POST

Authenticate user

Create new session token valid for duration seconds, or for the server default session timeout if no duration is specified or if duration is longer than the server default session timeout. Either the user password needs to be valid or the 'validate-password' query param must be set to false. If an ongoing session already exists for the same authentication credentials and validation factors, then that session token is returned

Request

Query parameters

validate-password

boolean

duration

integer

Request bodyapplication/json application/xml

authentication information

password

string

userName

string

validationFactors

array<ValidationFactorEntity>

Responses

the session creation was successful or an ongoing session already existed. Contains the Crowd SSO token

application/json application/xml

any

POST/rest/usermanagement/1/session
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 curl --request POST \ --url 'http://{baseurl}/rest/rest/usermanagement/1/session' \ --header 'Accept: application/json' \ --header 'Content-Type: application/json' \ --data '{ "userName": "my_username", "password": "my_password", "validation-factors": { "validation-factor": [ { "name": "remote_address", "value": "127.0.0.1" } ] } }'
201Response
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 { "token": "abc123", "user": { "link": null, "name": "sampleuser", "firstName": null, "lastName": null, "displayName": null, "directoryId": null, "password": null, "encryptedPassword": null, "key": null, "createdDate": null, "updatedDate": null, "directoryName": null, "active": null, "attributes": null, "expanded": true, "email": null }, "link": { "href": "https://crowdserver/crowd/session/abcc123", "rel": "self" }, "createdDate": 1464453000000, "expiryDate": 1464456600000, "unaliasedUsername": null }
DEL

Delete user tokens

Invalidate all tokens for a given user name. Optionally, a token key can be saved from invalidation if specified in the 'exclude' param

Request

Query parameters

username

string

Required
exclude

string

Responses

tokens were deleted successfully

DEL/rest/usermanagement/1/session
1 2 curl --request DELETE \ --url 'http://{baseurl}/rest/rest/usermanagement/1/session?username={username}'
GET

Get session

Retrieves the token with the authenticated user expanded

Request

Path parameters

token

string

Required

Responses

session was successfully retrieved

application/json application/xml

any

GET/rest/usermanagement/1/session/{token}
1 2 3 curl --request GET \ --url 'http://{baseurl}/rest/rest/usermanagement/1/session/{token}' \ --header 'Accept: application/json'
200Response
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 { "token": "abc123", "user": { "link": null, "name": "sampleuser", "firstName": null, "lastName": null, "displayName": null, "directoryId": null, "password": null, "encryptedPassword": null, "key": null, "createdDate": null, "updatedDate": null, "directoryName": null, "active": null, "attributes": null, "expanded": true, "email": null }, "link": { "href": "https://crowdserver/crowd/session/abcc123", "rel": "self" }, "createdDate": 1464453000000, "expiryDate": 1464456600000, "unaliasedUsername": null }
POST

Validate token

Validates the session token. Validating the token keeps the SSO session alive

Request

Path parameters

token

string

Required

Request bodyapplication/json application/xml

list of validation factors

validationFactors

array<ValidationFactorEntity>

Responses

token validation was successful

application/json application/xml

any

POST/rest/usermanagement/1/session/{token}
1 2 3 4 5 6 7 8 9 10 11 12 curl --request POST \ --url 'http://{baseurl}/rest/rest/usermanagement/1/session/{token}' \ --header 'Accept: application/json' \ --header 'Content-Type: application/json' \ --data '{ "validation-factor": [ { "name": "remote_address", "value": "127.0.0.1" } ] }'
201Response
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 { "token": "abc123", "user": { "link": null, "name": "sampleuser", "firstName": null, "lastName": null, "displayName": null, "directoryId": null, "password": null, "encryptedPassword": null, "key": null, "createdDate": null, "updatedDate": null, "directoryName": null, "active": null, "attributes": null, "expanded": true, "email": null }, "link": { "href": "https://crowdserver/crowd/session/abcc123", "rel": "self" }, "createdDate": 1464453000000, "expiryDate": 1464456600000, "unaliasedUsername": null }
DEL

Invalidate token

Invalidates the Crowd SSO token

Request

Path parameters

token

string

Required

Responses

token was invalidated successfully

DEL/rest/usermanagement/1/session/{token}
1 2 curl --request DELETE \ --url 'http://{baseurl}/rest/rest/usermanagement/1/session/{token}'

Rate this page: