API Definition
false
An array of roleId of the roles the new user should have. (Must be roleId, not role name.)
false
POST /api/users HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 383
{
"username": "text",
"autoGenerated": false,
"mqttPublishPrefix": "text",
"password": "text",
"identityProvider": "local",
"grantTypes": [
{
"method": "password",
"isRequired": true
}
],
"certificates": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text"
}
],
"initialPermissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
],
"roles": [
"text"
],
"enforceMFAEnrollment": false
}
{
"id": "text",
"username": "text",
"autoGenerated": true,
"mqttPublishPrefix": "text",
"identityProvider": "local",
"grantTypes": [
{
"method": "password",
"isRequired": true
}
],
"tokens": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text",
"label": "text"
}
],
"certificates": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text"
}
],
"roles": [
{
"id": "text",
"name": "text",
"isShared": true,
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
}
],
"mfa_is_enrolled": true,
"enforceMFAEnrollment": true
}
The optional list to be matched against the usernames
The page number to fetch, starts at page 1
The number of records per page to return
If the auto generated roles should be excluded from the results
GET /api/listUsers HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
{
"users": [
{
"id": "text",
"username": "text",
"autoGenerated": true,
"mqttPublishPrefix": "text",
"identityProvider": "local",
"grantTypes": [
{
"method": "password",
"isRequired": true
}
],
"tokens": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text",
"label": "text"
}
],
"certificates": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text"
}
],
"roles": [
{
"id": "text",
"name": "text",
"isShared": true,
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
}
],
"mfa_is_enrolled": true,
"enforceMFAEnrollment": true
}
],
"pagination": {
"totalPages": 1,
"totalRows": 1,
"totalRowsInPage": 1,
"currentPage": 1,
"nextPage": 1,
"rowsPerPage": 1
}
}
false
An array of roleId of the roles the new user should have. (Must be roleId, not role name.)
false
POST /api/users/batch HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 385
[
{
"username": "text",
"autoGenerated": false,
"mqttPublishPrefix": "text",
"password": "text",
"identityProvider": "local",
"grantTypes": [
{
"method": "password",
"isRequired": true
}
],
"certificates": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text"
}
],
"initialPermissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
],
"roles": [
"text"
],
"enforceMFAEnrollment": false
}
]
[
"text"
]
PUT /api/users/change-password HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 40
{
"password": "text",
"newPassword": "text"
}
No content
Id of user
GET /api/users/{id} HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
{
"id": "text",
"username": "text",
"autoGenerated": true,
"mqttPublishPrefix": "text",
"identityProvider": "local",
"grantTypes": [
{
"method": "password",
"isRequired": true
}
],
"tokens": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text",
"label": "text"
}
],
"certificates": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text"
}
],
"roles": [
{
"id": "text",
"name": "text",
"isShared": true,
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
}
],
"mfa_is_enrolled": true,
"enforceMFAEnrollment": true
}
Id of user
An array of roleId of the roles the new user should have. (Must be roleId, not role name.)
Indicates that MFA for the given user should be disabled
Enforces the user to enroll MFA
PUT /api/users/{id} HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 293
{
"username": "text",
"password": "text",
"mqttPublishPrefix": "text",
"identityProvider": "local",
"grantTypes": [
{
"method": "password",
"isRequired": true
}
],
"roles": [
"text"
],
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
],
"disableMfa": true,
"enforceMFAEnrollment": true
}
{
"id": "text",
"username": "text",
"autoGenerated": true,
"mqttPublishPrefix": "text",
"identityProvider": "local",
"grantTypes": [
{
"method": "password",
"isRequired": true
}
],
"tokens": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text",
"label": "text"
}
],
"certificates": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text"
}
],
"roles": [
{
"id": "text",
"name": "text",
"isShared": true,
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
}
],
"mfa_is_enrolled": true,
"enforceMFAEnrollment": true
}
Id of user
GET /api/users/{id}/tokens HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
[
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text",
"label": "text"
}
]
Id of user
Id of the Token to be deleted. All tokens for the user are deleted if not present.
DELETE /api/users/{id}/tokens HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
No content
Id of user
POST /api/users/{id}/certificates HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 22
{
"fingerprint": "text"
}
No content
Id of user
DELETE /api/users/{id}/certificates HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 22
{
"fingerprint": "text"
}
No content
Id of user
POST /api/users/{id}/roles HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 17
{
"roleId": "text"
}
No content
Id of user
DELETE /api/users/{id}/roles HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 17
{
"roleId": "text"
}
No content
POST /api/roles HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 136
{
"name": "text",
"isShared": true,
"autoGenerated": true,
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
}
{
"id": "text",
"name": "text",
"isShared": true,
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
}
Filter by equal to name
GET /api/roles HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
[
{
"id": "text",
"name": "text",
"isShared": true,
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
}
]
Filter by the given names
Set the page size of the yielded page
Set the current page to be retrieved
Filter by roles that are or not auto generated, defaults to any
Filter by roles that are or not shared, defaults to any
GET /api/roles/page?rowsPerPage=1&pageNumber=1 HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
{
"roles": [
{
"id": "text",
"name": "text",
"isshared": true,
"autogenerated": true,
"users": [
{
"id": null,
"username": null
}
],
"permissions": [
{
"id": null,
"resource": null,
"operation": null,
"context": null
}
]
}
],
"pagination": {
"totalPages": 1,
"totalRows": 1,
"totalRowsInPage": 1,
"currentPage": 1,
"nextPage": 1,
"rowsPerPage": 1
}
}
Id of role
GET /api/roles/{id} HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
{
"id": "text",
"name": "text",
"isShared": true,
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
}
Id of role
PUT /api/roles/{id} HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 115
{
"name": "text",
"isShared": true,
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
}
{
"id": "text",
"name": "text",
"isShared": true,
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
}
Id of role
GET /api/roles/{id}/permissions HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
[
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
Id of role
POST /api/roles/{id}/permissions HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 55
{
"resource": "text",
"operation": "read",
"context": "http"
}
No content
Id of role
Id of permission
GET /api/roles/{id}/permissions/{pemId} HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
Id of role
Id of permission
PUT /api/roles/{id}/permissions/{pemId} HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 38
{
"resource": "text",
"operation": "read"
}
No content
POST /api/login HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 74
{
"username": "text",
"password": "text",
"expireTimeInHours": 1,
"label": "text"
}
{
"token": "text",
"expiresAt": "text",
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
],
"needsMfa": true,
"secret": "text",
"enforceMFAEnrollment": true
}
GET /api/session HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
{
"username": "text",
"expiresAt": "text",
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
],
"mfa": {
"enabled": true,
"enforced": true
}
}
Filter by the given permission ids
Set the page size of the yielded page
Set the current page to be retrieved
GET /api/permissions/page?rowsPerPage=1&pageNumber=1 HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
{
"permissions": [
{
"resource": "text",
"context": "http",
"usage": [
{
"roleName": "text",
"roleId": "text",
"isRoleShared": "text",
"username": null,
"userId": null,
"operation": "read"
}
]
}
],
"pagination": {
"totalPages": 1,
"totalRows": 1,
"totalRowsInPage": 1,
"currentPage": 1,
"nextPage": 1,
"rowsPerPage": 1
}
}
GET /api/permissions/ids HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
[
{
"resource": "text",
"operation": "read",
"context": "http",
"ids": [
"text"
]
}
]
Username to be registered. The Auth Server will check this for uniqueness, so be sure to generate a reasonably namespaced username.
iot.device.0123456
Secret password that should be set for the user. This will be stored in hashed form on the receiver side. Either this or a csr should be supplied.
secret-password
Base 64 encoded certificate signing request in PEM format. Instead of a password, a client side certificate (x.509) can be used for authentication. If the CSR is supplied, the signed certificate will be returned once the authentication request is granted.
