|
Batch name |
|
|
Reject Reason |
|
|
Parameters |
|
|
User ID |
|
|
Is rejectadle |
|
|
Is downloadable |
More details about batch statuses see in this chapter
Create batch
Create New Batch Using Serialization (generator).
User must be authenticated with role 'USER' and has permission to create request.
Preparation:
/api/v1/profiles - get list of available profiles. Use it to select profileId. UI is usable for this also,
/api/v1/generators - provides data for generatorParams. You need ot use "name" as a key,
/api/v1/profiles/{profileId}/parameters - provides data for profileParams You need ot use "name" as a key,
You do not need to determine parameters list for generatorParams and profileParams before each call. It need to be revised "only" when you profile has been changed. You may get http code 400 if supplied values in profileParams fails to validate over rules specified in "profile".
Response Status Codes:
code = 200, message = "Ok", response=CertificateBatchInfo.class,
code = 400, message = "Bad Request. Validation failed.",
code = 401, message = "Unauthorized",
code = 403, message = "Forbidden"
HTTP request
PUT /api/v1/batches HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Content-Length: 337
Host: localhost:8080
{
"authorityId" : 11,
"batchName" : "Batch Name",
"generatorId" : 11,
"generatorParams" : {
"increment" : "1",
"startValue" : "0"
},
"batchSize" : 1,
"profileParams" : {
"commonName" : "name",
"additionalInformation" : "name",
"dNSName" : "name.name",
"pkcs12Password" : "1",
"years" : "1"
}
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 336
{
"batchId" : 1,
"orderNumber" : 10,
"creationDate" : "Wed Mar 27 12:52:38 EDT 2024",
"profile" : "Profile",
"size" : 10,
"status" : "Normal",
"active" : true,
"batchName" : "Batch Name",
"rejectReason" : "Reason",
"generatorParametersValues" : { },
"userId" : 10,
"downloadable" : true,
"rejectable" : false
}Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
authorityId |
Number |
Must be positive or zero. |
Authority Id |
false |
batchName |
String |
Size must be between 0 and 255 inclusive |
Batch name |
false |
generatorId |
Number |
Must be positive. |
Generator Id |
false |
generatorParams |
Object |
Map<String, Object> |
Sort Columns |
false |
generatorParams.startValue |
String |
Value fields Generator Parameters should not be empty |
Start Value |
false |
generatorParams.increment |
String |
Value fields Generator Parameters should not be empty |
Increment |
false |
batchSize |
Number |
Must not be empty |
Batch size |
false |
profileParams |
Object |
Map<String, Object> |
Sort Columns |
false |
profileParams.years |
String |
Value fields Profile Parameters should not be empty |
years |
false |
profileParams.commonName |
String |
Value fields Profile Parameters should not be empty |
commonName |
false |
profileParams.additionalInformation |
String |
Value fields Profile Parameters should not be empty |
additionalInformation |
false |
profileParams.dNSName |
String |
Value fields Profile Parameters should not be empty |
dNSName |
false |
profileParams.pkcs12Password |
String |
Value fields Profile Parameters should not be empty |
pkcs 12 Password |
false |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Batch ID |
|
|
Order Number |
|
|
Creation Date |
|
|
Profile |
|
|
Size |
|
|
Status |
|
|
Is Rejectable |
|
|
Is active |
|
|
Batch Name |
|
|
Reject Reason |
|
|
Generator Parameters Values |
|
|
User ID |
|
|
Downloadable |
More details about batch statuses see in this chapter
Create Single Certificate batch
Create New Single Certificate Batch.
User must be authenticated with role 'USER' and has permission to create request.
You may get http code 400 if supplied values in profileParams fails to validate overrules specified in "profile".
Response Status Codes:
code = 200, message = "Ok", response=CertificateBatchInfo.class,
code = 400, message = "Bad Request. Validation failed.",
code = 401, message = "Unauthorized",
code = 403, message = "Forbidden"
HTTP request
PUT /api/v1/batches/createSingleCertBatch HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Content-Length: 248
Host: localhost:8080
{
"authorityId" : 11,
"batchName" : "single_batch",
"profileParams" : {
"additionalInformation" : "info",
"macAddress" : "00:00:00:00:00:00",
"deviceClass" : "Surface Vehicle",
"pkcs12Password" : "111",
"years" : "1"
}
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 336
{
"batchId" : 1,
"orderNumber" : 10,
"creationDate" : "Wed Mar 27 12:52:38 EDT 2024",
"profile" : "Profile",
"size" : 10,
"status" : "Normal",
"active" : true,
"batchName" : "Batch Name",
"rejectReason" : "Reason",
"generatorParametersValues" : { },
"userId" : 10,
"downloadable" : true,
"rejectable" : false
}Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
authorityId |
Number |
Authority Id |
false |
|
batchName |
String |
Batch name |
false |
|
profileParams |
Object |
Map<String, Object> |
Sort Columns |
false |
profileParams.additionalInformation |
String |
Value fields Profile Parameters should not be empty |
Additional Information |
false |
profileParams.deviceClass |
String |
Value fields Profile Parameters should not be empty |
Device Class |
false |
profileParams.macAddress |
String |
Value fields Profile Parameters should not be empty |
MAC Address |
false |
profileParams.years |
String |
Value fields Profile Parameters should not be empty |
Years |
false |
profileParams.pkcs12Password |
String |
Value fields Profile Parameters should not be empty |
pkcs 12 Password |
false |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Batch ID |
|
|
Order Number |
|
|
Creation Date |
|
|
Profile |
|
|
Size |
|
|
Status |
|
|
Is Rejectable |
|
|
Is active |
|
|
Batch Name |
|
|
Reject Reason |
|
|
Generator Parameters Values |
|
|
User ID |
|
|
Downloadable |
Reject Batch
Allows you to reject a batch by batchId and specify the reason for rejection.
User must be authenticated with role 'USER' and has permission to update this batch.
HTTP request
DELETE /api/v1/batches/1 HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Content-Length: 13
Host: localhost:8080
Reject reasonHTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersPath parameters
| Parameter | Description |
|---|---|
|
Batch ID |
More details about batch statuses see in this chapter
Batches Preview
View batch information. View information about the new batch in the confirmation popup window.
User must be authenticated with role 'USER' and has permission to create request.
HTTP request
PUT /api/v1/batches/preview HTTP/1.1
Content-Type: application/json;charset=utf-8
Content-Length: 337
Host: localhost:8080
{
"authorityId" : 11,
"batchName" : "Batch Name",
"generatorId" : 11,
"generatorParams" : {
"increment" : "1",
"startValue" : "0"
},
"batchSize" : 1,
"profileParams" : {
"commonName" : "name",
"additionalInformation" : "name",
"dNSName" : "name.name",
"pkcs12Password" : "1",
"years" : "1"
}
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 155
{
"commonName" : "0name",
"additionalInformation" : "0name",
"serials" : "0",
"dNSName" : "0name.name",
"pkcs12Password" : "1",
"years" : "1"
}Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
authorityId |
Number |
Must be positive or zero. |
Authority Id |
false |
batchName |
String |
Size must be between 0 and 255 inclusive |
Batch name |
false |
generatorId |
Number |
Must be positive. |
Generator Id |
false |
generatorParams |
Object |
Map<String, Object> |
Sort Columns |
false |
generatorParams.startValue |
String |
Value fields Generator Parameters should not be empty |
Start Value |
false |
generatorParams.increment |
String |
Value fields Generator Parameters should not be empty |
Increment |
false |
batchSize |
Number |
Must not be empty |
Batch size |
false |
profileParams |
Object |
Map<String, Object> |
Sort Columns |
false |
profileParams.years |
String |
Value fields Profile Parameters should not be empty |
years |
false |
profileParams.commonName |
String |
Value fields Profile Parameters should not be empty |
commonName |
false |
profileParams.additionalInformation |
String |
Value fields Profile Parameters should not be empty |
additionalInformation |
false |
profileParams.dNSName |
String |
Value fields Profile Parameters should not be empty |
dNSName |
false |
profileParams.pkcs12Password |
String |
Value fields Profile Parameters should not be empty |
pkcs 12 Password |
false |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Common Name |
|
|
Additional Information |
|
|
Serials |
|
|
DNS Name |
|
|
pkcs 12 Password |
|
|
Years |
More details about batch statuses see in this chapter
Get Processing Info
View batch processing status by batchId.
