1Kosmos · Admin Backend
Admin API
The control plane behind AdminX — manage users, communities, authentication modules, providers and policy across your tenant.
The Web Admin Backend powers the 1Kosmos AdminX console. Programmatically manage users, communities and login settings; configure authentication modules, WebAuthn, hardware tokens and SAML / OIDC service and identity providers; run reports; and control branding and policy across your tenant. This is the control plane for your 1Kosmos deployment.
233 endpoints
across 61 resource groups.
ECDSA-signed
every request is signed with your key pair.
JSON over HTTPS
predictable REST, conventional status codes.
OpenAPI 3.0
Reference
Base URL
All Admin API endpoints are relative to your environment host. Examples on this page use the 1Kosmos pilot environment — swap in your production root when you go live.
Pilot
https://pilot-root.1kosmos.net/adminapi
Content type
Requests and responses use application/json.
GEThttps://pilot-root.1kosmos.net/adminapi/healthz
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/healthz' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
Security
Authentication
Admin API uses ECDSA key-pair authentication. Each request carries your credentials as
HTTP headers; verification-grade calls additionally sign the request body. Retrieve the system signing
key from /publickeys.
Credentials
keyIdECDSA Public Keyheader
keySecretHawk Key Secret / ECDSA Private Keyheader
AuthorizationAuthentication headerheader
x-jwt-tokenAuthentication headerheader
licenseLicense key from License Microserviceheader
GEThttps://pilot-root.1kosmos.net/adminapi/healthz
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/healthz' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/healthz", {
method: "GET",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/healthz",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())Reference
Errors
Admin API uses conventional HTTP status codes: 2xx success, 4xx a problem
with the request, 5xx a service-side error.
| Status | Meaning | Description |
|---|---|---|
| 200 / 204 | OK | The request succeeded. |
| 400 | Bad Request | Validation failed. |
| 401 | Unauthorized | Missing or invalid credentials. |
| 403 | Forbidden | Authenticated, but not permitted. |
| 404 | Not Found | The resource does not exist. |
| 500 | Server Error | Something went wrong on our side. |
4XXerror response
{
"statusCode": 400,
"error": "Bad Request",
"message": "Validation error"
}Admin API
Users
Create, query, update and manage user records.
GET/users/user/documents
Fetch documents from user wallet
Returns array of user documents.
This endpoint can be accessed by logged in user
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns array of user documents. This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/users/user/documents
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/users/user/documents' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/documents", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/users/user/documents",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
404
500
Success
data is ECDSA encrypted following array:
```
[
{
"type": "type",
"id": "id",
"proofedBy": "proofedBy",
"category": "identity_document",
"doe": "12345678",
"proofs": ["array", "of", "proofs"]
}
]
```
publicKey is public key of adminapi
Invalid request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
GET/users/user/ial
Get IAL of the user
Get IAL of the user.
This endpoint can be accessed by logged in user
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns ial of the user. This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | Public Key / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/users/user/ial
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/users/user/ial' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/ial", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/users/user/ial",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
401
500
Success
Unauthorized
Internal Server Error
// no response body
// no response body
// no response body
GET/users/user/ip
Returns ip address of caller
Returns ip address of caller. Caller must be a tenant or community admin with active jwt in authorization header.
This endpoint can be accessed by logged in user
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns the ip address of the calling client. This API throws an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/users/user/ip
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/users/user/ip' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/ip", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/users/user/ip",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
404
500
Success
data is ECDSA encrypted following array:
```
{
"ip": "192.68.24.56",
}
```
publicKey is public key of adminapi
Invalid request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
POST/users/accesscodes/fetch
Fetch list of Accesscodes
Fetch accesscode list based on uids.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns the list of users invited accesscodes.
This API throw an error if something goes wrong.
Permissions
Administrators can get any access codes of any user within their own community. Basic users can only fetch their own access codes.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| userrequired | object | — |
| communityrequired | object | — |
| uids | array<string> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/accesscodes/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/accesscodes/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"user": {"uid": "string", "username": "string", "authModuleId": "string"}, "community": {"id": "string", "name": "string", "publicKey": "string"}, "uids": ["string optional", "property 'uids' optional"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/accesscodes/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"user": {
"uid": "string",
"username": "string",
"authModuleId": "string"
},
"community": {
"id": "string",
"name": "string",
"publicKey": "string"
},
"uids": [
"string optional",
"property 'uids' optional"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/accesscodes/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"user": {
"uid": "string",
"username": "string",
"authModuleId": "string"
},
"community": {
"id": "string",
"name": "string",
"publicKey": "string"
},
"uids": [
"string optional",
"property 'uids' optional"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"status": "string"
}// no response body
// no response body
// no response body
POST/users/count
Count all basic users.
- Any valid key can be used to count users.
- Auth module must be available for the community.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
query (optional)
query : object
The query to filter users.
Returns
Returns number of users.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains object below:
{
"tenantId": "ObjectId required, ID of Tenant",
"communityId": "ObjectId required, ID of Community",
"moduleId": "ObjectId required, ID of authModule",
"query": "object (optional)",
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
| query | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/count
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/count' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxxxxxxxxxx", "moduleId": "xxxxxxxxxxxxxxxxxxxxxxxx", "query": {}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/count", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"moduleId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"query": {}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/count",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"moduleId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"query": {}
},
)
print(res.json())RESPONSE
200
400
401
Success
Users count result.
```
{
"count": 50,
"id": "ObjectID",
"type": "azuread",
}
```
Invalid request
Unauthorized
{
"id": "xxxxxxxxxxxxxxxxxxxxxxxx",
"type": "azuread",
"count": 12
}// no response body
// no response body
POST/users/countAll
Get users counts
Get users counts for all authmodules .
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
Returns
Returns the users info.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/countAll
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/countAll' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "moduleId": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/countAll", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"moduleId": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/countAll",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"moduleId": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"count": 50
}
```
Invalid request
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxx/xxxx"
}// no response body
// no response body
// no response body
POST/users/fetch
Fetch users
Fetch list of users.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
pSize (default to 25) / max 100
pSize : number
pIndex (default 0)
pIndex : number
query (optional)
query : object
attributes (optional)
attributes : array
Returns
Returns the users info.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
| pSize | number | — |
| pIndex | number | — |
| attributes | array<object> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "moduleId": "string", "pSize": 25, "pIndex": 0, "attributes": ["firstname"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"moduleId": "string",
"pSize": 25,
"pIndex": 0,
"attributes": [
"firstname"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"moduleId": "string",
"pSize": 25,
"pIndex": 0,
"attributes": [
"firstname"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"data": "object",
"publicKey": "string"
}// no response body
// no response body
// no response body
POST/users/find
Find User
Find User.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
email (optional)
email : string
username (optional)
username : string
checkAliases (optional)
checkAliases : boolean
fetchFromExternalSources (optional)
fetchFromExternalSources: boolean
Returns
Returns the matched users.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| string | — | |
| username | string | — |
| checkAliases | boolean | — |
| fetchFromExternalSources | boolean | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/find
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/find' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "email": "string optional", "username": "string optional", "checkAliases": false, "fetchFromExternalSources": false}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/find", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"email": "string optional",
"username": "string optional",
"checkAliases": false,
"fetchFromExternalSources": false
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/find",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"tenantId": "string",
"communityId": "string",
"email": "string optional",
"username": "string optional",
"checkAliases": false,
"fetchFromExternalSources": false
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"users": [
{
"username": "xxxxx",
"usernameHash": "xxxxx",
"email1": "xxxxx",
"email1Hash": "xxxxx",
"email2": "xxxxx",
"email2Hash": "xxxxx",
"phone": "xxxxx",
"phoneHash": "xxxxx",
"deviceName": "xxxxx",
"aliasUsed": "xxxxxx",
"user_token": "xxxxx"
}
]
}// no response body
// no response body
// no response body
POST/users/request/invite
User Request invites
Send invitation to user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
user_token (required)
user_token : string
deliveryMethod (required)
deliveryMethod : string
google_token (required)
google_token : string
license (optional, if valid license was provided, bypass captcha checking)
license : string
Returns
Returns invitation object.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| user_token | string | — |
| deliveryMethod | string | — |
| google_token | string | — |
| license | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/request/invite
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/request/invite' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "user_token": "string", "deliveryMethod": "email1|email2", "google_token": "string", "license": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/request/invite", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"user_token": "string",
"deliveryMethod": "email1|email2",
"google_token": "string",
"license": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/request/invite",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"tenantId": "string",
"communityId": "string",
"user_token": "string",
"deliveryMethod": "email1|email2",
"google_token": "string",
"license": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"emailResult": {
"status": true,
"statusCode": 200,
"message": "https://1k-dev.1kosmos.net/acr,",
"error": "string",
"gatewatId": "string",
"resultId": "string",
"messageId": "string",
"ts": "string"
},
"link": "string",
"code": "string"
}// no response body
// no response body
// no response body
POST/users/resend/invite
Resend Invite to user
Resend Invite to same user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
code (required)
code : string
emailTo (required)
emailTo : string
firstname (required)
firstname : string
lastname (required)
lastname : string
captchaToken (required unless a valid license is provided)
captchaToken : string
license (optional - if provided and valid, CAPTCHA is bypassed)
license : string
Returns
Returns the resend invited users object.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| code | string | — |
| emailTo | string | — |
| firstname | string | — |
| lastname | string | — |
| captchaToken | string | — |
| license | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/resend/invite
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/resend/invite' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"code": "string", "emailTo": "string", "firstname": "string", "lastname": "string", "captchaToken": "string", "license": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/resend/invite", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"code": "string",
"emailTo": "string",
"firstname": "string",
"lastname": "string",
"captchaToken": "string",
"license": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/resend/invite",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"code": "string",
"emailTo": "string",
"firstname": "string",
"lastname": "string",
"captchaToken": "string",
"license": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"emailResult": {
"status": true,
"statusCode": 200,
"message": "https://1k-dev.1kosmos.net/acr,",
"error": "string",
"gatewatId": "string",
"resultId": "string",
"messageId": "string",
"ts": "string"
},
"link": "string",
"code": "string"
}// no response body
// no response body
// no response body
POST/users/user/alternate_mfa/session/{code}/poll
Poll UWL2.0 session for alternate MFA option
Returns OK status.
This endpoint can be accessed by logged in user
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Params
code (required)
ACR code of this session
Returns
Returns array of user documents. This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| coderequired | string | code for polling |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | Public Key / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/alternate_mfa/session/{code}/poll
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/alternate_mfa/session/<code>/poll' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/alternate_mfa/session/<code>/poll", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/alternate_mfa/session/<code>/poll",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
404
500
Success
data is ECDSA encrypted object:
```
{
"ttl_seconds": 60,
"type": "user_invitation",
"phoneRequired": false,
"uuid": "c2c003e2-221b-44de-93cb-f2d388265490",
"ttl": 0,
"createdBy": "sasha",
"tenantId": "5f3d8d0cd866fa61019cf968",
"createdTime": 1731676868,
"id": "67374ac4e1107a584374b28e",
"communityId": "5f3d8d0cd866fa61019cf969",
"redeem_result": {
"client_ip": "188.26.211.129",
"publicKey": "xxxxxxxxxxxxxxxxxx",
"deviceId": "4EC9816C-236B-4B02-B826-56A4E4C563B4",
"deviceName": "iPhone sasha",
"did": "b6f752963b368c91a120d15828ae6c08cd7f230e"
},
"accesscodepayload": {
"authModuleId": "659c0b3e7fa8735a60fd33d1",
"uid": "andrii1",
"otp_email": "xxxxxxxxxx@1kosmos.com",
"dns": "1k-dev.1kosmos.net",
"authType": "none",
"userid": "andrii1",
"invite_email": "xxxxxxxxx@1kosmos.com"
},
"status": "redeemed"
}
```
publicKey is public key of adminapi
Invalid request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
POST/users/user/detailProfile/fetch
Fetch user Profile details
Fetch user detail.
This endpoint must be accessed by all users to get user profile details.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
user (required)
query : object
attributes (optional)
attributes : array
Returns
Returns the user details.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
| user | object | — |
| attributes | array<object> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/detailProfile/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/detailProfile/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "moduleId": "string", "user": {"username": "string", "uid": "string", "urn": "string"}, "attributes": ["firstname"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/detailProfile/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"moduleId": "string",
"user": {
"username": "string",
"uid": "string",
"urn": "string"
},
"attributes": [
"firstname"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/detailProfile/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"moduleId": "string",
"user": {
"username": "string",
"uid": "string",
"urn": "string"
},
"attributes": [
"firstname"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"uid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"username": "xxxxxx",
"moduleId": "xxxxxxx",
"dguid": "xxxxxx",
"urn": "xxxxx",
"type": "xxxxx",
"mobiles": [],
"landlines": [],
"aliases": {},
"roleValue": "xxxxx",
"status": "xxxxxx",
"firstname": "xxxxxxxx",
"middlename": "xxxxxxxx",
"lastname": "xxxxxxxx",
"email": "xxxxx@xxxxxxxx.xxx",
"phone": "xxxxxxxxxx",
"disabled": false,
"isLocked": false,
"ial": "xxxxx",
"userProperties": {
"mobiles": [],
"landlines": [],
"aliases": {}
}
}// no response body
// no response body
// no response body
POST/users/user/devices/fetch
Fetch devices linked to user
Fetch devices linked to user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns the devices information that linked to a user This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
{
"user": {
"uid": "required string",
"username": "required string",
"authModuleId": "required string"
},
"community": {
"id": "required string",
"name": "required string",
"publicKey": "required string"
}
}| Field | Type | Description |
|---|---|---|
| user | object | — |
| community | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/devices/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/devices/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"user": {"uid": "xxxxxxxx", "username": "xxxxxxxx", "authModuleId": "xxxxxxxx"}, "community": {"id": "xxxxxxxx", "name": "xxxxxxx", "publicKey": "xxxxxxx"}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/devices/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"user": {
"uid": "xxxxxxxx",
"username": "xxxxxxxx",
"authModuleId": "xxxxxxxx"
},
"community": {
"id": "xxxxxxxx",
"name": "xxxxxxx",
"publicKey": "xxxxxxx"
}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/devices/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"user": {
"uid": "xxxxxxxx",
"username": "xxxxxxxx",
"authModuleId": "xxxxxxxx"
},
"community": {
"id": "xxxxxxxx",
"name": "xxxxxxx",
"publicKey": "xxxxxxx"
}
},
)
print(res.json())RESPONSE
200
401
404
500
Success
Unauthorized
Not Found
Internal Server Error
{
"list": [
{
"personId": "xxxxxxxx",
"userIdList": [
"xxxxxxxx"
],
"communityId": "xxxxxxxx",
"publickey": "xxxxxxxx",
"poi_ial": "xxxxxxxx",
"pon_ial": "xxxxxxxx",
"updatedTS": "xxxxxxxx",
"id": "xxxxxxxx"
}
],
"devices": [
{
"uid": "xxxxxxxx",
"did": "xxxxxxxx",
"os": "xxxxxxxx",
"publickey": "xxxxxxxx",
"deviceName": "xxxxxxxx",
"authenticatorId": "xxxxxxxx",
"authenticatorVersion": "xxxxxxxx",
"authenticatorName": "xxxxxxxx",
"clientIp": "xxxxxxxx",
"userAgent": "xxxxxxxx",
"locLat": "xxxxxxxx",
"locLon": "xxxxxxxx",
"id": "xxxxx"
}
]
}// no response body
// no response body
// no response body
POST/users/user/devices/has_security_key
Check if user has any security keys registered
Update User details.
This endpoint can be accessed by everyone.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
communityName (required)
communityName : string
communityPublicKey (required)
communityPublicKey : string
tenantTag (required)
tenantTag : string
username (required)
username : string
Returns
Returns hasSecurityKeys = true/false
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| communityName | string | — |
| communityPublicKey | string | — |
| tenantTag | string | — |
| username | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/devices/has_security_key
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/devices/has_security_key' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"communityName": "xxxxxxxx", "communityPublicKey": "xxxxxxxx", "tenantTag": "xxxxxxxx", "username": "xxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/devices/has_security_key", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"communityName": "xxxxxxxx",
"communityPublicKey": "xxxxxxxx",
"tenantTag": "xxxxxxxx",
"username": "xxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/devices/has_security_key",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"communityName": "xxxxxxxx",
"communityPublicKey": "xxxxxxxx",
"tenantTag": "xxxxxxxx",
"username": "xxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
data is ECDSA encrypted following object:
```
{
hasSecurityKey: true/false
}
```
publicKey is public key of adminapi
Invalid request
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
POST/users/user/document
Fetch document from user wallet by id and type
Returns user document.
This endpoint can be accessed by logged in user
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns user document. This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | Public Key / Try Authorize 🔒 |
Request body
Request body contains encrypted data object:
{
"type": "document_type",
"id": "document_id"
}Every property is required
| Field | Type | Description |
|---|---|---|
| type | string | — |
| id | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/document
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/document' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"type": "document_type", "id": "document_id"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/document", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"type": "document_type",
"id": "document_id"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/document",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"type": "document_type",
"id": "document_id"
},
)
print(res.json())RESPONSE
200
400
401
404
500
Success
data is ECDSA encrypted object:
```
{
"type": "type",
"id": "id",
"proofedBy": "proofedBy",
"category": "identity_document",
"doe": "12345678",
"proofs": ["array", "of", "proofs"],
"data": {}
}
```
publicKey is public key of adminapi
Invalid request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
POST/users/user/lock
Lock user.
Lock a user. A user can be locked by an administrator.
This endpoint must be accessed by Help Desk admin and Community administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
username (required)
username : string
lock_duration (required)
lock_duration : number
Returns
204 No Content This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| username | string | — |
| lock_duration | number | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/lock
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/lock' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"username": "xxxxx", "lock_duration": 30}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/lock", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"username": "xxxxx",
"lock_duration": 30
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/lock",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"username": "xxxxx",
"lock_duration": 30
},
)
print(res.json())RESPONSE
204
401
404
500
No Content
Unauthorized
Not Found
Internal Server Error
// no response body
// no response body
// no response body
// no response body
POST/users/user/login_options/fetch
Fetch login options linked to user
Fetch login options linked to user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns both the devices information linked to a user and the user's login options - user pin and typing phrases. This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
{
"user": {
"uid": "required string",
"username": "required string",
"authModuleId": "required string"
},
"community": {
"id": "required string",
"name": "required string",
"publicKey": "required string"
}
}| Field | Type | Description |
|---|---|---|
| user | object | — |
| community | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/login_options/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/login_options/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"user": {"uid": "xxxxxxxx", "username": "xxxxxxxx", "authModuleId": "xxxxxxxx"}, "community": {"id": "xxxxxxxx", "name": "xxxxxxx", "publicKey": "xxxxxxx"}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/login_options/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"user": {
"uid": "xxxxxxxx",
"username": "xxxxxxxx",
"authModuleId": "xxxxxxxx"
},
"community": {
"id": "xxxxxxxx",
"name": "xxxxxxx",
"publicKey": "xxxxxxx"
}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/login_options/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"user": {
"uid": "xxxxxxxx",
"username": "xxxxxxxx",
"authModuleId": "xxxxxxxx"
},
"community": {
"id": "xxxxxxxx",
"name": "xxxxxxx",
"publicKey": "xxxxxxx"
}
},
)
print(res.json())RESPONSE
200
401
404
500
Success
Unauthorized
Not Found
Internal Server Error
{
"list": [
{
"personId": "xxxxxxxx",
"userIdList": [
"xxxxxxxx"
],
"communityId": "xxxxxxxx",
"publicKey": "xxxxxxxx",
"poi_ial": "xxxxxxxx",
"pon_ial": "xxxxxxxx",
"updatedTS": "xxxxxxxx",
"id": "xxxxxxxx"
}
],
"devices": [
{
"uid": "xxxxxxxx",
"did": "xxxxxxxx",
"os": "xxxxxxxx",
"publickey": "xxxxxxxx",
"deviceName": "xxxxxxxx",
"authenticatorId": "xxxxxxxx",
"authenticatorVersion": "xxxxxxxx",
"authenticatorName": "xxxxxxxx",
"clientIp": "xxxxxxxx",
"userAgent": "xxxxxxxx",
"locLat": "xxxxxxxx",
"locLon": "xxxxxxxx",
"id": "xxxxx"
}
],
"is_user_pin_enrolled": true,
"is_typing_phrase_enrolled": true
}// no response body
// no response body
// no response body
POST/users/user/phoneverify/session/{sessionId}/poll
Poll UWL2.0 session for phone verification
Returns updated user object.
This endpoint can be accessed by logged in user
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Params
sessionId (required)
uuid of session
Returns
Returns array of user documents. This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| sessionIdrequired | string | sessionId for polling |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | Public Key / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/phoneverify/session/{sessionId}/poll
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/phoneverify/session/<sessionId>/poll' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/phoneverify/session/<sessionId>/poll", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/phoneverify/session/<sessionId>/poll",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
404
500
Success
data is ECDSA encrypted following array:
```
{
"authModule": "string required, ObjectId of auth module",
"username": "string required",
"type": "string optional - systemuser or basic",
"status": "string optional - active or locked or disabled",
"firstname": "string optional",
"middlename": "string optional",
"lastname": "string optional",
"email1": "string optional - valid email address",
"email1_verified": "boolean optional",
"email2": "string optional - valid email address",
"email2_verified": "boolean optional",
"phone1": "string optional - only digits",
"phone1_verified": "boolean optional",
"address": {
"house": "string optional",
"streetname": "string optional",
"city": "string optional",
"state": "string optional",
"country": "string optional",
"zip": "string optional"
},
"address_verified": "boolean optional",
"disabled": "boolean optional"
}
```
publicKey is public key of adminapi
Invalid request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
POST/users/user/profile/fetch
Fetch User profile
Fetch User own profile details.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
attributes (optional)
attributes : array
Returns
Returns the user info.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| attributes | array<object> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/profile/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/profile/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"attributes": ["firstname"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/profile/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"attributes": [
"firstname"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/profile/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"attributes": [
"firstname"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"data": "object",
"publicKey": "string"
}// no response body
// no response body
// no response body
POST/users/user/unlock
Unlock locked user.
Unlock locked user. A user maybe locked due to OTP mistakes or because he was locked by an administrator.
This endpoint must be accessed by Help Desk admin and Community administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
Returns
204 No Content This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| username | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/unlock
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/unlock' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"username": "xxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/unlock", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"username": "xxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/unlock",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"username": "xxxxx"
},
)
print(res.json())RESPONSE
204
401
404
500
No Content
Unauthorized
Not Found
Internal Server Error
// no response body
// no response body
// no response body
// no response body
POST/users/user/update_phone_numbers
Update user mobiles and landlines
Update user properties.
This endpoint must be accessed by all users to update there mobiles and landlines.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
user (required)
user : object
updatePhones (optional, object of new mobiles and landlines)
updatePhones : { mobiles: [], landlines: [] }
removePhones (optional, object of remove mobiles and landlines )
removePhones : { mobiles: [], landlines: [] }
Returns
Returns the user properties.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| otp | string | — |
| user | object | — |
| updatePhones | object | — |
| removePhones | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/update_phone_numbers
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/update_phone_numbers' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "otp": "001001", "user": {"username": "string", "uid": "string", "authModuleId": "string"}, "updatePhones": {"mobiles": ["4075156743"], "landlines": ["4075156743"]}, "removePhones": {"mobiles": ["4075156743"], "landlines": ["4075156743"]}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/update_phone_numbers", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"otp": "001001",
"user": {
"username": "string",
"uid": "string",
"authModuleId": "string"
},
"updatePhones": {
"mobiles": [
"4075156743"
],
"landlines": [
"4075156743"
]
},
"removePhones": {
"mobiles": [
"4075156743"
],
"landlines": [
"4075156743"
]
}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/update_phone_numbers",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"otp": "001001",
"user": {
"username": "string",
"uid": "string",
"authModuleId": "string"
},
"updatePhones": {
"mobiles": [
"4075156743"
],
"landlines": [
"4075156743"
]
},
"removePhones": {
"mobiles": [
"4075156743"
],
"landlines": [
"4075156743"
]
}
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"tenantId": "string",
"communityId": "string",
"user": {
"username": "string",
"uid": "string",
"authModuleId": "string"
},
"mobiles": [
"4075156743"
],
"landlines": [
"4075156743",
"5075156712"
]
}// no response body
// no response body
// no response body
POST/users/user/wallet/create
Create account owned managed wallet for user
Creates web account owned managed wallet for user with given PIN. PIN must have 8 characters either numbers or letter.
