Support for Server products ended Feb. 15, 2024. Learn what this means for you.

Last updated Feb 23, 2022

Crowd SOAP to REST Migration Guide

Authentication

SOAP method	Recommended REST resource
authenticateApplication(ApplicationAuthenticationContext authenticationContext)	replaced by basic authentication
isValidPrincipalToken(AuthenticatedToken applicationToken, String principalToken, ValidationFactor[] validationFactors)	/rest/usermanagement/1/session/{token} REST method: POST
authenticatePrincipalSimple(AuthenticatedToken applicationToken, String username, String password)	/rest/usermanagement/1/session REST method: POST
authenticatePrincipal(AuthenticatedToken applicationToken, UserAuthenticationContext authenticateContext)	/rest/usermanagement/1/session REST method: POST
createPrincipalToken(AuthenticatedToken applicationToken, String username, ValidationFactor[] validationFactors)	/rest/usermanagement/1/session?validate-password=false REST method: POST
invalidatePrincipalToken(AuthenticatedToken applicationToken, String token)	/rest/usermanagement/1/session REST method: DELETE
resetPrincipalCredential(AuthenticatedToken applicationToken, String principal)	Split into 2 separate resources: /rest/usermanagement/1/user/password REST method: DELETE and: /rest/usermanagement/1/user/mail/password REST method: POST
updatePrincipalCredential(AuthenticatedToken applicationToken, String principal, PasswordCredential credential)	/rest/usermanagement/1/user/password REST method: PUT

Principal

SOAP API methods use a deprecated term ‘principal’. In REST API, it was replaced by ‘user’.

SOAP method	Recommended REST resource
findAllPrincipalNames(AuthenticatedToken applicationToken)	/rest/usermanagement/1/search?entity-type=user REST method: GET
findPrincipalWithAttributesByName(AuthenticatedToken applicationToken, String name)	/rest/usermanagement/1/user?expand=attributes REST method: GET
findPrincipalByName(AuthenticatedToken applicationToken, String name)	/rest/usermanagement/1/user REST method: GET
findPrincipalByToken(AuthenticatedToken applicationToken)	/rest/usermanagement/1/session/{token} REST method: GET
searchPrincipals(AuthenticatedToken applicationToken, SearchRestriction[] searchRestrictions)	/rest/usermanagement/1/search?entity-type=user REST method: GET
addAllPrincipals(AuthenticatedToken applicationToken, SOAPPrincipalWithCredential[] principals)	There is no method for adding users in bulk. In REST API, you can only add users one by one.
addPrincipal(AuthenticatedToken applicationToken, SOAPPrincipal principal, PasswordCredential credential)	/rest/usermanagement/1/user REST method: POST
addPrincipalToGroup(AuthenticatedToken applicationToken, String principal, String group)	/rest/usermanagement/1/group/user/direct REST method: POST
addPrincipalToRole(AuthenticatedToken applicationToken, String principal, String role)	/rest/usermanagement/1/group/user/direct REST method: POST
removePrincipalFromGroup(AuthenticatedToken applicationToken, String principal, String group)	/rest/usermanagement/1/group/user/direct REST method: DELETE
removePrincipalFromRole(AuthenticatedToken applicationToken, String principal, String role)	/rest/usermanagement/1/group/user/direct REST method: DELETE
removePrincipal(AuthenticatedToken applicationToken, String principal)	/rest/usermanagement/1/user REST method: DELETE
addAttributeToPrincipal(AuthenticatedToken applicationToken, String principal, SOAPAttribute attribute)	Depends on the attribute. If it’s part of this list, use: /rest/usermanagement/1/user REST method: PUT Otherwise, use: /rest/usermanagement/1/user/attribute REST method: POST
updatePrincipalAttribute(AuthenticatedToken applicationToken, String name, SOAPAttribute attribute)	Same as above
removeAttributeFromPrincipal(AuthenticatedToken applicationToken, String principal, String attribute)	/rest/usermanagement/1/user/attribute REST method: DELETE