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQ3REQ0NBWndDQVFBd2J6RUxN QWtHQTFVRUJoTUNSRVV4RHpBTkJnTlZCQWdNQmtKbGNteHBiakVVTUJJRwpBMVVFQ2d3TFVtOWli M1J6SUVsdVl5NHhEREFLQmdOVkJBc01BMUltUkRFTk1Bc0dBMVVFQXd3RVVqSkVNakVjCk1Cb0dD U3FHU0liM0RRRUpBUllOY2pKa01rQmplV0oxY3k1cGJ6Q0NBU0l3RFFZSktvWklodmNOQVFFQkJR QUQKZ2dFUEFEQ0NBUW9DZ2dFQkFNSXlsQmk4azFIZDJseERXZHd5N1Z3WngvaUlrdWpTUUVtWmdk Y0JqNk4veTZTSQpiTGMwdFpmK2JGWUZZZ2p0OHRFUUJPRzhNeW94YmYwQSs4T0dHZFJvV3l2eHFt ci9TLzhNa1ZGUXJiS2duMDBaCmVrdWlZQVBUOFMvT0FZVnlGT21rWWtWSm0wdkRwMmRkcXRiTUZY bXZ1OGxnVnVPckFwMEQ4TjdBcVgwWlUwc0UKZzRmVkdpREtnS040cUFEcXR3aVZKb0dsR0JCYWpm ejAxSlhEWnhpUEVac3BYSGJyaVY0Z1JvV0VIVGNGcWc4cgo1WCtZRDlqTGVGdFdRb0g5SHA3ZEFP Y1lCRktVRVZjWTlGN20vRWZkVFBwNjNnbTdRdFR4S0EvelIyODRWQUVCCjZFbC8xU2FCME54YlVw bHgzVHp4T2ZKYjJpdEd0S1RzN1U2UnF3VUNBd0VBQWFBQU1BMEdDU3FHU0liM0RRRUIKQ3dVQUE0 SUJBUUIxejdKcGRIRERScTl2WE1BMmNBVVZBRmYvYkRXNzlkNmlMQ0pDVDZ5WlhOcHV0ZXA3N1pQ dQpIMSszb08vZmRJdDhaOThjV0J4ZVBNckVDM2krQ0lIdms4a202SVFMVW05cUZVdHRDN0VjUmpU UFYwT29vb2l0ClhXOHhzWVhGaEZPTStydTJnbEcrSUVMY3BydS9JamxyVHpwaUtNZVJGQ1FFemww WWtZRDZkSk82ME1CRVhjZUgKWHpFZTRtT2oxUDJKNFcycFI1bDFsQjZ5dXB4SWVuRjRhNm5EeFFE eFZkcmtBTHNJdDhGZUNTNDNvaHg4NVQ5SApHN2IwOFdmdEFrYzhKR3ZLb00rdE90MzlVZFFESE1S OU5QOG9RUUpMaldMcWZRdUtaRmZXNVJyR24zSzA2UGNICkRMN1FNc1hxNFBaMyswUXpCSjZJVGoz aUZubHp1VXBqCi0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=
Name of roles the user wants to be assigned to
Free text that helps the granting user understanding where this request comes from.
IoT Device Serial Number <0123456>
POST /api/client-registry/register HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 1636
{
"username": "iot.device.0123456",
"password": "secret-password",
"csr": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQ3REQ0NBWndDQVFBd2J6RUxN\nQWtHQTFVRUJoTUNSRVV4RHpBTkJnTlZCQWdNQmtKbGNteHBiakVVTUJJRwpBMVVFQ2d3TFVtOWli\nM1J6SUVsdVl5NHhEREFLQmdOVkJBc01BMUltUkRFTk1Bc0dBMVVFQXd3RVVqSkVNakVjCk1Cb0dD\nU3FHU0liM0RRRUpBUllOY2pKa01rQmplV0oxY3k1cGJ6Q0NBU0l3RFFZSktvWklodmNOQVFFQkJR\nQUQKZ2dFUEFEQ0NBUW9DZ2dFQkFNSXlsQmk4azFIZDJseERXZHd5N1Z3WngvaUlrdWpTUUVtWmdk\nY0JqNk4veTZTSQpiTGMwdFpmK2JGWUZZZ2p0OHRFUUJPRzhNeW94YmYwQSs4T0dHZFJvV3l2eHFt\nci9TLzhNa1ZGUXJiS2duMDBaCmVrdWlZQVBUOFMvT0FZVnlGT21rWWtWSm0wdkRwMmRkcXRiTUZY\nbXZ1OGxnVnVPckFwMEQ4TjdBcVgwWlUwc0UKZzRmVkdpREtnS040cUFEcXR3aVZKb0dsR0JCYWpm\nejAxSlhEWnhpUEVac3BYSGJyaVY0Z1JvV0VIVGNGcWc4cgo1WCtZRDlqTGVGdFdRb0g5SHA3ZEFP\nY1lCRktVRVZjWTlGN20vRWZkVFBwNjNnbTdRdFR4S0EvelIyODRWQUVCCjZFbC8xU2FCME54YlVw\nbHgzVHp4T2ZKYjJpdEd0S1RzN1U2UnF3VUNBd0VBQWFBQU1BMEdDU3FHU0liM0RRRUIKQ3dVQUE0\nSUJBUUIxejdKcGRIRERScTl2WE1BMmNBVVZBRmYvYkRXNzlkNmlMQ0pDVDZ5WlhOcHV0ZXA3N1pQ\ndQpIMSszb08vZmRJdDhaOThjV0J4ZVBNckVDM2krQ0lIdms4a202SVFMVW05cUZVdHRDN0VjUmpU\nUFYwT29vb2l0ClhXOHhzWVhGaEZPTStydTJnbEcrSUVMY3BydS9JamxyVHpwaUtNZVJGQ1FFemww\nWWtZRDZkSk82ME1CRVhjZUgKWHpFZTRtT2oxUDJKNFcycFI1bDFsQjZ5dXB4SWVuRjRhNm5EeFFE\neFZkcmtBTHNJdDhGZUNTNDNvaHg4NVQ5SApHN2IwOFdmdEFrYzhKR3ZLb00rdE90MzlVZFFESE1S\nOU5QOG9RUUpMaldMcWZRdUtaRmZXNVJyR24zSzA2UGNICkRMN1FNc1hxNFBaMyswUXpCSjZJVGoz\naUZubHp1VXBqCi0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=\n",
"roles": [
"manufacturer.iotModule.simpleRole"
],
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
],
"context": "IoT Device Serial Number <0123456>"
}
{
"certificate": "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVyVENDQXBXZ0F3SUJBZ0lVS0pYWUpZNWdK\nNExMbHpvSlcvUi9iczMxakw0d0RRWUpLb1pJaHZjTkFRRUYKQlFBd2dZMHhFekFSQmdOVkJBb01D\na041WW5WeklFZHRZa2d4RkRBU0JnTlZCQXNNQzBSbGRtVnNiM0J0Wlc1MApNUjB3R3dZSktvWklo\ndmNOQVFrQkZnNW9aV3hzYjBCamVXSjFjeTVwYnpFUU1BNEdBMVVFQnd3SFNHRnRZblZ5Clp6RVFN\nQTRHQTFVRUNBd0hTR0Z0WW5WeVp6RUxNQWtHQTFVRUJoTUNSRVV4RURBT0JnTlZCQU1NQjBONVlu\nVnoKUTBFd0hoY05Nakl3TlRFMk1URXlNVFU1V2hjTk1qTXdOVEUyTVRFeU1UVTVXakJ2TVFzd0NR\nWURWUVFHRXdKRQpSVEVQTUEwR0ExVUVDQXdHUW1WeWJHbHVNUlF3RWdZRFZRUUtEQXRTYjJKdmRI\nTWdTVzVqTGpFTU1Bb0dBMVVFCkN3d0RVaVpFTVEwd0N3WURWUVFEREFSU01rUXlNUnd3R2dZSktv\nWklodmNOQVFrQkZnMXlNbVF5UUdONVluVnoKTG1sdk1JSUJJakFOQmdrcWhraUc5dzBCQVFFRkFB\nT0NBUThBTUlJQkNnS0NBUUVBd2pLVUdMeVRVZDNhWEVOWgozREx0WEJuSCtJaVM2TkpBU1ptQjF3\nR1BvMy9McEloc3R6UzFsLzVzVmdWaUNPM3kwUkFFNGJ3ektqRnQvUUQ3Cnc0WVoxR2hiSy9HcWF2\nOUwvd3lSVVZDdHNxQ2ZUUmw2UzZKZ0E5UHhMODRCaFhJVTZhUmlSVW1iUzhPbloxMnEKMXN3VmVh\nKzd5V0JXNDZzQ25RUHczc0NwZlJsVFN3U0RoOVVhSU1xQW8zaW9BT3EzQ0pVbWdhVVlFRnFOL1BU\nVQpsY05uR0k4Um15bGNkdXVKWGlCR2hZUWROd1dxRHl2bGY1Z1AyTXQ0VzFaQ2dmMGVudDBBNXhn\nRVVwUVJWeGowClh1YjhSOTFNK25yZUNidEMxUEVvRC9OSGJ6aFVBUUhvU1gvVkpvSFEzRnRTbVhI\nZFBQRTU4bHZhSzBhMHBPenQKVHBHckJRSURBUUFCb3lJd0lEQUpCZ05WSFJNRUFqQUFNQk1HQTFV\nZEpRUU1NQW9HQ0NzR0FRVUZCd01DTUEwRwpDU3FHU0liM0RRRUJCUVVBQTRJQ0FRQmpkWGtBaUtJ\nWUd0Q3RIMDVwck1hbWhZSHl3cFNYdzBPSzB4bTBMcFlTCkpvc094OWFGVjRqcS9Fb3NlWlZndkR0\nOGM0ajlXVlBkQ1lmOHlwaHVFRS8yM2s3akEzaFlYZmFIZnVoenZnaWgKSDB3U0Q2WmgrNGptaDdE\nV0tEVnRwOWI4aFBmdytzR3ltYUtkaWM4WFNVMlNDK1RMNGRYTkFlTjFIeVVtanltcApRZFZBamsx\nQXNRT3YvU0gzaEg4cmJBWEprMWpoTks0Z2tGT0oxTHJ5TkR3dmNPc3JHbFpLY3BsWStKVE1HZkFH\nCjUyYmFtdGpIVG9FQ1BSOGhIeGx6bTlFYUxidUtpUlpwZ242M25qYWRWK1d4a09zVTlPSUM3dm9U\nSlNtQ3VOZmkKdjh1RmdsSUFGS0JXSmVOZERxQk5OZnBjTU5GTDV0R1NIbzkvVEtLQ3hEam1QN3Ns\nc3BRMzVYTFluODl1MjY3agpJZmU2dkppdXZxdXdyN0c1S1orTTkvQitlWk5ISHVrNEFDTUs5OFk1\ncWhtb2pQS3p5Z202b2FiRzI3bk1EYzF5CkM0Q05LUWUrL1J5SEdYbXFjdm5ZVGxHVGpNWktoRWpX\nOVp3UmJyZVZ1M1lmNVhlZU95OXNpOWs5VTI3bVQ0UTUKdC8zU2xCK2JiTW4vbzVPWFI0YStnT2VX\nVWVJRzl6SzNvYVdXbmVKVlZPdmRlQy8xTjY0ajRERjlKWm45cGtENgowdUozQUFKMUYvN2tJa2tT\nMXNmZWdjejZCU2pkMldkQjhHaDZSN1ZVS0VPSEpCREphZm1EdkRjVGdSZytQa1NUCmpjdHVzVnNl\nYi9lcE1BRkQ1dERuUDFHVU8yYkx2dzQ3QWl0akxKdnljeUZZbnovU1ZFK2dXOTU3ZEpXcVVjZEkK\nYXc9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCgo=\n"
}
GET /api/client-registry HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
[
{
"timestamp": "2022-03-25T17:25:21.379Z",
"username": "iot.device.0123456",
"credentialType": "certificate",
"roles": [
"text"
],
"context": "IoT Device Serial Number <0123456>",
"permissions": {
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
},
"granted": true
}
]
This parameter defines how long the registration endpoint will be kept open (in milliseconds). Default if undefined: 30000 milliseconds
30000
POST /api/client-registry/open HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 18
{
"duration": 30000
}
No content
Username to confirm. Must match a username that is currently in the pendingRequests list.
An array of roleId of the roles the new user should have. (Must be roleId, not role name.)
POST /api/client-registry/confirm HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 209
{
"username": "text",
"mqttPublishPrefix": "text",
"grantTypes": [
{
"method": "password",
"isRequired": true
}
],
"initialPermissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
],
"roles": [
"text"
]
}
{
"id": "text",
"username": "text",
"autoGenerated": true,
"mqttPublishPrefix": "text",
"identityProvider": "local",
"grantTypes": [
{
"method": "password",
"isRequired": true
}
],
"tokens": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text",
"label": "text"
}
],
"certificates": [
{
"fingerprint": "text",
"createdAt": "text",
"expiresAt": "text"
}
],
"roles": [
{
"id": "text",
"name": "text",
"isShared": true,
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
]
}
],
"mfa_is_enrolled": true,
"enforceMFAEnrollment": true
}
GET /api/certificates HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
[
{
"id": "text",
"issuedBy": {
"commonName": "text",
"organization": "text",
"organizationalUnit": "text"
},
"issuedTo": {
"commonName": "text",
"organization": "text",
"organizationalUnit": "text",
"alternativeNames": [
"text"
]
},
"keyUsage": [
"text"
],
"extendedKeyUsage": [
"text"
],
"basicConstraints": {
"isCA": true,
"pathLength": 1
},
"issuedOn": 1,
"expiresOn": 1,
"fingerprints": {
"sha1": "text",
"sha256": "text"
},
"removable": true
}
]
POST /api/certificates HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 6
"text"
[
{
"id": "text",
"issuedBy": {
"commonName": "text",
"organization": "text",
"organizationalUnit": "text"
},
"issuedTo": {
"commonName": "text",
"organization": "text",
"organizationalUnit": "text",
"alternativeNames": [
"text"
]
},
"keyUsage": [
"text"
],
"extendedKeyUsage": [
"text"
],
"basicConstraints": {
"isCA": true,
"pathLength": 1
},
"issuedOn": 1,
"expiresOn": 1,
"fingerprints": {
"sha1": "text",
"sha256": "text"
},
"removable": true
}
]
Id of certificate
GET /api/certificates/content?id=text HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
text
POST /api/broker/auth/enhanced HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 68
{
"client_id": "text",
"properties": {
"p_authentication_method": "text"
}
}
OK
{
"result": "text",
"modifiers": {
"max_message_size": "text",
"max_inflight_messages": "text",
"retry_interval": "text"
}
}
GET /api/maintenance/db HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
OK
{
"running": true,
"backup": {
"id": "text",
"succeeded": true,
"statusMessage": "text",
"startDate": "2025-06-27T06:20:08.189Z",
"endDate": "2025-06-27T06:20:08.189Z"
},
"restore": {
"id": "text",
"succeeded": true,
"statusMessage": "text",
"startDate": "2025-06-27T06:20:08.189Z",
"endDate": "2025-06-27T06:20:08.189Z"
}
}
POST /api/maintenance/db/restore HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
No content
POST /api/mfa/enable HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Accept: */*
{
"uri": "otpauth://totp/Cybus:Connectware?issuer=Cybus&secret=something&algorithm=SHA1&digits=6&period=30"
}
POST /api/mfa/validate HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 14
{
"otp": "text"
}
{
"backupCodes": [
"text"
]
}
POST /api/mfa/login HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 68
{
"username": "text",
"otp": "text",
"backupCode": "text",
"secret": "text"
}
{
"token": "text",
"expiresAt": "text",
"permissions": [
{
"id": "text",
"resource": "text",
"operation": "read",
"context": "http"
}
],
"needsMfa": true,
"secret": "text",
"enforceMFAEnrollment": true
}
POST /api/mfa/disable HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 34
{
"otp": "text",
"backupCode": "text"
}
No content
POST /api/mfa/regenerate/backupcodes HTTP/1.1
Host:
Authorization: YOUR_API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 34
{
"otp": "text",
"backupCode": "text"
}
{
"backupCodes": [
"text"
]
}
Last updated
Was this helpful?