• Account Management
  • Alias
  • Application
  • Application Admin
  • Application Licensing
  • Audit
  • Backup
  • Directory
  • Directory Admin
  • Group Admin
  • Group Level Admin
  • Groups
  • Groups Membership
  • LDAP Connection Pool
  • Look and Feel
  • Mail Server
  • Remember Me
  • SAML Configuration
  • Server Info
  • Sessions
  • Token
  • User Admin
  • User Authentication
  • Users
Server
Crowd Data Center / / REST API

Token

Postman Collection
OpenAPI
POST

Authenticate user

Create new session token valid for duration seconds, or for the server default session timeout if no duration is specified or if duration is longer than the server default session timeout. Either the user password needs to be valid or the 'validate-password' query param must be set to false. If an ongoing session already exists for the same authentication credentials and validation factors, then that session token is returned

Forge and OAuth2 apps cannot access this REST resource.

Request

Query parameters

validate-password

boolean

duration

integer

Request bodyapplication/json application/xml

authentication information

password

string

userName

string

validationFactors

array<ValidationFactorEntity>

Responses

the session creation was successful or an ongoing session already existed. Contains the Crowd SSO token

application/json application/xml

any

POST/rest/usermanagement/1/session
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 curl --request POST \ --url 'http://{baseurl}/rest/rest/usermanagement/1/session' \ --header 'Accept: application/json' \ --header 'Content-Type: application/json' \ --data '{ "userName": "my_username", "password": "my_password", "validation-factors": { "validation-factor": [ { "name": "remote_address", "value": "127.0.0.1" } ] } }'
201Response
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 { "token": "abc123", "user": { "link": null, "name": "sampleuser", "firstName": null, "lastName": null, "displayName": null, "directoryId": null, "password": null, "encryptedPassword": null, "key": null, "createdDate": null, "updatedDate": null, "directoryName": null, "active": null, "attributes": null, "expanded": true, "email": null }, "link": { "href": "https://crowdserver/crowd/session/abcc123", "rel": "self" }, "createdDate": 1464453000000, "expiryDate": 1464456600000, "unaliasedUsername": null }
DEL

Delete user tokens

Invalidate all tokens for a given user name. Optionally, a token key can be saved from invalidation if specified in the 'exclude' param

Forge and OAuth2 apps cannot access this REST resource.

Request

Query parameters

username

string

Required
exclude

string

Responses

tokens were deleted successfully

DEL/rest/usermanagement/1/session
1 2 curl --request DELETE \ --url 'http://{baseurl}/rest/rest/usermanagement/1/session?username={username}'
GET

Get session

Retrieves the token with the authenticated user expanded

Forge and OAuth2 apps cannot access this REST resource.

Request

Path parameters

token

string

Required

Responses

session was successfully retrieved

application/json application/xml

any

GET/rest/usermanagement/1/session/{token}
1 2 3 curl --request GET \ --url 'http://{baseurl}/rest/rest/usermanagement/1/session/{token}' \ --header 'Accept: application/json'
200Response
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 { "token": "abc123", "user": { "link": null, "name": "sampleuser", "firstName": null, "lastName": null, "displayName": null, "directoryId": null, "password": null, "encryptedPassword": null, "key": null, "createdDate": null, "updatedDate": null, "directoryName": null, "active": null, "attributes": null, "expanded": true, "email": null }, "link": { "href": "https://crowdserver/crowd/session/abcc123", "rel": "self" }, "createdDate": 1464453000000, "expiryDate": 1464456600000, "unaliasedUsername": null }
POST

Validate token

Validates the session token. Validating the token keeps the SSO session alive

Forge and OAuth2 apps cannot access this REST resource.

Request

Path parameters

token

string

Required

Request bodyapplication/json application/xml

list of validation factors

validationFactors

array<ValidationFactorEntity>

Responses

token validation was successful

application/json application/xml

any

POST/rest/usermanagement/1/session/{token}
1 2 3 4 5 6 7 8 9 10 11 12 curl --request POST \ --url 'http://{baseurl}/rest/rest/usermanagement/1/session/{token}' \ --header 'Accept: application/json' \ --header 'Content-Type: application/json' \ --data '{ "validation-factor": [ { "name": "remote_address", "value": "127.0.0.1" } ] }'
201Response
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 { "token": "abc123", "user": { "link": null, "name": "sampleuser", "firstName": null, "lastName": null, "displayName": null, "directoryId": null, "password": null, "encryptedPassword": null, "key": null, "createdDate": null, "updatedDate": null, "directoryName": null, "active": null, "attributes": null, "expanded": true, "email": null }, "link": { "href": "https://crowdserver/crowd/session/abcc123", "rel": "self" }, "createdDate": 1464453000000, "expiryDate": 1464456600000, "unaliasedUsername": null }
DEL

Invalidate token

Invalidates the Crowd SSO token

Forge and OAuth2 apps cannot access this REST resource.

Request

Path parameters

token

string

Required

Responses

token was invalidated successfully

DEL/rest/usermanagement/1/session/{token}
1 2 curl --request DELETE \ --url 'http://{baseurl}/rest/rest/usermanagement/1/session/{token}'

Rate this page: