User Management (API)

PreviousAPI Reference NextClient Registry (API)

Last updated 16 days ago

Was this helpful?

LDAP configuration

GET/api/auth/ldap

Authorization

Response

LDAP configuration

Body

enabled*boolean

modestring

Request

const response = await fetch('/api/auth/ldap', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "enabled": false,
  "mode": "GROUP"
}

MFA configuration

GET/api/auth/mfa

Authorization

Response

MFA configuration

Body

enabled*boolean

Request

const response = await fetch('/api/auth/mfa', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "enabled": false
}

MS Entra ID configuration

GET/api/auth/msEntraId

Response

MS Entra ID configuration

Body

enabled*boolean

Request

const response = await fetch('/api/auth/msEntraId', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "enabled": false
}

Create a new user

POST/api/users

Authorization

Body

User to be created

username*string

autoGeneratedboolean

mqttPublishPrefixstring

passwordstring

identityProvider*enum

localldapmsentraid

grantTypes*array of object

certificatesarray of object

initialPermissionsarray of object

rolesarray of string

An array of roleId of the roles the new user should have. (Must be roleId, not role name.)

enforceMFAEnrollmentboolean

Response

Created

Body

idstring

usernamestring

autoGeneratedboolean

mqttPublishPrefixstring

identityProviderenum

localldapmsentraid

grantTypesarray of object

tokensarray of object

certificatesarray of object

rolesarray of object

mfa_is_enrolledboolean

enforceMFAEnrollmentboolean

Request

const response = await fetch('/api/users', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "username": "text",
      "identityProvider": "local",
      "grantTypes": [
        {}
      ]
    }),
});
const data = await response.json();

Response

{
  "id": "text",
  "username": "text",
  "autoGenerated": false,
  "mqttPublishPrefix": "text",
  "identityProvider": "local",
  "grantTypes": [
    {
      "method": "password",
      "isRequired": false
    }
  ],
  "tokens": [
    {
      "fingerprint": "text",
      "createdAt": "text",
      "expiresAt": "text",
      "label": "text"
    }
  ],
  "certificates": [
    {
      "fingerprint": "text",
      "createdAt": "text",
      "expiresAt": "text"
    }
  ],
  "roles": [
    {
      "id": "text",
      "name": "text",
      "isShared": false,
      "permissions": [
        {
          "id": "text",
          "resource": "text",
          "operation": "read",
          "context": "http"
        }
      ],
      "ldapGroupDn": "text",
      "msEntraIdGroupId": "text"
    }
  ],
  "mfa_is_enrolled": false,
  "enforceMFAEnrollment": false
}

List users

GET/api/listUsers

Authorization

Query parameters

Response

Object with array of users and pagination information

Body

usersarray of object

paginationobject

Request

const response = await fetch('/api/listUsers', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "users": [
    {
      "id": "text",
      "username": "text",
      "autoGenerated": false,
      "mqttPublishPrefix": "text",
      "identityProvider": "local",
      "grantTypes": [
        {
          "method": "password",
          "isRequired": false
        }
      ],
      "tokens": [
        {
          "fingerprint": "text",
          "createdAt": "text",
          "expiresAt": "text",
          "label": "text"
        }
      ],
      "certificates": [
        {
          "fingerprint": "text",
          "createdAt": "text",
          "expiresAt": "text"
        }
      ],
      "roles": [
        {
          "id": "text",
          "name": "text",
          "isShared": false,
          "permissions": [
            {
              "id": "text",
              "resource": "text",
              "operation": "read",
              "context": "http"
            }
          ],
          "ldapGroupDn": "text",
          "msEntraIdGroupId": "text"
        }
      ],
      "mfa_is_enrolled": false,
      "enforceMFAEnrollment": false
    }
  ],
  "pagination": {
    "totalPages": 0,
    "totalRows": 0,
    "totalRowsInPage": 0,
    "currentPage": 0,
    "nextPage": 0,
    "rowsPerPage": 0
  }
}

List all usernames

GET/api/users/usernames

Authorization

Response

Array of user ids

Body

usernamestring

idstring

Request

const response = await fetch('/api/users/usernames', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

[
  {
    "username": "text",
    "id": "text"
  }
]

List user ids

GET/api/users/ids

Authorization

Response

Array of user ids

Body

itemsstring

Request

const response = await fetch('/api/users/ids', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

[
  "text"
]

Create new users in batch

POST/api/users/batch

Authorization

Body

User to be created

username*string

autoGeneratedboolean

mqttPublishPrefixstring

passwordstring

identityProvider*enum

localldapmsentraid

grantTypes*array of object

certificatesarray of object

initialPermissionsarray of object

rolesarray of string

An array of roleId of the roles the new user should have. (Must be roleId, not role name.)

enforceMFAEnrollmentboolean

Response

Created

Body

itemsstring

Request

const response = await fetch('/api/users/batch', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify([
      {
        "username": "text",
        "identityProvider": "local",
        "grantTypes": [
          {}
        ]
      }
    ]),
});
const data = await response.json();

Response

[
  "text"
]

Delete users in batch

POST/api/users/batch/delete

Authorization

Body

User IDs to be deleted

itemsstring

Response

Request

const response = await fetch('/api/users/batch/delete', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify([
      "text"
    ]),
});
const data = await response.json();

Change user password

PUT/api/users/change-password

Authorization

Body

Credentials

passwordstring

newPasswordstring

Response

Changed

Request

const response = await fetch('/api/users/change-password', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({}),
});
const data = await response.json();