User must be authenticated with role 'USER' and has permission to read this batch.
HTTP request
GET /api/v1/batches/1/processing_info HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 51
{
"active" : 1,
"success" : 1,
"failed" : 0
}Path parameters
| Parameter | Description |
|---|---|
|
Batch ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Active |
|
|
Success |
|
|
Failed |
More details about batch statuses see in this chapter
Get Batch Audit Log
View batch processing history.
User must be authenticated with role 'USER' and has permission to read this batch.
HTTP request
GET /api/v1/batches/1/auditLog HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 172
[ {
"logId" : "25c76d87-bf8f-4daa-9d4f-3498af54f717",
"batchId" : 0,
"logType" : "test",
"userName" : "UserName",
"dateTime" : "2002",
"message" : "Message"
} ]Path parameters
| Parameter | Description |
|---|---|
|
Batch ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Log ID |
|
|
Batch ID |
|
|
Log Type |
|
|
User Name |
|
|
Datetime |
|
|
Message |
More details about batch statuses see in this chapter
Get Batch Devices Audit Log
View batch devices processing history.
User must be authenticated with role 'USER' and has permission to read this batch.
HTTP request
GET /api/v1/batches/1/devices/auditLog?position=1 HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 177
[ {
"logId" : "d3884545-7a95-4343-bd23-c2eee8afdf05",
"deviceId" : "d4e7a354-a135-4777-b663-f8e7cdfd5f8e",
"cn" : "CN",
"dateTime" : "Today",
"message" : "Message"
} ]Path parameters
| Parameter | Description |
|---|---|
|
Batch ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Log ID |
|
|
Device ID |
|
|
Common Name |
|
|
Datetime |
|
|
Message |
Get Batch Status
View batch status by batchId.
User must be authenticated with role 'USER' and has permission to read this batch.
Statuses can be: "Ready for download", "Processing", "Failed" or "Not Acceptable. Status: ".
HTTP request
GET /api/v1/batches/1/status HTTP/1.1
Content-Type: application/json;charset=utf-8
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: text/plain;charset=UTF-8
Content-Length: 18
Ready for downloadPath parameters
| Parameter | Description |
|---|---|
|
Batch id |
More details about batch statuses see in this chapter
Batch Statuses
| Status | Description |
|---|---|
Pending Creation |
Pending when all certs from batch will be created |
Pending Issue |
Pending when all certs from batch will be issued |
Batch Issued Partly |
Part of certificates are created and issued successfully and ready to be downloaded, but some certificates have not been generated because of some errors |
Ready For Download |
All certificates are generated and ready to be downloaded |
Zip removed after expiration |
Batch was removed after expiration lifetime |
Processing Reject |
System rejecting all certificates from batch |
Processing Revoke |
System revoking all certificates from batch |
Rejected |
Batch was rejected for reasons given by the user. This is available only if batch has status Ready For Download or Batch Issued Partly and before downloading the batch. The balance will be restored |
Revoked |
Batch was revoked for reasons given by the user. This is available if batch has status Zip removed after expiration or Ready For Download or Batch Issued Partly, but only after downloading batch. The balance will not be restored |
Broken |
Batch was broken due to some errors (like "Batch type is UNDEFINED" or "Batch size does not correspond actual number of entries in file" or "Batch type is not supported") |
Certificate API
Certificate Search Request
Find Certificate Using 'commonName' and 'serialNumber'.
User must be authenticated.
HTTP request
POST /api/v1/certificates/find HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 95
Host: localhost:8080
{
"commonName" : "00:00:00:00:00:01",
"serialNumber" : "11B315A8146EF4AD3D1C0E18297F6FBC"
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 279
{
"items" : [ {
"deviceId" : "4b971c11-204a-4bad-9b95-d6ab7a85c748",
"commonName" : "00:00:00:00:00:01",
"serialNumber" : "11B315A8146EF4AD3D1C0E18297F6FBC",
"creationDate" : "Wed Jul 04 00:00:00 UTC 2018",
"status" : "COLLECTED"
} ],
"totalCount" : 1
}Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
commonName |
String |
Common Name |
false |
|
serialNumber |
String |
Serial Number |
false |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
items[].CertificateGridItem.deviceId |
|
|
items[].CertificateGridItem.commonName |
|
|
items[].CertificateGridItem.serialNumber |
|
|
items[].CertificateGridItem.creationDate |
|
|
items[].CertificateGridItem.status |
|
|
totalCount |
Revoke Certificates Request
Revoke Certificate List Using 'reasonCode' and List 'deviceIds'.
User must be authenticated and has permission to update profile.
HTTP request
POST /api/v1/certificates/revoke HTTP/1.1
Content-Type: application/json
Content-Length: 122
Host: localhost:8080
{
"reasonCode" : 0,
"deviceIds" : [ "06af2f28-2eef-4027-958e-fdee0fd7b5d3", "6edfaffc-c954-4281-ad11-db75baacae4d" ]
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersRequest fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
reasonCode |
Number |
Must be at least 0. |
Must be code from RFC 5280 |
false |
deviceIds |
Array |
Must not be empty. |
Array of number Device IDs for revocation |
false |
Revoke Certificate Request
Revoke Single Certificate Using 'profileId' and 'serialNumber'.
User must be authenticated and has permission to update profile.
HTTP request
POST /api/v1/certificates/1/revoke HTTP/1.1
Content-Type: application/json
Content-Length: 77
Host: localhost:8080
{
"reasonCode" : 0,
"serialNumber" : "0FEFC6B1C824FBA69772355C802B37A6"
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersPath parameters
| Parameter | Description |
|---|---|
|
Profile ID |
Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
reasonCode |
Number |
Must be at least 0. |
Must be code from RFC 5280 |
false |
serialNumber |
String |
Must not be blank |
Certificate serial number for revocation |
false |
Device API
Get ordered and issued report
Statistic for Ordered/Issued certificates (licenses used).
User must be authenticated with role 'USER'.
HTTP request
GET /api/v1/devices HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 36
{
"ordered" : 10,
"issued" : 8
}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Ordered |
|
|
Issued |
Download API
Download zip without delay
Download batch as a ZIP file without delay.
User must be authenticated with role 'USER' and batch must be readable.
HTTP request
GET /api/v1/batches/1/download HTTP/1.1
Accept:
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersEcoSystem API
Get ecosystem statistics
Get ecosystem statistic.
User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/ecosystems/statistics HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 261
{
"capacity" : 20,
"balance" : 30,
"used" : 10,
"ordered" : [ {
"dt" : "2024-03-27T12:52:41.114340538",
"total" : 5,
"devices" : 8
} ],
"issued" : [ {
"dt" : "2024-03-27T12:52:41.114364548",
"total" : 3,
"devices" : 6
} ]
}Response fields
| Path | Type | Description |
|---|---|---|
|
|
EcoSystem ID |
|
|
EcoSystem name |
|
|
Description |
|
|
Ordered total |
|
|
Ordered devices |
|
|
Ordered time |
|
|
Issued total |
|
|
Issued devices |
|
|
Issued time |
Get ecosystem admins
Get list all the admins in ecosystem.
User must be authenticated with role 'ADMIN'.
HTTP request
POST /api/v1/ecosystems/users HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 38
Host: localhost:8080
{
"searchLine" : "test@email.test"
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 430
[ {
"userId" : 1,
"firstName" : "John",
"lastName" : "Smith",
"phone" : "+38 800 555 3535",
"email" : "js@domain.dom",
"organizationId" : 1,
"organizationName" : "Domain",
"credentials" : {
"login" : "login1"
},
"userPrivileges" : [ {
"id" : 1,
"userRole" : "USER",
"ecosystemId" : 0,
"organizationId" : 1,
"accessibleProfiles" : [ 1 ]
} ],
"ecosystemId" : 0,
"isAdmin" : true
} ]Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
searchLine |
String |
Must match the regular expression: |
Search Line |
false |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
User ID |
|
|
First Name |
|
|
Last Name |
|
|
Phone |
|
|
|
|
|
Organization ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
|
|
Organization Name (@deprecated Use separate request to get organization name by ID) |
|
|
Credentials.Login |
|
|
User Privileges List<UserRoleDetailInfo> |
|
|
UserRoleDetailInfo.id |
|
|
UserRoleDetailInfo.UserRoles (USER, ORG_ADMIN, ECO_ADMIN; |
|
|
UserRoleDetailInfo.Ecosystem ID |
|
|
UserRoleDetailInfo.Organization ID |
|
|
UserRoleDetailInfo.Set<Long> Accessible Profiles |
|
|
Ecosystem ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
|
|
User admin flag (@deprecated Use corresponding field from UserRoleDetailInfo) |
Get admin ecosystem
Get available ecosystems for current user.
User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/ecosystems/ecosystem HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 129
{
"id" : 10,
"name" : "EcoSystem Name",
"description" : "Description",
"authorities" : "Authorities",
"capacity" : 20
}Response fields
| Path | Type | Description |
|---|---|---|
|
|
EcoSystem ID |
|
|
EcoSystem Name |
|
|
Description |
|
|
Authorities |
|
|
Capacity |
Get ecosystem balance
View balance for current user and current ecosystem.
User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/ecosystems/ecosystem/balance HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 1
1Get ecosystem admin
View ecosystem admin by userId.
User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/ecosystems/users/1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 426
{
"userId" : 1,
"firstName" : "John",
"lastName" : "Smith",
"phone" : "+38 800 555 3535",
"email" : "js@domain.dom",
"organizationId" : 1,
"organizationName" : "Domain",
"credentials" : {
"login" : "login1"
},
"userPrivileges" : [ {
"id" : 1,
"userRole" : "USER",
"ecosystemId" : 0,
"organizationId" : 1,
"accessibleProfiles" : [ 1 ]
} ],
"ecosystemId" : 0,
"isAdmin" : true
}Path parameters
| Parameter | Description |
|---|---|
|
User ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
User ID |
|
|
First Name |
|
|
Last Name |
|
|
Phone |
|
|
|
|
|
Organization ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
|
|
Organization Name (@deprecated Use separate request to get organization name by ID) |
|
|
Credentials.Login |
|
|
User Privileges List<UserRoleDetailInfo> |
|
|
UserRoleDetailInfo.id |
|
|
UserRoleDetailInfo.UserRoles (USER, ORG_ADMIN, ECO_ADMIN; |
|
|
UserRoleDetailInfo.Ecosystem ID |
|
|
UserRoleDetailInfo.Organization ID |
|
|
UserRoleDetailInfo.Set<Long> Accessible Profiles |
|
|
Ecosystem ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
|
|
User admin flag (@deprecated Use corresponding field from UserRoleDetailInfo) |
Update ecosystem admins contact detail
Update ecosystem admins contact detail.
User must be authenticated with role 'ADMIN'.
HTTP request
PUT /api/v1/ecosystems/users/1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 264
Host: localhost:8080
{
"firstName" : "John",
"lastName" : "Smith",
"phone" : "+38 800 555 3535",
"email" : "js@domain.dom",
"userPrivileges" : [ {
"id" : 1,
"userRole" : "USER",
"ecosystemId" : 0,
"organizationId" : 1,
"accessibleProfiles" : [ 1 ]
} ]
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersRequest fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
firstName |
String |
First Name |
false |
|
lastName |
String |
Last Name |
false |
|
phone |
String |
Phone |
false |
|
String |
false |
|||
userPrivileges[] |
Array |
User Privileges List<UserRoleDetailInfo> |
false |
|
userPrivileges[].id |
Number |
UserRoleDetailInfo.id |
false |
|
userPrivileges[].userRole |
String |
UserRoleDetailInfo.UserRoles (USER, ORG_ADMIN, ECO_ADMIN; |
false |
|
userPrivileges[].ecosystemId |
Number |
UserRoleDetailInfo.Ecosystem ID |
false |
|
userPrivileges[].organizationId |
Number |
UserRoleDetailInfo.Organization ID |
false |
|
userPrivileges[].accessibleProfiles[] |
Array |
UserRoleDetailInfo.Set<Long> Accessible Profiles |
false |
Generator API
Get generator parameters
List of available generators with parameters.
User must be authenticated with role 'USER' and has permission to read this profile.
notes="Only applicable generators for this profile will be returned. Generators is used to create sequences in 'batch seralization'
Param = accessible profileId, responseContainer="List", response=Generator.class
HTTP request
GET /api/v1/generators?profileId=1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 279
[ {
"generatorId" : 0,
"name" : "Generator Name",
"parameters" : [ {
"generatorParameterId" : 1,
"name" : "Test Name",
"label" : "Label",
"type" : "Type",
"required" : true,
"validator" : "test123",
"message" : "",
"value" : "Ff12"
} ]
} ]Query parameters
| Parameter | Description |
|---|---|
|
Profile Id |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Generator ID |
|
|
Generator Name |
|
|
Generator Parameters List<GeneratorParameterInfo> |
|
|
Generator Parameter Id |
|
|
GeneratorParameterInfo.Name - Parameter Name |
|
|
GeneratorParameterInfo.Label |
|
|
GeneratorParameterInfo.Type |
|
|
GeneratorParameterInfo.Is required |
|
|
GeneratorParameterInfo.Validator - regexp for validation |
|
|
GeneratorParameterInfo.Message - human readable message for failed validation |
|
|
Value |
Organization API
Get organization by ID
Get organization by organizationId.
User must be authenticated.
HTTP request
GET /api/v1/organizations/1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 707
{
"organizationId" : 1,
"organizationName" : "Test org name",
"address" : "Org Address",
"primaryContactName" : "Contact Name",
"primaryContactEmail" : "test@email.test",
"primaryContactPhone" : "+38 012 345 6789",
"manufactureId" : "10",
"logo" : "Org Logo",
"authorities" : [ {
"id" : 1,
"ecosystemId" : 2,
"signerCertificateId" : 3,
"ecosystemName" : "Name",
"balance" : 500,
"enabled" : true,
"profileId" : 1,
"profileName" : "Prof Name"
} ],
"ecosystemId" : 10,
"organizationParameters" : {
"ORGANIZATION" : "TestOrg",
"CITY" : "NY",
"COUNTRY" : "US",
"STATE" : "NY",
"MANUFACTURER_ID" : "1020"
},
"orgStatus" : "ACTIVE"
}Path parameters
| Parameter | Description |
|---|---|
|
Organization ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Organization ID |
|
|
Organization Name |
|
|
Organization Address |
|
|
Primary Contact Name |
|
|
Primary Contact Email |
|
|
Primary Contact Phone |
|
|
Manufactured ID |
|
|
Logo |
|
|
Organization Status |
|
|
Ecosystem ID |
|
|
Organization scope parameters |
|
|
Authority.ID |
|
|
Authority.Ecosystem ID |
|
|
Authority.Signer Certificate ID |
|
|
Authority.Ecosystem Name |
|
|
Authority.Balance |
|
|
Authority.Enabled |
|
|
Authority.Profile ID |
|
|
Authority.Profile Name |
|
|
Organization Parameters MANUFACTURER_ID |
|
|
Organization Parameters ORGANIZATION |
|
|
Organization Parameters CITY |
|
|
Organization Parameters STATE |
|
|
Organization Parameters COUNTRY |
Get all organizations
Get available organizations list.