This endpoint can be accessed by logged in user
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
pin (required)
pin : string
Returns
Returns jwt_token = string (token-hash)
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| pin | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/wallet/create
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/wallet/create' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"pin": "12345678"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/wallet/create", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"pin": "12345678"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/wallet/create",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"pin": "12345678"
},
)
print(res.json())RESPONSE
201
400
401
500
Success
data is ECDSA encrypted following object:
```
{
jwt_token: "token_hash"
}
```
publicKey is public key of adminapi
Invalid request
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
POST/users/user/wallet/fetch
Fetch account owned managed wallet for user
Fetches web account owned managed wallet for user with given PIN. PIN must have 8 characters either numbers or letter.
This endpoint can be accessed by logged in user
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
pin (required)
pin : string
Returns
Returns jwt_token = string (token-hash)
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| pin | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/wallet/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/wallet/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"pin": "12345678"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/wallet/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"pin": "12345678"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/wallet/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"pin": "12345678"
},
)
print(res.json())RESPONSE
200
400
401
404
500
Success
data is ECDSA encrypted following object:
```
{
jwt_token: "token_hash"
}
```
publicKey is public key of adminapi
Invalid request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
POST/users/user/wallet/has_wallet/fetch
Check if user has web account managed wallet
Checks if user has web account managed wallet and returns object with field has_wallet = <boolean>.
This endpoint can be accessed by logged in user
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns info if user has wallet. This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/wallet/has_wallet/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/wallet/has_wallet/fetch' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/wallet/has_wallet/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/wallet/has_wallet/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
404
500
Success
data is ECDSA encrypted following object:
```
{
has_wallet: true/false
}
```
publicKey is public key of adminapi
Invalid request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
POST/users/user/wallet_recovery/method/fetch
Fetch wallet recovery method
Fetch wallet recovery method.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 60 seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
Returns
Returns the wallet recovery method. By default, "liveid_selfie" will be returned.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 60 seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/method/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/method/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/method/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/method/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"wallet_recovery_method": "xxxxxxxx"
}// no response body
// no response body
// no response body
POST/users/user/wallet_recovery/session/{sessionId}/poll
Poll UWL2.0 session for wallet recovery method verification
Returns updated user JWT object.
This endpoint can be accessed by logged in user
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Params
sessionId (required)
uuid of session
Returns
Returns updated JWT token. This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| sessionIdrequired | string | sessionId for polling |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | Public Key / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/session/{sessionId}/poll
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/session/<sessionId>/poll' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/session/<sessionId>/poll", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/session/<sessionId>/poll",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
404
500
Success
data is ECDSA encrypted following array:
```
{
"jwt_token": "string",
}
```
publicKey is public key of adminapi
Invalid request
Unauthorized
Not Found
Internal Server Error
{
"jwt_token": "xxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
PUT/users/create
/users/create
Create User.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
moduleId (required)
moduleId : string
username (required)
username : string
status (required)
status : string
disabled (optional)
disabled : boolean
role (required)
role : string
firstname (required)
firstname : string
middlename (optional)
middlename : string
lastname (required)
lastname : string
email1 (required)
email1 : string
email1_verified (optional)
email1_verified : boolean
email2 (optional)
email1 : string
email2_verified (optional)
email2_verified : boolean
phone1 (optional)
phone1 : string
phone1_verified (optional)
phone1_verified : boolean
Returns
Returns the counts of requested, created, failed, and the number of errors.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| moduleId | string | — |
| username | string | — |
| status | string | — |
| role | string | — |
| firstname | string | — |
| middlename | string | — |
| lastname | string | — |
| email1 | string | — |
| email1_verified | boolean | — |
| email2 | string | — |
| email2_verified | boolean | — |
| phone1 | string | — |
| phone1_verified | boolean | — |
| disabled | boolean | — |
| idpId | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/users/create
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/users/create' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"moduleId": "xxxxxxxxxx", "username": "xxxxxxxxxx", "status": "xxxxxx", "firstname": "xxxxxxxx", "middlename": "xxxxxxxx", "lastname": "xxxxxxxx", "email1": "xxxxx@xxxxxxxx.xxx", "email1_verified": true, "email2": "xxxxx@xxxxxxxx.xxx", "email2_verified": true, "phone1": "xxxxxxxxxx", "phone1_verified": true, "role": "xxxxx", "disabled": false, "idpId": "xxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/create", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"moduleId": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"status": "xxxxxx",
"firstname": "xxxxxxxx",
"middlename": "xxxxxxxx",
"lastname": "xxxxxxxx",
"email1": "xxxxx@xxxxxxxx.xxx",
"email1_verified": true,
"email2": "xxxxx@xxxxxxxx.xxx",
"email2_verified": true,
"phone1": "xxxxxxxxxx",
"phone1_verified": true,
"role": "xxxxx",
"disabled": false,
"idpId": "xxxxx"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/users/create",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"moduleId": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"status": "xxxxxx",
"firstname": "xxxxxxxx",
"middlename": "xxxxxxxx",
"lastname": "xxxxxxxx",
"email1": "xxxxx@xxxxxxxx.xxx",
"email1_verified": true,
"email2": "xxxxx@xxxxxxxx.xxx",
"email2_verified": true,
"phone1": "xxxxxxxxxx",
"phone1_verified": true,
"role": "xxxxx",
"disabled": false,
"idpId": "xxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"requested": "1,",
"created": "1,",
"failed": "0,",
"errors": []
}// no response body
// no response body
// no response body
PUT/users/invite
Invite User
Send invitation to the user.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
authModuleId (required)
authModuleId : string
userId (required)
userId : string
emailTo (optional) // Required when 'smsTo' attribute not provided otherwise optional
emailTo : string
smsTo (optional) // Required when 'emailTo' attribute not provided otherwise optional
smsTo : string
firstname (required)
firstname : string
lastname (required)
lastname : string
uid (required)
uid : string
templateKeyPath (required)
templateKeyPath : string
createdby (optional)
createdby : string
createdbyemail (optional)
createdbyemail : string
captchaToken (required unless a valid license is provided)
captchaToken : string
license (optional - if provided and valid, CAPTCHA is bypassed)
license : string
Returns
Returns the invited users object.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| authModuleId | string | — |
| userId | string | — |
| emailTo | string | — |
| smsTo | string | — |
| firstname | string | — |
| lastname | string | — |
| uid | string | — |
| templateKeyPath | string | — |
| createdby | string | — |
| createdbyemail | string | — |
| captchaToken | string | — |
| license | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/users/invite
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/users/invite' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "authModuleId": "string", "userId": "string", "emailTo": "string", "smsTo": "string", "firstname": "string", "lastname": "string", "uid": "string", "templateKeyPath": "string", "createdby": "string", "createdbyemail": "string", "captchaToken": "string", "license": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/invite", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"authModuleId": "string",
"userId": "string",
"emailTo": "string",
"smsTo": "string",
"firstname": "string",
"lastname": "string",
"uid": "string",
"templateKeyPath": "string",
"createdby": "string",
"createdbyemail": "string",
"captchaToken": "string",
"license": "string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/users/invite",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"authModuleId": "string",
"userId": "string",
"emailTo": "string",
"smsTo": "string",
"firstname": "string",
"lastname": "string",
"uid": "string",
"templateKeyPath": "string",
"createdby": "string",
"createdbyemail": "string",
"captchaToken": "string",
"license": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"emailResult": {
"status": true,
"statusCode": 200,
"message": "https://1k-dev.1kosmos.net/acr,",
"error": "string",
"gatewatId": "string",
"resultId": "string",
"messageId": "string",
"ts": "string"
},
"link": "string",
"code": "string"
}// no response body
// no response body
// no response body
PUT/users/user/alternate_mfa/session/create
Create UWL2.0 session for alternate MFA option
Returns session data.
This endpoint can be accessed by logged in user
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns session data. This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | Public Key / Try Authorize 🔒 |
Request body
Request body contains encrypted data object:
{
"authModuleId": "authModuleId optional",
"username" : "username optional"
}property is optional
| Field | Type | Description |
|---|---|---|
| authModuleId | string | — |
| username | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/users/user/alternate_mfa/session/create
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/users/user/alternate_mfa/session/create' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"authModuleId": "xxxxxxxxxxx", "username": "xxxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/alternate_mfa/session/create", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"authModuleId": "xxxxxxxxxxx",
"username": "xxxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/users/user/alternate_mfa/session/create",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"authModuleId": "xxxxxxxxxxx",
"username": "xxxxxxxxxxx"
},
)
print(res.json())RESPONSE
200
401
500
Success
data is ECDSA encrypted following array:
```
{
"acrUrl": "xxxxxx",
}
```
publicKey is public key of adminapi
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
PUT/users/user/phoneverify/session/create
Create UWL2.0 session for phone verification
Returns session data.
This endpoint can be accessed by logged in user
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns session data. This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | Public Key / Try Authorize 🔒 |
PUThttps://pilot-root.1kosmos.net/adminapi/users/user/phoneverify/session/create
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/users/user/phoneverify/session/create' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/phoneverify/session/create", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/users/user/phoneverify/session/create",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
401
500
Success
data is ECDSA encrypted following array:
```
{
"sessionId": "sessionId",
"sessionEnv": "sessionEnv",
"smsServiceNumber": "smsServiceNumber",
"smsTemplateB64": "smsTemplateB64",
}
```
publicKey is public key of adminapi
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
PUT/users/user/user_pin/update
Update user pin
Update user pin only for own user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns the status of updated user pin .
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| newPin | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/users/user/user_pin/update
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/users/user/user_pin/update' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"newPin": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/user_pin/update", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"newPin": "string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/users/user/user_pin/update",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"newPin": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"data": {
"status": true
}
}// no response body
// no response body
// no response body
PUT/users/user/wallet_recovery/session/create
Create UWL2.0 session for wallet recovery method
Returns session data.
This endpoint can be accessed by logged in user
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
purpose (required)
purpose : string
Returns
Returns session data. This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | Public Key / Try Authorize 🔒 |
Request body
Request body contains encrypted data object:
{
"purpose": "enroll | authenticate",
"biometricConsentAccepted": true
}purpose is required
| Field | Type | Description |
|---|---|---|
| purpose | string | — |
| biometricConsentAccepted | boolean | — |
PUThttps://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/session/create
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/session/create' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"purpose": "xxxxxxxxxxx", "biometricConsentAccepted": true}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/session/create", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"purpose": "xxxxxxxxxxx",
"biometricConsentAccepted": true
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/users/user/wallet_recovery/session/create",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"purpose": "xxxxxxxxxxx",
"biometricConsentAccepted": true
},
)
print(res.json())RESPONSE
200
401
500
Success
data is ECDSA encrypted following object:
```
{
"sessionId": "sessionId",
"sessionEnv": "sessionEnv",
"sessionUrl": "sessionUrl",
"authenticateWalletUrl": "authenticateWalletUrl",
}
```
publicKey is public key of adminapi
Unauthorized
Internal Server Error
{
"sessionId": "xxxxxxxxxxxx",
"sessionEnv": "xxxxxxxxxxx",
"sessionUrl": "xxxxxxxxxxxx",
"authenticateWalletUrl": "xxxxxxxxxxx"
}// no response body
// no response body
PATCH/users/unlink_login_options
Unlink login options
Unlink user device by user did or unlink behavior auth typing phrase or unlink user pin.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Return a success message for unlink device or typing phrase or user pin.
This API throw an error if something goes wrong.
Permissions
Administrators can unlink any device from any user within their own community. Basic users can only unlink their own device or user pin or typing phrase.\ Community Administrator or Helpdesk Administrator can delete user pin or typing phrase of basic user.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| userrequired | object | — |
| communityrequired | object | — |
| didrequired | string | — |
| unlink_user_pin | boolean | — |
| unlink_typingPhrase | boolean | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/users/unlink_login_options
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/users/unlink_login_options' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"user": {"uid": "string", "username": "string", "authModuleId": "string"}, "community": {"id": "string", "name": "string", "publicKey": "string"}, "did": "string", "unlink_user_pin": true, "unlink_typingPhrase": true}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/unlink_login_options", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"user": {
"uid": "string",
"username": "string",
"authModuleId": "string"
},
"community": {
"id": "string",
"name": "string",
"publicKey": "string"
},
"did": "string",
"unlink_user_pin": true,
"unlink_typingPhrase": true
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/users/unlink_login_options",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"user": {
"uid": "string",
"username": "string",
"authModuleId": "string"
},
"community": {
"id": "string",
"name": "string",
"publicKey": "string"
},
"did": "string",
"unlink_user_pin": true,
"unlink_typingPhrase": true
},
)
print(res.json())RESPONSE
200
401
404
500
Success
Unauthorized
Not Found
Internal Server Error
{
"message": "xxxxxxxx"
}// no response body
// no response body
// no response body
PATCH/users/unlinkuser
Unlink user device
Unlink user device by user did.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Return a success message for unlink device.
This API throw an error if something goes wrong.
Permissions
Administrators can unlink any device from any user within their own community. Basic users can only unlink their own device.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| userrequired | object | — |
| communityrequired | object | — |
| didrequired | string | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/users/unlinkuser
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/users/unlinkuser' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"user": {"uid": "string", "username": "string", "authModuleId": "string"}, "community": {"id": "string", "name": "string", "publicKey": "string"}, "did": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/unlinkuser", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"user": {
"uid": "string",
"username": "string",
"authModuleId": "string"
},
"community": {
"id": "string",
"name": "string",
"publicKey": "string"
},
"did": "string"
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/users/unlinkuser",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"user": {
"uid": "string",
"username": "string",
"authModuleId": "string"
},
"community": {
"id": "string",
"name": "string",
"publicKey": "string"
},
"did": "string"
},
)
print(res.json())RESPONSE
200
401
404
500
Success
Unauthorized
Not Found
Internal Server Error
{
"message": "xxxxxxxx"
}// no response body
// no response body
// no response body
PATCH/users/user/role/update
Update user role
Update User roles.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
+ Admin can remove middlename, email2 and phone1 fields, so for remove this fields admin should pass empty string { middlename: ""}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
username (required)
username : string
uid (required)
uid : string
disabled (optional)
disabled : boolean
oldRole (required)
oldRole : string
newRole (required)
newRole : string
Returns
Returns the updated user profile
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
| username | string | — |
| uid | string | — |
| oldRole | string | — |
| newRole | string | — |
| disabled | boolean | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/users/user/role/update
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/users/user/role/update' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx", "moduleId": "xxxxxxxxxx", "username": "xxxxxxxxxx", "uid": "xxxxxxxxxx", "oldRole": "xxxxx", "newRole": "xxxxx", "disabled": false}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/role/update", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"moduleId": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"uid": "xxxxxxxxxx",
"oldRole": "xxxxx",
"newRole": "xxxxx",
"disabled": false
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/users/user/role/update",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"moduleId": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"uid": "xxxxxxxxxx",
"oldRole": "xxxxx",
"newRole": "xxxxx",
"disabled": false
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"status": true
}// no response body
// no response body
// no response body
PATCH/users/user/update
Update user details
Update User details.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
+ Admin can remove middlename, email2 and phone1 fields, so for remove this fields admin should pass empty string { middlename: ""}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
username (required)
username : string
uid (required)
uid : string
status (optional)
status : string - active or locked or disabled
disabled (optional)
disabled : boolean
role (optional)
role : string
firstname (optional)
firstname : string
middlename (optional)
middlename : string
lastname (optional)
lastname : string
email1 (optional)
email1 : string
email1_verified (optional)
email1_verified : boolean
email2 (optional)
email1 : string
email2_verified (optional)
email2_verified : boolean
phone1 (optional)
phone1 : string
phone1_verified (optional)
phone1_verified : boolean
Returns
Returns the updated user profile
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
| username | string | — |
| uid | string | — |
| status | string | — |
| oldRole | string | — |
| newRole | string | — |
| firstname | string | — |
| middlename | string | — |
| lastname | string | — |
| email1 | string | — |
| email1_verified | boolean | — |
| email2 | string | — |
| email2_verified | boolean | — |
| phone1 | string | — |
| phone1_verified | boolean | — |
| disabled | boolean | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/users/user/update
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/users/user/update' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx", "moduleId": "xxxxxxxxxx", "username": "xxxxxxxxxx", "uid": "xxxxxxxxxx", "status": "xxxxxx", "firstname": "xxxxxxxx", "middlename": "xxxxxxxx", "lastname": "xxxxxxxx", "email1": "xxxxx@xxxxxxxx.xxx", "email1_verified": true, "email2": "xxxxx@xxxxxxxx.xxx", "email2_verified": true, "phone1": "xxxxxxxxxx", "phone1_verified": true, "oldRole": "xxxxx", "newRole": "xxxxxx", "disabled": false}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/user/update", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"moduleId": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"uid": "xxxxxxxxxx",
"status": "xxxxxx",
"firstname": "xxxxxxxx",
"middlename": "xxxxxxxx",
"lastname": "xxxxxxxx",
"email1": "xxxxx@xxxxxxxx.xxx",
"email1_verified": true,
"email2": "xxxxx@xxxxxxxx.xxx",
"email2_verified": true,
"phone1": "xxxxxxxxxx",
"phone1_verified": true,
"oldRole": "xxxxx",
"newRole": "xxxxxx",
"disabled": false
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/users/user/update",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"moduleId": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"uid": "xxxxxxxxxx",
"status": "xxxxxx",
"firstname": "xxxxxxxx",
"middlename": "xxxxxxxx",
"lastname": "xxxxxxxx",
"email1": "xxxxx@xxxxxxxx.xxx",
"email1_verified": true,
"email2": "xxxxx@xxxxxxxx.xxx",
"email2_verified": true,
"phone1": "xxxxxxxxxx",
"phone1_verified": true,
"oldRole": "xxxxx",
"newRole": "xxxxxx",
"disabled": false
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"uid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"username": "xxxxxx",
"type": "xxxxx",
"roleValue": "xxxxx",
"status": "xxxxxx",
"firstname": "xxxxxxxx",
"middlename": "xxxxxxxx",
"lastname": "xxxxxxxx",
"email1": "xxxxx@xxxxxxxx.xxx",
"email1_verified": true,
"email2": "xxxxx@xxxxxxxx.xxx",
"email2_verified": true,
"phone1": "xxxxxxxxxx",
"phone1_verified": true,
"address": {},
"address_verified": false,
"disabled": false
}// no response body
// no response body
// no response body
DELETE/users/accesscode/{code}
Delete an access code
Delete an access code.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
204 No Content This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| coderequired | string | Name of service provider item |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
DELETEhttps://pilot-root.1kosmos.net/adminapi/users/accesscode/{code}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/users/accesscode/<code>' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/users/accesscode/<code>", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/users/accesscode/<code>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
204
401
404
500
No Content
Unauthorized
Not Found
Internal Server Error
// no response body
// no response body
// no response body
// no response body
Admin API
Login Settings
Configure how communities authenticate.
GET/config/authentication/fido_settings
Fetch Fido settings for community
Fetch Fido settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/config/authentication/fido_settings
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/config/authentication/fido_settings' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/fido_settings", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/fido_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
401
500
Success
Unauthorized
Internal Server Error
{
"fido_disabled": "false",
"fido_platform_authenticator_disabled": "false",
"fido_security_key_disabled": "false"
}// no response body
// no response body
GET/config/authentication/first_time_enrollment_settings
Fetch first time enrollment settings
Fetch first time enrollment settings.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/config/authentication/first_time_enrollment_settings
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/config/authentication/first_time_enrollment_settings' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/first_time_enrollment_settings", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/first_time_enrollment_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"first_time_login_enrollment": false,
"allowed_factors": []
}// no response body
// no response body
// no response body
GET/config/authentication/liveid_selfie_settings
Get LiveID Selfie login settings for community
Get LiveID Selfie login settings for community.