Get a specific user

GET/api/users/{id}

Authorization

Path parameters

id*string

Id of user

Response

User

Body

idstring

usernamestring

autoGeneratedboolean

mqttPublishPrefixstring

identityProviderenum

localldapmsentraid

grantTypesarray of object

tokensarray of object

certificatesarray of object

rolesarray of object

mfa_is_enrolledboolean

enforceMFAEnrollmentboolean

Request

const response = await fetch('/api/users/{id}', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "id": "text",
  "username": "text",
  "autoGenerated": false,
  "mqttPublishPrefix": "text",
  "identityProvider": "local",
  "grantTypes": [
    {
      "method": "password",
      "isRequired": false
    }
  ],
  "tokens": [
    {
      "fingerprint": "text",
      "createdAt": "text",
      "expiresAt": "text",
      "label": "text"
    }
  ],
  "certificates": [
    {
      "fingerprint": "text",
      "createdAt": "text",
      "expiresAt": "text"
    }
  ],
  "roles": [
    {
      "id": "text",
      "name": "text",
      "isShared": false,
      "permissions": [
        {
          "id": "text",
          "resource": "text",
          "operation": "read",
          "context": "http"
        }
      ],
      "ldapGroupDn": "text",
      "msEntraIdGroupId": "text"
    }
  ],
  "mfa_is_enrolled": false,
  "enforceMFAEnrollment": false
}

Update an existing user

PUT/api/users/{id}

Authorization

Path parameters

id*string

Id of user

Body

Data required for update of a user

usernamestring

passwordstring

mqttPublishPrefixstring

identityProviderenum

localldapmsentraid

grantTypesarray of object

rolesarray of string

An array of roleId of the roles the new user should have. (Must be roleId, not role name.)

permissionsarray of object

disableMfaboolean

Indicates that MFA for the given user should be disabled

enforceMFAEnrollmentboolean

Enforces the user to enroll MFA

Response

Body

idstring

usernamestring

autoGeneratedboolean

mqttPublishPrefixstring

identityProviderenum

localldapmsentraid

grantTypesarray of object

tokensarray of object

certificatesarray of object

rolesarray of object

mfa_is_enrolledboolean

enforceMFAEnrollmentboolean

Request

const response = await fetch('/api/users/{id}', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({}),
});
const data = await response.json();

Response

{
  "id": "text",
  "username": "text",
  "autoGenerated": false,
  "mqttPublishPrefix": "text",
  "identityProvider": "local",
  "grantTypes": [
    {
      "method": "password",
      "isRequired": false
    }
  ],
  "tokens": [
    {
      "fingerprint": "text",
      "createdAt": "text",
      "expiresAt": "text",
      "label": "text"
    }
  ],
  "certificates": [
    {
      "fingerprint": "text",
      "createdAt": "text",
      "expiresAt": "text"
    }
  ],
  "roles": [
    {
      "id": "text",
      "name": "text",
      "isShared": false,
      "permissions": [
        {
          "id": "text",
          "resource": "text",
          "operation": "read",
          "context": "http"
        }
      ],
      "ldapGroupDn": "text",
      "msEntraIdGroupId": "text"
    }
  ],
  "mfa_is_enrolled": false,
  "enforceMFAEnrollment": false
}

Delete an existing user

DELETE/api/users/{id}

Authorization

Path parameters

id*string

Id of user

Response

Request

const response = await fetch('/api/users/{id}', {
    method: 'DELETE',
    headers: {},
});
const data = await response.json();

Get all tokens generated by this user

GET/api/users/{id}/tokens

Authorization

Path parameters

id*string

Id of user

Response

List of user generated tokens

Body

fingerprintstring

createdAtstring

expiresAtstring

labelstring

Request

const response = await fetch('/api/users/{id}/tokens', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

[
  {
    "fingerprint": "text",
    "createdAt": "text",
    "expiresAt": "text",
    "label": "text"
  }
]

Delete all tokens generated by this user

DELETE/api/users/{id}/tokens

Authorization

Path parameters

id*string

Id of user

Query parameters

Response

Token(s) deleted

Request

const response = await fetch('/api/users/{id}/tokens', {
    method: 'DELETE',
    headers: {},
});
const data = await response.json();

Add a new certificate to a user

POST/api/users/{id}/certificates

Authorization

Path parameters

id*string

Id of user

Body

Certificate to be created

fingerprint*string

Response

Created

Request

const response = await fetch('/api/users/{id}/certificates', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "fingerprint": "text"
    }),
});
const data = await response.json();

Delete an existing certificate

DELETE/api/users/{id}/certificates

Authorization

Path parameters

id*string

Id of user

Body

Data required for deleting a certificate

fingerprint*string

Response

Request

const response = await fetch('/api/users/{id}/certificates', {
    method: 'DELETE',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "fingerprint": "text"
    }),
});
const data = await response.json();

Add a new role to a user

POST/api/users/{id}/roles

Authorization

Path parameters

id*string

Id of user

Body

Role to be added

roleId*string

Response

Created

Request

const response = await fetch('/api/users/{id}/roles', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "roleId": "text"
    }),
});
const data = await response.json();

Remove a role from a user

DELETE/api/users/{id}/roles

Authorization

Path parameters

id*string

Id of user

Body

Data required for deleting a role

roleId*string

Response

Request

const response = await fetch('/api/users/{id}/roles', {
    method: 'DELETE',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "roleId": "text"
    }),
});
const data = await response.json();

Create a new role

POST/api/roles

Authorization

Body

Role to be created

name*string

isShared*boolean

autoGeneratedboolean

permissionsarray of object

ldapGroupDnstring

msEntraIdGroupIdsstring

A comma separated list of MS Entra Id groups associated with this role

Response

Created

Body

idstring

namestring

isSharedboolean

permissionsarray of object

ldapGroupDnstring

msEntraIdGroupIdstring

A comma separated list of MS Entra Id groups associated with this role

Request

const response = await fetch('/api/roles', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "name": "text",
      "isShared": false
    }),
});
const data = await response.json();

Response

{
  "id": "text",
  "name": "text",
  "isShared": false,
  "permissions": [
    {
      "id": "text",
      "resource": "text",
      "operation": "read",
      "context": "http"
    }
  ],
  "ldapGroupDn": "text",
  "msEntraIdGroupId": "text"
}

List roles

GET/api/roles

Authorization

Query parameters

Response

Array of roles

Body

idstring

namestring

isSharedboolean

permissionsarray of object

ldapGroupDnstring

msEntraIdGroupIdstring

A comma separated list of MS Entra Id groups associated with this role

Request

const response = await fetch('/api/roles', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