User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/organizations?page=1&size=1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 711
[ {
"organizationId" : 1,
"organizationName" : "Test org name",
"address" : "Org Address",
"primaryContactName" : "Contact Name",
"primaryContactEmail" : "test@email.test",
"primaryContactPhone" : "+38 012 345 6789",
"manufactureId" : "10",
"logo" : "Org Logo",
"authorities" : [ {
"id" : 1,
"ecosystemId" : 2,
"signerCertificateId" : 3,
"ecosystemName" : "Name",
"balance" : 500,
"enabled" : true,
"profileId" : 1,
"profileName" : "Prof Name"
} ],
"ecosystemId" : 10,
"organizationParameters" : {
"ORGANIZATION" : "TestOrg",
"CITY" : "NY",
"COUNTRY" : "US",
"STATE" : "NY",
"MANUFACTURER_ID" : "1020"
},
"orgStatus" : "ACTIVE"
} ]Query parameters
| Parameter | Description |
|---|---|
|
Page number. If not set the value by default is 0 |
|
Size. Maximum value is 50. If not set the value by default is 50 |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Organization ID |
|
|
Organization Name |
|
|
Organization Address |
|
|
Primary Contact Name |
|
|
Primary Contact Email |
|
|
Primary Contact Phone |
|
|
Manufactured ID |
|
|
Logo |
|
|
Organization Status |
|
|
Ecosystem ID |
|
|
Organization scope parameters |
|
|
Authority.ID |
|
|
Authority.Ecosystem ID |
|
|
Authority.Signer Certificate ID |
|
|
Authority.Ecosystem Name |
|
|
Authority.Balance |
|
|
Authority.Enabled |
|
|
Authority.Profile ID |
|
|
Authority.Profile Name |
|
|
Organization Parameters MANUFACTURER_ID |
|
|
Organization Parameters ORGANIZATION |
|
|
Organization Parameters CITY |
|
|
Organization Parameters STATE |
|
|
Organization Parameters COUNTRY |
Create Organization
Create Organization.
User must be authenticated with role 'ADMIN'.
Created Organization ID in response body.
HTTP request
POST /api/v1/organizations HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Content-Length: 265
Host: localhost:8080
{
"organizationName" : "Org. Name",
"address" : "Street 1",
"primaryContactName" : "John",
"primaryContactEmail" : "j.smith@example.com",
"primaryContactPhone" : "+38 012 345 6789",
"orgStatus" : "ACTIVE",
"manufactureId" : "1020",
"logo" : "Logo"
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 1
0Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
organizationName |
String |
Must not be empty. |
Organization name |
false |
address |
String |
Must not be empty. |
Organization address |
false |
primaryContactName |
String |
Must not be empty. |
Primary Contact Name |
false |
primaryContactEmail |
String |
Must be a well-formed email address. |
Primary Contact Email |
false |
primaryContactPhone |
String |
Must match the regular expression: Must not be empty |
Primary Contact Phone |
false |
manufactureId |
String |
Manufacture ID |
false |
|
logo |
String |
Organization Logo |
false |
|
orgStatus |
String |
Organization Status |
false |
Response body
0Update Organization
Update Organization.
User must be authenticated with role 'ADMIN'.
HTTP request
PUT /api/v1/organizations HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Content-Length: 410
Host: localhost:8080
{
"organizationId" : 1,
"address" : "Street 1",
"primaryContactName" : "John",
"primaryContactEmail" : "j.smith@example.com",
"primaryContactPhone" : "+38 012 345 6789",
"orgStatus" : "ACTIVE",
"manufactureId" : "1",
"logo" : "LOGO",
"organizationParameters" : {
"ORGANIZATION" : "TestOrg",
"CITY" : "NY",
"COUNTRY" : "US",
"STATE" : "NY",
"MANUFACTURER_ID" : "1020"
}
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersRequest fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
organizationId |
Number |
Organization ID |
false |
|
address |
String |
Must not be empty. |
Organization address |
false |
primaryContactName |
String |
Must not be empty. |
Primary Contact Name |
false |
primaryContactEmail |
String |
Must be a well-formed email address. |
Primary Contact Email |
false |
primaryContactPhone |
String |
Must match the regular expression: Must not be empty |
Primary Contact Phone |
false |
manufactureId |
String |
Manufacture ID |
false |
|
logo |
String |
Organization Logo |
false |
|
orgStatus |
String |
Organization Status |
false |
|
organizationParameters |
Object |
OrganizationParameters |
true |
|
organizationParameters.MANUFACTURER_ID |
String |
Organization Parameters MANUFACTURER_ID |
true |
|
organizationParameters.ORGANIZATION |
String |
Organization Parameters ORGANIZATION |
true |
|
organizationParameters.CITY |
String |
Organization Parameters CITY |
true |
|
organizationParameters.STATE |
String |
Organization Parameters STATE |
true |
|
organizationParameters.COUNTRY |
String |
Organization Parameters COUNTRY |
true |
Get Organization for Current User
Get Organization for current user. User must be authenticated 'USER'.
HTTP request
GET /api/v1/organizations/user HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 707
{
"organizationId" : 1,
"organizationName" : "Test org name",
"address" : "Org Address",
"primaryContactName" : "Contact Name",
"primaryContactEmail" : "test@email.test",
"primaryContactPhone" : "+38 012 345 6789",
"manufactureId" : "10",
"logo" : "Org Logo",
"authorities" : [ {
"id" : 1,
"ecosystemId" : 2,
"signerCertificateId" : 3,
"ecosystemName" : "Name",
"balance" : 500,
"enabled" : true,
"profileId" : 1,
"profileName" : "Prof Name"
} ],
"ecosystemId" : 10,
"organizationParameters" : {
"ORGANIZATION" : "TestOrg",
"CITY" : "NY",
"COUNTRY" : "US",
"STATE" : "NY",
"MANUFACTURER_ID" : "1020"
},
"orgStatus" : "ACTIVE"
}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Organization ID |
|
|
Organization Name |
|
|
Organization Address |
|
|
Primary Contact Name |
|
|
Primary Contact Email |
|
|
Primary Contact Phone |
|
|
Manufactured ID |
|
|
Logo |
|
|
Organization Status |
|
|
Ecosystem ID |
|
|
Organization scope parameters |
|
|
Authority.ID |
|
|
Authority.Ecosystem ID |
|
|
Authority.Signer Certificate ID |
|
|
Authority.Ecosystem Name |
|
|
Authority.Balance |
|
|
Authority.Enabled |
|
|
Authority.Profile ID |
|
|
Authority.Profile Name |
|
|
Organization Parameters MANUFACTURER_ID |
|
|
Organization Parameters ORGANIZATION |
|
|
Organization Parameters CITY |
|
|
Organization Parameters STATE |
|
|
Organization Parameters COUNTRY |
Get Organization List Items
Get organization items list.
User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/organizations/select/items HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 41
[ {
"id" : 5,
"name" : "itemName"
} ]Response fields
| Path | Type | Description |
|---|---|---|
|
|
ID |
|
|
Name |
Update organization authority
User must be authenticated with role 'ADMIN'.