Group

SOAP method	Recommended REST resource
isGroupMember(AuthenticatedToken applicationToken, String group, String principal)	/rest/usermanagement/1/group/user/nested REST method: GET
findAllGroupNames(AuthenticatedToken applicationToken)	/rest/usermanagement/1/search?entity-type=group REST method: GET
findGroupByName(AuthenticatedToken applicationToken, String name)	Split into 2 separate resources: /rest/usermanagement/1/group REST method: GET and: /rest/usermanagement/1/group/user/nested REST method: GET
findGroupWithAttributesByName(AuthenticatedToken applicationToken, String name)	Split into 2 separate resources: /rest/usermanagement/1/group?expand=attributes REST method: GET and: /rest/usermanagement/1/group/user/nested REST method: GET
searchGroups(AuthenticatedToken applicationToken, SearchRestriction[] searchRestrictions)	/rest/usermanagement/1/search?entity-type=group REST method: GET
addGroup(AuthenticatedToken applicationToken, SOAPGroup soapGroup)	/rest/usermanagement/1/group REST method: POST
updateGroup(AuthenticatedToken applicationToken, String groupName, String description, boolean active)	/rest/usermanagement/1/group REST method: PUT
removeGroup(AuthenticatedToken applicationToken, String group)	/rest/usermanagement/1/group REST method: DELETE
addAttributeToGroup(AuthenticatedToken applicationToken, String group, SOAPAttribute attribute)	/rest/usermanagement/1/group/attribute REST method: POST
updateGroupAttribute(AuthenticatedToken applicationToken, String group, SOAPAttribute attribute)	/rest/usermanagement/1/group/attribute REST method: POST
removeAttributeFromGroup(AuthenticatedToken applicationToken, String group, String attribute)	/rest/usermanagement/1/group/attribute REST method: DELETE
findAllGroupRelationships(AuthenticatedToken applicationToken)	Split into 2 separate resources: /rest/usermanagement/1/group REST method: GET and: /rest/usermanagement/1/group/child-group/direct REST method: GET
findGroupMemberships(AuthenticatedToken applicationToken, String principalName)	/rest/usermanagement/1/group/child-group/direct REST method: GET

Role

Roles have been deprecated and replaced by groups in Crowd 2.0. If you still use roles in your app, migrate them to groups.

SOAP method	Recommended REST resource
isRoleMember(AuthenticatedToken applicationToken, String role, String principal)	/rest/usermanagement/1/group/user/nested REST method: GET
findAllRoleNames(AuthenticatedToken applicationToken)	/rest/usermanagement/1/search?entity-type=group REST method: GET
findRoleByName(AuthenticatedToken applicationToken, String name)	/rest/usermanagement/1/group/rest/usermanagement/1/group REST method: GET
searchRoles(AuthenticatedToken applicationToken, SearchRestriction[] searchRestrictions)	Split into 2 separate resources: /rest/usermanagement/1/search?entity-type=group REST method: GET and: /rest/usermanagement/1/group/user/direct REST method: GET
addRole(AuthenticatedToken applicationToken, SOAPRole soapRole)	/rest/usermanagement/1/group REST method: POST
removeRole(AuthenticatedToken applicationToken, String role)	/rest/usermanagement/1/group REST method: DELETE
findRoleMemberships(AuthenticatedToken applicationToken, String principalName)	/rest/usermanagement/1/group/child-group/direct REST method: GET

Other

SOAP method	Recommended REST resource
getGrantedAuthorities(AuthenticatedToken applicationToken)	/rest/admin/1.0/application/{applicationId}/directory-mapping?expand=authentication REST method: GET
getCacheTime(AuthenticatedToken applicationToken)	Deprecated and no longer available since Crowd 2.8.0.
isCacheEnabled(AuthenticatedToken applicationToken)	This data cannot be fetched by REST API.
getCookieInfo(AuthenticatedToken applicationToken)	/rest/usermanagement/1/config/cookie REST method: GET
getDomain(AuthenticatedToken applicationToken)	Same as above