[
  {
    "id": "text",
    "name": "text",
    "isShared": false,
    "permissions": [
      {
        "id": "text",
        "resource": "text",
        "operation": "read",
        "context": "http"
      }
    ],
    "ldapGroupDn": "text",
    "msEntraIdGroupId": "text"
  }
]

List paginated roles

GET/api/roles/page

Authorization

Query parameters

Response

Object with array of roles and pagination information

Body

rolesarray of object

paginationobject

Request

const response = await fetch('/api/roles/page?rowsPerPage=0&pageNumber=0', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "roles": [
    {
      "id": "text",
      "name": "text",
      "isshared": false,
      "autogenerated": false,
      "users": [
        {}
      ],
      "permissions": [
        {}
      ],
      "ldapgroupdn": "text",
      "msEntraIdGroupIds": "text"
    }
  ],
  "pagination": {
    "totalPages": 0,
    "totalRows": 0,
    "totalRowsInPage": 0,
    "currentPage": 0,
    "nextPage": 0,
    "rowsPerPage": 0
  }
}

List roles names

GET/api/roles/names

Authorization

Response

Object with array of roles names and ids

Body

idstring

namestring

Request

const response = await fetch('/api/roles/names', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

[
  {
    "id": "text",
    "name": "text"
  }
]

Get a specific role

GET/api/roles/{id}

Authorization

Path parameters

id*string

Id of role

Response

Role

Body

idstring

namestring

isSharedboolean

permissionsarray of object

ldapGroupDnstring

msEntraIdGroupIdstring

A comma separated list of MS Entra Id groups associated with this role

Request

const response = await fetch('/api/roles/{id}', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "id": "text",
  "name": "text",
  "isShared": false,
  "permissions": [
    {
      "id": "text",
      "resource": "text",
      "operation": "read",
      "context": "http"
    }
  ],
  "ldapGroupDn": "text",
  "msEntraIdGroupId": "text"
}

Update an existing role

PUT/api/roles/{id}

Authorization

Path parameters

id*string

Id of role

Body

Data required for update of a role

name*string

isSharedboolean

permissionsarray of object

ldapGroupDnstring

msEntraIdGroupIdsstring

A comma separated list of MS Entra Id groups associated with this role

Response

Body

idstring

namestring

isSharedboolean

permissionsarray of object

ldapGroupDnstring

msEntraIdGroupIdstring

A comma separated list of MS Entra Id groups associated with this role

Request

const response = await fetch('/api/roles/{id}', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "name": "text"
    }),
});
const data = await response.json();

Response

{
  "id": "text",
  "name": "text",
  "isShared": false,
  "permissions": [
    {
      "id": "text",
      "resource": "text",
      "operation": "read",
      "context": "http"
    }
  ],
  "ldapGroupDn": "text",
  "msEntraIdGroupId": "text"
}

Delete an existing role

DELETE/api/roles/{id}

Authorization

Path parameters

id*string

Id of role

Response

Request

const response = await fetch('/api/roles/{id}', {
    method: 'DELETE',
    headers: {},
});
const data = await response.json();

List role permissions

GET/api/roles/{id}/permissions

Authorization

Path parameters

id*string

Id of role

Response

Array of permissions

Body

idstring

resourcestring

The MQTT topic or REST URL path for which the permission is granted. Both may include MQTT-style wildcards.

operationenum

readwritereadWrite

contextenum

httpmqtt

Request

const response = await fetch('/api/roles/{id}/permissions', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

[
  {
    "id": "text",
    "resource": "text",
    "operation": "read",
    "context": "http"
  }
]

Add a new permission to a role

POST/api/roles/{id}/permissions

Authorization

Path parameters

id*string

Id of role

Body

Permission to be created

resource*string

operation*enum

readwritereadWrite

context*enum

httpmqtt

Response

Created

Request

const response = await fetch('/api/roles/{id}/permissions', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "resource": "text",
      "operation": "read",
      "context": "http"
    }),
});
const data = await response.json();

Update an existing permission

GET/api/roles/{id}/permissions/{pemId}

Authorization

Path parameters

id*string

Id of role

pemId*string

Id of permission

Response

Permission

Body

idstring

resourcestring

The MQTT topic or REST URL path for which the permission is granted. Both may include MQTT-style wildcards.

operationenum

readwritereadWrite

contextenum

httpmqtt

Request

const response = await fetch('/api/roles/{id}/permissions/{pemId}', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "id": "text",
  "resource": "text",
  "operation": "read",
  "context": "http"
}

Update an existing permission

PUT/api/roles/{id}/permissions/{pemId}

Authorization

Path parameters

id*string

Id of role

pemId*string

Id of permission

Body

Data required for update of a permission

resourcestring

operation*enum

readwritereadWrite

Response

Request

const response = await fetch('/api/roles/{id}/permissions/{pemId}', {
    method: 'PUT',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "operation": "read"
    }),
});
const data = await response.json();

Delete an existing permission

DELETE/api/roles/{id}/permissions/{pemId}

Authorization

Path parameters

id*string

Id of role

pemId*string

Id of permission

Response

Request

const response = await fetch('/api/roles/{id}/permissions/{pemId}', {
    method: 'DELETE',
    headers: {},
});
const data = await response.json();

POST/api/login

Body

Authentication credentials

username*string

password*string

expireTimeInHoursnumber

labelstring

Response

Body

tokenstring

expiresAtstring

permissionsarray of object

Permissions the authenticated user has

needsMfaboolean

Present when MFA was enrolled by the user already

secretstring

enforceMFAEnrollmentboolean

Present when MFA has to be enrolled but was not enrolled by the user

Request

const response = await fetch('/api/login', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "username": "text",
      "password": "text"
    }),
});
const data = await response.json();

Response

{
  "token": "text",
  "expiresAt": "text",
  "permissions": [
    {
      "id": "text",
      "resource": "text",
      "operation": "read",
      "context": "http"
    }
  ],
  "needsMfa": false,
  "secret": "text",
  "enforceMFAEnrollment": false
}

Return the session of the current user

GET/api/session

Authorization

Response

Body

usernamestring

expiresAtstring

permissionsarray of object

Permissions the authenticated user has

mfaobject

Request

const response = await fetch('/api/session', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "username": "text",
  "expiresAt": "text",
  "permissions": [
    {
      "id": "text",
      "resource": "text",
      "operation": "read",
      "context": "http"
    }
  ],
  "mfa": {
    "enabled": false,
    "enforced": false
  }
}

Return the permissions of the current user

GET/api/permissions

Authorization

Response

Request

const response = await fetch('/api/permissions', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Return a page of all permissions

GET/api/permissions/page

Authorization

Query parameters

Response

Object with array of permissions and pagination information

Body

permissionsarray of object

paginationobject

Request

const response = await fetch('/api/permissions/page?rowsPerPage=0&pageNumber=0', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "permissions": [
    {
      "resource": "text",
      "context": "http",
      "usage": [
        {
          "roleName": "text",
          "roleId": "text",
          "isRoleShared": "text",
          "operation": "read"
        }
      ]
    }
  ],
  "pagination": {
    "totalPages": 0,
    "totalRows": 0,
    "totalRowsInPage": 0,
    "currentPage": 0,
    "nextPage": 0,
    "rowsPerPage": 0
  }
}

Return all permissions ids

GET/api/permissions/ids

Authorization

Response

The ids of all permissions aggregated by resource, operation and context

Body

resourcestring

The permission's resource

operationenum

readwritereadWrite

contextenum

httpmqtt

idsarray of string

The ids that have the same aformentioned resource, operation and context

Request

const response = await fetch('/api/permissions/ids', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

[
  {
    "resource": "text",
    "operation": "read",
    "context": "http",
    "ids": [
      "text"
    ]
  }
]

Logout of the cybus connectware

POST/api/logout

Body

Token data

token*string

Response

Request

const response = await fetch('/api/logout', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "token": "text"
    }),
});
const data = await response.json();

Endpoint for self-registration of clients

POST/api/client-registry/register

Body

username*string

Username to be registered. The Auth Server will check this for uniqueness, so be sure to generate a reasonably namespaced username.

Example: "iot.device.0123456"

passwordstring

Secret password that should be set for the user. This will be stored in hashed form on the receiver side. Either this or a csr should be supplied.

Example: "secret-password"

csrstring

Base 64 encoded certificate signing request in PEM format. Instead of a password, a client side certificate (x.509) can be used for authentication. If the CSR is supplied, the signed certificate will be returned once the authentication request is granted.

Example:

"LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQ3REQ0NBWndDQVFBd2J6RUxN\nQWtHQTFVRUJoTUNSRVV4RHpBTkJnTlZCQWdNQmtKbGNteHBiakVVTUJJRwpBMVVFQ2d3TFVtOWli\nM1J6SUVsdVl5NHhEREFLQmdOVkJBc01BMUltUkRFTk1Bc0dBMVVFQXd3RVVqSkVNakVjCk1Cb0dD\nU3FHU0liM0RRRUpBUllOY2pKa01rQmplV0oxY3k1cGJ6Q0NBU0l3RFFZSktvWklodmNOQVFFQkJR\nQUQKZ2dFUEFEQ0NBUW9DZ2dFQkFNSXlsQmk4azFIZDJseERXZHd5N1Z3WngvaUlrdWpTUUVtWmdk\nY0JqNk4veTZTSQpiTGMwdFpmK2JGWUZZZ2p0OHRFUUJPRzhNeW94YmYwQSs4T0dHZFJvV3l2eHFt\nci9TLzhNa1ZGUXJiS2duMDBaCmVrdWlZQVBUOFMvT0FZVnlGT21rWWtWSm0wdkRwMmRkcXRiTUZY\nbXZ1OGxnVnVPckFwMEQ4TjdBcVgwWlUwc0UKZzRmVkdpREtnS040cUFEcXR3aVZKb0dsR0JCYWpm\nejAxSlhEWnhpUEVac3BYSGJyaVY0Z1JvV0VIVGNGcWc4cgo1WCtZRDlqTGVGdFdRb0g5SHA3ZEFP\nY1lCRktVRVZjWTlGN20vRWZkVFBwNjNnbTdRdFR4S0EvelIyODRWQUVCCjZFbC8xU2FCME54YlVw\nbHgzVHp4T2ZKYjJpdEd0S1RzN1U2UnF3VUNBd0VBQWFBQU1BMEdDU3FHU0liM0RRRUIKQ3dVQUE0\nSUJBUUIxejdKcGRIRERScTl2WE1BMmNBVVZBRmYvYkRXNzlkNmlMQ0pDVDZ5WlhOcHV0ZXA3N1pQ\ndQpIMSszb08vZmRJdDhaOThjV0J4ZVBNckVDM2krQ0lIdms4a202SVFMVW05cUZVdHRDN0VjUmpU\nUFYwT29vb2l0ClhXOHhzWVhGaEZPTStydTJnbEcrSUVMY3BydS9JamxyVHpwaUtNZVJGQ1FFemww\nWWtZRDZkSk82ME1CRVhjZUgKWHpFZTRtT2oxUDJKNFcycFI1bDFsQjZ5dXB4SWVuRjRhNm5EeFFE\neFZkcmtBTHNJdDhGZUNTNDNvaHg4NVQ5SApHN2IwOFdmdEFrYzhKR3ZLb00rdE90MzlVZFFESE1S\nOU5QOG9RUUpMaldMcWZRdUtaRmZXNVJyR24zSzA2UGNICkRMN1FNc1hxNFBaMyswUXpCSjZJVGoz\naUZubHp1VXBqCi0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=\n"

rolesarray of string

Name of roles the user wants to be assigned to

permissionsarray of object

Permissions the user wants to be granted individually

context*string

Free text that helps the granting user understanding where this request comes from.

Example: "IoT Device Serial Number <0123456>"

Response

Granted. The registration request has been confirmed, proceed to login

Body

certificatestring

Signed certificate in Base64 encoded PEM format. This is only supplied if a CSR had been present in the registration payload.