HTTP request
POST /api/v1/organizations/1/authority HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 278
Host: localhost:8080
{
"addedBalance" : 1,
"profileName" : "Prof name",
"balance" : 1,
"signerCertificateId" : 1,
"usedBalance" : 1,
"profileId" : 1,
"ecosystemName" : "Ecosystem Name",
"id" : 1,
"extId" : 1,
"totalEcosystemBalance" : 1,
"ecosystemId" : 1,
"enabled" : true
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 235
{
"id" : 1,
"ecosystemId" : 2,
"signerCertificateId" : 3,
"ecosystemName" : "Name",
"balance" : 500,
"enabled" : true,
"usedBalance" : 5,
"profileId" : 1,
"profileName" : "Prof Name",
"totalEcosystemBalance" : 300
}Path parameters
| Parameter | Description |
|---|---|
|
Organization ID |
Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
id |
Number |
ID |
false |
|
ecosystemId |
Number |
Ecosystem ID |
false |
|
signerCertificateId |
Number |
Signer Certificate ID |
false |
|
ecosystemName |
String |
Ecosystem Name |
false |
|
balance |
Number |
Balance |
false |
|
enabled |
Boolean |
Is Enabled |
false |
|
addedBalance |
Number |
Added Balance |
false |
|
usedBalance |
Number |
Used Balance |
false |
|
extId |
Number |
Ext ID |
false |
|
profileId |
Number |
Profile ID |
false |
|
profileName |
String |
Profile Name |
false |
|
totalEcosystemBalance |
Number |
Total Ecosystem Balance |
false |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
ID |
|
|
Ecosystem ID |
|
|
Signer Certificate ID |
|
|
Ecosystem Name |
|
|
Balance |
|
|
Enabled |
|
|
Used Balance |
|
|
Profile ID |
|
|
Profile Name |
|
|
Total Ecosystem Balance |
Add Organization Authorities
Added organization authorities. User must be authenticated with role 'ADMIN'.
HTTP request
PUT /api/v1/organizations/1/authority/1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersPath parameters
| Parameter | Description |
|---|---|
|
Organization ID |
|
Authority ID |
Update Organization Authority
Change organization authority balance by "organizationId".
User must be authenticated with role 'ADMIN'.
HTTP request
PUT /api/v1/organizations/1/authorities/2 HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 39
Host: localhost:8080
{
"balance" : 1,
"enabled" : true
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 185
{
"id" : 1,
"enabled" : true,
"balance" : 100,
"usedBalance" : 10,
"availableBalance" : 90,
"profileId" : 20,
"profileName" : "Test Name",
"totalEcosystemBalance" : 40
}Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
enabled |
Boolean |
Enabled |
false |
|
balance |
Number |
Balance |
false |
Path parameters
| Parameter | Description |
|---|---|
|
Organization ID |
|
Authority ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
ID |
|
|
Is enabled |
|
|
Balance |
|
|
Used Balance |
|
|
Available Balance |
|
|
Profile ID |
|
|
Profile Name |
|
|
Total Ecosystem Balance |
Remove Organization Authorities
User must be authenticated with role 'ADMIN'.
HTTP request
DELETE /api/v1/organizations/1/authority/1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersPath parameters
| Parameter | Description |
|---|---|
|
Organization ID |
|
Authority ID |
Check if organization exists
Check whether an organization with a “name” exists in the system. Return “false” if it does not exist, “true” if it exists. User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/organizations/check_organization?name=organizationName HTTP/1.1
Content-Type: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 4
trueQuery parameters
| Parameter | Description |
|---|---|
|
Organization name |
Get Organization Authorities
Get List of all Organization Authorities by "organizationId".
User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/organizations/1/all_authorities HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080Path parameters
| Parameter | Description |
|---|---|
|
Organization ID |
HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 189
[ {
"id" : 1,
"enabled" : true,
"balance" : 100,
"usedBalance" : 10,
"availableBalance" : 90,
"profileId" : 20,
"profileName" : "Test Name",
"totalEcosystemBalance" : 40
} ]Response fields
| Path | Type | Description |
|---|---|---|
|
|
AuthorityManagementItem.class.ID |
|
|
AuthorityManagementItem.class.Is enabled |
|
|
AuthorityManagementItem.class.Balance |
|
|
AuthorityManagementItem.class.Used Balance |
|
|
AuthorityManagementItem.class.Available Balance |
|
|
AuthorityManagementItem.class.Profile ID |
|
|
AuthorityManagementItem.class.Profile Name |
|
|
AuthorityManagementItem.class.Total Ecosystem Balance |
Get Organization Parameters
Get Organization Parameters.
User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/organizations/profile_parameters/1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 117
{
"ORGANIZATION" : "TestOrg",
"CITY" : "NY",
"COUNTRY" : "US",
"STATE" : "NY",
"MANUFACTURER_ID" : "1020"
}Path parameters
| Parameter | Description |
|---|---|
|
Organization ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Organization Parameters MANUFACTURER_ID |
|
|
Organization Parameters ORGANIZATION |
|
|
Organization Parameters CITY |
|
|
Organization Parameters STATE |
|
|
Organization Parameters COUNTRY |
Profile API
Get All Profiles
View all profiles.
User must be authenticated 'ADMIN'.
HTTP request
GET /api/v1/profiles HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 366
[ {
"profileId" : 1,
"algorithms" : [ "EC:P-256" ],
"ca" : "ECC Device Certificate"
}, {
"profileId" : 2,
"algorithms" : [ "EC:P-256" ],
"ca" : "ECC Server Certificate"
}, {
"profileId" : 3,
"algorithms" : [ "RSA:2048" ],
"ca" : "RSA Device Certificate"
}, {
"profileId" : 4,
"algorithms" : [ "RSA:2048" ],
"ca" : "RSA Server Certificate"
} ]Response fields
| Path | Type | Description |
|---|---|---|
|
|
ProfileId |
|
|
Ca |
|
|
List<String> algorithms (RSA:4096,RSA:2048,SHA:224) |
Get Profile by ID
Get Profile by profileId.
User must be authenticated with role 'ADMIN' or 'USER' and permission to read this profile.
HTTP request
GET /api/v1/profiles/1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 2890
{
"profileName" : "ECC Device Certificate",
"profileId" : 11,
"rawProfileConfig" : "{\"Issuer\": {\"source\": \"IssuerCertificate.Subject\"}, \"PKCS12\": {\"CertBag\": {\"type\": \"pkcs12CertBag\", \"source\": [\"Default\"], \"syntax\": \"String:leaf,leaf+issuer,leaf+issuer+root\", \"default\": \"leaf+issuer+root\", \"optional\": true}, \"Password\": {\"type\": \"pkcs12Password\", \"source\": [\"Batch.pkcs12Password\"], \"optional\": true}}, \"Subject\": {\"attributes\": [{\"type\": \"countryName\", \"source\": [\"Default\"], \"default\": \"GB\"}, {\"type\": \"stateOrProvinceName\", \"source\": [\"Default\"], \"default\": \"Greater Manchester\"}, {\"type\": \"localityName\", \"source\": [\"Default\"], \"default\": \"Salford\"}, {\"type\": \"organizationName\", \"source\": [\"Default\"], \"default\": \"COMODO CA Limited\"}, {\"type\": \"organizationalUnitName\", \"source\": [\"CSR.Subject.organizationalUnitName\", \"Request.additionalInformation\"], \"optional\": true, \"description\": \"When included, this reflects the end customer\"}, {\"type\": \"commonName\", \"source\": [\"CSR.Subject.commonName\", \"Request.macAddress\"], \"syntax\": \"MACAddress\", \"description\": \"MAC Address\"}]}, \"Version\": \"v3\", \"Validity\": {\"period\": {\"type\": \"validityPeriod\", \"source\": [\"Request.years\", \"Batch.years\", \"Profile.years\"], \"syntax\": \"Integer:1,2,3\", \"optional\": true, \"description\": \"Certificate validity period (in years; default = 1 year)\"}, \"default\": {\"years\": 1}, \"notBefore\": {\"source\": \"System.Clock\"}}, \"Extensions\": {\"KeyUsage\": {\"bits\": [\"digitalSignature\", \"keyAgreement\"], \"critical\": true}, \"ExtendedKeyUsage\": {\"critical\": false, \"purposes\": [\"id-kp-clientAuth\"]}, \"AuthorityInfoAccess\": {\"critical\": false, \"ocspURLs\": [\"http://ocsp.demo.iot.comodoca.com\"]}, \"CRLDistributionPoints\": {\"critical\": false, \"validityPeriod\": \"4 days\", \"issuanceFrequency\": \"12 hours\", \"distributionPointURLs\": [\"http://crl.demo.iot.comodoca.com/COMODOCAIoTECCDEMOIntermediateCA01.crl\"]}, \"AuthorityKeyIdentifier\": {\"critical\": false, \"keyIdentifier\": {\"source\": \"IssuerCertificate.SubjectKeyIdentifier\"}}, \"SubjectAlternativeName\": {\"critical\": false, \"generalNames\": [{\"type\": \"otherName:AeroMACS_DeviceClass\", \"source\": [\"CSR.SubjectAlternativeName.otherName\", \"Request.deviceClass\", \"Batch.deviceClass\"], \"syntax\": \"String:Aircraft,Surface Vehicle,Video Sensor,Ground Critical,Ground Default\"}]}}, \"SerialNumber\": {\"length\": 16, \"generator\": \"CSPRNG\"}, \"SignatureAlgorithm\": {\"name\": \"ecdsa-with-SHA256\"}, \"SubjectPublicKeyInfo\": {\"type\": \"subjectPublicKeyInfo\", \"source\": [\"CSR.SubjectPublicKeyInfo\", \"KeypairQueue.der_spki\"], \"syntax\": \"EC:P-256\"}}",
"name" : "ECC Device Certificate",
"keyAlgorithmInfo" : "EC:P-256"
}Path parameters
| Parameter | Description |
|---|---|
|
Profile ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Profile Id |
|
|
Name |
|
|
Profile Name |
|
|
Key Algorithm Info (RSA:4096,RSA:2048,SHA:224) |
|
|
Raw Profile Config |
Get Profile Balance
Get profile balance.
User must be authenticated with role 'USER'.
Return available profile balance in response body.
HTTP request
GET /api/v1/profiles/1/balance HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 1
1Path parameters
| Parameter | Description |
|---|---|
|
Profile ID |
Response body
1Get Profile Parameters
Get profile parameters.
User must be authenticated with role 'ADMIN' or 'USER'.
TemplateId should be used for role 'ADMIN' as request parameter.
ProfileId should be used for role 'USER' as request parameter.
HTTP request
GET /api/v1/profiles/1/parameters HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 340
[ {
"name" : "REQUEST",
"inputType" : "validityPeriod",
"required" : false,
"placeholder" : null,
"validationPattern" : "^(1|2|3){1}$",
"message" : "Valid integer values: 1,2,3",
"value" : null,
"title" : "Certificate validity period (in years; default = 1 year)",
"scopes" : [ "REQUEST", "BATCH" ],
"dynamic" : true
} ]Path parameters
| Parameter | Description |
|---|---|
|
Profile ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Name |
|
|
Input Type |
|
|
Required |
|
|
Placeholder |
|
|
Validation Pattern |
|
|
Message |
|
|
Value |
|
|
Title |
|
|
Set<ProfileParamScope> scopes ( UNDEFINED, BATCH, REQUEST, CSR, CSR_SUBJECT, ORGANIZATION) |
|
|
Dynamic |
Get Profile Subject DN
Returns profile subject DN by "profileId".
User must be authenticated with role 'ADMIN' or 'USER' and permission to read this profile.
HTTP request
GET /api/v1/profiles/1/dn HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 44
{
"key1" : "value1",
"key2" : "value2"
}Path parameters
| Parameter | Description |
|---|---|
|
Profile ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
value1 |
|
|
value2 |
Get Organization Profile Parameters
Get Organization Profile Parameters.
User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/profiles/organization_parameters HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 149
[ {
"name" : "MANUFACTURER_ID",
"type" : "number",
"pattern" : "^[0-9]{1,3}",
"message" : "Field must be a number in range from 0 to 999"
} ]Response fields
| Path | Type | Description |
|---|---|---|
|
|
Name |
|
|
Input Type |
|
|
Pattern |
|
|
Message |
Upload API
Upload CSR file
Upload CSR or bulk ZIP file…
User must be authenticated with role 'USER' and must have permission to read this profile.
Preparation:
/api/v1/profiles - get list of available profiles. Select and remember profileId. Or just go to UI and select ProfileId
Form Data Details:
csrBatchRequest
That part contains the batch parameters with a content-Disposition of form-data and a name parameter of csrBatchRequest. The filename parameter is not used. The Content-Type must be application/json. The json structure must include an authorityId field that matches profileID query parameter in the URL. The profileParams field must be an empty object if no query parameters are required.
CSR(s) part
That part contains the CSRs with a Content-Disposition of form-data and a name parameter of files. The filename parameter is not used. The Content-Type of the part should match the uploaded file. The uploaded CSRs can be a single text file with multiple CSRs in PEM form using standard BEGIN/END separators or a zip file containing multiple CSRs files. When uploading a single text file the Content-Type can be text/plain, application/octet-stream or application/x-x509-ca-cert. When uploading a zip file the Content-Type must be application/zip. The zip file must contain each CSR in a file with the extension .csr or .pem.
Request part-csrbatchrequest-body
{"profileParams":{"years":"1","deviceClass":"Surface Vehicle"}}Request part-csrbatchrequest-fields
| Path | Type | Description |
|---|---|---|
|
|
Device class |
|
|
Expiration time |
Query parameters
| Parameter | Description |
|---|---|
|
ProfileId Id |
Request part-files-body
org/springframework/restdocs/files/testCsr.pemHTTP request
POST /api/v1/batches/upload?profileId=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=6o2knFse3p53ty9dmcQvWAIx1zInP11uCfbm
Host: localhost:8080
--6o2knFse3p53ty9dmcQvWAIx1zInP11uCfbm
Content-Disposition: form-data; name=csrBatchRequest; filename=csrBatchRequest
Content-Type: application/json
{"profileParams":{"years":"1","deviceClass":"Surface Vehicle"}}
--6o2knFse3p53ty9dmcQvWAIx1zInP11uCfbm
Content-Disposition: form-data; name=files
org/springframework/restdocs/files/testCsr.pem
--6o2knFse3p53ty9dmcQvWAIx1zInP11uCfbm--HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 319
{
"batchId" : 1,
"orderNumber" : 10,
"creationDate" : "2018-12-30",
"profile" : "Profile",
"size" : 10,
"status" : "Normal",
"active" : true,
"batchName" : "Batch Name",
"rejectReason" : "Reason",
"generatorParametersValues" : { },
"userId" : 10,
"downloadable" : false,
"rejectable" : false
}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Batch ID |
|
|
Order Number |
|
|
Batch Creation Date |
|
|
Corresponding Profile Name |
|
|
Batch Size |
|
|
Batch Processing Status |
|
|
Active (true for all batches with status "CREATED","CN","CSR","BULK","APPLIED","AUTHORIZED","ISSUED") |
|
|
Name of the batch |
|
|
Batch Reject Reason |
|
|
Parameters |
|
|
User ID |
|
|
Rejectable ("true", in case if batch can be rejected). |
|
|
Downloadable ("true", in case if batches ready for download) |
Upload CSV file
Upload CSV file…
User must be authenticated with role 'USER' and must have permission to read this profile.
Preparation:
/api/v1/profiles - get list of available profiles. Select and remember profileId. Or just go to UI and select ProfileId
Form Data Details:
csrBatchRequest
That part contains the batch parameters with a content-Disposition of form-data and a name parameter of csrBatchRequest. The filename parameter is not used. The Content-Type must be application/json. The json structure must include an authorityId field that matches profileID query parameter in the URL. The profileParams field must be an empty object if no query parameters are required.
CSV(s) part
That part contains the CSV with a Content-Disposition of form-data and a name parameter of files. The filename parameter is not used. The Content-Type of the part should match the uploaded file.
The uploaded CSV should use the csv standard:
Character set: ASCII or UTF-8.
Header record: The first record in every file must be the header record, containing the list of field names. These headers can appear in any order. Header names are not case-sensitive.
Detail about content of the header you can see in the help message, displayed the csv upload dialog. For example: CSV File should include the first row with column names. Mandatory: 'macAddress', 'deviceClass'; Optional: 'years', 'additionalInformation'. Also, you can define rows that should be mentioned in the CSV by checking profile parameters (Get Profile Parameters).
Record delimiter: Every new record in the file should be on a new line.
Field delimiter: Every record consists of fields which are divided by a comma delimiter “,”.
Record structure: Every record must have the same sequence of fields, corresponding to the headers.
Request part-csrbatchrequest-body
{"profileParams":{"years":"1","deviceClass":"Surface Vehicle","pkcs12Password":"rsa"}}Request part-csrbatchrequest-fields
| Path | Type | Description |
|---|---|---|
|
|
Device class |
|
|
Pkcs12 password |
|
|
Expiration time |
Query parameters
| Parameter | Description |
|---|---|
|
ProfileId Id |
Request part-files-body
org/springframework/restdocs/files/testCsv.csvHTTP request
POST /api/v1/batches/upload-csv?profileId=1 HTTP/1.1
Content-Type: multipart/form-data; boundary=6o2knFse3p53ty9dmcQvWAIx1zInP11uCfbm
Host: localhost:8080
--6o2knFse3p53ty9dmcQvWAIx1zInP11uCfbm
Content-Disposition: form-data; name=files
org/springframework/restdocs/files/testCsv.csv
--6o2knFse3p53ty9dmcQvWAIx1zInP11uCfbm
Content-Disposition: form-data; name=csrBatchRequest; filename=csrBatchRequest
Content-Type: application/json
{"profileParams":{"years":"1","deviceClass":"Surface Vehicle","pkcs12Password":"rsa"}}
--6o2knFse3p53ty9dmcQvWAIx1zInP11uCfbm--HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 319
{
"batchId" : 1,
"orderNumber" : 10,
"creationDate" : "2018-12-30",
"profile" : "Profile",
"size" : 10,
"status" : "Normal",
"active" : true,
"batchName" : "Batch Name",
"rejectReason" : "Reason",
"generatorParametersValues" : { },
"userId" : 10,
"downloadable" : false,
"rejectable" : false
}Response fields
| Path | Type | Description |
|---|---|---|
|
|
Batch ID |
|
|
Order Number |
|
|
Batch Creation Date |
|
|
Corresponding Profile Name |
|
|
Batch Size |
|
|
Batch Processing Status |
|
|
Active (true for all batches with status "CREATED","CN","CSR","BULK","APPLIED","AUTHORIZED","ISSUED") |
|
|
Name of the batch |
|
|
Batch Reject Reason |
|
|
Parameters |
|
|
User ID |
|
|
Rejectable ("true", in case if batch can be rejected). |
|
|
Downloadable ("true", in case if batches ready for download) |
User API
Get user
Get current authenticated user info.
User must be authenticated.
HTTP request
GET /api/v1/users HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 427
{
"userId" : 1,
"firstName" : "John",
"lastName" : "Smith",
"phone" : "+38 800 555 3535",
"email" : "js@domain.dom",
"organizationId" : 1,
"organizationName" : "Domain",
"credentials" : {
"login" : "login1"
},
"userPrivileges" : [ {
"id" : 1,
"userRole" : "USER",
"ecosystemId" : 0,
"organizationId" : 1,
"accessibleProfiles" : [ 1 ]
} ],
"ecosystemId" : 0,
"isAdmin" : false
}Response fields
| Path | Type | Description |
|---|---|---|
|
|
User ID |
|
|
First Name |
|
|
Last Name |
|
|
Phone |
|
|
|
|
|
Organization ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
|
|
Organization Name (@deprecated Use separate request to get organization name by ID) |
|
|
Credentials.Login |
|
|
User Privileges List<UserRoleDetailInfo> |
|
|
UserRoleDetailInfo.id |
|
|
UserRoleDetailInfo.UserRoles (USER, ORG_ADMIN, ECO_ADMIN; |
|
|
UserRoleDetailInfo.Ecosystem ID |
|
|
UserRoleDetailInfo.Organization ID |
|
|
UserRoleDetailInfo.Set<Long> Accessible Profiles |
|
|
Ecosystem ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
|
|
User admin flag (@deprecated Use corresponding field from UserRoleDetailInfo) |
Get cra user
Get user by "userId" and "organizationId".
User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/users/1?organizationId=1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 427
{
"userId" : 1,
"firstName" : "John",
"lastName" : "Smith",
"phone" : "+38 800 555 3535",
"email" : "js@domain.dom",
"organizationId" : 1,
"organizationName" : "Domain",
"credentials" : {
"login" : "login1"
},
"userPrivileges" : [ {
"id" : 1,
"userRole" : "USER",
"ecosystemId" : 0,
"organizationId" : 1,
"accessibleProfiles" : [ 1 ]
} ],
"ecosystemId" : 0,
"isAdmin" : false
}Path parameters
| Parameter | Description |
|---|---|
|
User ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
User ID |
|
|
First Name |
|
|
Last Name |
|
|
Phone |
|
|
|
|
|
Organization ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
|
|
Organization Name (@deprecated Use separate request to get organization name by ID) |
|
|
Credentials.Login |
|
|
User Privileges List<UserRoleDetailInfo> |
|
|
UserRoleDetailInfo.id |
|
|
UserRoleDetailInfo.UserRoles (USER, ORG_ADMIN, ECO_ADMIN; |
|
|
UserRoleDetailInfo.Ecosystem ID |
|
|
UserRoleDetailInfo.Organization ID |
|
|
UserRoleDetailInfo.Set<Long> Accessible Profiles |
|
|
Ecosystem ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
|
|
User admin flag (@deprecated Use corresponding field from UserRoleDetailInfo) |
Get users
Get users for selected organization.
User must be authenticated with role 'ADMIN'.
HTTP request
POST /api/v1/users/organizations/1?role=user HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 27
Host: localhost:8080
{
"searchLine" : "test"
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 431
[ {
"userId" : 1,
"firstName" : "John",
"lastName" : "Smith",
"phone" : "+38 800 555 3535",
"email" : "js@domain.dom",
"organizationId" : 1,
"organizationName" : "Domain",
"credentials" : {
"login" : "login1"
},
"userPrivileges" : [ {
"id" : 1,
"userRole" : "USER",
"ecosystemId" : 0,
"organizationId" : 1,
"accessibleProfiles" : [ 1 ]
} ],
"ecosystemId" : 0,
"isAdmin" : false
} ]Path parameters
| Parameter | Description |
|---|---|
|
Organization ID |
Request body
{
"searchLine" : "test"
}Query parameters
| Parameter | Description |
|---|---|
|
User role |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
User ID |
|
|
First Name |
|
|
Last Name |
|
|
Phone |
|
|
|
|
|
Organization ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
|
|
Organization Name (@deprecated Use separate request to get organization name by ID) |
|
|
Credentials.Login |
|
|
User Privileges List<UserRoleDetailInfo> |
|
|
UserRoleDetailInfo.id |
|
|
UserRoleDetailInfo.UserRoles (USER, ORG_ADMIN, ECO_ADMIN; |
|
|
UserRoleDetailInfo.Ecosystem ID |
|
|
UserRoleDetailInfo.Organization ID |
|
|
UserRoleDetailInfo.Set<Long> Accessible Profiles |
|
|
Ecosystem ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
|
|
User admin flag (@deprecated Use corresponding field from UserRoleDetailInfo) |
Get User allowed Profiles
Get user allowed profiles.
User must be authenticated with role 'ADMIN' or 'USER'.
HTTP request
GET /api/v1/users/profiles?authorityId=1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 58
{
"profileId" : 1,
"algorithms" : [ ],
"ca" : "CA"
}Query parameters
| Parameter | Description |
|---|---|
|
Authority ID |
Response fields
| Path | Type | Description |
|---|---|---|
|
|
Profile ID |
|
|
Algorithms string array |
|
|
CA |
Update user credentials
Update user password.
User must be authenticated 'ADMIN'.
Either true or false should be in response body.
HTTP request
PUT /api/v1/users/credentials HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 106
Host: localhost:8080
{
"currentPassword" : "admin123",
"newPassword" : "qwerty123",
"repeatedNewPassword" : "qwerty123"
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 4
trueResponse body
trueUpdate User
Update user contact details and accessible profiles by "userId".
User must be authenticated with role 'ADMIN'.
HTTP request
PUT /api/v1/users/1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 273
Host: localhost:8080
{
"firstName" : "John",
"lastName" : "Smith",
"phone" : "+38 050 492 4110",
"email" : "j.smith@example.com",
"userPrivileges" : [ {
"id" : 1,
"userRole" : "USER",
"ecosystemId" : 1,
"organizationId" : 1,
"accessibleProfiles" : [ 1, 2 ]
} ]
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersRequest body
{
"firstName" : "John",
"lastName" : "Smith",
"phone" : "+38 050 492 4110",
"email" : "j.smith@example.com",
"userPrivileges" : [ {
"id" : 1,
"userRole" : "USER",
"ecosystemId" : 1,
"organizationId" : 1,
"accessibleProfiles" : [ 1, 2 ]
} ]
}Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
firstName |
String |
Must match the regular expression: Must not be empty |
User first name |
false |
lastName |
String |
Must match the regular expression: Must not be empty |
User last name |
false |
phone |
String |
Must match the regular expression: Must not be empty |
User phone |
false |
String |
Must be a well-formed email address. |
false |
||
userPrivileges[] |
Array |
User Privileges |
false |
|
userPrivileges[].id |
Number |
UserRoleDetailInfo.id |
false |
|
userPrivileges[].userRole |
String |
UserRoleDetailInfo.UserRoles (USER, ORG_ADMIN, ECO_ADMIN; |
false |
|
userPrivileges[].ecosystemId |
Number |
UserRoleDetailInfo.Ecosystem ID |
false |
|
userPrivileges[].organizationId |
Number |
UserRoleDetailInfo.Organization ID |
false |
|
userPrivileges[].accessibleProfiles[] |
Array |
UserRoleDetailInfo.Set<Long> Accessible Profiles |
false |
Path parameters
| Parameter | Description |
|---|---|
|
User ID |
Update current user
User must be authenticated with role 'ADMIN' or 'USER'.
HTTP request
PUT /api/v1/users/current HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 117
Host: localhost:8080
{
"firstName" : "John",
"lastName" : "Smith",
"phone" : "+38 050 492 4110",
"email" : "j.smith@example.com"
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersRequest body
{
"firstName" : "John",
"lastName" : "Smith",
"phone" : "+38 050 492 4110",
"email" : "j.smith@example.com"
}Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
firstName |
String |
Must match the regular expression: Must not be empty |
User first name |
false |
lastName |
String |
Must match the regular expression: Must not be empty |
User last name |
false |
phone |
String |
Must match the regular expression: Must not be empty |
User phone |
false |
String |
Must be a well-formed email address. |
User email |
false |
Update Email
User must be authenticated with role 'ADMIN' or 'USER'.
HTTP request
PUT /api/v1/users/update_email HTTP/1.1
Content-Type: application/json
Accept: application/json
Content-Length: 37
Host: localhost:8080
{
"email" : "j.smith@example.com"
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersRequest body
{
"email" : "j.smith@example.com"
}Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
String |
false |
Create User
Create new user.
User must be authenticated with role 'ADMIN'.
HTTP request
PUT /api/v1/users HTTP/1.1
Content-Type: application/json;charset=utf-8
Accept: application/json
Content-Length: 483
Host: localhost:8080
{
"userId" : null,
"firstName" : "John",
"lastName" : "Smith",
"phone" : "+38 050 492 4110",
"email" : "j.smith@example.com",
"organizationId" : 1,
"organizationName" : "Sample Org",
"credentials" : {
"login" : "eeeeeeeeeeeeeeeffffff",
"password" : "admin123"
},
"userPrivileges" : [ {
"id" : 1,
"userRole" : "USER",
"ecosystemId" : 0,
"organizationId" : 1,
"accessibleProfiles" : [ 1 ]
} ],
"ecosystemId" : 1,
"isAdmin" : true
}HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 1
1Request fields
| Path | Type | Constraints | Description | Optional |
|---|---|---|---|---|
userId |
Number |
User ID |
true |
|
firstName |
String |
Must match the regular expression: Must not be empty |
User first name |
false |
lastName |
String |
Must match the regular expression: Must not be empty |
User last name |
false |
phone |
String |
Must match the regular expression: Must not be empty |
User phone |
false |
String |
Must be a well-formed email address. |
false |
||
organizationId |
Number |
Organization ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
false |
|
organizationName |
String |
Organization Name (@deprecated Use separate request to get organization name by ID) |
false |
|
credentials |
Object |
User credentials |
false |
|
credentials.login |
String |
Login must be unique for whole system. Must not be empty. |
User login |
false |
credentials.password |
String |
Min length of the password is managed on ecosystem level. Must not be empty. |
User password. Other password policy requirements (like min length) |
false |
userPrivileges[] |
Array |
User Privileges |
false |
|
userPrivileges[].id |
Number |
UserRoleDetailInfo.id |
false |
|
userPrivileges[].userRole |
String |
UserRoleDetailInfo.UserRoles (USER, ORG_ADMIN, ECO_ADMIN; |
false |
|
userPrivileges[].ecosystemId |
Number |
UserRoleDetailInfo.Ecosystem ID |
false |
|
userPrivileges[].organizationId |
Number |
UserRoleDetailInfo.Organization ID |
false |
|
userPrivileges[].accessibleProfiles[] |
Array |
UserRoleDetailInfo.Set<Long> Accessible Profiles |
false |
|
ecosystemId |
Number |
Ecosystem ID (@deprecated Use corresponding field from UserRoleDetailInfo) |
false |
|
isAdmin |
Boolean |
User admin flag (@deprecated Use corresponding field from UserRoleDetailInfo) |
false |
Check E-mail for duplicates
User must be authenticated with role 'ADMIN' or 'USER'.
Either true or false response body is expected.
HTTP request
GET /api/v1/users/check_email?email=test@email HTTP/1.1
Content-Type: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 4
trueQuery parameters
| Parameter | Description |
|---|---|
|
Response body
trueCheck Username existence
[%hardbreaks]. User must be authenticated with role 'ADMIN'. Either true or false response body is expected.
HTTP request
GET /api/v1/users/check_user?username=testUser HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 4
trueQuery parameters
| Parameter | Description |
|---|---|
|
User name |
Response body
trueRemove user
Remove user by "userId".
User must be authenticated with role 'ADMIN'.
HTTP request
GET /api/v1/users/remove_user?userId=1 HTTP/1.1
Content-Type: application/json
Accept: application/json
Host: localhost:8080HTTP response
HTTP/1.1 200 OK
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-HeadersQuery parameters
| Parameter | Description |
|---|---|
|
User ID |