Example:

"LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVyVENDQXBXZ0F3SUJBZ0lVS0pYWUpZNWdK\nNExMbHpvSlcvUi9iczMxakw0d0RRWUpLb1pJaHZjTkFRRUYKQlFBd2dZMHhFekFSQmdOVkJBb01D\na041WW5WeklFZHRZa2d4RkRBU0JnTlZCQXNNQzBSbGRtVnNiM0J0Wlc1MApNUjB3R3dZSktvWklo\ndmNOQVFrQkZnNW9aV3hzYjBCamVXSjFjeTVwYnpFUU1BNEdBMVVFQnd3SFNHRnRZblZ5Clp6RVFN\nQTRHQTFVRUNBd0hTR0Z0WW5WeVp6RUxNQWtHQTFVRUJoTUNSRVV4RURBT0JnTlZCQU1NQjBONVlu\nVnoKUTBFd0hoY05Nakl3TlRFMk1URXlNVFU1V2hjTk1qTXdOVEUyTVRFeU1UVTVXakJ2TVFzd0NR\nWURWUVFHRXdKRQpSVEVQTUEwR0ExVUVDQXdHUW1WeWJHbHVNUlF3RWdZRFZRUUtEQXRTYjJKdmRI\nTWdTVzVqTGpFTU1Bb0dBMVVFCkN3d0RVaVpFTVEwd0N3WURWUVFEREFSU01rUXlNUnd3R2dZSktv\nWklodmNOQVFrQkZnMXlNbVF5UUdONVluVnoKTG1sdk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFB\nT0NBUThBTUlJQkNnS0NBUUVBd2pLVUdMeVRVZDNhWEVOWgozREx0WEJuSCtJaVM2TkpBU1ptQjF3\nR1BvMy9McEloc3R6UzFsLzVzVmdWaUNPM3kwUkFFNGJ3ektqRnQvUUQ3Cnc0WVoxR2hiSy9HcWF2\nOUwvd3lSVVZDdHNxQ2ZUUmw2UzZKZ0E5UHhMODRCaFhJVTZhUmlSVW1iUzhPbloxMnEKMXN3VmVh\nKzd5V0JXNDZzQ25RUHczc0NwZlJsVFN3U0RoOVVhSU1xQW8zaW9BT3EzQ0pVbWdhVVlFRnFOL1BU\nVQpsY05uR0k4Um15bGNkdXVKWGlCR2hZUWROd1dxRHl2bGY1Z1AyTXQ0VzFaQ2dmMGVudDBBNXhn\nRVVwUVJWeGowClh1YjhSOTFNK25yZUNidEMxUEVvRC9OSGJ6aFVBUUhvU1gvVkpvSFEzRnRTbVhI\nZFBQRTU4bHZhSzBhMHBPenQKVHBHckJRSURBUUFCb3lJd0lEQUpCZ05WSFJNRUFqQUFNQk1HQTFV\nZEpRUU1NQW9HQ0NzR0FRVUZCd01DTUEwRwpDU3FHU0liM0RRRUJCUVVBQTRJQ0FRQmpkWGtBaUtJ\nWUd0Q3RIMDVwck1hbWhZSHl3cFNYdzBPSzB4bTBMcFlTCkpvc094OWFGVjRqcS9Fb3NlWlZndkR0\nOGM0ajlXVlBkQ1lmOHlwaHVFRS8yM2s3akEzaFlYZmFIZnVoenZnaWgKSDB3U0Q2WmgrNGptaDdE\nV0tEVnRwOWI4aFBmdytzR3ltYUtkaWM4WFNVMlNDK1RMNGRYTkFlTjFIeVVtanltcApRZFZBamsx\nQXNRT3YvU0gzaEg4cmJBWEprMWpoTks0Z2tGT0oxTHJ5TkR3dmNPc3JHbFpLY3BsWStKVE1HZkFH\nCjUyYmFtdGpIVG9FQ1BSOGhIeGx6bTlFYUxidUtpUlpwZ242M25qYWRWK1d4a09zVTlPSUM3dm9U\nSlNtQ3VOZmkKdjh1RmdsSUFGS0JXSmVOZERxQk5OZnBjTU5GTDV0R1NIbzkvVEtLQ3hEam1QN3Ns\nc3BRMzVYTFluODl1MjY3agpJZmU2dkppdXZxdXdyN0c1S1orTTkvQitlWk5ISHVrNEFDTUs5OFk1\ncWhtb2pQS3p5Z202b2FiRzI3bk1EYzF5CkM0Q05LUWUrL1J5SEdYbXFjdm5ZVGxHVGpNWktoRWpX\nOVp3UmJyZVZ1M1lmNVhlZU95OXNpOWs5VTI3bVQ0UTUKdC8zU2xCK2JiTW4vbzVPWFI0YStnT2VX\nVWVJRzl6SzNvYVdXbmVKVlZPdmRlQy8xTjY0ajRERjlKWm45cGtENgowdUozQUFKMUYvN2tJa2tT\nMXNmZWdjejZCU2pkMldkQjhHaDZSN1ZVS0VPSEpCREphZm1EdkRjVGdSZytQa1NUCmpjdHVzVnNl\nYi9lcE1BRkQ1dERuUDFHVU8yYkx2dzQ3QWl0akxKdnljeUZZbnovU1ZFK2dXOTU3ZEpXcVVjZEkK\nYXc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCgo=\n"

Request

const response = await fetch('/api/client-registry/register', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "context": "IoT Device Serial Number <0123456>",
      "username": "iot.device.0123456"
    }),
});
const data = await response.json();

Response

{
  "certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVyVENDQXBXZ0F3SUJBZ0lVS0pYWUpZNWdK\nNExMbHpvSlcvUi9iczMxakw0d0RRWUpLb1pJaHZjTkFRRUYKQlFBd2dZMHhFekFSQmdOVkJBb01D\na041WW5WeklFZHRZa2d4RkRBU0JnTlZCQXNNQzBSbGRtVnNiM0J0Wlc1MApNUjB3R3dZSktvWklo\ndmNOQVFrQkZnNW9aV3hzYjBCamVXSjFjeTVwYnpFUU1BNEdBMVVFQnd3SFNHRnRZblZ5Clp6RVFN\nQTRHQTFVRUNBd0hTR0Z0WW5WeVp6RUxNQWtHQTFVRUJoTUNSRVV4RURBT0JnTlZCQU1NQjBONVlu\nVnoKUTBFd0hoY05Nakl3TlRFMk1URXlNVFU1V2hjTk1qTXdOVEUyTVRFeU1UVTVXakJ2TVFzd0NR\nWURWUVFHRXdKRQpSVEVQTUEwR0ExVUVDQXdHUW1WeWJHbHVNUlF3RWdZRFZRUUtEQXRTYjJKdmRI\nTWdTVzVqTGpFTU1Bb0dBMVVFCkN3d0RVaVpFTVEwd0N3WURWUVFEREFSU01rUXlNUnd3R2dZSktv\nWklodmNOQVFrQkZnMXlNbVF5UUdONVluVnoKTG1sdk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFB\nT0NBUThBTUlJQkNnS0NBUUVBd2pLVUdMeVRVZDNhWEVOWgozREx0WEJuSCtJaVM2TkpBU1ptQjF3\nR1BvMy9McEloc3R6UzFsLzVzVmdWaUNPM3kwUkFFNGJ3ektqRnQvUUQ3Cnc0WVoxR2hiSy9HcWF2\nOUwvd3lSVVZDdHNxQ2ZUUmw2UzZKZ0E5UHhMODRCaFhJVTZhUmlSVW1iUzhPbloxMnEKMXN3VmVh\nKzd5V0JXNDZzQ25RUHczc0NwZlJsVFN3U0RoOVVhSU1xQW8zaW9BT3EzQ0pVbWdhVVlFRnFOL1BU\nVQpsY05uR0k4Um15bGNkdXVKWGlCR2hZUWROd1dxRHl2bGY1Z1AyTXQ0VzFaQ2dmMGVudDBBNXhn\nRVVwUVJWeGowClh1YjhSOTFNK25yZUNidEMxUEVvRC9OSGJ6aFVBUUhvU1gvVkpvSFEzRnRTbVhI\nZFBQRTU4bHZhSzBhMHBPenQKVHBHckJRSURBUUFCb3lJd0lEQUpCZ05WSFJNRUFqQUFNQk1HQTFV\nZEpRUU1NQW9HQ0NzR0FRVUZCd01DTUEwRwpDU3FHU0liM0RRRUJCUVVBQTRJQ0FRQmpkWGtBaUtJ\nWUd0Q3RIMDVwck1hbWhZSHl3cFNYdzBPSzB4bTBMcFlTCkpvc094OWFGVjRqcS9Fb3NlWlZndkR0\nOGM0ajlXVlBkQ1lmOHlwaHVFRS8yM2s3akEzaFlYZmFIZnVoenZnaWgKSDB3U0Q2WmgrNGptaDdE\nV0tEVnRwOWI4aFBmdytzR3ltYUtkaWM4WFNVMlNDK1RMNGRYTkFlTjFIeVVtanltcApRZFZBamsx\nQXNRT3YvU0gzaEg4cmJBWEprMWpoTks0Z2tGT0oxTHJ5TkR3dmNPc3JHbFpLY3BsWStKVE1HZkFH\nCjUyYmFtdGpIVG9FQ1BSOGhIeGx6bTlFYUxidUtpUlpwZ242M25qYWRWK1d4a09zVTlPSUM3dm9U\nSlNtQ3VOZmkKdjh1RmdsSUFGS0JXSmVOZERxQk5OZnBjTU5GTDV0R1NIbzkvVEtLQ3hEam1QN3Ns\nc3BRMzVYTFluODl1MjY3agpJZmU2dkppdXZxdXdyN0c1S1orTTkvQitlWk5ISHVrNEFDTUs5OFk1\ncWhtb2pQS3p5Z202b2FiRzI3bk1EYzF5CkM0Q05LUWUrL1J5SEdYbXFjdm5ZVGxHVGpNWktoRWpX\nOVp3UmJyZVZ1M1lmNVhlZU95OXNpOWs5VTI3bVQ0UTUKdC8zU2xCK2JiTW4vbzVPWFI0YStnT2VX\nVWVJRzl6SzNvYVdXbmVKVlZPdmRlQy8xTjY0ajRERjlKWm45cGtENgowdUozQUFKMUYvN2tJa2tT\nMXNmZWdjejZCU2pkMldkQjhHaDZSN1ZVS0VPSEpCREphZm1EdkRjVGdSZytQa1NUCmpjdHVzVnNl\nYi9lcE1BRkQ1dERuUDFHVU8yYkx2dzQ3QWl0akxKdnljeUZZbnovU1ZFK2dXOTU3ZEpXcVVjZEkK\nYXc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCgo=\n"
}

Receive a list of all pending registration requests

GET/api/client-registry

Authorization

Response

Body

timestampstring

String with ISO 8601 timestamp of the last request update.

Example: "2022-03-25T17:25:21.379Z"

usernamestring

Username that is requested to be granted access.

Example: "iot.device.0123456"

credentialTypeenum

certificatepassword

rolesarray of string

contextstring

Free text that helps the granting user understanding where this request comes from.

Example: "IoT Device Serial Number <0123456>"

permissionsobject

grantedboolean

Request

const response = await fetch('/api/client-registry', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

[
  {
    "timestamp": "2022-03-25T17:25:21.379Z",
    "username": "iot.device.0123456",
    "credentialType": "certificate",
    "roles": [
      "text"
    ],
    "context": "IoT Device Serial Number <0123456>",
    "permissions": {
      "id": "text",
      "resource": "text",
      "operation": "read",
      "context": "http"
    },
    "granted": false
  }
]

Return the current lock status of the registration endpoint

GET/api/client-registry/status

Authorization

Response

Body

status*enum

openlocked

unlockedUntilnumber

Request

const response = await fetch('/api/client-registry/status', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "status": "open",
  "unlockedUntil": 0
}

Open the registration endpoint temporarily

POST/api/client-registry/open

Authorization

Body

durationinteger

This parameter defines how long the registration endpoint will be kept open (in milliseconds). Default if undefined: 30000 milliseconds

Example: 30000

Response

Request

const response = await fetch('/api/client-registry/open', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({}),
});
const data = await response.json();

Lock the registration endpoint now. This will flush the internal request cache.

POST/api/client-registry/lock

Authorization

Response

Request

const response = await fetch('/api/client-registry/lock', {
    method: 'POST',
    headers: {},
});
const data = await response.json();

Confirm a single authentication request

POST/api/client-registry/confirm

Authorization

Body

username*string

Username to confirm. Must match a username that is currently in the pendingRequests list.

mqttPublishPrefixstring

grantTypesarray of object

initialPermissionsarray of object

rolesarray of string

An array of roleId of the roles the new user should have. (Must be roleId, not role name.)

Response

Body

idstring

usernamestring

autoGeneratedboolean

mqttPublishPrefixstring

identityProviderenum

localldapmsentraid

grantTypesarray of object

tokensarray of object

certificatesarray of object

rolesarray of object

mfa_is_enrolledboolean

enforceMFAEnrollmentboolean

Request

const response = await fetch('/api/client-registry/confirm', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "username": "text"
    }),
});
const data = await response.json();

Response

{
  "id": "text",
  "username": "text",
  "autoGenerated": false,
  "mqttPublishPrefix": "text",
  "identityProvider": "local",
  "grantTypes": [
    {
      "method": "password",
      "isRequired": false
    }
  ],
  "tokens": [
    {
      "fingerprint": "text",
      "createdAt": "text",
      "expiresAt": "text",
      "label": "text"
    }
  ],
  "certificates": [
    {
      "fingerprint": "text",
      "createdAt": "text",
      "expiresAt": "text"
    }
  ],
  "roles": [
    {
      "id": "text",
      "name": "text",
      "isShared": false,
      "permissions": [
        {
          "id": "text",
          "resource": "text",
          "operation": "read",
          "context": "http"
        }
      ],
      "ldapGroupDn": "text",
      "msEntraIdGroupId": "text"
    }
  ],
  "mfa_is_enrolled": false,
  "enforceMFAEnrollment": false
}

List certificates

GET/api/certificates

Authorization

Response

Array of certficates

Body

idstring

issuedByobject

issuedToobject

keyUsagearray of string

extendedKeyUsagearray of string

basicConstraintsobject

issuedOnnumber

expiresOnnumber

fingerprintsobject

removableboolean

Request

const response = await fetch('/api/certificates', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

[
  {
    "id": "text",
    "issuedBy": {
      "commonName": "text",
      "organization": "text",
      "organizationalUnit": "text"
    },
    "issuedTo": {
      "commonName": "text",
      "organization": "text",
      "organizationalUnit": "text",
      "alternativeNames": [
        "text"
      ]
    },
    "keyUsage": [
      "text"
    ],
    "extendedKeyUsage": [
      "text"
    ],
    "basicConstraints": {
      "isCA": false,
      "pathLength": 0
    },
    "issuedOn": 0,
    "expiresOn": 0,
    "fingerprints": {
      "sha1": "text",
      "sha256": "text"
    },
    "removable": false
  }
]

Deletes certificate

DELETE/api/certificates

Authorization

Query parameters

Response

Request

const response = await fetch('/api/certificates?id=text', {
    method: 'DELETE',
    headers: {},
});
const data = await response.json();

Add certificate

POST/api/certificates

Authorization

Body

Certificate content to be added, a chain can be passed and will be accepted

string

Response

Array of added certficates

Body

idstring

issuedByobject

issuedToobject

keyUsagearray of string

extendedKeyUsagearray of string

basicConstraintsobject

issuedOnnumber

expiresOnnumber

fingerprintsobject

removableboolean

Request

const response = await fetch('/api/certificates', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify("text"),
});
const data = await response.json();

Response

[
  {
    "id": "text",
    "issuedBy": {
      "commonName": "text",
      "organization": "text",
      "organizationalUnit": "text"
    },
    "issuedTo": {
      "commonName": "text",
      "organization": "text",
      "organizationalUnit": "text",
      "alternativeNames": [
        "text"
      ]
    },
    "keyUsage": [
      "text"
    ],
    "extendedKeyUsage": [
      "text"
    ],
    "basicConstraints": {
      "isCA": false,
      "pathLength": 0
    },
    "issuedOn": 0,
    "expiresOn": 0,
    "fingerprints": {
      "sha1": "text",
      "sha256": "text"
    },
    "removable": false
  }
]

Returns given certificate content

GET/api/certificates/content

Authorization

Query parameters

Response

Certificate content

Body

string

Request

const response = await fetch('/api/certificates/content?id=text', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

text

Enhanced authentication of MQTT5 (not supported)

POST/api/broker/auth/enhanced

Body

Not supported

client_idstring

propertiesobject

Response

Body

resultstring

modifiersobject

Request

const response = await fetch('/api/broker/auth/enhanced', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({}),
});
const data = await response.json();

Response

{
  "result": "text",
  "modifiers": {
    "max_message_size": "text",
    "max_inflight_messages": "text",
    "retry_interval": "text"
  }
}

Return a password policy rules

GET/api/policy/password

Authorization

Response

Body

mininteger

The minimum number of characters a password must contain. Zero disables this rule.

lowerinteger

The minimum number of lower-case letters a password must contain. Zero disables this rule.

upperinteger

The minimum number of upper-case letters a password must contain. Zero disables this rule.

numericinteger

The minimum number of digit numbers a password must contain. Zero disables this rule.

symbolinteger

The minimum number of symbol or punctuation characters a password must contain. Zero disables this rule.

Request

const response = await fetch('/api/policy/password', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "min": 0,
  "lower": 0,
  "upper": 0,
  "numeric": 0,
  "symbol": 0
}

Return a database maintenance status

GET/api/maintenance/db

Authorization

Response

Body

runningboolean

Indicate the current running status of a backup/restore operation.

backupobject

restoreobject

Request

const response = await fetch('/api/maintenance/db', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "running": false,
  "backup": {
    "id": "text",
    "succeeded": false,
    "statusMessage": "text",
    "startDate": "2025-01-30T18:54:35.566Z",
    "endDate": "2025-01-30T18:54:35.566Z"
  },
  "restore": {
    "id": "text",
    "succeeded": false,
    "statusMessage": "text",
    "startDate": "2025-01-30T18:54:35.566Z",
    "endDate": "2025-01-30T18:54:35.566Z"
  }
}

Download a database backup

GET/api/maintenance/db/backup

Authorization

Response

Body

string

Request

const response = await fetch('/api/maintenance/db/backup', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

text

Start a database backup

POST/api/maintenance/db/backup

Authorization

Response

Accepted. Database backup started.

Body

string (binary)

Request

const response = await fetch('/api/maintenance/db/backup', {
    method: 'POST',
    headers: {},
});
const data = await response.json();

Response

binary

Upload archive and start database restore

POST/api/maintenance/db/restore

Authorization

Response

Accepted. The archive is uploaded, and the database restores process starts.

Request

const response = await fetch('/api/maintenance/db/restore', {
    method: 'POST',
    headers: {},
});
const data = await response.json();

Enable MFA for an existing user

POST/api/mfa/enable

Authorization

Response

Body

uri*string

Example: "otpauth://totp/Cybus:Connectware?issuer=Cybus&secret=something&algorithm=SHA1&digits=6&period=30"

Request

const response = await fetch('/api/mfa/enable', {
    method: 'POST',
    headers: {},
});
const data = await response.json();

Response

{
  "uri": "otpauth://totp/Cybus:Connectware?issuer=Cybus&secret=something&algorithm=SHA1&digits=6&period=30"
}

Validate MFA enrollment of the user

POST/api/mfa/validate

Authorization

Body

User to validate

otp*string

Response

Body

backupCodes*array of string

Request

const response = await fetch('/api/mfa/validate', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "otp": "text"
    }),
});
const data = await response.json();

Response

{
  "backupCodes": [
    "text"
  ]
}

POST/api/mfa/login

Authorization

Body

All necessary data for logging in with MFA

username*string

otpstring

backupCodestring

secret*string

Response

Body

tokenstring

expiresAtstring

permissionsarray of object

Permissions the authenticated user has

needsMfaboolean

Present when MFA was enrolled by the user already

secretstring

enforceMFAEnrollmentboolean

Present when MFA has to be enrolled but was not enrolled by the user

Request

const response = await fetch('/api/mfa/login', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      "username": "text",
      "secret": "text"
    }),
});
const data = await response.json();

Response

{
  "token": "text",
  "expiresAt": "text",
  "permissions": [
    {
      "id": "text",
      "resource": "text",
      "operation": "read",
      "context": "http"
    }
  ],
  "needsMfa": false,
  "secret": "text",
  "enforceMFAEnrollment": false
}

User self de-registration from MFA

POST/api/mfa/disable

Authorization

Body

User to disable

otpstring

backupCodestring

Response

Request

const response = await fetch('/api/mfa/disable', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({}),
});
const data = await response.json();

Regenarete backup codes a user

POST/api/mfa/regenerate/backupcodes

Authorization

Body

User to regenerate codes for

otpstring

backupCodestring

Response

Body

backupCodes*array of string

Request

const response = await fetch('/api/mfa/regenerate/backupcodes', {
    method: 'POST',
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({}),
});
const data = await response.json();

Response

{
  "backupCodes": [
    "text"
  ]
}

Checks if a user is enrolled to mfa or not

GET/api/mfa/isenrolled

Authorization

Response

Body

isEnrolled*boolean

Request

const response = await fetch('/api/mfa/isenrolled', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "isEnrolled": false
}

Returns an url to be redirected to login with MS Entra ID

GET/api/msEntraId/geturl

Response

Body

url*string

Request

const response = await fetch('/api/msEntraId/geturl', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

Response

{
  "url": "text"
}

Login user with MS Entra ID

GET/api/msEntraId/redirect

Query parameters

Response

OK. Redirecting to Admin UI

Request

const response = await fetch('/api/msEntraId/redirect?code=text&state=text', {
    method: 'GET',
    headers: {},
});
const data = await response.json();

LDAP configuration

MFA configuration

MS Entra ID configuration

Create a new user

List users

List all usernames

List user ids

Create new users in batch

Delete users in batch

Change user password

Get a specific user

Update an existing user

Delete an existing user

Get all tokens generated by this user

Delete all tokens generated by this user

Add a new certificate to a user

Delete an existing certificate

Add a new role to a user

Remove a role from a user

Create a new role

List roles

List paginated roles

List roles names

Get a specific role

Update an existing role

Delete an existing role

List role permissions

Add a new permission to a role

Update an existing permission

Update an existing permission

Delete an existing permission

Login into the cybus connectware

Return the session of the current user

Return the permissions of the current user

Return a page of all permissions

Return all permissions ids

Logout of the cybus connectware

Endpoint for self-registration of clients

Receive a list of all pending registration requests

Return the current lock status of the registration endpoint

Open the registration endpoint temporarily

Lock the registration endpoint now. This will flush the internal request cache.

Confirm a single authentication request

List certificates

Deletes certificate

Add certificate

Returns given certificate content

Enhanced authentication of MQTT5 (not supported)

Return a password policy rules

Return a database maintenance status

Download a database backup

Start a database backup

Upload archive and start database restore

Enable MFA for an existing user

Validate MFA enrollment of the user

Login user with MFA

User self de-registration from MFA

Regenarete backup codes a user

Checks if a user is enrolled to mfa or not

Returns an url to be redirected to login with MS Entra ID

Login user with MS Entra ID