This endpoint must be accessed by an administrator.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/config/authentication/liveid_selfie_settings
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/config/authentication/liveid_selfie_settings' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/liveid_selfie_settings", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/liveid_selfie_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"liveid_selfie_enabled": false
}{
"message": "This field should not be empty"
}// no response body
// no response body
GET/config/authentication/mfa_settings
Get Multi-Factor Authentication settings for community
Get Multi-Factor Authentication settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/config/authentication/mfa_settings
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/config/authentication/mfa_settings' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/mfa_settings", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/mfa_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
401
500
Success
Unauthorized
Internal Server Error
{
"show_otp_email": "boolean,",
"show_otp_phone": "boolean,",
"show_otp_voice": "boolean,",
"show_otp_hardware": "boolean,",
"otp_prompt_text": "string,",
"accountLockEnabled": "boolean,",
"otpMaxAttempts": "number,",
"lockDurationMinutes": "number,",
"onespan_domain": "string,",
"onespan_url": "string",
"self_enroll_phone_allowed": "boolean"
}// no response body
// no response body
GET/config/authentication/orion_settings
Fetch Orion settings for community
Fetch Orion settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/config/authentication/orion_settings
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/config/authentication/orion_settings' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/orion_settings", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/orion_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
401
500
Success
Unauthorized
Internal Server Error
{
"orion_authenticator_enabled": true,
"orion_authenticator_wait_time_ms": 1500
}// no response body
// no response body
GET/config/authentication/password_reset
Get password reset Authentication settings for community
Get password reset Authentication settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/config/authentication/password_reset
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/config/authentication/password_reset' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/password_reset", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/password_reset",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
401
500
Success
Unauthorized
Internal Server Error
{
"default_input_method": "string",
"adminx_via_email_enabled": true,
"adminx_require_otp": true,
"mobile_enabled": true,
"sspr": {
"enabled": true,
"via_idproofing": {
"enabled": true
},
"dvcId": "string",
"user_profile_api": {
"enabled": true,
"provider": "string",
"api": {
"url": "string",
"type": "string",
"auth": "string",
"credential": {
"username": "string",
"password": "string",
"token": "string"
}
},
"transformationB64": "string"
}
}
}// no response body
// no response body
GET/config/authentication/pwdless_settings/{dns}/{communityName}
Fetch pwdless setting auth info
Fetch pwdless setting auth info.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Path parameters
| Name | Type | Description |
|---|---|---|
| dnsrequired | string | DNS Name (string) |
| communityNamerequired | string | communityName (string) |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/config/authentication/pwdless_settings/{dns}/{communityName}
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/config/authentication/pwdless_settings/xxxxxxxxxx/xxxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/pwdless_settings/xxxxxxxxxx/xxxxxxxxxx", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/pwdless_settings/xxxxxxxxxx/xxxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"primaryMethod": "Fingerprint",
"secondaryMethod": "Pin",
"selfOnBoard": true,
"selfOnBoardFromUserProfile": true,
"accountsPerPerson": 5,
"personsPerAccount": 1,
"personLimitRule": "cleanup",
"passwordless_disabled": true,
"qr_disabled": true,
"push_disabled": "true",
"push_number_challenge_enabled": true,
"defaultMethods": "Fingerprint"
}{
"message": "This field should not be empty"
}// no response body
// no response body
GET/config/authentication/windows_mfa_settings
Get Multi-Factor Windows Authentication settings for community
Get Multi-Factor Authentication settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing Windows MFA settings config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/config/authentication/windows_mfa_settings
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/config/authentication/windows_mfa_settings' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/windows_mfa_settings", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/windows_mfa_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
401
500
Success
Unauthorized
Internal Server Error
{
"allowed_enrollments": {
"behavior_auth": true,
"user_pin": true
},
"enableFallbackAuth": true,
"maxAuthAttemptsBeforeFallback": 4
}// no response body
// no response body
POST/config/authentication/sspr/execute_transformation_script
Test the transformation
Test the provided transformation script with given config.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
username: "string required"
}| Field | Type | Description |
|---|---|---|
| username | string | optional |
POSThttps://pilot-root.1kosmos.net/adminapi/config/authentication/sspr/execute_transformation_script
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/config/authentication/sspr/execute_transformation_script' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"username": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/sspr/execute_transformation_script", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"username": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/sspr/execute_transformation_script",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"username": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"firstname": "xxxxx",
"lastname": "xxxxxxxxxxxx",
"dob": "xxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/authentication/fido_settings
Set Fido settings for community
Set Fido settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data, and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
fido_disabled: "boolean required",
fido_platform_authenticator_disabled: "boolean required"
fido_security_key_disabled: "boolean required"
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| fido_disabled | boolean | — |
| fido_platform_authenticator_disabled | boolean | — |
| fido_security_key_disabled | boolean | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/authentication/fido_settings
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/authentication/fido_settings' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxx", "fido_disabled": "false", "fido_platform_authenticator_disabled": "false", "fido_security_key_disabled": "false"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/fido_settings", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxx",
"fido_disabled": "false",
"fido_platform_authenticator_disabled": "false",
"fido_security_key_disabled": "false"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/fido_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxx",
"fido_disabled": "false",
"fido_platform_authenticator_disabled": "false",
"fido_security_key_disabled": "false"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"fido_disabled": "false",
"fido_platform_authenticator_disabled": "false",
"fido_security_key_disabled": "false"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/authentication/first_time_enrollment_settings
Set first time enrollment settings for community
Set first time enrollment settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
first_time_login_enrollment: "boolean"
allowed_factors: []
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| first_time_login_enrollment | boolean | — |
| allowed_factors | array<object> | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/authentication/first_time_enrollment_settings
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/authentication/first_time_enrollment_settings' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "first_time_login_enrollment": true, "allowed_factors": ["mobile", "landline", "smartphone"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/first_time_enrollment_settings", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"first_time_login_enrollment": true,
"allowed_factors": [
"mobile",
"landline",
"smartphone"
]
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/first_time_enrollment_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"first_time_login_enrollment": true,
"allowed_factors": [
"mobile",
"landline",
"smartphone"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"first_time_login_enrollment": true,
"allowed_factors": [
"mobile",
"landline",
"smartphone"
]
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/authentication/liveid_selfie_settings
Set LiveID Selfie login settings for community
Set LiveID Selfie login settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data, and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
liveid_selfie_enabled: "boolean required"
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| liveid_selfie_enabled | boolean | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/authentication/liveid_selfie_settings
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/authentication/liveid_selfie_settings' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxx", "liveid_selfie_enabled": false}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/liveid_selfie_settings", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxx",
"liveid_selfie_enabled": false
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/liveid_selfie_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxx",
"liveid_selfie_enabled": false
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"liveid_selfie_enabled": false
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/authentication/mfa_settings
Set Multi-Factor Authentication settings for community
Set Multi-Factor Authentication settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data, and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
show_otp_email: "boolean required",
show_otp_phone: "boolean required"
show_otp_voice: "boolean required"
show_otp_hardware: "boolean required"
otp_prompt_text: "string required"
accountLockEnabled: true,
otpMaxAttempts: 2,
lockDurationMinutes: 60
onespan_domain: "string required"
onespan_url: "string required",
self_enroll_phone_allowed: "boolean required"
sync_window_for_first_usage: "number required"
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| show_otp_email | boolean | — |
| show_otp_phone | boolean | — |
| show_otp_voice | boolean | — |
| show_otp_hardware | boolean | — |
| otp_prompt_text | string | — |
| accountLockEnabled | boolean | — |
| otpMaxAttempts | number | — |
| lockDurationMinutes | number | — |
| onespan_domain | string | — |
| onespan_url | string | — |
| self_enroll_phone_allowed | string | — |
| sync_window_for_first_usage | number | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/authentication/mfa_settings
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/authentication/mfa_settings' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "show_otp_email": true, "show_otp_phone": true, "show_otp_voice": true, "show_otp_hardware": true, "otp_prompt_text": "string", "accountLockEnabled": true, "otpMaxAttempts": 2, "lockDurationMinutes": 60, "onespan_domain": "string", "onespan_url": "string", "self_enroll_phone_allowed": false, "sync_window_for_first_usage": 60000}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/mfa_settings", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"show_otp_email": true,
"show_otp_phone": true,
"show_otp_voice": true,
"show_otp_hardware": true,
"otp_prompt_text": "string",
"accountLockEnabled": true,
"otpMaxAttempts": 2,
"lockDurationMinutes": 60,
"onespan_domain": "string",
"onespan_url": "string",
"self_enroll_phone_allowed": false,
"sync_window_for_first_usage": 60000
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/mfa_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"show_otp_email": true,
"show_otp_phone": true,
"show_otp_voice": true,
"show_otp_hardware": true,
"otp_prompt_text": "string",
"accountLockEnabled": true,
"otpMaxAttempts": 2,
"lockDurationMinutes": 60,
"onespan_domain": "string",
"onespan_url": "string",
"self_enroll_phone_allowed": false,
"sync_window_for_first_usage": 60000
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"show_otp_email": true,
"show_otp_phone": true
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/authentication/orion_settings
Set Orion settings for community
Set Orion settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data, and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
orion_authenticator_enabled: "boolean required",
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| orion_authenticator_enabled | boolean | — |
| orion_authenticator_wait_time_ms | number | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/authentication/orion_settings
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/authentication/orion_settings' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "5f3d8d0cd866fa61019cf968", "communityId": "5f3d8d0cd866fa61019cf969", "orion_authenticator_enabled": true, "orion_authenticator_wait_time_ms": 1500}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/orion_settings", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "5f3d8d0cd866fa61019cf968",
"communityId": "5f3d8d0cd866fa61019cf969",
"orion_authenticator_enabled": true,
"orion_authenticator_wait_time_ms": 1500
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/orion_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "5f3d8d0cd866fa61019cf968",
"communityId": "5f3d8d0cd866fa61019cf969",
"orion_authenticator_enabled": true,
"orion_authenticator_wait_time_ms": 1500
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"orion_authenticator_enabled": true,
"orion_authenticator_wait_time_ms": 1500
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/authentication/password_reset
Set Password reset settings for community
Set Password reset Authentication settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data, and you will get unecrypted data as well, it is only a preview available in Swagger
{
default_input_method: "string required"
tenantId: "string required",
communityId: "string required",
adminx_via_email_enabled: boolean,
adminx_require_otp: boolean,
mobile_enabled: boolean,
sspr: object optional
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| default_input_method | string | — |
| adminx_via_email_enabled | boolean | — |
| adminx_require_otp | boolean | — |
| mobile_enabled | boolean | — |
| sspr | object | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/authentication/password_reset
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/authentication/password_reset' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "default_input_method": "string", "adminx_via_email_enabled": true, "adminx_require_otp": true, "mobile_enabled": true, "sspr": {"enabled": true, "via_idproofing": {}, "otp": "string optional", "dvcId": "string", "user_profile_api": {"enabled": true, "provider": "string", "api": {"url": "string", "type": "string", "auth": "string", "credential": {"username": "string", "password": "string", "token": "string"}}, "transformationB64": "string"}}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/password_reset", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"default_input_method": "string",
"adminx_via_email_enabled": true,
"adminx_require_otp": true,
"mobile_enabled": true,
"sspr": {
"enabled": true,
"via_idproofing": {},
"otp": "string optional",
"dvcId": "string",
"user_profile_api": {
"enabled": true,
"provider": "string",
"api": {
"url": "string",
"type": "string",
"auth": "string",
"credential": {
"username": "string",
"password": "string",
"token": "string"
}
},
"transformationB64": "string"
}
}
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/password_reset",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"default_input_method": "string",
"adminx_via_email_enabled": true,
"adminx_require_otp": true,
"mobile_enabled": true,
"sspr": {
"enabled": true,
"via_idproofing": {},
"otp": "string optional",
"dvcId": "string",
"user_profile_api": {
"enabled": true,
"provider": "string",
"api": {
"url": "string",
"type": "string",
"auth": "string",
"credential": {
"username": "string",
"password": "string",
"token": "string"
}
},
"transformationB64": "string"
}
}
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"tenantId": "string",
"communityId": "string",
"default_input_method": "string",
"adminx_via_email_enabled": true,
"adminx_require_otp": true,
"mobile_enabled": true,
"sspr": {
"enabled": true,
"via_idproofing": {},
"dvcId": "string",
"user_profile_api": {
"enabled": true,
"provider": "string",
"api": {
"url": "string",
"type": "string",
"auth": "string"
},
"transformationB64": "string"
}
}
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/authentication/pwdless_settings
Set pwdless settings for community
Set pwdless settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
primaryMethod: "string required, default Fingerprint",
secondaryMethod: "string",
selfOnBoard: "boolean required"
selfOnBoardFromUserProfile: "boolean required"
accountsPerPerson : "number required",
personsPerAccount : "number required",
personLimitRule : "string required",
passwordless_disabled : "boolean required",
qr_disabled : "boolean required",
push_disabled : "boolean required",
push_number_challenge_enabled : "boolean optional",
dns : "string required",
communityName : "string required"
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| primaryMethod | string | — |
| secondaryMethod | string | — |
| selfOnBoard | boolean | — |
| selfOnBoardFromUserProfile | boolean | — |
| accountsPerPerson | number | — |
| personsPerAccount | number | — |
| personLimitRule | string | — |
| passwordless_disabled | boolean | — |
| qr_disabled | boolean | — |
| push_disabled | boolean | — |
| dns | string | — |
| communityName | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/authentication/pwdless_settings
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/authentication/pwdless_settings' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "primaryMethod": "Fingerprint", "secondaryMethod": "Pin", "selfOnBoard": true, "selfOnBoardFromUserProfile": true, "accountsPerPerson": 5, "personsPerAccount": 1, "personLimitRule": "cleanup", "passwordless_disabled": true, "qr_disabled": true, "push_disabled": true, "dns": "string", "communityName": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/pwdless_settings", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"primaryMethod": "Fingerprint",
"secondaryMethod": "Pin",
"selfOnBoard": true,
"selfOnBoardFromUserProfile": true,
"accountsPerPerson": 5,
"personsPerAccount": 1,
"personLimitRule": "cleanup",
"passwordless_disabled": true,
"qr_disabled": true,
"push_disabled": true,
"dns": "string",
"communityName": "string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/pwdless_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"primaryMethod": "Fingerprint",
"secondaryMethod": "Pin",
"selfOnBoard": true,
"selfOnBoardFromUserProfile": true,
"accountsPerPerson": 5,
"personsPerAccount": 1,
"personLimitRule": "cleanup",
"passwordless_disabled": true,
"qr_disabled": true,
"push_disabled": true,
"dns": "string",
"communityName": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"primaryMethod": "Fingerprint",
"secondaryMethod": "Pin",
"accountsPerPerson": 5,
"personsPerAccount": 1,
"personLimitRule": "cleanup",
"passwordless_disabled": true,
"qr_disabled": true,
"push_disabled": true,
"fido_disabled": true,
"fido_security_key_disabled": true,
"fido_platform_authenticator_disabled": true
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/authentication/windows_mfa_settings
Set Multi-Factor Windows Authentication settings for community
Set Multi-Factor Windows Authentication settings for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing Windows MFA settings config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data, and you will get unencrypted data as well, it is only a preview available in Swagger
{
allowed_enrollments: {
behavior_auth: boolean required,
user_pin: boolean required
},
enableFallbackAuth: boolean optional,
maxAuthAttemptsBeforeFallback: number optional
}| Field | Type | Description |
|---|---|---|
| allowed_enrollments | object | — |
| enableFallbackAuth | boolean | — |
| maxAuthAttemptsBeforeFallback | number | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/authentication/windows_mfa_settings
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/authentication/windows_mfa_settings' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"allowed_enrollments": {"behavior_auth": true, "user_pin": true}, "enableFallbackAuth": true, "maxAuthAttemptsBeforeFallback": 4}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/authentication/windows_mfa_settings", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"allowed_enrollments": {
"behavior_auth": true,
"user_pin": true
},
"enableFallbackAuth": true,
"maxAuthAttemptsBeforeFallback": 4
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/authentication/windows_mfa_settings",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"allowed_enrollments": {
"behavior_auth": true,
"user_pin": true
},
"enableFallbackAuth": true,
"maxAuthAttemptsBeforeFallback": 4
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"allowed_enrollments": {
"behavior_auth": true,
"user_pin": true
},
"enableFallbackAuth": true,
"maxAuthAttemptsBeforeFallback": 4
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Authenticate
Server-side authentication operations.
GET/logout
Logout current user
Logout currently logged in user user and remove session
This endpoint can be called only by logged in user.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Status NO_CONTENT
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/logout
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/logout' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/logout", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/logout",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
204
400
401
500
Successfully logged out<br /><br />
Invalid request
Unauthorized
Internal Server Error
// no response body
// no response body
// no response body
// no response body
GET/tenant/{tenantId}/community/{communityId}/request_access_with_kerberos
Authenticate with kerberos
authenticate user with kerberos.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
Negotiate {ktoken}
x-jwt-token (optional, for reauthentication)
Bearer {ktoken}
Returns
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| tenantIdrequired | string | Tenant Id |
| communityIdrequired | string | Community Id |
Query parameters
| Name | Type | Description |
|---|---|---|
| reauthentication | string | boolean indicating whether this is a reauthentication attempt (should also include x-jwt-token header if true) |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/tenant/{tenantId}/community/{communityId}/request_access_with_kerberos
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/tenant/<tenantId>/community/<communityId>/request_access_with_kerberos?reauthentication=<reauthentication>' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/tenant/<tenantId>/community/<communityId>/request_access_with_kerberos?reauthentication=<reauthentication>", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/tenant/<tenantId>/community/<communityId>/request_access_with_kerberos?reauthentication=<reauthentication>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT"
}
)
print(res.json())RESPONSE
400
401
500
Invalid request
Unauthorized optionally with Authorization Negotiate header
Internal Server Error
// no response body
// no response body
// no response body
POST/authenticate
/authenticate
Authenticate user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
user_token (required), encrypted user object
user_token : string
passcode (required)
passcode : string
aliasUsed (optinal)
aliasUsed: string
Returns
Returns the authentication information.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| user_token | string | — |
| passcode | string | — |
| aliasUsed | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/authenticate
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/authenticate' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "user_token": "string", "passcode": "string", "aliasUsed": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authenticate", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"user_token": "string",
"passcode": "string",
"aliasUsed": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/authenticate",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"tenantId": "string",
"communityId": "string",
"user_token": "string",
"passcode": "string",
"aliasUsed": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"user": "object",
"pon_data": "object",
"jwt_token": "string"
}// no response body
// no response body
// no response body
POST/authenticate_via_push
Send push notification
authenticate user via push notification.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
username (optional)
username : string
user_token (optional)
user_token : string
sessionUrl (required)
sessionUrl : string
Returns
Returns the push notification info.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| username | string | — |
| user_token | string | — |
| sessionUrl | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/authenticate_via_push
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/authenticate_via_push' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "username": "string optional", "user_token": "string optional", "sessionUrl": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authenticate_via_push", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"username": "string optional",
"user_token": "string optional",
"sessionUrl": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/authenticate_via_push",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"tenantId": "string",
"communityId": "string",
"username": "string optional",
"user_token": "string optional",
"sessionUrl": "string"
},
)
print(res.json())RESPONSE
200
400
401
429
500
Success
Invalid request
Unauthorized
Too Many Requests. User has exceeded the push notification rate limit.
Response includes retryAfterSeconds in the response body.
Internal Server Error
{
"code": "200",
"message": "SUCCESS",
"data": "",
"sessionStatus": null
}// no response body
// no response body
// no response body
// no response body
POST/oidc/sso
/oidc/sso
Oidc SSO.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
OIDCRequest (required)
OIDCRequest
Returns
Returns information to perform OIDC SSO.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| OIDCRequest | string | — |
| acr | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/oidc/sso
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/oidc/sso' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"OIDCRequest": "string", "acr": "string optional"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/oidc/sso", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"OIDCRequest": "string",
"acr": "string optional"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/oidc/sso",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"OIDCRequest": "string",
"acr": "string optional"
},
)
print(res.json())RESPONSE
200
400
401
420
500
Success
Invalid request
Unauthorized
Service Provider claims could not be fulfilled
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
POST/saml/idp-init/{serviceProviderId}
/saml/idp-init/{serviceProviderId}
IDP-Initiated SAML SSO.
Generates a SAML assertion without a prior SAMLRequest (unsolicited response).
The service provider must be of type saml with saml_config.idpInitiated: true.
<b>:: Note for website ::</b>
+ No request body required, service provider ID is passed as a path parameter.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns ECDSA encrypted object with SAMLResponse, relayState, and SP info for IDP-initiated SSO.
This API throws an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| serviceProviderIdrequired | string | The ID of the SAML service provider (must have saml_config.idpInitiated = true) |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/saml/idp-init/{serviceProviderId}
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/saml/idp-init/<serviceProviderId>' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/saml/idp-init/<serviceProviderId>", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/saml/idp-init/<serviceProviderId>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
403
404
500
Success
Returns ECDSA encrypted object:
```
{
"SAMLResponse": "base64 string",
"relayState": "string (optional)",
"sp": {
"assertionConsumerServiceURL": "string - url",
"assertionMethod": "string - post or get"
}
}
```
Invalid request or no SAML SP found for IDP-initiated SSO
Unauthorized
IDP-initiated SSO is not enabled for this service provider
Service provider not found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
// no response body
POST/saml/sso
/saml/sso
Saml SSO.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
SAMLRequest (required)
SAMLRequest
Returns
Returns information to perform SAML SSO.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| SAMLRequest | string | — |
| Signature | string | — |
| SigAlg | string | — |
| RelayState | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/saml/sso
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/saml/sso' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"SAMLRequest": "string", "Signature": "string optional", "SigAlg": "string optional", "RelayState": "string optional"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/saml/sso", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"SAMLRequest": "string",
"Signature": "string optional",
"SigAlg": "string optional",
"RelayState": "string optional"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/saml/sso",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"SAMLRequest": "string",
"Signature": "string optional",
"SigAlg": "string optional",
"RelayState": "string optional"
},
)
print(res.json())RESPONSE
200
400
401
420
500
Success
Invalid request
Unauthorized
Service Provider claims could not be fulfilled
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
POST/verifyuser
/verifyuser
Verify user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
username (required)
username : string
password (optional)
password : string
otp (optional)
otp : string
Returns
Returns the user info, user_token and next. (password)
Or the user info, pon_data and jwt token. (otp)
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key |
| authorization | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| username | string | — |
| password | string | — |
| otp | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/verifyuser
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/verifyuser' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "username": "string", "password": "string optional", "otp": "string optional"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/verifyuser", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"username": "string",
"password": "string optional",
"otp": "string optional"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/verifyuser",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"username": "string",
"password": "string optional",
"otp": "string optional"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"user": "object",
"pon_data": "object",
"user_token": "string",
"jwt_token": "string",
"next": "otp"
}// no response body
// no response body
// no response body
POST/wsfed/sso
/wsfed/sso
wsfed SSO.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
wtrealm (required)
wtrealm : string
wreply (optional)
wreply : string
wctx (optional)
wctx : string
Returns
Returns information to perform WSFED SSO.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| wtrealm | string | — |
| wa | string | — |
| wreply | string | — |
| wctx | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/wsfed/sso
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/wsfed/sso' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"wtrealm": "string required", "wa": "string required", "wreply": "string optional", "wctx": "string optional"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/wsfed/sso", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"wtrealm": "string required",
"wa": "string required",
"wreply": "string optional",
"wctx": "string optional"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/wsfed/sso",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"wtrealm": "string required",
"wa": "string required",
"wreply": "string optional",
"wctx": "string optional"
},
)
print(res.json())RESPONSE
200
400
401
420
500
Success
Invalid request
Unauthorized
Service Provider claims could not be fulfilled
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
PUT/authenticate/otp
/authenticate/otp
Create OTP for user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
communityId (required)
communityId : string
tenantId (required)
tenantId : string
user_token (required)
user_token : string
deliveryMethod (required)
deliveryMethod : string
Returns
Returns the Adminconsole response (reencrypted).
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| communityId | string | — |
| tenantId | string | — |
| user_token | string | — |
| jwt_token | string | — |
| deliveryMethod | string | — |
| isResetPassword | boolean | — |
| destination | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/authenticate/otp
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/authenticate/otp' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"communityId": "string", "tenantId": "string", "user_token": "string", "jwt_token": "string", "deliveryMethod": "string", "isResetPassword": "true/false - optional", "destination": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authenticate/otp", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"communityId": "string",
"tenantId": "string",
"user_token": "string",
"jwt_token": "string",
"deliveryMethod": "string",
"isResetPassword": "true/false - optional",
"destination": "string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/authenticate/otp",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"communityId": "string",
"tenantId": "string",
"user_token": "string",
"jwt_token": "string",
"deliveryMethod": "string",
"isResetPassword": "true/false - optional",
"destination": "string"
},
)
print(res.json())RESPONSE
200
400
401
429
500
Success.<br /><br />
Returns reencrypted response from Adminconsole.
Invalid request
Unauthorized
Too Many Requests. User has exceeded the OTP rate limit.
Response includes retryAfterSeconds in the response body.
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
PUT/generate/otp
/generate/otp
Create OTP for user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
communityId (required)
communityId : string
tenantId (required)
tenantId : string
user_token (required)
user_token : string
deliveryMethod (required)
deliveryMethod : string
Returns
Returns the Adminconsole response (reencrypted).
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| communityId | string | — |
| tenantId | string | — |
| user_token | string | — |
| jwt_token | string | — |
| deliveryMethod | string | — |
| isResetPassword | boolean | — |
| destination | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/generate/otp
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/generate/otp' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"communityId": "string", "tenantId": "string", "user_token": "string", "jwt_token": "string", "deliveryMethod": "string", "isResetPassword": "true/false - optional", "destination": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/generate/otp", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"communityId": "string",
"tenantId": "string",
"user_token": "string",
"jwt_token": "string",
"deliveryMethod": "string",
"isResetPassword": "true/false - optional",
"destination": "string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/generate/otp",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"communityId": "string",
"tenantId": "string",
"user_token": "string",
"jwt_token": "string",
"deliveryMethod": "string",
"isResetPassword": "true/false - optional",
"destination": "string"
},
)
print(res.json())RESPONSE
200
400
401
429
500
Success.<br /><br />
Returns reencrypted response from Adminconsole.
Invalid request
Unauthorized
Too Many Requests. User has exceeded the OTP rate limit.
Response includes retryAfterSeconds in the response body.
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
Admin API
Hardware tokens
Hardware tokens endpoints.
POST/hardwaretokens/fetch
Fetch all the Hardware tokens.
To list all the hardware tokens
This endpoint must be accessed by an administrator
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Request Body
### pSize (optional) pSize : number
### pIndex (optional) pIndex : number
### query (optional) query : object
### returnAssignedUserCount (optional) returnAssignedUserCount : boolean
### returnActivityStatus (optional) returnActivityStatus : boolean
Returns
- returns list of tokens in paginated structure
- Throws an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| pSize | number | — |
| pIndex | number | — |
| query | object | — |
| returnAssignedUserCount | boolean | — |
| returnActivityStatus | boolean | — |
POSThttps://pilot-root.1kosmos.net/adminapi/hardwaretokens/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/hardwaretokens/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"pIndex": 0, "pSize": 25, "query": {"serialNumbers": ["sr001", "/sr002/"]}, "returnAssignedUserCount": true, "returnActivityStatus": true}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwaretokens/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"pIndex": 0,
"pSize": 25,
"query": {
"serialNumbers": [
"sr001",
"/sr002/"
]
},
"returnAssignedUserCount": true,
"returnActivityStatus": true
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/hardwaretokens/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"pIndex": 0,
"pSize": 25,
"query": {
"serialNumbers": [
"sr001",
"/sr002/"
]
},
"returnAssignedUserCount": true,
"returnActivityStatus": true
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "object",
"publicKey": "string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/hardwaretokens/import_csv
Upload hardware tokens CSV file
To upload a list of Hardware Tokens via a CSV file.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string), and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns a success message or an error response
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/hardwaretokens/import_csv
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/hardwaretokens/import_csv' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwaretokens/import_csv", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/hardwaretokens/import_csv",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": {},
"publicKey": "string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/hardwaretokens/resync
Re-sync Hardware token.
To re-sync a token by using 3 sequential OTP values with Serial Number
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ The default request body is: {data: ecdsa_string}
Headers
requestid (required)
A JSON string encrypted with ECDSA, containing:
- "appid" (string)
- "uuid" (string)
- "ts" (number): epoch timestamp in seconds
The timestamp must be within the range defined by 'environment.allowed_time_span'.
publickey (required)
Public key
authorization (required)
JWT token
Request Body
code1 (required)
code1: string
code2 (required)
code2: string
code3 (required)
code3: string
serialNumber (required)
serialNumber: string
Returns
- Returns success of failure response
- Throws an error if the request fails.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | A JSON string encrypted with ECDSA containing "appid", "uuid", and "ts" (epoch timestamp in seconds). The timestamp must be within 'environment.allowed_time_span'. / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| code1 | string | — |
| code2 | string | — |
| code3 | string | — |
| serialNumber | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/hardwaretokens/resync
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/hardwaretokens/resync' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"code1": "string", "code2": "string", "code3": "string", "serialNumber": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwaretokens/resync", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"code1": "string",
"code2": "string",
"code3": "string",
"serialNumber": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/hardwaretokens/resync",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"code1": "string",
"code2": "string",
"code3": "string",
"serialNumber": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "object",
"publicKey": "string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/hardwaretokens/usertokens/fetch
Fetch all the Users or Tokens assigned
To List all users or tokens assigned to hardware tokens or users.
This endpoint must be accessed by an administrator
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Request Body
### pSize (optional) pSize : number
### pIndex (optional) pIndex : number
### query (optional) query : object
Returns
- returns success of failure response
- Throws an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| pSize | number | — |
| pIndex | number | — |
| query | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"pIndex": 0, "pSize": 25, "query": {"username": "string", "serialNumber": "string"}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"pIndex": 0,
"pSize": 25,
"query": {
"username": "string",
"serialNumber": "string"
}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"pIndex": 0,
"pSize": 25,
"query": {
"username": "string",
"serialNumber": "string"
}
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "object",
"publicKey": "string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/hardwaretokens/usertokens/import_csv
Upload CSV file to assign users to tokens
Upload a list of user-token assignments using a CSV file.
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string), and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Returns a success message or an error response
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/import_csv
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/import_csv' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/import_csv", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/import_csv",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": {},
"publicKey": "string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/hardwaretokens/tokens
Create Hardware tokens from CSV text.
To create a list of hardware tokens from CSV text
This endpoint must be accessed by an administrator
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Request Body
### csv_text (required) csv_text : string
Returns
- returns success of failure response
- Throws an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| csv_text | object | — |
PUThttps://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"csv_text": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"csv_text": "string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"csv_text": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "object",
"publicKey": "string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/hardwaretokens/usertokens
Assign users to tokens
Assign a list of users to tokens.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ The default request body is: {data: ecdsa_string}
Headers
requestid (required)
A JSON string encrypted with ECDSA, containing:
- "appid" (string)
- "uuid" (string)
- "ts" (number): epoch timestamp in seconds
The timestamp must be within the range defined by 'environment.allowed_time_span'.
publickey (required)
Public key
authorization (required)
JWT token
Request Body
list (required)
An array of user-token mappings.
Returns
- Returns success of failure response
- Throws an error if the request fails.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | A JSON string encrypted with ECDSA containing "appid", "uuid", and "ts" (epoch timestamp in seconds). The timestamp must be within 'environment.allowed_time_span'. / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| list | array<object> | — |
PUThttps://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"list": [{"username": "string", "serialNumber": "string"}]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"list": [
{
"username": "string",
"serialNumber": "string"
}
]
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"list": [
{
"username": "string",
"serialNumber": "string"
}
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "object",
"publicKey": "string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/hardwaretokens/usertokens/csv_text
Assign users to tokens from CSV text.
Assign users to tokens from a valid CSV text
This endpoint must be accessed by an administrator
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Request Body
### csv_text (required) csv_text : string
Returns
- returns success of failure response
- Throws an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| csv_text | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/csv_text
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/csv_text' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"csv_text": "serialNumber,username\nsn00001,elamaran"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/csv_text", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"csv_text": "serialNumber,username\nsn00001,elamaran"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens/csv_text",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"csv_text": "serialNumber,username\nsn00001,elamaran"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "object",
"publicKey": "string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PATCH/hardwaretokens/tokens/{id}
Edit Hardware tokens.
To edit hardware token's seed and counter
This endpoint must be accessed by an administrator
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
### id (required) id
Request Body
### seed (optional) seed : string
### counter (optional) counter : number
Returns
- returns success of failure response
- returns bad request if none of the attributes provided
- Throws an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | The Id of hardware token |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| seed | string | — |
| counter | number | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens/{id}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens/<id>' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"seed": "string", "counter": 0}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens/<id>", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"seed": "string",
"counter": 0
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens/<id>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"seed": "string",
"counter": 0
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "object",
"publicKey": "string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
DELETE/hardwaretokens/tokens
Delete Hardware tokens.
To delete a list of hardware tokens by serial number
This endpoint must be accessed by an administrator
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Request Body
### serialNumbers (required) serialNumbers : array
Returns
- returns success of failure response
- Throws an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| serialNumbers | array<object> | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"serialNumbers": ["sr001", "sr002"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"serialNumbers": [
"sr001",
"sr002"
]
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/hardwaretokens/tokens",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"serialNumbers": [
"sr001",
"sr002"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"deletedCount": 1
}{
"message": "This field should not be empty"
}// no response body
// no response body
DELETE/hardwaretokens/usertokens
Unassign users from the tokens
Unassign a list of users from tokens.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ The default request body is: {data: ecdsa_string}
Headers
requestid (required)
A JSON string encrypted with ECDSA, containing:
- "appid" (string)
- "uuid" (string)
- "ts" (number): epoch timestamp in seconds
The timestamp must be within the range defined by 'environment.allowed_time_span'.
publickey (required)
Public key
authorization (required)
JWT token
Request Body
list (required)
An array of user-token mappings.
Returns
- Returns success of failure response.
- Throws an error if the request fails.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | A JSON string encrypted with ECDSA containing "appid", "uuid", and "ts" (epoch timestamp in seconds). The timestamp must be within 'environment.allowed_time_span'. / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| list | array<object> | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"list": [{"username": "string", "serialNumber": "string"}]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"list": [
{
"username": "string",
"serialNumber": "string"
}
]
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/hardwaretokens/usertokens",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"list": [
{
"username": "string",
"serialNumber": "string"
}
]
},
)
print(res.json())RESPONSE
204
400
401
500
No contnent
Validation data error
Unauthorized
Internal Server Error
// no response body
{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Community SAML
Community SAML endpoints.
GET/community/{communityName}/idp/{idpIdentifier}/metadata
/community/{communityName}/idp/{idpIdentifier}/metadata
Fetch IDP metadata.
Query
download (optional)
download : boolean
Returns
Returns 200 OK and xml metadata
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityNamerequired | string | Community Name |
| idpIdentifierrequired | string | Unique identifier of idp |
Query parameters
| Name | Type | Description |
|---|---|---|
| download | boolean | Flag - if set to true, api will produce content disposition header |
GEThttps://pilot-root.1kosmos.net/adminapi/community/{communityName}/idp/{idpIdentifier}/metadata
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/community/<communityName>/idp/<idpIdentifier>/metadata?download=<download>' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/community/<communityName>/idp/<idpIdentifier>/metadata?download=<download>", {
method: "GET",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/community/<communityName>/idp/<idpIdentifier>/metadata?download=<download>",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
200
400
401
404
500
Success
Bad Request
Unauthorized
Not Found
Internal Server Error
// no response body
// no response body
// no response body
// no response body
// no response body
GET/community/{communityName}/saml/acs
/community/{communityName}/saml/acs
Redirect to Admin UI SSO page.
Query
SAMLResponse (required)
SAMLRequest : string
RelayState (optional)
RelayState : string
Returns
Returns 302 Found and Location header.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityNamerequired | string | Community Name |
Query parameters
| Name | Type | Description |
|---|---|---|
| SAMLResponse | string | SAMLResponse |
| RelayState | string | RelayState |
GEThttps://pilot-root.1kosmos.net/adminapi/community/{communityName}/saml/acs
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/community/<communityName>/saml/acs?SAMLResponse=<SAMLResponse>&RelayState=<RelayState>' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/community/<communityName>/saml/acs?SAMLResponse=<SAMLResponse>&RelayState=<RelayState>", {
method: "GET",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/community/<communityName>/saml/acs?SAMLResponse=<SAMLResponse>&RelayState=<RelayState>",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
302
400
500
Success, but UI cannot display it properly (you will get 404 Not Found or CORS problems). You need to inspect Network in developer tools.
Bad Request
Internal Server Error
// no response body
// no response body
// no response body
GET/community/{communityName}/slo
/community/{communityName}/slo
Redirect to Admin UI SLO page.
Returns
Returns 302 Found and Location header.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityNamerequired | string | Community Name |
GEThttps://pilot-root.1kosmos.net/adminapi/community/{communityName}/slo
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/community/<communityName>/slo' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/community/<communityName>/slo", {
method: "GET",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/community/<communityName>/slo",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
302
Success, but UI cannot display it properly (you will get 404 Not Found or CORS problems). You need to inspect Network in developer tools.
// no response body
GET/community/{communityName}/sso
/community/{communityName}/sso
Redirect to Admin UI SSO page.
Query
SAMLRequest (required)
SAMLRequest : string
RelayState (optional)
RelayState : string
ForceAuthn (optional)
ForceAuthn : boolean
SigAlg (optional)
SigAlg : string
Signature (optional)
Signature : string
Returns
Returns 302 Found and Location header.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityNamerequired | string | Community Name |
Query parameters
| Name | Type | Description |
|---|---|---|
| SAMLRequest | string | SAMLRequest |
| RelayState | string | RelayState |
| ForceAuthn | string | ForceAuthn |
| SigAlg | string | SigAlg |
| Signature | string | Signature |
GEThttps://pilot-root.1kosmos.net/adminapi/community/{communityName}/sso
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/community/<communityName>/sso?SAMLRequest=<SAMLRequest>&RelayState=<RelayState>&ForceAuthn=<ForceAuthn>&SigAlg=<SigAlg>&Signature=<Signature>' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/community/<communityName>/sso?SAMLRequest=<SAMLRequest>&RelayState=<RelayState>&ForceAuthn=<ForceAuthn>&SigAlg=<SigAlg>&Signature=<Signature>", {
method: "GET",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/community/<communityName>/sso?SAMLRequest=<SAMLRequest>&RelayState=<RelayState>&ForceAuthn=<ForceAuthn>&SigAlg=<SigAlg>&Signature=<Signature>",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
302
400
500
Success, but UI cannot display it properly (you will get 404 Not Found or CORS problems). You need to inspect Network in developer tools.
Bad Request
Internal Server Error
// no response body
// no response body
// no response body
GET/community/{communityName}/wsfed
/community/{communityName}/wsfed
Redirect to Admin UI WSFED SSO page.
Query
wtrealm (required)
wtrealm : string
wa (required)
wa : string
whr (optional)
whr : string
wfresh (optional)
wfresh : string
wctx (optional)
wctx : string
Returns
Returns 302 Found and Location header.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityNamerequired | string | Community Name |
Query parameters
| Name | Type | Description |
|---|---|---|
| wtrealmrequired | string | wtrealm |
| warequired | string | wa |
| whr | string | wa |
| wfresh | string | wfresh |
| wctx | string | wfresh |
GEThttps://pilot-root.1kosmos.net/adminapi/community/{communityName}/wsfed
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/community/<communityName>/wsfed?wtrealm=<wtrealm>&wa=<wa>&whr=<whr>&wfresh=<wfresh>&wctx=<wctx>' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/community/<communityName>/wsfed?wtrealm=<wtrealm>&wa=<wa>&whr=<whr>&wfresh=<wfresh>&wctx=<wctx>", {
method: "GET",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/community/<communityName>/wsfed?wtrealm=<wtrealm>&wa=<wa>&whr=<whr>&wfresh=<wfresh>&wctx=<wctx>",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
302
400
500
Success, but UI cannot display it properly (you will get 404 Not Found or CORS problems). You need to inspect Network in developer tools.
Bad Request
Internal Server Error
// no response body
// no response body
// no response body
POST/community/{communityName}/idp/{idpIdentifier}/metadata
/community/{communityName}/idp/{idpIdentifier}/metadata
Fetch IDP metadata.
Query
download (optional)
download : boolean
Returns
Returns 200 OK and xml metadata
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityNamerequired | string | Community Name |
| idpIdentifierrequired | string | Unique identifier of idp |
Query parameters
| Name | Type | Description |
|---|---|---|
| download | boolean | Flag - if set to true, api will produce content disposition header |
POSThttps://pilot-root.1kosmos.net/adminapi/community/{communityName}/idp/{idpIdentifier}/metadata
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/community/<communityName>/idp/<idpIdentifier>/metadata?download=<download>' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/community/<communityName>/idp/<idpIdentifier>/metadata?download=<download>", {
method: "POST",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/community/<communityName>/idp/<idpIdentifier>/metadata?download=<download>",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
200
400
401
404
500
Success
Bad Request
Unauthorized
Not Found
Internal Server Error
// no response body
// no response body
// no response body
// no response body
// no response body
POST/community/{communityName}/saml/acs
/community/{communityName}/saml/acs
Redirect to RelayState or AdminUI login page (if no RelayState present).
Request Body
SAMLResponse (required)
SAMLResponse : string
RelayState (optional)
RelayState : string
Returns
Returns 302 Found and Location header.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityNamerequired | string | Community Name |
Request body
| Field | Type | Description |
|---|---|---|
| SAMLResponse | string | — |
| RelayState | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/community/{communityName}/saml/acs
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/community/<communityName>/saml/acs' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'x-jwt-token: YOUR_JWT' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"SAMLResponse": "SAMLResponse", "RelayState": "RelayState"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/community/<communityName>/saml/acs", {
method: "POST",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"SAMLResponse": "SAMLResponse",
"RelayState": "RelayState"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/community/<communityName>/saml/acs",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
},
json={
"SAMLResponse": "SAMLResponse",
"RelayState": "RelayState"
},
)
print(res.json())RESPONSE
302
400
500
Success, but UI cannot display it properly (you will get 404 Not Found or CORS problems). You need to inspect Network in developer tools.
Bad Request
Internal Server Error
// no response body
// no response body
// no response body
POST/community/{communityName}/slo
/community/{communityName}/slo
Redirect to Admin UI SLO page.
Returns
Returns 302 Foud and Location header.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityNamerequired | string | Community Name |
POSThttps://pilot-root.1kosmos.net/adminapi/community/{communityName}/slo
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/community/<communityName>/slo' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'x-jwt-token: YOUR_JWT' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/community/<communityName>/slo", {
method: "POST",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/community/<communityName>/slo",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
},
json={},
)
print(res.json())RESPONSE
302
Success, but UI cannot display it properly (you will get 404 Not Found or CORS problems). You need to inspect Network in developer tools.
// no response body
POST/community/{communityName}/sso
/community/{communityName}/sso
Redirect to Admin UI SSO page.
Request Body
SAMLRequest (required)
SAMLRequest : string
RelayState (optional)
RelayState : string
ForceAuthn (optional)
ForceAuthn : boolean
Query
RelayState (optional)
RelayState : string
ForceAuthn (optional)
ForceAuthn : boolean
Returns
Returns 302 Found and Location header.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityNamerequired | string | Community Name |
Query parameters
| Name | Type | Description |
|---|---|---|
| RelayState | string | RelayState |
| ForceAuthn | string | ForceAuthn |
Request body
| Field | Type | Description |
|---|---|---|
| SAMLRequest | string | — |
| RelayState | string | — |
| ForceAuthn | boolean | — |
POSThttps://pilot-root.1kosmos.net/adminapi/community/{communityName}/sso
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/community/<communityName>/sso?RelayState=<RelayState>&ForceAuthn=<ForceAuthn>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'x-jwt-token: YOUR_JWT' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"SAMLRequest": "SAMLRequest", "RelayState": "RelayState", "ForceAuthn": false}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/community/<communityName>/sso?RelayState=<RelayState>&ForceAuthn=<ForceAuthn>", {
method: "POST",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"SAMLRequest": "SAMLRequest",
"RelayState": "RelayState",
"ForceAuthn": false
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/community/<communityName>/sso?RelayState=<RelayState>&ForceAuthn=<ForceAuthn>",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
},
json={
"SAMLRequest": "SAMLRequest",
"RelayState": "RelayState",
"ForceAuthn": false
},
)
print(res.json())RESPONSE
302
400
500
Success, but UI cannot display it properly (you will get 404 Not Found or CORS problems). You need to inspect Network in developer tools.
Bad Request
Internal Server Error
// no response body
// no response body
// no response body
POST/community/{communityName}/wsfed
/community/{communityName}/wsfed
Redirect to Admin UI WSFED SSO page.
Request Body
wtrealm (required)
wtrealm : string
wa (required)
wa : string
whr (optional)
whr : string
wfresh (optional)
wfresh : string
wctx (optional)
wctx : string
Returns
Returns 302 Found and Location header.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityNamerequired | string | Community Name |
Request body
| Field | Type | Description |
|---|---|---|
| wtrealm | string | — |
| wa | string | — |
| whr | string | — |
| wfresh | number | — |
| wctx | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/community/{communityName}/wsfed
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/community/<communityName>/wsfed' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'x-jwt-token: YOUR_JWT' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"wtrealm": "urn:wsfed-app", "wa": "wsignin1.0", "whr": "whr", "wfresh": 0, "wctx": "some context"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/community/<communityName>/wsfed", {
method: "POST",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"wtrealm": "urn:wsfed-app",
"wa": "wsignin1.0",
"whr": "whr",
"wfresh": 0,
"wctx": "some context"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/community/<communityName>/wsfed",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
},
json={
"wtrealm": "urn:wsfed-app",
"wa": "wsignin1.0",
"whr": "whr",
"wfresh": 0,
"wctx": "some context"
},
)
print(res.json())RESPONSE
302
400
500
Success, but UI cannot display it properly (you will get 404 Not Found or CORS problems). You need to inspect Network in developer tools.
Bad Request
Internal Server Error
// no response body
// no response body
// no response body
Admin API
Reports
Pull usage, audit and activity reports.
POST/reports/audit_log
Fetch Audit log Report
This endpont should return events where eventCategory = 'AUDIT_LOG'
It is access by an tenant/community administrator.
AUDIT_LOG events
<b> E_BROKER_DISCONNECTED, E_DIRECTORY_ADDED, E_DIRECTORY_MODIFIED, E_DIRECTORY_REMOVED, E_DIRECTORY_BROKER_ENABLED, E_DIRECTORY_BROKER_DISABLED, E_DIRECTORY_BROKER_DELETED, E_DIRECTORY_BROKER_MODIFIED, E_DIRECTORY_ATTRIBUTE_ADDED, E_DIRECTORY_ATTRIBUTE_MODIFIED, E_DIRECTORY_ATTRIBUTE_DELETED, E_DIRECTORY_ADVANCED_CONFIGURATION_MODIFIED, E_IDP_CONFIGURATION_MODIFIED, E_ROLE_CHANGED, E_SP_CREATED, E_SP_MODIFIED, E_SP_DELETED, E_PREFERREDSTORES_MODIFIED, E_BRANDING_MODIFIED, E_ADAPTIVEAUTH_MODIFIED,
</b>
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response give list of events where eventCategory = 'AUDIT_LOG'
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Success
The publicKey of WebServer API used in decrypting
Request body contains *data* field with encrypted object below:
ALL fields below except tenantId and communityId are optional:
{
"tenantId": "string",
"communityId": "string",
"pSize": "integer, default is 10",
"pIndex": "integer, default is 0",
"from": "string with date in format YYYY-MM-DD HH:mm:ss.SSS, should be from now to (now - 90 days), default is now - 30 days",
"to": "string with date in format YYYY-MM-DD HH:mm:ss.SSS, default is now",
"user_id": "string",
"download": {
"notificationList": ["array of emails"]
}
}"download" parameter is optional, if provided notificationList also should be provided
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| pSize | number | — |
| pIndex | number | — |
| from | string | — |
| to | string | — |
| user_id | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/reports/audit_log
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/reports/audit_log' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx", "pSize": 10, "pIndex": 0, "from": "2021-09-01 00:00:00.000", "to": "2021-09-28 00:00:00.000", "user_id": "username"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/reports/audit_log", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"pSize": 10,
"pIndex": 0,
"from": "2021-09-01 00:00:00.000",
"to": "2021-09-28 00:00:00.000",
"user_id": "username"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/reports/audit_log",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"pSize": 10,
"pIndex": 0,
"from": "2021-09-01 00:00:00.000",
"to": "2021-09-28 00:00:00.000",
"user_id": "username"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"page": {
"pSize": 10,
"pIndex": 0,
"total": 100
},
"data": [
"auditLogEvents": [
{ audit_log_event_1 },
{ audit_log_event_1 },
...
{ audit_log_event_100 }
]
]
}
```
If you send "download" parameter, then only jobId will be returned:
```
{
"jobId": "123-456-789-0000"
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxx/xxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/reports/download/jobs
Fetch download jobs
Fetch download jobs.
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response give list of download jobs
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Success
The publicKey of WebServer API used in decrypting
Request body contains *data* field with encrypted object below:
ALL fields below are optional:
{
"sort": [
{
"field": "field",
"order": "desc/asc"
}
],
"pSize": 10,
"pIndex": 0
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| sort | array<object> | — |
| pSize | number | — |
| pIndex | number | — |
POSThttps://pilot-root.1kosmos.net/adminapi/reports/download/jobs
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/reports/download/jobs' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"sort": [{"field": "status", "order": "desc"}], "pSize": 10, "pIndex": 0}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/reports/download/jobs", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"sort": [
{
"field": "status",
"order": "desc"
}
],
"pSize": 10,
"pIndex": 0
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/reports/download/jobs",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"sort": [
{
"field": "status",
"order": "desc"
}
],
"pSize": 10,
"pIndex": 0
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"page": {
"pSize": 10,
"pIndex": 0,
"total": 100,
"sort": [
{
"field": "field",
"order": "desc/asc"
}
],
},
"data": [
{
"jobId": "18518ebc-9820-4b3d-b5f7-e99eae7ba108",
"createdAt": 1677528772342,
"completedAt": 1677528772342/undefined,
"status": "Pending",
"requestedBy": "email",
"sendNotificationTo": ["email@email.com"],
"size": 1234
"downloadLink": "https://<dns>/downloads/reports/tenant/<tid1>/community/<cid1>/job/<jid>/report.csv"
}
]
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/reports/events
Fetch Events
Get Reports Raw Events.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response give list of events and pagination info
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Success
The publicKey of WebServer API used in decrypting
Request body contains *data* field with encrypted object below:
ALL fields below except tenantId and communityId are optional:
{
"tenantId": "string",
"communityId": "string",
"pSize": "integer, default is 10",
"pIndex": "integer, default is 0",
"from": "string with date in format YYYY-MM-DD HH:mm:ss.SSS, should be from now to (now - 90 days), default is now - 30 days",
"to": "string with date in format YYYY-MM-DD HH:mm:ss.SSS, default is now",
"user_id": "string",
"eventName": "string",
"outcome": "string"
"broker_id": "string",
"download": {
"notificationList": ["array", "of", "emails"]
}
}"download" parameter is optional, if provided notificationList also should be provided
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| pSize | number | — |
| pIndex | number | — |
| from | string | — |
| to | string | — |
| user_id | string | — |
| eventName | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/reports/events
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/reports/events' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx", "pSize": 10, "pIndex": 0, "from": "2021-09-01 00:00:00.000", "to": "2021-09-28 00:00:00.000", "user_id": "username", "eventName": "E_LOGIN_SUCCEEDED"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/reports/events", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"pSize": 10,
"pIndex": 0,
"from": "2021-09-01 00:00:00.000",
"to": "2021-09-28 00:00:00.000",
"user_id": "username",
"eventName": "E_LOGIN_SUCCEEDED"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/reports/events",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"pSize": 10,
"pIndex": 0,
"from": "2021-09-01 00:00:00.000",
"to": "2021-09-28 00:00:00.000",
"user_id": "username",
"eventName": "E_LOGIN_SUCCEEDED"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"page": {
"pSize": 10,
"pIndex": 0,
"total": 3
},
"data": [
{
...allFieldsFromElasticEvent
},
{
...allFieldsFromElasticEvent
},
{
...allFieldsFromElasticEvent
}
]
}
```
If you send "download" parameter, then only jobId will be returned:
```
{
"jobId": "123-456-789-0000"
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxx/xxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/reports/hardwaretokens_export
Export token data
Exports token data based on the provided query and requested report type.
The type can be either "hardware_tokens" or "user_hardwaretokens".
This endpoint must be accessed by a user with the appropriate permissions to export data.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT access token
Request body
### reports_type (required) reports_type : string
### query (optional) query : object
### download (required) download : object
Returns
Returns a Job ID created for the export request.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA. Should contain "appid" (string), "uuid" (string), and "ts" (number). The timestamp must be within 'environment.allowed_time_span' seconds from the current time. / Try Authorize 🔐 |
| publickeyrequired | string | Public Key / Try Authorize 🔐 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔐 |
Request body
JSON object containing the report type, query, and download notification list.
| Field | Type | Description |
|---|---|---|
| reports_type | string | — |
| query | object | — |
| download | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/reports/hardwaretokens_export
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/reports/hardwaretokens_export' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"reports_type": "hardware_tokens | user_hardwaretokens", "query": {"serialNumbers": ["sr001", "/sr002/"]}, "download": {"notificationList": ["email1@1kosmos.com"]}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/reports/hardwaretokens_export", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"reports_type": "hardware_tokens | user_hardwaretokens",
"query": {
"serialNumbers": [
"sr001",
"/sr002/"
]
},
"download": {
"notificationList": [
"email1@1kosmos.com"
]
}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/reports/hardwaretokens_export",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"reports_type": "hardware_tokens | user_hardwaretokens",
"query": {
"serialNumbers": [
"sr001",
"/sr002/"
]
},
"download": {
"notificationList": [
"email1@1kosmos.com"
]
}
},
)
print(res.json())RESPONSE
200
400
401
500
Success. The `publicKey` of the WebServer API is used for decryption.<br /><br />
The response contains an encrypted `data` field:
```
{
"jobId": "123-456-789-0000"
}
```
⚠️ Note: You can send unencrypted data and receive unencrypted data as well. This is only for preview in Swagger.
Validation error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxx/xxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/reports/login_activity
Fetch Login Activity Report
Fetch list of E_SP_REDIRECT_SUCCEEDED events and their respective 1 E_LOGIN_SUCCEEDED event for each unique session_id from SP redirects.
If this endpoint is called by basic user, only that user's events will be returned. If it is called by an administrator, then he tenantId, communityId and user_id filters are applied. This endpoint must be accessed by logged in user
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response give list of E_SP_REDIRECT_SUCCEEDED and E_LOGIN_SUCCEEDED events
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Success
The publicKey of WebServer API used in decrypting
Request body contains *data* field with encrypted object below:
ALL fields below except tenantId and communityId are optional:
{
"tenantId": "string",
"communityId": "string",
"pSize": "integer, default is 10",
"pIndex": "integer, default is 0",
"from": "string with date in format YYYY-MM-DD HH:mm:ss.SSS, should be from now to (now - 90 days), default is now - 30 days",
"to": "string with date in format YYYY-MM-DD HH:mm:ss.SSS, default is now",
"user_id": "string",
"auth_method": "otp | qr etc.",
"application": "gsuite"
"download": {
"notificationList": ["array", "of", "emails"]
}
}"download" parameter is optional, if provided notificationList also should be provided
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| pSize | number | — |
| pIndex | number | — |
| from | string | — |
| to | string | — |
| user_id | string | — |
| auth_method | string | — |
| application | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/reports/login_activity
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/reports/login_activity' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx", "pSize": 10, "pIndex": 0, "from": "2021-09-01 00:00:00.000", "to": "2021-09-28 00:00:00.000", "user_id": "username", "auth_method": "otp", "application": "gsuite"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/reports/login_activity", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"pSize": 10,
"pIndex": 0,
"from": "2021-09-01 00:00:00.000",
"to": "2021-09-28 00:00:00.000",
"user_id": "username",
"auth_method": "otp",
"application": "gsuite"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/reports/login_activity",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"pSize": 10,
"pIndex": 0,
"from": "2021-09-01 00:00:00.000",
"to": "2021-09-28 00:00:00.000",
"user_id": "username",
"auth_method": "otp",
"application": "gsuite"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"page": {
"pSize": 10,
"pIndex": 0,
"total": 100
},
"data": [
"activityEvents": [ sp_redirect_event_1, sp_redirect_event_2, ...sp_redirect_event_100 ],
"loginEvents": {
session_id_1: { e_login_succeeded_event_1 },
session_id_2: { e_login_succeeded_event_2 },
...
session_id_100: { e_login_succeeded_event_100 }
}
]
}
```
If you send "download" parameter, then only jobId will be returned:
```
{
"jobId": "123-456-789-0000"
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxx/xxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/reports/metrics
Fetch metrics
Get metrics.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response give count or list of metrics for each day/hour from date range
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Success
The publicKey of WebServer API used in decrypting
Request body contains *data* field with encrypted object below:
ALL fields below except tenantId and communityId are optional:
{
"tenantId": "string",
"communityId": "string",
"from": "string with date in format YYYY-MM-DD HH:mm:ss.SSS, should be from now to (now - 90 days), default is now - 30 days",
"to": "string with date in format YYYY-MM-DD HH:mm:ss.SSS, default is now, can be equal to from, then you will get hourly metrics",
"metricsName": "string, one of: M_C_ACTIVE_USER, M_C_LOGIN_FAILED, M_C_LOGINS, M_C_NEW_DEVICES, M_G_APPLICATION_USAGE, M_G_LOGIN_FAILED, M_GT_SUCCESSFUL_AUTHENTICATIONS or M_T_NEW_DEVICES",
"responseTimezone": "UTC - string optional" ,
"download":{
"requestBy": "string, email (required)",
"notificationList": [ "string, email (required, 1-5 emails)" ],
"eventData": {
"tenant_dns": "string (required)",
"user_id": "string (required)"
}
}
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| from | string | — |
| to | string | — |
| metricsName | string | — |
| responseTimezone | string | — |
| download | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/reports/metrics
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/reports/metrics' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx", "from": "2021-09-01 00:00:00.000", "to": "2021-09-28 00:00:00.000", "metricsName": "M_C_ACTIVE_USER", "responseTimezone": "UTC - string optional", "download": {"requestBy": "test@email.com", "notificationList": ["https://1k-dev.1kosmos.net"], "eventData": {"tenant_dns": "https://1k-dev.1kosmos.net", "user_id": "test_user"}}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/reports/metrics", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"from": "2021-09-01 00:00:00.000",
"to": "2021-09-28 00:00:00.000",
"metricsName": "M_C_ACTIVE_USER",
"responseTimezone": "UTC - string optional",
"download": {
"requestBy": "test@email.com",
"notificationList": [
"https://1k-dev.1kosmos.net"
],
"eventData": {
"tenant_dns": "https://1k-dev.1kosmos.net",
"user_id": "test_user"
}
}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/reports/metrics",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"from": "2021-09-01 00:00:00.000",
"to": "2021-09-28 00:00:00.000",
"metricsName": "M_C_ACTIVE_USER",
"responseTimezone": "UTC - string optional",
"download": {
"requestBy": "test@email.com",
"notificationList": [
"https://1k-dev.1kosmos.net"
],
"eventData": {
"tenant_dns": "https://1k-dev.1kosmos.net",
"user_id": "test_user"
}
}
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
// for metricsName starting with M_C_, response is object with count:
{
"count": "number"
}
// for metricsName not starting with M_C_, response is object with count:
[
{
...data
},
...moreObjects
]
// for requests with download object present, response will contain a job id:
{
"jobId": "2345612"
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxx/xxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/reports/role_assignment
Request role_assignment download job
Request role_assignment download job.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response give list of events and pagination info
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Success
The publicKey of WebServer API used in decrypting
Request body contains *data* field with encrypted object below:
ALL fields below except tenantId and communityId are optional:
{
"tenantId": "string",
"communityId": "string",
"roleIds": ["234", "46576", "34565"],
"download": {
"notificationList": ["array", "of", "emails"]
}
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| roleIds | array<object> | — |
| download | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/reports/role_assignment
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/reports/role_assignment' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx", "roleIds": ["34545", "232", "3545"], "download": {"notificationList": ["email1@1kosmos.com"]}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/reports/role_assignment", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"roleIds": [
"34545",
"232",
"3545"
],
"download": {
"notificationList": [
"email1@1kosmos.com"
]
}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/reports/role_assignment",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"roleIds": [
"34545",
"232",
"3545"
],
"download": {
"notificationList": [
"email1@1kosmos.com"
]
}
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"page": {
"pSize": 10,
"pIndex": 0,
"total": 3
},
"data": [
{
...allFieldsFromElasticEvent
},
{
...allFieldsFromElasticEvent
},
{
...allFieldsFromElasticEvent
}
]
}
```
If you send "download" parameter, then only jobId will be returned:
```
{
"jobId": "123-456-789-0000"
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"jobId": "2343-5657-8787-4543"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/reports/userenrollment
Last login report
Get Last Login Report.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response give list of events and pagination info
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Success
The publicKey of WebServer API used in decrypting
Request body contains *data* field with encrypted object below:
ALL fields below except tenantId and communityId are optional:
{
"tenantId": "string",
"communityId": "string",
"pSize": "integer, default is 10",
"pIndex": "integer, default is 0",
"moduleId": "string",
"query": {}
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
| pSize | number | — |
| pIndex | number | — |
| query | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/reports/userenrollment
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/reports/userenrollment' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx", "moduleId": "xxxxxxxxxx", "pSize": 10, "pIndex": 0, "query": {}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/reports/userenrollment", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"moduleId": "xxxxxxxxxx",
"pSize": 10,
"pIndex": 0,
"query": {}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/reports/userenrollment",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"moduleId": "xxxxxxxxxx",
"pSize": 10,
"pIndex": 0,
"query": {}
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"page": {
"pSize": 10,
"pIndex": 0,
"total": 3
},
"data": [
{
"username": "abc",
"status": "active",
"email": "abc@email.com",
"lastLoginTime": "2023-06-12 14:03:59.450",
},
{
"username": "test",
"status": "disabled",
"email": "test@email.com",
"lastLoginTime": "2023-06-12 14:03:59.450",
},
]
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxx/xxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/reports/event
Store Event
Store one event to Reports.
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
Returns
Response gives status OK if everything is ok
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
Success
The publicKey of WebServer API used in decrypting
Request body contains *data* field with encrypted object below:
ALL fields below except tenantId and communityId are optional:
{
"tenantId": "strin - required",
"communityId": "string - required",
"eventData": {
"type": "string - required",
"eventName": "E_LOGIN_VISITED",
"event_id": "string - required",
"caller_user_agent": "string - required",
"version": "string - required",
"event_ts": "number - optional",
"redirect_from": "string - optional",
},
"serverEventData": {
"caller_ip": "boolean - optional", // if true, will use IP detected by server and will overwrite caller_ip from eventData if provided
"event_ts": "boolean - optional" // if true, will generate event_ts in miliseconds and will overwrite event_ts from eventData if provided
}
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| eventData | object | — |
| serverEventData | object | — |
PUThttps://pilot-root.1kosmos.net/adminapi/reports/event
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/reports/event' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxx", "communityId": "xxxxxxx", "eventData": {"type": "event", "eventName": "E_LOGIN_VISITED", "event_id": "xxxxxxxx", "browser_agent": "xxxxxxxx", "was_redirected": false, "version": "xxxxxxxx"}, "serverEventData": {"remote_address": true, "event_ts": true}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/reports/event", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxx",
"communityId": "xxxxxxx",
"eventData": {
"type": "event",
"eventName": "E_LOGIN_VISITED",
"event_id": "xxxxxxxx",
"browser_agent": "xxxxxxxx",
"was_redirected": false,
"version": "xxxxxxxx"
},
"serverEventData": {
"remote_address": true,
"event_ts": true
}
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/reports/event",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"tenantId": "xxxxxxx",
"communityId": "xxxxxxx",
"eventData": {
"type": "event",
"eventName": "E_LOGIN_VISITED",
"event_id": "xxxxxxxx",
"browser_agent": "xxxxxxxx",
"was_redirected": false,
"version": "xxxxxxxx"
},
"serverEventData": {
"remote_address": true,
"event_ts": true
}
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
// no response body
{
"message": "This field should not be empty"
}// no response body
// no response body
PATCH/reports/download/jobs/{jobId}
Cancel download job
Cancel download job.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
204 No Content
Path parameters
| Name | Type | Description |
|---|---|---|
| jobIdrequired | string | id of job to cancel |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
PATCHhttps://pilot-root.1kosmos.net/adminapi/reports/download/jobs/{jobId}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/reports/download/jobs/xxxxxxxxxxxxxxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/reports/download/jobs/xxxxxxxxxxxxxxxxxxxxx", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/reports/download/jobs/xxxxxxxxxxxxxxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
204
401
404
500
No Content
Unauthorized
Job not found
Internal Server Error
// no response body
// no response body
// no response body
// no response body
Admin API
Service Providers
Service Providers endpoints.
GET/serviceprovider/idp-initiated
Fetch IDP-Initiated Apps
Fetch all SAML service providers that have IDP-initiated login enabled (saml_config.idpInitiated: true).
This endpoint is accessible to all authenticated users (no admin-only authorization check).
Used by the "My Apps" tab in the user profile to display apps available for IDP-initiated SSO.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns ECDSA encrypted array of IDP-initiated service providers
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/serviceprovider/idp-initiated
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/serviceprovider/idp-initiated' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/serviceprovider/idp-initiated", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/serviceprovider/idp-initiated",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
401
500
Success
Returns ECDSA encrypted array of IDP-initiated apps:
```
[
{
"_id": "6070951e8dfc7f29228126c9",
"name": "App Name",
"logo": "string or null",
"type": "saml",
"idpInitiated": true
}
]
```
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
GET/serviceprovider/{id}
Get Service Provider by ID
Get Service Provider by ID.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Parameters
id (required)
Id of MongoDB object
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns ECDSA encoded service provider object
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | Id of service provider |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/serviceprovider/{id}
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/serviceprovider/xxxxxxxxxxxxxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/serviceprovider/xxxxxxxxxxxxxxxxxxxx", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/serviceprovider/xxxxxxxxxxxxxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
403
404
Success
publicKey is publicKey of Adminapi API, useful for decryption response
data is ECDSA encrypted object represents service provider:
```
{
"_id": "6070951e8dfc7f29228126c9",
"name": "Service provider's name",
"environment": "Environment name",
"logo": "string" // only if type = oidc
"type": "saml/oidc",
"saml_config": {{ // only if type = saml
"_id": "6070951e8dfc7f29228126ca",
"accessUrl": "http://google.com",
"entityId": "http://google.com",
"assertionMethod": "post",
"assertionConsumerServiceURL": "http://google.com",
"logoutRequestSignRequired": true,
"logoutResponseSignRequired": true,
"authRequestSignRequired": true,
"assertionSignRequired": true,
"signingCert": "signingCert optional",
"signingAlgo": "http://www.w3.org/2000/09/xmldsig#rsa-sha256",
"encryptAssertion": true,
"encryptionCert": "encryptionCert optional",
"encryptionAlgorithm": "http://www.w3.org/2001/04/xmlenc#aes128-gcm",
"keyTransportAlgorithm": "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p",
"idpInitiated": false,
"relayState": "",
"nameid": {
"_id": "6070951e8dfc7f29228126cb",
"format": "emailAddress",
"value": "one of session_scope",
"attribute_type": "session/ledger/identity"
},
"attributes": [
{
"_id": "6070951e8dfc7f29228126cc",
"uuid": "string",
"claim_name": "string",
"attribute_name": "string",
"attribute_type": "session",
"value_type": "static",
"value": "value"
}
],
"metadata": "<note>\\n<to>T</to>\\n<from>F</from>\\n<heading>R</heading>\\n<body>DF</body>\\n</note>"
},
"oidc_config": { ...oidc_config } //object only if type = oidc
"communityId": "community",
"logo": "logo",
"__v": 0
}
```
Validation path error
Unauthorized
Forbidden
Not Found
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
// no response body
POST/serviceprovider/fetch
Fetch Service Providers
Fetch service providers.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns ECDSA encrypted array of service providers
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/serviceprovider/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/serviceprovider/fetch' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/serviceprovider/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/serviceprovider/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
POST/serviceprovider/publicinfo/fetch
Get Service Provider public info by SAML request or OIDC request
Get Service Provider public info by SAML request or OIDC request.
This endpoint is open.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (optional)
JWT
Returns
Returns ECDSA encoded service provider object
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorization | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
"tenantId": "string required",
"communityId": "string required",
// For searching by SAML request, put this field only:
"SAMLRequest": "SAMLRequest"
// For searching by OIDC request, put this field only:
"OIDCRequest": "OIDCRequest"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well,it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| SAMLRequest | string | — |
| OIDCRequest | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/serviceprovider/publicinfo/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/serviceprovider/publicinfo/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "SAMLRequest": "string", "OIDCRequest": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/serviceprovider/publicinfo/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"SAMLRequest": "string",
"OIDCRequest": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/serviceprovider/publicinfo/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"SAMLRequest": "string",
"OIDCRequest": "string"
},
)
print(res.json())RESPONSE
200
400
401
403
404
Success
publicKey is publicKey of Adminapi, useful for decryption response
data is ECDSA encrypted object represents service provider:
```
{
"_id": "Service provider id",
"name": "Service provider's name",
"logo": "logo",
"attributes": [ // ONLY FOR SAML
{
"_id": "6070951e8dfc7f29228126cc",
"uuid": "string",
"claim_name": "string",
"attribute_name": "string",
"attribute_type": "session",
"value_type": "static",
"value": "value"
}
],
"entityId": "xxxxx (only for SAML)",
"scope": [ // ONLY FOR OIDC
"profile",
"email",
"openid"
],
"requestedAuthnContext": {
"class": "IAL1"
}
}
```
Validation path error
Unauthorized
Forbidden
Not Found
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
// no response body
PUT/serviceprovider
Create Service Provider
Create Service Provider.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing service provider config
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
name: "string required",
environment: "string optional (default: empty string)",
logo: "string optional - allowed for type = oidc or saml, can be empty string"
type: "string required",
saml_config: "object - required only if type = saml":
{
idpInitiated: "boolean optional (default: false) - enables IDP-initiated SSO for this SP",
accessUrl: "string required",
entityId: "string required",
assertionMethod: "string required",
assertionConsumerServiceURL: "string required",
logoutRequestSignRequired: "boolean required",
logoutResponseSignRequired: "boolean required",
authRequestSignRequired: "boolean required",
assertionSignRequired: "boolean required",
signingCert: "string optional",
signingAlgo: "string optional (default: RSA_SHA256). Valid: RSA_SHA1, RSA_SHA256",
encryptAssertion: "boolean optional",
encryptionCert: "string optional",
encryptionAlgorithm: "string optional",
keyTransportAlgorithm: "string optional",
nameid: "object required":
{
format: "string required",
value: "string required",
attribute_type: "string required - session, ledger or identity"
},
relayState: "string optional (default: empty string) - URL where user is redirected after IDP-initiated login",
attributes: [
{
claim_name: "string required",
attribute_name: "string required",
attribute_type: "string required - session, ledger or identity",
value_type: "string optional - static or null or default",
value: "can be anything: object, string, bool, array, number, etc - optional if value_type === null"
}
],
metadata: "string optional" // XML string by 'escape('XML string')' javascript function
},
oidc_config: "object - required only if type = oidc":
{
grant_types: "array of strings required",
redirect_uris: "array of URIs required",
scope: "array of strings required",
id_token_signed_response_alg: "string required"
},
forceReauthentication:"true/false"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| name | string | — |
| environment | string | — |
| type | string | — |
| saml_config | object | — |
| forceReauthentication | boolean | — |
| hideBanner | boolean | Hide the banner on the OIDC login page |
| hideMobileLinks | boolean | Hide mobile app download links on the OIDC login page |
| mobileAppLabel | string | Custom mobile app name label (max 15 characters, OIDC only) |
PUThttps://pilot-root.1kosmos.net/adminapi/serviceprovider
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/serviceprovider' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"name": "string", "environment": "string", "type": "saml", "saml_config": {"accessUrl": "string", "entityId": "string", "assertionMethod": "string", "assertionConsumerServiceURL": "string", "logoutRequestSignRequired": true, "logoutResponseSignRequired": true, "authRequestSignRequired": true, "assertionSignRequired": true, "signingCert": "string", "signingAlgo": "string", "metadata": "string", "nameid": {"format": "unspecified", "value": "string", "attribute_type": "string"}, "attributes": [{"claim_name": "string", "attribute_name": "string", "attribute_type": "string", "value_type": "string", "value": "string"}]}, "forceReauthentication": true, "hideBanner": false, "hideMobileLinks": false, "mobileAppLabel": "MyApp"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/serviceprovider", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"name": "string",
"environment": "string",
"type": "saml",
"saml_config": {
"accessUrl": "string",
"entityId": "string",
"assertionMethod": "string",
"assertionConsumerServiceURL": "string",
"logoutRequestSignRequired": true,
"logoutResponseSignRequired": true,
"authRequestSignRequired": true,
"assertionSignRequired": true,
"signingCert": "string",
"signingAlgo": "string",
"metadata": "string",
"nameid": {
"format": "unspecified",
"value": "string",
"attribute_type": "string"
},
"attributes": [
{
"claim_name": "string",
"attribute_name": "string",
"attribute_type": "string",
"value_type": "string",
"value": "string"
}
]
},
"forceReauthentication": true,
"hideBanner": false,
"hideMobileLinks": false,
"mobileAppLabel": "MyApp"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/serviceprovider",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"name": "string",
"environment": "string",
"type": "saml",
"saml_config": {
"accessUrl": "string",
"entityId": "string",
"assertionMethod": "string",
"assertionConsumerServiceURL": "string",
"logoutRequestSignRequired": true,
"logoutResponseSignRequired": true,
"authRequestSignRequired": true,
"assertionSignRequired": true,
"signingCert": "string",
"signingAlgo": "string",
"metadata": "string",
"nameid": {
"format": "unspecified",
"value": "string",
"attribute_type": "string"
},
"attributes": [
{
"claim_name": "string",
"attribute_name": "string",
"attribute_type": "string",
"value_type": "string",
"value": "string"
}
]
},
"forceReauthentication": true,
"hideBanner": false,
"hideMobileLinks": false,
"mobileAppLabel": "MyApp"
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of Adminapi API, useful for decryption response
data is ECDSA encrypted object represents created service provider:
```
{
"_id": "6070951e8dfc7f29228126c9",
"name": "Service provider's name",
"environment": "Environment name",
"logo": "string - only if type = oidc"
"type": "saml",
"saml_config": {
"_id": "6070951e8dfc7f29228126ca",
"accessUrl": "http://google.com",
"entityId": "http://google.com",
"assertionMethod": "post",
"assertionConsumerServiceURL": "http://google.com",
"logoutRequestSignRequired": true,
"logoutResponseSignRequired": true,
"authRequestSignRequired": true,
"assertionSignRequired": true,
"signingCert": "signingCert optional",
"signingAlgo": "http://www.w3.org/2000/09/xmldsig#rsa-sha256"
"encryptAssertion": true,
"encryptionCert": "encryptionCert optional",
"encryptionAlgorithm": "http://www.w3.org/2001/04/xmlenc#aes128-gcm",
"keyTransportAlgorithm": "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p",
"idpInitiated": false,
"relayState": "",
"nameid": {
"_id": "6070951e8dfc7f29228126cb",
"format": "emailAddress",
"value": "one of session_scope",
"attribute_type": "session/ledger/identity"
},
"attributes": [
{
"_id": "6070951e8dfc7f29228126cc"
"uuid": "string",
"claim_name": "string",
"attribute_name": "string",
"attribute_type": "session",
"value_type": "static",
"value": "value"
}
],
"metadata": "<note>\\n<to>T</to>\\n<from>F</from>\\n<heading>R<heading>\\n<body>DF</body>\\n</note>"
},
"oidc_config": "object - only if type = oidc":
"communityId": "community",
"logo": "logo",
"__v": 0
}
```
Validation data error
Unauthorized
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
PUT/serviceprovider/{type}
Create Service Provider for featured applications
Create Service Provider for featured applications.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Parameters
type (required)
Supported types: auth0, okta, salesforce, forgerock, gsuite, zendesk
Returns
Returns object with public key and encrypted data containing service provider config
Path parameters
| Name | Type | Description |
|---|---|---|
| typerequired | string | Supported types - auth0, okta, salesforce, forgerock, gsuite, zendesk |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with one of encrypted objects below:
For Auth0:
{
"name": "string",
"domain": "string",
"ssoUrl": "string",
"clientId": "onlyForAuthO",
"clientSecret": "onlyForAuth0"
}
For Okta:
{
"name": "string",
"domain": "string",
"ssoUrl": "string",
"apiToken": "onlyForOkta"
}
For Forgerock:
{
"name": "string",
"domain": "string",
"ssoUrl": "string",
"username": "onlyForForgerockSalesforce",
"password": "olnyForForgerockSalesforce",
"useExistingCOT": "boolean - true/false - onlyForForgerock",
"COT": "onlyForForgerock - optional if useExistingCOT === false",
"hostedSP": "onlyForForgerock - optional if useExistingCOT === true"
}
For Salesforce:
{
"name": "string",
"domain": "string",
"ssoUrl": "string",
"username": "onlyForForgerockSalesforce",
"password": "olnyForForgerockSalesforce",
"securityToken": "onlyForSalesforce"
}
For GSuite:
{
"name": "string",
"domain": "string",
"ssoUrl": "string",
"sloUrl": "string",
"serviceAccountEmail": "onlyForGSuite",
"adminEmail": "onlyForGSuite",
"serviceAccountPrivateKey": "onlyForGSuite"
}
For Zendesk:
{
"name": "string",
"domain": "string",
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| name | string | — |
| domain | string | — |
| ssoUrl | string | — |
| sloUrl | string | — |
| clientId | string | — |
| clientSecret | string | — |
| apiToken | string | — |
| username | string | — |
| password | string | — |
| useExistingCOT | string | — |
| COT | string | — |
| hostedSP | string | — |
| securityToken | string | — |
| serviceAccountEmail | string | — |
| adminEmail | string | — |
| serviceAccountPrivateKey | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/serviceprovider/{type}
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/serviceprovider/<type>' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"name": "string", "domain": "string", "ssoUrl": "string", "sloUrl": "string", "clientId": "onlyForAuthO", "clientSecret": "onlyForAuth0", "apiToken": "onlyForOkta", "username": "onlyForForgerockSalesforce", "password": "olnyForForgerockSalesforce", "useExistingCOT": "boolean - true/false - onlyForForgerock", "COT": "onlyForForgerock", "hostedSP": "onlyForForgerock", "securityToken": "onlyForSalesforce", "serviceAccountEmail": "onlyForGSuite", "adminEmail": "onlyFormGSuite", "serviceAccountPrivateKey": "onlyForGSuite"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/serviceprovider/<type>", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"name": "string",
"domain": "string",
"ssoUrl": "string",
"sloUrl": "string",
"clientId": "onlyForAuthO",
"clientSecret": "onlyForAuth0",
"apiToken": "onlyForOkta",
"username": "onlyForForgerockSalesforce",
"password": "olnyForForgerockSalesforce",
"useExistingCOT": "boolean - true/false - onlyForForgerock",
"COT": "onlyForForgerock",
"hostedSP": "onlyForForgerock",
"securityToken": "onlyForSalesforce",
"serviceAccountEmail": "onlyForGSuite",
"adminEmail": "onlyFormGSuite",
"serviceAccountPrivateKey": "onlyForGSuite"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/serviceprovider/<type>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"name": "string",
"domain": "string",
"ssoUrl": "string",
"sloUrl": "string",
"clientId": "onlyForAuthO",
"clientSecret": "onlyForAuth0",
"apiToken": "onlyForOkta",
"username": "onlyForForgerockSalesforce",
"password": "olnyForForgerockSalesforce",
"useExistingCOT": "boolean - true/false - onlyForForgerock",
"COT": "onlyForForgerock",
"hostedSP": "onlyForForgerock",
"securityToken": "onlyForSalesforce",
"serviceAccountEmail": "onlyForGSuite",
"adminEmail": "onlyFormGSuite",
"serviceAccountPrivateKey": "onlyForGSuite"
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of Adminapi API, useful for decryption response
data is ECDSA encrypted object represents created service provider:
```
{
"_id": "6070951e8dfc7f29228126c9",
"name": "Service provider's name",
"environment": "Environment name",
"logo": "string - only if type = oidc"
"type": "saml",
"saml_config": {
"_id": "6070951e8dfc7f29228126ca",
"accessUrl": "http://google.com",
"entityId": "http://google.com",
"assertionMethod": "post",
"assertionConsumerServiceURL": "http://google.com",
"logoutRequestSignRequired": true,
"logoutResponseSignRequired": true,
"authRequestSignRequired": true,
"assertionSignRequired": true,
"signingCert": "signingCert optional",
"signingAlgo": "http://www.w3.org/2000/09/xmldsig#rsa-sha256",
"encryptAssertion": false,
"encryptionCert": "encryptionCert optional",
"encryptionAlgorithm": "http://www.w3.org/2001/04/xmlenc#aes128-gcm",
"keyTransportAlgorithm": "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p",
"nameid": {
"_id": "6070951e8dfc7f29228126cb",
"format": "emailAddress",
"value": "one of session_scope",
"attribute_type": "session/ledger/identity"
},
"attributes": [
{
"_id": "6070951e8dfc7f29228126cc"
"uuid": "string",
"claim_name": "string",
"attribute_name": "string",
"attribute_type": "session",
"value_type": "static",
"value": "value"
}
],
"metadata": "<note>\\n<to>T</to>\\n<from>F</from>\\n<heading>R<heading>\\n<body>DF</body>\\n</note>"
},
"communityId": "community",
"logo": "logo",
"__v": 0
}
```
Validation data error
Unauthorized
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
PATCH/serviceprovider/{id}
Update Service Provider
Update Service Provider.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing service provider config
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | — |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
name: "string required",
environment: "string optional (default: empty string)",
logo: "string optional - allowed for type = oidc or saml, can be empty string",
type: "string required",
saml_config: "object not required - required only if type = saml":
{
idpInitiated: "boolean optional (default: false) - enables IDP-initiated SSO for this SP",
accessUrl: "string required",
entityId: "string required",
assertionMethod: "string required",
assertionConsumerServiceURL: "string required",
logoutRequestSignRequired: "boolean required",
logoutResponseSignRequired: "boolean required",
authRequestSignRequired: "boolean required",
assertionSignRequired: "boolean required",
signingCert: "string optional",
signingAlgo: "string optional (default: RSA_SHA256). Valid: RSA_SHA1, RSA_SHA256",
encryptAssertion: "boolean optional",
encryptionCert: "string optional",
encryptionAlgorithm: "string optional",
keyTransportAlgorithm: "string optional",
nameid: "object required":
{
format: "string required",
value: "string required",
attribute_type: "string required - session, ledger or identity"
},
relayState: "string optional (default: empty string) - URL where user is redirected after IDP-initiated login",
attributes: [
{
_id: "string",
uuid: "string",
claim_name: "string required",
attribute_name: "string required",
attribute_type: "string required - session, ledger or identity",
value_type: "string optional - static or null or default",
value: "can be anything: object, string, bool, array, number, etc - optional if value_type === null"
}
],
metadata: "string optional"
}
oidc_config: "object - required only if type = oidc":
{
grant_types: "array of strings required",
redirect_uris: "array of URIs required",
scope: "array of strings required",
id_token_signed_response_alg: "string required (HS256 or RS256)"
}
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well,it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| name | string | — |
| environment | string | — |
| type | string | — |
| saml_config | object | — |
| forceReauthentication | boolean | — |
| hideBanner | boolean | Hide the banner on the OIDC login page |
| hideMobileLinks | boolean | Hide mobile app download links on the OIDC login page |
| mobileAppLabel | string | Custom mobile app name label (max 15 characters, OIDC only) |
PATCHhttps://pilot-root.1kosmos.net/adminapi/serviceprovider/{id}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/serviceprovider/<id>' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"name": "string", "environment": "string", "type": "saml", "saml_config": {"accessUrl": "string", "entityId": "string", "assertionMethod": "string", "assertionConsumerServiceURL": "string", "logoutRequestSignRequired": true, "logoutResponseSignRequired": true, "authRequestSignRequired": true, "assertionSignRequired": true, "signingCert": "string", "signingAlgo": "string", "metadata": "string", "nameid": {"format": "unspecified", "value": "string", "attribute_type": "string"}, "attributes": [{"claim_name": "string", "attribute_name": "string", "attribute_type": "string", "value_type": "string", "value": "string"}]}, "forceReauthentication": true, "hideBanner": false, "hideMobileLinks": false, "mobileAppLabel": "MyApp"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/serviceprovider/<id>", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"name": "string",
"environment": "string",
"type": "saml",
"saml_config": {
"accessUrl": "string",
"entityId": "string",
"assertionMethod": "string",
"assertionConsumerServiceURL": "string",
"logoutRequestSignRequired": true,
"logoutResponseSignRequired": true,
"authRequestSignRequired": true,
"assertionSignRequired": true,
"signingCert": "string",
"signingAlgo": "string",
"metadata": "string",
"nameid": {
"format": "unspecified",
"value": "string",
"attribute_type": "string"
},
"attributes": [
{
"claim_name": "string",
"attribute_name": "string",
"attribute_type": "string",
"value_type": "string",
"value": "string"
}
]
},
"forceReauthentication": true,
"hideBanner": false,
"hideMobileLinks": false,
"mobileAppLabel": "MyApp"
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/serviceprovider/<id>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"name": "string",
"environment": "string",
"type": "saml",
"saml_config": {
"accessUrl": "string",
"entityId": "string",
"assertionMethod": "string",
"assertionConsumerServiceURL": "string",
"logoutRequestSignRequired": true,
"logoutResponseSignRequired": true,
"authRequestSignRequired": true,
"assertionSignRequired": true,
"signingCert": "string",
"signingAlgo": "string",
"metadata": "string",
"nameid": {
"format": "unspecified",
"value": "string",
"attribute_type": "string"
},
"attributes": [
{
"claim_name": "string",
"attribute_name": "string",
"attribute_type": "string",
"value_type": "string",
"value": "string"
}
]
},
"forceReauthentication": true,
"hideBanner": false,
"hideMobileLinks": false,
"mobileAppLabel": "MyApp"
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of Adminapi API, useful for decryption response
data is ECDSA encrypted object represents created service provider:
```
{
"_id": "6070951e8dfc7f29228126c9",
"name": "Service provider's name",
"environment": "Environment name",
"type": "saml",
"saml_config": {
"_id": "6070951e8dfc7f29228126ca",
"accessUrl": "http://google.com",
"entityId": "http://google.com",
"assertionMethod": "post",
"assertionConsumerServiceURL": "http://google.com",
"logoutRequestSignRequired": true,
"logoutResponseSignRequired": true,
"authRequestSignRequired": true,
"assertionSignRequired": true,
"signingCert": "signingCert optional",
"signingAlgo": "http://www.w3.org/2000/09/xmldsig#rsa-sha256",
"encryptAssertion": true,
"encryptionCert": "encryptionCert optional",
"encryptionAlgorithm": "http://www.w3.org/2001/04/xmlenc#aes128-gcm",
"keyTransportAlgorithm": "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p",
"idpInitiated": false,
"relayState": "",
"nameid": {
"_id": "6070951e8dfc7f29228126cb",
"format": "emailAddress",
"value": "one of session_scope",
"attribute_type": "session/ledger/identity"
},
"attributes": [
{
"_id": "6070951e8dfc7f29228126cc",
"uuid": "string",
"claim_name": "string",
"attribute_name": "string",
"attribute_type": "session",
"value_type": "static",
"value": "value"
}
],
"metadata": "<note>\\n<to>T</to>\\n<from>F</from>\\n<heading>R<heading>\\n<body>DF</body>\\n</note>"
},
"oidc_config": { ...oidc_config } //object only if type = oidc
"communityId": "community",
"logo": "logo",
"__v": 0
}
```
Validation data error
Unauthorized
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
DELETE/serviceprovider/{id}
Delete Service Provider
Delete Service Providers.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Doesn't return anything
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | ObjectId of existing service provider |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
DELETEhttps://pilot-root.1kosmos.net/adminapi/serviceprovider/{id}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/serviceprovider/xxxxxxxxxxxxxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/serviceprovider/xxxxxxxxxxxxxxxxxxxx", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/serviceprovider/xxxxxxxxxxxxxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
204
400
401
403
Success
Service provider has beed deleted successfully
Validation data error
Unauthorized
Forbidden
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Identity Enroll
Identity Enroll endpoints.
POST/identity_enroll/affidavit
Enroll affidavit document
Enroll DL.
This endpoint can be accessed by any logged user with loaded wallet.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns ECDSA encoded document object
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains *data* field with encrypted object below:
{
"doc":{
"document_type": "required, one of [dl_affidavit, ppt_affidavit, ssn_affidavit]",
"expiry": "required, date string in format YYYYMMDD",
"document_number": "required, alphanumeric string",
"username":"required, username we are adding affidavit for"}
"moduleId": "required, moduleId of user"
},IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| doc | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/identity_enroll/affidavit
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/identity_enroll/affidavit' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"doc": {"document_type": "string", "expiry": "string", "document_number": "string", "username": "string", "moduleId": "string"}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/identity_enroll/affidavit", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"doc": {
"document_type": "string",
"expiry": "string",
"document_number": "string",
"username": "string",
"moduleId": "string"
}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/identity_enroll/affidavit",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"doc": {
"document_type": "string",
"expiry": "string",
"document_number": "string",
"username": "string",
"moduleId": "string"
}
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of Adminapi, useful for decryption response
data is ECDSA encrypted object represents enrolled dl object:
```
{
"doc": {}, // full document object
"ial": "ial" // new ial level after dl enrollment
}
```
Bad Request
Unauthorized
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
POST/identity_enroll/dl_validate
Validate dl with AAMVA connector
Validate dl with AAMVA connector.
This endpoint can be accessed by any logged user with loaded wallet.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns ECDSA encoded AAMVA response with verification status
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains *data* field with encrypted object below:
{
"dl": {} // full dl_object
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| dl | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/identity_enroll/dl_validate
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/identity_enroll/dl_validate' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"dl": {}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/identity_enroll/dl_validate", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"dl": {}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/identity_enroll/dl_validate",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"dl": {}
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of Adminapi, useful for decryption response
data is ECDSA encrypted object represents verified status and aamva response:
```
{
"verified": "boolean",
"aamva_response": {
"docId": "DLDVSTRUCTUREDTEST12",
"docType": "dl",
"certifications": [
{
"docType": "dl",
"docId": "DLDVSTRUCTUREDTEST12",
"type": "aamva",
"authority": "aamva",
"ts": 1651752506,
"verified": true,
"result": {
"dl_number_matched": "boolean",
"dob_match": "boolean",
"last_name_exact_match": "boolean",
"last_name_fuzzy_match": "boolean",
"first_name_exact_match": "boolean",
"first_name_fuzzy_match": "boolean",
"middle_name_exact_match": "boolean",
"middle_name_fuzzy_match": "boolean",
"person_suffix_match": "boolean",
"doc_category_match": "boolean",
"doi_match": "boolean",
"doe_match": "boolean",
"person_sex_match": "boolean",
"person_height_match": "boolean",
"person_eye_color_match": "boolean",
"city_match": "boolean",
"state_match": "boolean",
"zip_match": "boolean"
},
"metadata": {
"s:Envelope": {
"xmlns:a": "http://www.w3.org/2005/08/addressing",
"xmlns:s": "http://www.w3.org/2003/05/soap-envelope",
"s:Body": {
"xmlns:xsd": "http://www.w3.org/2001/XMLSchema",
"xmlns:xsi": "http://www.w3.org/2001/XMLSchema-instance",
"VerifyDriverLicenseDataResponse": {
"xmlns": "http://aamva.org/dldv/wsdl/2.1",
"VerifyDriverLicenseDataResult": {
"PersonNameSuffixMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"ControlData": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"MessageAddress": {
"MessageOriginatorId": "P6",
"TransactionLocatorId": 347547659039083300,
"MessageDestinationId": "KOS"
}
},
"DriverLicenseExpirationDateMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"PersonFirstNameExactMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"AddressCityMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"PersonHeightMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"PersonLastNameExactMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"DriverLicenseNumberMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"PersonFirstNameFuzzyAlternateMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"DocumentCategoryMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"AddressStateCodeMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"AddressLine1MatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"AddressZIP5MatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"DriverLicenseIssueDateMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"PersonSexCodeMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"PersonLastNameFuzzyPrimaryMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"PersonLastNameFuzzyAlternateMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"PersonBirthDateMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"PersonEyeColorMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
},
"PersonFirstNameFuzzyPrimaryMatchIndicator": {
"xmlns": "http://aamva.org/niem/extensions/1.0",
"content": "boolean"
}
}
}
},
"s:Header": {
"a:Action": {
"s:mustUnderstand": 1,
"content": "http://aamva.org/dldv/wsdl/2.1/IDLDVService21/VerifyDriverLicenseDataResponse"
},
"a:MessageID": "uuid:2205051208270001 1UNISG"
}
}
},
"token": "token",
"fault": null,
"reason": null,
"error": null
}
]
},
"proofs": ["proof1", "proof2", "etc"],
"invalidState": "boolean/undefined"
}
```
Bad Request
Unauthorized
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
POST/identity_enroll/id_doc_enroll
Enroll identity document
Enroll DL.
This endpoint can be accessed by any logged user with loaded wallet.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns ECDSA encoded document object
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains *data* field with encrypted object below:
{
"doc": "full document object",
"selfie": "full selfie/liveid object",
"proofs": "array of strings (optional)"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| doc | string | — |
| selfie | string | — |
| proofs | array<string> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/identity_enroll/id_doc_enroll
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/identity_enroll/id_doc_enroll' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"doc": {"id": "id", "firstName": "firstName", "lastName": "lastName", "type": "dl", "face": "face", "dob": "yyyyMMdd", "doe": "yyyyMMdd"}, "selfie": {"face": "face"}, "proofs": ["proof1", "proof2", "etc"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/identity_enroll/id_doc_enroll", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"doc": {
"id": "id",
"firstName": "firstName",
"lastName": "lastName",
"type": "dl",
"face": "face",
"dob": "yyyyMMdd",
"doe": "yyyyMMdd"
},
"selfie": {
"face": "face"
},
"proofs": [
"proof1",
"proof2",
"etc"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/identity_enroll/id_doc_enroll",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"doc": {
"id": "id",
"firstName": "firstName",
"lastName": "lastName",
"type": "dl",
"face": "face",
"dob": "yyyyMMdd",
"doe": "yyyyMMdd"
},
"selfie": {
"face": "face"
},
"proofs": [
"proof1",
"proof2",
"etc"
]
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of Adminapi, useful for decryption response
data is ECDSA encrypted object represents enrolled dl object:
```
{
"doc": {}, // full document object
"ial": "ial" // new ial level after dl enrollment
}
```
Bad Request
Unauthorized
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
POST/identity_enroll/session/{sessionId}/poll
Enroll Driver License and LiveId from docuverify-authenticID session
Enroll Driver License and LiveId from docuverify-authenticID session.
This endpoint can be accessed by any logged user with loaded wallet.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Path Parameters
sessionId (required)
SessionId from authenticID
Returns
Returns ECDSA encoded liveid_object and dl_object
Path parameters
| Name | Type | Description |
|---|---|---|
| sessionIdrequired | string | authenticID sessionId |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/identity_enroll/session/{sessionId}/poll
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/identity_enroll/session/<sessionId>/poll' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/identity_enroll/session/<sessionId>/poll", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/identity_enroll/session/<sessionId>/poll",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
404
Success
publicKey is publicKey of Adminapi, useful for decryption response
data is ECDSA encrypted object represents liveid object and dl object:
```
{
"dl": { // full dl object },
"liveid": { // full liveid object },
"ial": "ial" // new ial level after liveid enrollment
}
```
Bad Request
Unauthorized
Not Found
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
POST/identity_enroll/ssn_enroll
Enroll SSN
Enroll SSN.
This endpoint can be accessed by any logged user with loaded wallet.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns ECDSA encoded ssn_object
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| ssn | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/identity_enroll/ssn_enroll
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/identity_enroll/ssn_enroll' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"ssn": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/identity_enroll/ssn_enroll", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"ssn": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/identity_enroll/ssn_enroll",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"ssn": "string"
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of Adminapi, useful for decryption response
data is ECDSA encrypted object represents enrolled ssn object:
```
{
"ssn_object": {
"id": "id",
"type": "ssn",
"documentId": "id",
"documentType": "SSN",
"image": "dummy b64",
"category": "identity_document",
"ssn": "ssn_number",
"proofedBy": "blockid",
"firstName": "firstName",
"middleName": "middleName",
"lastName": "lastName",
"dob": "yyyyMMdd",
"doe": "yyyyMMdd",
"face": "faceB64",
"address": "",
"street": "",
"city": "",
"state": "",
"zipCode": "",
"country": "",
"phoneNumber": "phoneNumber",
"email": "email",
"doi": "yyyyMMdd",
"verifiedScan": true,
"certificate_token": "certificate_token"
},
"ial": "ial" // new ial level after ssn enrollment
}
```
Bad Request
Unauthorized
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
PUT/identity_enroll/session/create
Create new session for identity enrollment
Create new session for identity enrollment.
This endpoint must be accessed by logged in user with wallet
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response gives necessary session info for retrieving session response
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains *data* field with encrypted object below:
{
"smsTo": "required string",
"smsISDCode": "required string",
"documentType": "dl_object"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| smsTo | number | — |
| smsISDCode | number | — |
| documentType | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/identity_enroll/session/create
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/identity_enroll/session/create' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"smsTo": 0, "smsISDCode": 0, "documentType": "dl_object"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/identity_enroll/session/create", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"smsTo": 0,
"smsISDCode": 0,
"documentType": "dl_object"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/identity_enroll/session/create",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"smsTo": 0,
"smsISDCode": 0,
"documentType": "dl_object"
},
)
print(res.json())RESPONSE
201
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"sessionId": "xxxxxxxx",
"sessionUrl": "xxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
DELETE/identity_enroll/remove_doc
Un enroll document from identity wallet
Remove enrolled document from wallet.
This endpoint must be accessed by logged in user with wallet
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response gives necessary session info for retrieving session response
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains *data* field with encrypted object below:
{
"docId": "required string",
"docType": "required string"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| docId | string | — |
| docType | string | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/identity_enroll/remove_doc
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/identity_enroll/remove_doc' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"docId": "xxxxxxxxxxxxxxxxxxxx", "docType": "ppt | dl | ssn | xxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/identity_enroll/remove_doc", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"docId": "xxxxxxxxxxxxxxxxxxxx",
"docType": "ppt | dl | ssn | xxx"
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/identity_enroll/remove_doc",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"docId": "xxxxxxxxxxxxxxxxxxxx",
"docType": "ppt | dl | ssn | xxx"
},
)
print(res.json())RESPONSE
204
400
401
500
No Content
Validation data error
Unauthorized
Internal Server Error
// no response body
{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Web Authn
Web Authn endpoints.
POST/webauthn/assertion/options
Get Assertion Options
Get Assertion Options for login with security keys.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 60 seconds from now
publickey (required)
Public key
Request Body
username (required)
username : string
communityId (required)
communityId : string
tenantId (required)
tenantId : string
Returns
Returns the assertion options for login with security keys.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| licensekeyrequired | string | License key encrypted with ECDSA / Try Authorize 🔒 |
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 60 seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| username | string | — |
| communityId | string | — |
| tenantId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/webauthn/assertion/options
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/webauthn/assertion/options' \
-H 'licensekey: YOUR_LICENSE_KEY' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"username": "xxxxxx", "communityId": "xxxxxx", "tenantId": "xxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/webauthn/assertion/options", {
method: "POST",
headers: {
"licensekey": "YOUR_LICENSE_KEY",
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"username": "xxxxxx",
"communityId": "xxxxxx",
"tenantId": "xxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/webauthn/assertion/options",
headers={
"licensekey": "YOUR_LICENSE_KEY",
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"username": "xxxxxx",
"communityId": "xxxxxx",
"tenantId": "xxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"challenge": "xxxxxx",
"rpId": "xxxxxx",
"timeout": "xxxxxx",
"UserVerification": "xxxxxx",
"allowCredentials": [
{
"type": "public-key",
"id": "xxxxxxxx"
}
],
"status": "xxxx",
"errorMessage": ""
}// no response body
// no response body
// no response body
POST/webauthn/attestation/options
Get Attestation Options
Get Attestation Options.
This endpoint must be accessed by a logged in user.
Username provided must match username stored in JWT.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object containing properties for registering security key
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
For Fido Key:
{
"attestation": "direct",
"authenticatorSelection": {
"requireResidentKey": true
}
}For Platform:
{
"attestation": "direct",
"authenticatorSelection": {
"authenticatorAttachment": "platform"
}
}For Macbook:
{
"attestation": "none"
}| Field | Type | Description |
|---|---|---|
| attestation | string | — |
| authenticatorSelection | object | — |
POSThttps://pilot-root.1kosmos.net/adminapi/webauthn/attestation/options
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/webauthn/attestation/options' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"attestation": "attestation", "authenticatorSelection": {"requireResidentKey": true, "authenticatorAttachment": "authenticatorAttachment"}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/webauthn/attestation/options", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"attestation": "attestation",
"authenticatorSelection": {
"requireResidentKey": true,
"authenticatorAttachment": "authenticatorAttachment"
}
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/webauthn/attestation/options",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"attestation": "attestation",
"authenticatorSelection": {
"requireResidentKey": true,
"authenticatorAttachment": "authenticatorAttachment"
}
},
)
print(res.json())RESPONSE
200
400
401
500
Success
publicKey is publicKey of User Management API, useful for decryption response
data is ECDSA encrypted object represents created auth module:
```
{
"rp": "object",
"user": "object",
"attestation": "direct",
"pubKeyCredParams": "array object",
"timeout": 60000,
"authenticatorSelection": {
"requireResidentKey": true
}
"challenge": "string",
"excludeCredentials": "array object"
"status": "ok",
"errorMessage": ""
}
```
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/webauthn/authenticate_with_security_key
authenticate with security keys
authenticate with security keys.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 60 seconds from now
publickey (required)
Public key
Returns
Returns the authentication information.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| licensekeyrequired | string | License key encrypted with ECDSA / Try Authorize 🔒 |
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 60 seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
For Fido Key:
{
"username":"string required",
"tenant":{
"id":"string required",
"name":"string required",
"tag":"string required",
"type":"string required"
},
"community":{
"id":"string required",
"name":"string required",
"publicKey":"string required"
},
"rawId": "string required",
"authenticatorData": "string required",
"signature":"string required",
"userHandle": "string | null optional (can be empty or null)",
"clientDataJSON": "string required", // base64 string
"getClientExtensionResults":{},
"id":"string required",
"type":"public-key"
}| Field | Type | Description |
|---|---|---|
| tenant | object | — |
| community | object | — |
| username | string | — |
| rawId | string | — |
| authenticatorData | number | — |
| signature | string | — |
| userHandle | string | — |
| clientDataJSON | number | — |
| getClientExtensionResults | object | — |
| id | string | — |
| type | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/webauthn/authenticate_with_security_key
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/webauthn/authenticate_with_security_key' \
-H 'licensekey: YOUR_LICENSE_KEY' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"tenant": {"id": "xxxxxx", "name": "xxxxxx", "tag": "xxxxxx", "type": "xxxxxx"}, "community": {"id": "xxxxxx", "name": "xxxxxx", "publicKey": "xxxxxx"}, "username": "xxxxxx", "rawId": "xxxxxx", "authenticatorData": "xxxxxx", "signature": "xxxxxx", "userHandle": "xxxx", "clientDataJSON": "xxxxxx", "getClientExtensionResults": {}, "id": "xxxx", "type": "public-key"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/webauthn/authenticate_with_security_key", {
method: "POST",
headers: {
"licensekey": "YOUR_LICENSE_KEY",
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenant": {
"id": "xxxxxx",
"name": "xxxxxx",
"tag": "xxxxxx",
"type": "xxxxxx"
},
"community": {
"id": "xxxxxx",
"name": "xxxxxx",
"publicKey": "xxxxxx"
},
"username": "xxxxxx",
"rawId": "xxxxxx",
"authenticatorData": "xxxxxx",
"signature": "xxxxxx",
"userHandle": "xxxx",
"clientDataJSON": "xxxxxx",
"getClientExtensionResults": {},
"id": "xxxx",
"type": "public-key"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/webauthn/authenticate_with_security_key",
headers={
"licensekey": "YOUR_LICENSE_KEY",
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"tenant": {
"id": "xxxxxx",
"name": "xxxxxx",
"tag": "xxxxxx",
"type": "xxxxxx"
},
"community": {
"id": "xxxxxx",
"name": "xxxxxx",
"publicKey": "xxxxxx"
},
"username": "xxxxxx",
"rawId": "xxxxxx",
"authenticatorData": "xxxxxx",
"signature": "xxxxxx",
"userHandle": "xxxx",
"clientDataJSON": "xxxxxx",
"getClientExtensionResults": {},
"id": "xxxx",
"type": "public-key"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"user": "object",
"pon_data": "object",
"jwt_token": "string"
}// no response body
// no response body
// no response body
POST/webauthn/security_key
Register security key or platform authenticator
Register security key or platform authenticator
This endpoint must be accessed by a logged in user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns message if device has been linked successfully
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Request body should accept data from navigator.credentials.create() and tenantId and communityId
| Field | Type | Description |
|---|---|---|
| navigator_credentials_create_data | string | — |
| deviceName | string | — |
| keyType | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/webauthn/security_key
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/webauthn/security_key' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"navigator_credentials_create_data": "Don't send string. Send properties using spread operator like '...data'", "deviceName": "xxxxxxxx", "keyType": "xxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/webauthn/security_key", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"navigator_credentials_create_data": "Don't send string. Send properties using spread operator like '...data'",
"deviceName": "xxxxxxxx",
"keyType": "xxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/webauthn/security_key",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"navigator_credentials_create_data": "Don't send string. Send properties using spread operator like '...data'",
"deviceName": "xxxxxxxx",
"keyType": "xxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"device": {
"name": "Somebody's FIDO key",
"type": "FIDO"
},
"deviceId": "xxxxxxxxx",
"type": "xxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/webauthn/vendormetadata/{communityId}/fetch
fetch the security keys
fetch the security keys.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityIdrequired | string | Community Id |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
"aaguids": [
"string"
]
}| Field | Type | Description |
|---|---|---|
| aaguid | array<string> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/{communityId}/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/Do not enter anything, use 'Authorize' fields/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"aaguid": ["string"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/Do not enter anything, use 'Authorize' fields/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"aaguid": [
"string"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/Do not enter anything, use 'Authorize' fields/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"aaguid": [
"string"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
[
{
"aaguid": "xxxxxx",
"metadata": "xxxxxx",
"name": "xxxxxx",
"disabled": false,
"updatedBy": "xxxx"
}
]// no response body
// no response body
// no response body
PUT/webauthn/vendormetadata/{communityId}
add the security keys
add the security keys.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityIdrequired | string | Community Id |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
"aaguid": "string required",
"metadata": "string required",
"name":"string required",
"disabled": "boolean required",
"updatedBy": "string required"
}| Field | Type | Description |
|---|---|---|
| aaguid | string | — |
| metadata | string | — |
| name | string | — |
| disabled | boolean | — |
| updatedBy | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/{communityId}
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/Do not enter anything, use 'Authorize' fields' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"aaguid": "xxxxxx", "metadata": "xxxxxx", "name": "xxxxxx", "disabled": false, "updatedBy": "xxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/Do not enter anything, use 'Authorize' fields", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"aaguid": "xxxxxx",
"metadata": "xxxxxx",
"name": "xxxxxx",
"disabled": false,
"updatedBy": "xxxx"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/Do not enter anything, use 'Authorize' fields",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"aaguid": "xxxxxx",
"metadata": "xxxxxx",
"name": "xxxxxx",
"disabled": false,
"updatedBy": "xxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"aaguid": "xxxxxx",
"id": "xxxxxx"
}// no response body
// no response body
// no response body
PATCH/webauthn/vendormetadata/{communityId}/aaguid/{aaguid}
update the security keys
add the security keys.
Path parameters
| Name | Type | Description |
|---|---|---|
| communityIdrequired | string | Community Id |
| aaguidrequired | string | aagu Id |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
"metadata": "string required",
"name":"string required",
"disabled": "boolean required",
"updatedBy": "string required"
}| Field | Type | Description |
|---|---|---|
| metadata | string | — |
| name | string | — |
| disabled | boolean | — |
| updatedBy | string | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/{communityId}/aaguid/{aaguid}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/Do not enter anything, use 'Authorize' fields/aaguid/Do not enter anything, use 'Authorize' fields' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"metadata": "xxxxxx", "name": "xxxxxx", "disabled": false, "updatedBy": "xxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/Do not enter anything, use 'Authorize' fields/aaguid/Do not enter anything, use 'Authorize' fields", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"metadata": "xxxxxx",
"name": "xxxxxx",
"disabled": false,
"updatedBy": "xxxx"
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/webauthn/vendormetadata/Do not enter anything, use 'Authorize' fields/aaguid/Do not enter anything, use 'Authorize' fields",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"metadata": "xxxxxx",
"name": "xxxxxx",
"disabled": false,
"updatedBy": "xxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"status": "ok"
}// no response body
// no response body
// no response body
Admin API
Auth Modules
Auth Modules endpoints.
GET/auth_modules/{moduleId}
Get auth module by moduleId.
Get auth module by moduleId.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Parameters
No Parameters
Returns
Returns the auth module, encrypted with ECDSA and public key.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| moduleIdrequired | string | — |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/auth_modules/{moduleId}
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/auth_modules/xxxxxxxxxxxxxxxxxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/auth_modules/xxxxxxxxxxxxxxxxxxxxxxxx", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/auth_modules/xxxxxxxxxxxxxxxxxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
404
Success
data is ECDSA encrypted object represents auth module:
```
{
"_id": "ObjectID",
"communityId": "ObjectID",
"type": "db",
"subtype": "datastore",
"method": "authn",
"name": "Auth Module Name",
"enabled": true,
"mode": "broker/direct",
"config": {}, // see below config response samples
"kerberos_config": { // optional
"enabled": "boolean optional",
"keytab_file": "string optional"
}
}
```
config object for type **ad** or **ldap**:
```
{
"serverprotocol": "ldap",
"server": "string",
"serverport": "string",
"binddn": "string",
"bindpassword": "string",
"basedn": "string",
"securityauthentication": "Simple",
"filter": "string",
"serviceacctreadonly": true,
"scepenabled": "boolean optional (only broker)",
"scepurl": "string optional (only broker)",
"challengeurl": "string optional (only broker)",
"scepagent": "string optional (only broker)",
"cert_enabled": "boolean optional",
"cert_template": "string optional", // Alphabets, numerals, spaces, special characters allowed
"dc_dns": "string optional", // DNS names can contain only alphabetic characters (A-Z, a-z), numeric characters (0-9), the minus sign (-), and the period (.)
"dc_ca": "string optional", // up to 64 characters, ANSI character set
"logfilesizemb": "number (only broker)",
"logfilecount": "number (only broker)",
"ldapqueryfilter": "string optional",
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
},
"caList": [{
"cert_template": "string required",
"dc_dns": "string required",
"dc_ca": "string required",
"lastSuccessAt": "date optional",
"lastNotifiedAt": "date optional"
}],
"caTimeoutSeconds": "number optional - default = 10s",
"caRetryAfterMinutes": "number optional - default = 30m",
"caStatusChangeNotificationsTo": "array optional",
"caStatusChangeNotificationsEnabled": "boolean optional",
}
```
config object for type **azuread**:
```
{
"appName": "string",
"tenantId": "string",
"tenantName": "string",
"clientId": "string",
"clientSecret": "string",
"loginBasePath": "string",
"graphApiBasePath": "string",
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
```
config object for type **db**:
```
{
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
```
Invalid request
Unauthorized
Not found
{
"data": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="
}// no response body
// no response body
// no response body
POST/auth_modules/fetch
Fetch Auth Modules.
Fetch Auth Modules.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns the auth modules.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/auth_modules/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/auth_modules/fetch' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/auth_modules/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/auth_modules/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"modules": [
{
"_id": "string",
"communityId": "string",
"type": "string",
"subtype": "string",
"method": "string",
"name": "string",
"enabled": true,
"mode": "broker",
"config": {
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
},
{
"_id": "string",
"communityId": "string",
"type": "string",
"subtype": "string",
"method": "string",
"name": "string",
"enabled": true,
"mode": "direct",
"config": {
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
},
"kerberos_config": {
"enabled": "boolean optional",
"keytab_file": "string optional"
}
},
{
"_id": "string",
"communityId": "string",
"type": "string",
"subtype": "string",
"method": "string",
"name": "string",
"enabled": true,
"mode": "direct",
"config": {
"cert_enabled": "boolean",
"cert_template": "string",
"dc_dns": "string",
"dc_ca": "string",
"logfilesizemb": "number",
"logfilecount": "number",
"ldapqueryfilter": "someLdapQueryFilter",
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
}
]
}// no response body
// no response body
// no response body
PUT/auth_modules/create
Create Auth Modules.
Create Auth Modules.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
data (required)
Auth module data encrypted with ECDSA.
Returns
Returns the created auth module.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger.
for type db:
{
"type": "db",
"subtype": "datastore",
"method": "authn",
"name": "string required",
"enabled": true,
"mode": "direct",
"config": {
"passwordPolicy": { // object optional
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
}for type ad:
{
"type": "ad",
"subtype": "directory",
"method": "authn",
"name": "string required",
"enabled": true,
"mode": "direct/broker",
"config": {
"serverprotocol": "string required/optional - ldap or ldaps",
"server": "string required/optional",
"serverport": "string required/optional",
"binddn": "string required/optional",
"bindpassword": "string optional/optional",
"basedn": "string required/optional",
"securityauthentication": "string required/optional - Simple or Secure or Sealing or Encryption or SecureSocketLayer or ServerBind",
"filter": "string required/optional",
"serviceacctreadonly": "boolean optional - default false",
"scepenabled": "boolean optional (only broker)",
"scepurl": "string optional (only broker)",
"challengeurl": "string optional (only broker)",
"scepagent": "string optional (only broker)",
"ldapqueryfilter": "string optional",
"cert_enabled": "boolean optional",
"cert_template": "string optional", // Alphabets, numerals, spaces, special characters allowed
"dc_dns": "string optional", // DNS names can contain only alphabetic characters (A-Z, a-z), numeric characters (0-9), the minus sign (-), and the period (.)
"dc_ca": "string optional", // up to 64 characters, ANSI character set
"logfilesizemb": number optional, // it's only for BROKER, default is 10
"logfilecount": number optional, // it's only for BROKER, default is 10
"passwordPolicy": { // object optional
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
},
"caList": [{
"cert_template": "string required",
"dc_dns": "string required",
"dc_ca": "string required",
"lastSuccessAt": "date optional",
"lastNotifiedAt": "date optional",
}],
"caTimeoutSeconds": "number optional - default = 10s",
"caRetryAfterMinutes": "number optional - default = 30m",
"caStatusChangeNotificationsTo": "array optional",
"caStatusChangeNotificationsEnabled": "boolean optional",
},
"kerberos_config": { // optional
"enabled": "boolean optional",
"keytab_file": "string optional"
},
"enhanced_security_on": true/false
}for direct azuread:
{
"type": "azuread",
"subtype": "directory",
"method": "authn",
"name": "string required",
"enabled": true,
"mode": "direct",
"config": {
"appName": "string required",
"tenantId": "string required",
"tenantName": "string required",
"clientId": "string required",
"clientSecret": "string required",
"loginBasePath": "string required",
"graphApiBasePath": "string required",
"passwordPolicy": { // object optional
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
}for type ldap:
{
"type": "ldap",
"subtype": "directory",
"method": "authn",
"name": "string required",
"enabled": true,
"mode": "direct/broker",
"config": {
"serverprotocol": "string required/optional - ldap or ldaps",
"server": "string required/optional",
"serverport": "string required/optional",
"binddn": "string required/optional",
"bindpassword": "string optional/optional",
"basedn": "string required/optional",
"securityauthentication": "string required/optional - Simple or Secure or Sealing or Encryption or SecureSocketLayer or ServerBind",
"filter": "string required/optional",
"serviceacctreadonly": "boolean optional - default false",
"scepenabled": "boolean optional (only broker)",
"scepurl": "string optional (only broker)",
"challengeurl": "string optional (only broker)",
"scepagent": "string optional (only broker)",
"ldapqueryfilter": "string optional",
"passwordPolicy": { // object optional
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
},
"caList": [{
"cert_template": "string required",
"dc_dns": "string required",
"dc_ca": "string required",
"lastSuccessAt": "date optional",
"lastNotifiedAt": "date optional"
}],
"caTimeoutSeconds": "number optional - default = 10s",
"caRetryAfterMinutes": "number optional - default = 30m",
"caStatusChangeNotificationsTo": "array optional",
"caStatusChangeNotificationsEnabled": "boolean optional",
},
"kerberos_config": { // optional
"enabled": "boolean optional",
"keytab_file": "string optional"
}
}| Field | Type | Description |
|---|---|---|
| data | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/auth_modules/create
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/auth_modules/create' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"data": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/auth_modules/create", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"data": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/auth_modules/create",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"data": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of User Management API, useful for decryption response
data is ECDSA encrypted object represents created auth module:
```
{
"_id": "ObjectID",
"communityId": "ObjectID",
"type": "db", // ad | ldap | db
"subtype": "datastore", // for ad | ldap: "directory", for db: "datastore"
"method": "authn", // for ad | ldap | db : "authn"
"name": "Auth Module Name",
"enabled": true,
"mode": "broker/direct",
"config": {}, // see below config response samples
"kerberos_config": { // optional
"enabled": "boolean optional",
"keytab_file": "string optional"
}
}
```
config object for type **ad** or **ldap**:
```
{
"serverprotocol": "ldap",
"server": "string"
"serverport": "string"
"binddn": "string"
"bindpassword": "string",
"basedn": "string",
"securityauthentication": "Simple",
"filter": "string",
"serviceacctreadonly": true,
"scepenabled": "boolean optional",
"scepurl": "string optional",
"challengeurl": "string optional",
"scepagent": "string optional",
"ldapqueryfilter": "string optional",
"cert_enabled": "boolean",
"cert_template": "string",
"dc_dns": "string",
"dc_ca": "string",
"logfilesizemb": "number", // it's only for AD BROKER
"logfilecount": "number", // it's only for AD BROKER
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
},
"caList": [{
"cert_template": "string required",
"dc_dns": "string required",
"dc_ca": "string required",
"lastSuccessAt": "date optional",
"lastNotifiedAt": "date optional"
}],
"caTimeoutSeconds": "number optional - default = 10s",
"caRetryAfterMinutes": "number optional - default = 30m",
"caStatusChangeNotificationsTo": "array optional",
"caStatusChangeNotificationsEnabled": "boolean optional",
}
```
config object for type **azuread** :
```
{
"appName": "string",
"tenantId": "string",
"tenantName": "string",
"clientId": "string",
"clientSecret": "string",
"loginBasePath": "string",
"graphApiBasePath": "string",
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
```
config for type **db**:
```
{
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
```
Invalid request
Unauthorized
// no response body
// no response body
// no response body
PATCH/auth_modules/updateJs/{moduleId}
Update JS script Auth Modules.
Update JS script Auth Modules..
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
data (required)
Auth module data encrypted with ECDSA.
Returns
Returns the created auth module.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| moduleIdrequired | string | — |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger.
| Field | Type | Description |
|---|---|---|
| data | string | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/auth_modules/updateJs/{moduleId}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/auth_modules/updateJs/xxxxxxxxxxxxxxxxxxxxxxxx' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"data": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/auth_modules/updateJs/xxxxxxxxxxxxxxxxxxxxxxxx", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"data": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/auth_modules/updateJs/xxxxxxxxxxxxxxxxxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"data": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of User Management API, useful for decryption response
data is ECDSA encrypted object represents created auth module:
Invalid request
Unauthorized
// no response body
// no response body
// no response body
PATCH/auth_modules/{moduleId}
Update Auth Module.
Update Auth Modules.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
data (required)
Auth module data encrypted with ECDSA.
Returns
Returns updated auth module.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| moduleIdrequired | string | The id of auth module to update |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger.
NOTE - for each type you can send "mode" parameter, but it will be skipped.
for type db:
{
"name": "string optional",
"enabled": "boolean optional",
"type": "db - only for dynamic validation",
"mode": "direct - only for dynamic validation"
"config": {
"passwordPolicy": { // object optional
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
}for type ad:
{
"name": "string optional",
"enabled": "boolean optional",
"type": "ad - only for dynamic validation",
"mode": "direct/broker - only for dynamic validation"
"config": {
"serverprotocol": "string required/optional - ldap or ldaps",
"server": "string required/optional",
"serverport": "string required"/optional,
"binddn": "string required/optional",
"bindpassword": "string required/optional",
"basedn": "string required"/optional,
"securityauthentication": "string required/optional - Simple or Secure or Sealing or Encryption or SecureSocketLayer or ServerBind",
"filter": "string required/optional",
"serviceacctreadonly": "boolean optional - default false",
"scepenabled": "boolean optional (only broker)",
"scepurl": "string optional (only broker)",
"challengeurl": "string optional (only broker)",
"scepagent": "string optional (only broker)",
"logfilesizemb": number optional, // it's only for BROKER
"logfilecount": number optional, // it's only for BROKER
"cert_enabled": "boolean optional",
"cert_template": "string optional", // Alphabets, numerals, spaces, special characters allowed
"dc_dns": "string optional", // DNS names can contain only alphabetic characters (A-Z, a-z), numeric characters (0-9), the minus sign (-), and the period (.)
"dc_ca": "string optional", // up to 64 characters, ANSI character set
"ldapqueryfilter": "string optional",
"passwordPolicy": { // object optional
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
},
"caList": [{
"cert_template": "string required",
"dc_dns": "string required",
"dc_ca": "string required",
"lastSuccessAt": "date optional",
"lastNotifiedAt": "date optional"
}],
"caTimeoutSeconds": "number optional - default = 10s",
"caRetryAfterMinutes": "number optional - default = 30m",
"caStatusChangeNotificationsTo": "array optional",
"caStatusChangeNotificationsEnabled": "boolean optional",
},
"kerberos_config": { // optional
"enabled": "boolean optional",
"keytab_file": "string optional"
},
"enhanced_security_on": true/false
}for type ldap:
{
"name": "string optional",
"enabled": "boolean optional",
"type": "ldap - only for dynamic validation",
"mode": "direct/broker - only for dynamic validation"
"config": {
"serverprotocol": "string required/optional - ldap or ldaps",
"server": "string required/optional",
"serverport": "string required/optional",
"binddn": "string required/optional",
"bindpassword": "string required/optional",
"basedn": "string required/optional",
"securityauthentication": "string required/optional - Simple or Secure or Sealing or Encryption or SecureSocketLayer or ServerBind",
"filter": "string required/optional",
"serviceacctreadonly": "boolean optional - default false",
"scepenabled": "boolean optional (only broker)",
"scepurl": "string optional (only broker)",
"challengeurl": "string optional (only broker)",
"scepagent": "string optional (only broker)",
"ldapqueryfilter": "string optional",
"passwordPolicy": { // object optional
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
},
"caList": [{
"cert_template": "string required",
"dc_dns": "string required",
"dc_ca": "string required",
"lastSuccessAt": "date optional",
"lastNotifiedAt": "date optional"
}],
"caTimeoutSeconds": "number optional - default = 10s",
"caRetryAfterMinutes": "number optional - default = 30m",
"caStatusChangeNotificationsTo": "array optional",
"caStatusChangeNotificationsEnabled": "boolean optional",
},
"kerberos_config": { // optional
"enabled": "boolean optional",
"keytab_file": "string optional"
}
}for type azuread:
{
"name": "string optional",
"enabled": true,
"config": {
"appName": "string",
"tenantId": "string",
"tenantName": "string",
"clientId": "string",
"clientSecret": "string",
"loginBasePath": "string",
"graphApiBasePath": "string",
"passwordPolicy": { // object optional
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
}| Field | Type | Description |
|---|---|---|
| name | string | — |
| enabled | boolean | — |
| type | string | — |
| mode | string | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/auth_modules/{moduleId}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/auth_modules/xxxxxxxxxxxxxxxx' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"name": "string", "enabled": true, "type": "string", "mode": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/auth_modules/xxxxxxxxxxxxxxxx", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"name": "string",
"enabled": true,
"type": "string",
"mode": "string"
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/auth_modules/xxxxxxxxxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"name": "string",
"enabled": true,
"type": "string",
"mode": "string"
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of User Management API, useful for decryption response
data is ECDSA encrypted object represents updated auth module:
```
{
"_id": "ObjectID",
"communityId": "ObjectID",
"type": "db", // ad | ldap | db
"subtype": "datastore", // for ad | ldap: "directory", for db: "datastore"
"method": "authn", // for ad | ldap | db : "authn"
"name": "Auth Module Name",
"enabled": true,
"mode": "broker/direct"
"config": {}, // see below config response samples
"kerberos_config": { // optional
"enabled": "boolean optional",
"keytab_file": "string optional"
}
}
```
config object for type **ad** or **ldap**:
```
{
"serverprotocol": "ldap",
"server": "string"
"serverport": "string"
"binddn": "string"
"bindpassword": "string",
"basedn": "string",
"securityauthentication": "Simple",
"filter": "string",
"serviceacctreadonly": true,
"scepenabled": "boolean optional",
"scepurl": "string optional",
"challengeurl": "string optional",
"scepagent": "string optional",
"ldapqueryfilter": "string optional",
"cert_enabled": "boolean",
"cert_template": "string",
"dc_dns": "string",
"dc_ca": "string",
"logfilesizemb": "number", // it's only for AD BROKER
"logfilecount": "number", // it's only for AD BROKER
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
},
"caList": [{
"cert_template": "string required",
"dc_dns": "string required",
"dc_ca": "string required",
"lastSuccessAt": "date optional",
"lastNotifiedAt": "date optional"
}],
"caTimeoutSeconds": "number optional - default = 10s",
"caRetryAfterMinutes": "number optional - default = 30m",
"caStatusChangeNotificationsTo": "array optional",
"caStatusChangeNotificationsEnabled": "boolean optional",
}
```
config object for type **azuread**:
```
{
"appName": "string",
"tenantId": "string",
"tenantName": "string",
"clientId": "string",
"clientSecret": "string",
"loginBasePath": "string",
"graphApiBasePath": "string",
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
```
config for type **db**:
```
{
"passwordPolicy": {
"allowed": "boolean required",
"authtype": "Fingerprint|Face",
"description": "string required",
"rules": {
"min": "number required",
"min_enabled": "boolean required",
"min_special": "number required",
"min_special_enabled": "boolean required",
"min_numbers": "number required",
"min_numbers_enabled": "boolean required",
"special_chars_allowed": "string required",
"special_chars_allowed_enabled": "boolean required",
"min_alpha_caps": "number required",
"min_alpha_caps_enabled": "boolean required",
"noUsername": "boolean required",
"noUsername_enabled": "boolean required",
"noSpaces": "boolean required",
"noSpaces_enabled": "boolean required",
"allowInRow": "number required",
"allowInRow_enabled": "boolean required"
}
}
}
```
Invalid request
Unauthorized
{
"data": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="
}// no response body
// no response body
DELETE/auth_modules/{moduleId}
Delete auth module by moduleId.
Delete auth module by moduleId.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Parameters
No Parameters
Returns
No content.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| moduleIdrequired | string | — |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
DELETEhttps://pilot-root.1kosmos.net/adminapi/auth_modules/{moduleId}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/auth_modules/xxxxxxxxxxxxxxxxxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/auth_modules/xxxxxxxxxxxxxxxxxxxxxxxx", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/auth_modules/xxxxxxxxxxxxxxxxxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
204
400
401
404
Success
Empty response
Invalid request
Unauthorized
Not found
// no response body
// no response body
// no response body
// no response body
Admin API
MSG Gateway
MSG Gateway endpoints.
POST/msg_gateway/create
Create message gateway configs
Create message gateway configs.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response give created message gateway id and status
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
for type email:
{
"tenantId": "required string",
"communityId": "required string",
"type": "required string",
"channels": ["email"],
"protocol": "smtp",
"auth": "true",
"name": "Default Email Gateway",
"username": "required string",
"password": "required string",
"serviceUrl": "required string",
"senderEmail": "required string",
"port": "465",
"awsRegion" : "required string for aws gateway"
}for type sms:
{
"tenantId": "required string",
"communityId": "required string",
"type": "required string",
"channels": ["sms"],
"auth": "true",
"name": "Default SMS Gateway",
"username": "required string",
"password": "required string",
"serviceUrl": "required string",
"senderPhone": "required string",
"smstemplateid": "required string",
"entityId": "required string",
"authTokenRequestUrl": "required string for Coalesce gateway",
"authClientId": "required string for Coalesce gateway",
"authClientSecret":"required string for Coalesce gateway",
"authGrantType":"required string for Coalesce gateway",
"authScope":"required string for Coalesce gateway",
"principalEntityId": "required string for Gupshup gateway",
"dltTemplateId": "required string for Gupshup gateway",
"awsRegion" : "required string for aws gateway",
"appCategory" : "required string for sandesh gateway",
"gstFlag" : "required string for sandesh gateway",
"msgType" : "required string for sandesh gateway"
}for type voice:
{
"tenantId": "required string",
"communityId": "required string",
"type": "required string",
"channels": ["voice"],
"auth": "true",
"name": "Default Voice Gateway",
"username": "required string",
"password": "required string",
"serviceUrl": "required string",
"senderPhone": "required string"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| type | string | — |
| channels | array<string> | — |
| protocol | string | — |
| auth | string | — |
| name | string | — |
| username | string | — |
| password | string | — |
| serviceUrl | string | — |
| senderEmail | string | — |
| port | string | — |
| smstemplateid | string | — |
| entityId | string | — |
| authTokenRequestUrl | string | — |
| authClientId | string | — |
| authClientSecret | string | — |
| authGrantType | string | — |
| authScope | string | — |
| principalEntityId | string | — |
| dltTemplateId | string | — |
| awsRegion | string | — |
| appCategory | string | — |
| gstFlag | string | — |
| msgType | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/msg_gateway/create
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/msg_gateway/create' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx", "type": "xxxxxxxxxx", "channels": ["email"], "protocol": "xxxxxxxxxx", "auth": "xxxxxxxxxx", "name": "xxxxxxxxxx", "username": "xxxxxxxxxx", "password": "xxxxxxxxxx", "serviceUrl": "xxxxxxxxxx", "senderEmail": "xxxxxxxxxx", "port": "xxxxxxxxxx", "smstemplateid": "xxxxxxxxxx", "entityId": "xxxxxxxxxx", "authTokenRequestUrl": "xxxxxxxxxx", "authClientId": "xxxxxxxxxx", "authClientSecret": "xxxxxxxxxx", "authGrantType": "xxxxxxxxxx", "authScope": "xxxxxxxxxx", "principalEntityId": "xxxxxxxxxx", "dltTemplateId": "xxxxxxxxxx", "awsRegion": "xxxxxxxxxx", "appCategory": "xxxxxxxxxx", "gstFlag": "xxxxxxxxxx", "msgType": "xxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/msg_gateway/create", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"type": "xxxxxxxxxx",
"channels": [
"email"
],
"protocol": "xxxxxxxxxx",
"auth": "xxxxxxxxxx",
"name": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"password": "xxxxxxxxxx",
"serviceUrl": "xxxxxxxxxx",
"senderEmail": "xxxxxxxxxx",
"port": "xxxxxxxxxx",
"smstemplateid": "xxxxxxxxxx",
"entityId": "xxxxxxxxxx",
"authTokenRequestUrl": "xxxxxxxxxx",
"authClientId": "xxxxxxxxxx",
"authClientSecret": "xxxxxxxxxx",
"authGrantType": "xxxxxxxxxx",
"authScope": "xxxxxxxxxx",
"principalEntityId": "xxxxxxxxxx",
"dltTemplateId": "xxxxxxxxxx",
"awsRegion": "xxxxxxxxxx",
"appCategory": "xxxxxxxxxx",
"gstFlag": "xxxxxxxxxx",
"msgType": "xxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/msg_gateway/create",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"type": "xxxxxxxxxx",
"channels": [
"email"
],
"protocol": "xxxxxxxxxx",
"auth": "xxxxxxxxxx",
"name": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"password": "xxxxxxxxxx",
"serviceUrl": "xxxxxxxxxx",
"senderEmail": "xxxxxxxxxx",
"port": "xxxxxxxxxx",
"smstemplateid": "xxxxxxxxxx",
"entityId": "xxxxxxxxxx",
"authTokenRequestUrl": "xxxxxxxxxx",
"authClientId": "xxxxxxxxxx",
"authClientSecret": "xxxxxxxxxx",
"authGrantType": "xxxxxxxxxx",
"authScope": "xxxxxxxxxx",
"principalEntityId": "xxxxxxxxxx",
"dltTemplateId": "xxxxxxxxxx",
"awsRegion": "xxxxxxxxxx",
"appCategory": "xxxxxxxxxx",
"gstFlag": "xxxxxxxxxx",
"msgType": "xxxxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"id": "xxxxxxxx",
"status": "xxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/msg_gateway/fetch
Get message gateway configs
Get message gateway configs.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response give list of message gateways info
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
{
"tenantId": "string",
"communityId": "string"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/msg_gateway/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/msg_gateway/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/msg_gateway/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/msg_gateway/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
[
{
"id": "xxxxxxxx",
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"type": null,
"channels": [
"email"
],
"protocol": "xxxxxxxxxx",
"auth": "true",
"name": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"password": "xxxxxxxxxx",
"serviceUrl": "xxxxxxxxxx",
"senderEmail": "xxxxxxxxxx",
"active": "xxxxxxxxxx",
"port": "xxxxxxxxxx",
"principalEntityId": "xxxxxxxxxx",
"dltTemplateId": "xxxxxxxxxx",
"awsRegion": "xxxxxxxxxx",
"appCategory": "xxxxxxxxxx",
"gstFlag": "xxxxxxxxxx",
"msgType": "xxxxxxxxxx"
}
]{
"message": "This field should not be empty"
}// no response body
// no response body
POST/msg_gateway/fetch/{id}
Get message gateway configs by id
Get message gateway configs.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response give list of message gateways info
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | id of gateway; |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
{
"tenantId": "string",
"communityId": "string"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/msg_gateway/fetch/{id}
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/msg_gateway/fetch/Do not enter anything, use 'id' fields' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/msg_gateway/fetch/Do not enter anything, use 'id' fields", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/msg_gateway/fetch/Do not enter anything, use 'id' fields",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
[
{
"id": "xxxxxxxx",
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"type": null,
"channels": [
"email"
],
"protocol": "xxxxxxxxxx",
"auth": "true",
"name": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"password": "xxxxxxxxxx",
"serviceUrl": "xxxxxxxxxx",
"senderEmail": "xxxxxxxxxx",
"active": "xxxxxxxxxx",
"port": "xxxxxxxxxx",
"principalEntityId": "xxxxxxxxxx",
"dltTemplateId": "xxxxxxxxxx",
"awsRegion": "xxxxxxxxxx",
"appCategory": "xxxxxxxxxx",
"gstFlag": "xxxxxxxxxx",
"msgType": "xxxxxxxxxx"
}
]{
"message": "This field should not be empty"
}// no response body
// no response body
POST/msg_gateway/update
Update message gateway configs
Update message gateway configs.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Response give created message gateway id and status
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
for type email:
{
"id": "required string",
"tenantId": "required string",
"communityId": "required string",
"type": "required string",
"channels": ["email"],
"protocol": "smtp",
"auth": "true",
"name": "Default Email Gateway",
"username": "required string",
"password": "required string",
"serviceUrl": "required string",
"senderEmail": "required string",
"port": "465",
"awsRegion" : "required string for aws gateway"
}for type sms:
{
"id": "required string",
"tenantId": "required string",
"communityId": "required string",
"type": "required string",
"channels": ["sms"],
"name": "Default SMS Gateway",
"username": "required string",
"password": "required string",
"serviceUrl": "required string",
"senderPhone": "required string",
"otpDelimiter": "optional string",
"timeoutValue": "optional number",
"smstemplateid": "required string"
"entityId": "required string",
"authTokenRequestUrl": "required string for Coalesce gateway",
"authClientId": "required string for Coalesce gateway",
"authClientSecret":"required string for Coalesce gateway",
"authGrantType":"required string for Coalesce gateway",
"authScope":"required string for Coalesce gateway",
"smstemplateid": "required string",
"principalEntityId": "required string for Gupshup gateway",
"dltTemplateId": "required string for Gupshup gateway",
"awsRegion" : "required string for aws gateway",
"appCategory" : "required string for sandesh gateway",
"gstFlag" : "required string for sandesh gateway",
"msgType" : "required string for sandesh gateway"
}for type voice:
{
"id": "required string",
"tenantId": "required string",
"communityId": "required string",
"type": "required string",
"channels": ["voice"],
"auth": "true",
"name": "Default Voice Gateway",
"username": "required string",
"password": "required string",
"serviceUrl": "required string",
"senderPhone": "required string",
"otpDelimiter": "optional string",
"timeoutValue": "optional number"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| id | string | — |
| tenantId | string | — |
| communityId | string | — |
| type | string | — |
| channels | array<string> | — |
| protocol | string | — |
| auth | string | — |
| name | string | — |
| username | string | — |
| password | string | — |
| serviceUrl | string | — |
| senderEmail | string | — |
| port | string | — |
| otpDelimiter | string | — |
| timeoutValue | number | — |
| smstemplateid | string | — |
| entityId | string | — |
| authTokenRequestUrl | string | — |
| authClientId | string | — |
| authClientSecret | string | — |
| authGrantType | string | — |
| authScope | string | — |
| principalEntityId | string | — |
| dltTemplateId | string | — |
| awsRegion | string | — |
| appCategory | string | — |
| gstFlag | string | — |
| msgType | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/msg_gateway/update
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/msg_gateway/update' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"id": "xxxxxxxxxx", "tenantId": "xxxxxxxxxx", "communityId": "xxxxxxxxxx", "type": "xxxxxxxxxx", "channels": ["email"], "protocol": "xxxxxxxxxx", "auth": "xxxxxxxxxx", "name": "xxxxxxxxxx", "username": "xxxxxxxxxx", "password": "xxxxxxxxxx", "serviceUrl": "xxxxxxxxxx", "senderEmail": "xxxxxxxxxx", "port": "xxxxxxxxxx", "otpDelimiter": "xxxxxxxxxx", "timeoutValue": "xxxxx", "smstemplateid": "xxxxxxxxxx", "entityId": "xxxxxxxxxx", "authTokenRequestUrl": "xxxxxxxxxx", "authClientId": "xxxxxxxxxx", "authClientSecret": "xxxxxxxxxx", "authGrantType": "xxxxxxxxxx", "authScope": "xxxxxxxxxx", "principalEntityId": "xxxxxxxxxx", "dltTemplateId": "xxxxxxxxxx", "awsRegion": "xxxxxxxxxx", "appCategory": "xxxxxxxxxx", "gstFlag": "xxxxxxxxxx", "msgType": "xxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/msg_gateway/update", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"id": "xxxxxxxxxx",
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"type": "xxxxxxxxxx",
"channels": [
"email"
],
"protocol": "xxxxxxxxxx",
"auth": "xxxxxxxxxx",
"name": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"password": "xxxxxxxxxx",
"serviceUrl": "xxxxxxxxxx",
"senderEmail": "xxxxxxxxxx",
"port": "xxxxxxxxxx",
"otpDelimiter": "xxxxxxxxxx",
"timeoutValue": "xxxxx",
"smstemplateid": "xxxxxxxxxx",
"entityId": "xxxxxxxxxx",
"authTokenRequestUrl": "xxxxxxxxxx",
"authClientId": "xxxxxxxxxx",
"authClientSecret": "xxxxxxxxxx",
"authGrantType": "xxxxxxxxxx",
"authScope": "xxxxxxxxxx",
"principalEntityId": "xxxxxxxxxx",
"dltTemplateId": "xxxxxxxxxx",
"awsRegion": "xxxxxxxxxx",
"appCategory": "xxxxxxxxxx",
"gstFlag": "xxxxxxxxxx",
"msgType": "xxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/msg_gateway/update",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"id": "xxxxxxxxxx",
"tenantId": "xxxxxxxxxx",
"communityId": "xxxxxxxxxx",
"type": "xxxxxxxxxx",
"channels": [
"email"
],
"protocol": "xxxxxxxxxx",
"auth": "xxxxxxxxxx",
"name": "xxxxxxxxxx",
"username": "xxxxxxxxxx",
"password": "xxxxxxxxxx",
"serviceUrl": "xxxxxxxxxx",
"senderEmail": "xxxxxxxxxx",
"port": "xxxxxxxxxx",
"otpDelimiter": "xxxxxxxxxx",
"timeoutValue": "xxxxx",
"smstemplateid": "xxxxxxxxxx",
"entityId": "xxxxxxxxxx",
"authTokenRequestUrl": "xxxxxxxxxx",
"authClientId": "xxxxxxxxxx",
"authClientSecret": "xxxxxxxxxx",
"authGrantType": "xxxxxxxxxx",
"authScope": "xxxxxxxxxx",
"principalEntityId": "xxxxxxxxxx",
"dltTemplateId": "xxxxxxxxxx",
"awsRegion": "xxxxxxxxxx",
"appCategory": "xxxxxxxxxx",
"gstFlag": "xxxxxxxxxx",
"msgType": "xxxxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"id": "xxxxxxxx",
"status": "xxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
DELETE/msg_gateway
Delete message gateway configs
Delete message gateway configs.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
204 No Content
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
{
"tenantId": "required string",
"communityId": "required string",
"gatewayId": "required string"
}IMPORTANT - you can send unencrypted data, it is only available in Swagger
| Field | Type | Description |
|---|---|---|
| communityId | string | — |
| tenantId | string | — |
| gatewayId | string | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/msg_gateway
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/msg_gateway' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"communityId": "xxxxxxxx", "tenantId": "xxxxxxxx", "gatewayId": "xxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/msg_gateway", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"communityId": "xxxxxxxx",
"tenantId": "xxxxxxxx",
"gatewayId": "xxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/msg_gateway",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"communityId": "xxxxxxxx",
"tenantId": "xxxxxxxx",
"gatewayId": "xxxxxxxx"
},
)
print(res.json())RESPONSE
204
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
// no response body
{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Self Registration
Self Registration endpoints.
POST/register/phoneverify/session/{sessionId}/poll
/register/phoneverify/session/{sessionId}/poll
Poll for phone verification session during registration.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
phoneToken (required)
phoneToken : string
Returns
Returns new phone token needed for completing registration
Path parameters
| Name | Type | Description |
|---|---|---|
| sessionIdrequired | string | sessionId of created session |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| phoneToken | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/register/phoneverify/session/{sessionId}/poll
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/register/phoneverify/session/xxxxxxx/poll' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"phoneToken": "xxxxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/register/phoneverify/session/xxxxxxx/poll", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"phoneToken": "xxxxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/register/phoneverify/session/xxxxxxx/poll",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"phoneToken": "xxxxxxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
404
500
Success
Invalid request
Unauthorized
Not Found
Internal Server Error
{
"newPhoneToken": "xxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
POST/register/verifyemail
/register/verifyemail
Verify email by uuid code.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
code (required)
code : string
Returns
User email.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| code | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/register/verifyemail
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/register/verifyemail' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "code": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/register/verifyemail", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"code": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/register/verifyemail",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"tenantId": "string",
"communityId": "string",
"code": "string"
},
)
print(res.json())RESPONSE
200
400
401
404
410
429
500
Success
Invalid request
Unauthorized
Not Found
Gone
Too Many Requests
Internal Server Error
{
"email": "string"
}// no response body
// no response body
// no response body
// no response body
// no response body
// no response body
PUT/register/phoneverify/session/create
/register/phoneverify/session/create
Create phone verification session during registration.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
tenantTag (required)
tenantTag : string
communityName (required)
communityName : string
communityPublicKey (required)
communityPublicKey : string
phoneNumber (required)
phoneNumber : string
Returns
Returns object with sessionId, sessionUrl, serviceEnv, smsServiceNumber, smsTemplateB64 and phoneToken needed for registering phone number
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| tenantTag | string | — |
| communityName | string | — |
| communityPublicKey | string | — |
| phoneNumber | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/register/phoneverify/session/create
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/register/phoneverify/session/create' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxx", "communityId": "xxxxxxxxxxxx", "tenantTag": "xxxxxxxxxxxx", "communityName": "xxxxxxxxxxxx", "communityPublicKey": "xxxxxxxxxxxx", "phoneNumber": "xxxxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/register/phoneverify/session/create", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxx",
"tenantTag": "xxxxxxxxxxxx",
"communityName": "xxxxxxxxxxxx",
"communityPublicKey": "xxxxxxxxxxxx",
"phoneNumber": "xxxxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/register/phoneverify/session/create",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"tenantId": "xxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxx",
"tenantTag": "xxxxxxxxxxxx",
"communityName": "xxxxxxxxxxxx",
"communityPublicKey": "xxxxxxxxxxxx",
"phoneNumber": "xxxxxxxxxxxx"
},
)
print(res.json())RESPONSE
201
400
401
500
Successfully created
Invalid request
Unauthorized
Internal Server Error
{
"sessionId": "xxxxxxxxxxxx",
"sessionUrl": "xxxxxxxxxxxx",
"serviceEnv": "xxxxxxxxxxxx",
"smsServiceNumber": "xxxxxxxxxxxx",
"smsTemplateB64": "xxxxxxxxxxxx",
"phoneToken": "xxxxxxxxxxxx"
}// no response body
// no response body
// no response body
PUT/register/sendverify
/register/sendverify
Send account creation verification magic link.
<b>:: Notes for website ::</b>
+ Default request body is {data: ecdsa_string}
+ This API can accept any query params which will be passed to template
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
email (required)
email : string
tenantId (required)
tenantId : string
communityId (required)
communityId : string
captchaToken (required)
captchaToken : string
Returns
Send account creation verification magic link via email.
This API throw an error if something goes wrong.
Query parameters
| Name | Type | Description |
|---|---|---|
| SAMLRequest | string | SAML SAMLRequest |
| RelayState | string | SAML RelayState |
| SigAlg | string | SAML SigAlg |
| Signature | string | SAML Signature |
| ForceAuthn | string | SAML ForceAuthn |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| string | — | |
| tenantId | string | — |
| communityId | string | — |
| captchaToken | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/register/sendverify
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/register/sendverify?SAMLRequest=<SAMLRequest>&RelayState=<RelayState>&SigAlg=<SigAlg>&Signature=<Signature>&ForceAuthn=<ForceAuthn>' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"email": "string", "tenantId": "string", "communityId": "string", "captchaToken": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/register/sendverify?SAMLRequest=<SAMLRequest>&RelayState=<RelayState>&SigAlg=<SigAlg>&Signature=<Signature>&ForceAuthn=<ForceAuthn>", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"email": "string",
"tenantId": "string",
"communityId": "string",
"captchaToken": "string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/register/sendverify?SAMLRequest=<SAMLRequest>&RelayState=<RelayState>&SigAlg=<SigAlg>&Signature=<Signature>&ForceAuthn=<ForceAuthn>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"email": "string",
"tenantId": "string",
"communityId": "string",
"captchaToken": "string"
},
)
print(res.json())RESPONSE
200
400
401
409
500
Success
Invalid request
Unauthorized
Conflict
Internal Server Error
{
"code": 200,
"message": "Ok"
}// no response body
// no response body
// no response body
// no response body
PUT/register/user
/register/user
Register user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
firstname (required)
firstname : string
lastname (required)
lastname : string
email (required)
email : string
password (required)
password : string
code (required)
code : string
captchaToken (required)
captchaToken : string
phoneNumber (required)
phoneNumber : string
phoneToken (required)
phoneToken : string
Returns
User object and pon data and jwt.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
| firstname | string | — |
| lastname | string | — |
| string | — | |
| phoneNumber | string | — |
| phoneToken | string | — |
| password | string | — |
| code | string | — |
| captchaToken | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/register/user
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/register/user' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "moduleId": "string", "firstname": "string", "lastname": "string", "email": "string", "phoneNumber": "string", "phoneToken": "string", "password": "string", "code": "string", "captchaToken": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/register/user", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"moduleId": "string",
"firstname": "string",
"lastname": "string",
"email": "string",
"phoneNumber": "string",
"phoneToken": "string",
"password": "string",
"code": "string",
"captchaToken": "string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/register/user",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"tenantId": "string",
"communityId": "string",
"moduleId": "string",
"firstname": "string",
"lastname": "string",
"email": "string",
"phoneNumber": "string",
"phoneToken": "string",
"password": "string",
"code": "string",
"captchaToken": "string"
},
)
print(res.json())RESPONSE
200
400
401
404
410
429
500
Success
Invalid request
Unauthorized
Not Found
Gone
Too Many Requests
Internal Server Error
{
"user": "object",
"pon_data": "object",
"jwt_token": "string"
}// no response body
// no response body
// no response body
// no response body
// no response body
// no response body
Admin API
Authentication Journey
Authentication Journey endpoints.
POST/authenticationJourney/fetch
Fetch AuthenticationJourney
Fetch AuthenticationJourney
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing identity provider
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Must contain all fields to create a valid AuthenticationJourney IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| ids | array<string> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/authenticationJourney/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/authenticationJourney/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "tenantId", "communityId": "communityId", "ids": ["xxxxxxxx"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authenticationJourney/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "tenantId",
"communityId": "communityId",
"ids": [
"xxxxxxxx"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/authenticationJourney/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "tenantId",
"communityId": "communityId",
"ids": [
"xxxxxxxx"
]
},
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
{
"id": "uuid",
"tenantId": "tenantId",
"communityId": "communityId",
"journeyName": "journeyName",
"enabled": true,
"groups": {
"value": [
"groups"
],
"operator": "overlap"
},
"deviceId": {
"value": [
"deviceId"
],
"operator": "overlap"
},
"application": {
"value": [
"Salesforce"
],
"operator": "in"
},
"username": {
"value": [
"username"
],
"operator": "in"
},
"ip": {
"value": [
"10.10.10.10"
],
"operator": "in_range"
},
"domain": "1k-dev.com",
"decision": {
"action": "mfa_required",
"authenticationMethods": [
"password_and_otp"
]
}
}{
"message": "This field should not be empty"
}// no response body
PUT/authenticationJourney
Create AuthenticationJourney
Create AuthenticationJourney
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing identity provider
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
PUThttps://pilot-root.1kosmos.net/adminapi/authenticationJourney
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/authenticationJourney' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'Content-Type: application/json' \ -d '"string"'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authenticationJourney", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify("string")
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/authenticationJourney",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json="string",
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
"string"
{
"message": "This field should not be empty"
}// no response body
PATCH/authenticationJourney/{id}
Update AuthenticationJourney
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | Mongo objectId of authenticationJourney to update |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
PATCHhttps://pilot-root.1kosmos.net/adminapi/authenticationJourney/{id}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/authenticationJourney/xxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'Content-Type: application/json' \ -d '"string"'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authenticationJourney/xxxxxxxxx", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify("string")
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/authenticationJourney/xxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json="string",
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
"string"
{
"message": "This field should not be empty"
}// no response body
DELETE/authenticationJourney/{id}
Delete AuthenticationJourney
Delete AuthenticationJourney.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Nothing to return
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | Mongo objectId of identity provider to delete |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
tenantId: xxxxxx,
communityId: xxxxxx
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/authenticationJourney/{id}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/authenticationJourney/xxxxxxxxx' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxx", "communityId": "xxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authenticationJourney/xxxxxxxxx", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxx",
"communityId": "xxxxx"
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/authenticationJourney/xxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxx",
"communityId": "xxxxx"
},
)
print(res.json())RESPONSE
204
400
401
SUCCESS
No Content
Validation data error
Unauthorized
// no response body
{
"message": "This field should not be empty"
}// no response body
Admin API
Authentication Journey V 2
Authentication Journey V 2 endpoints.
POST/v2/authenticationJourney/fetch
Fetch AuthenticationJourney
Fetch AuthenticationJourney
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing identity provider
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Must contain all fields to create a valid AuthenticationJourney IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| ids | array<string> | — |
| requestingAppId | string | — |
| category | string | Optional filter to fetch journeys by category |
POSThttps://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "tenantId", "communityId": "communityId", "ids": ["xxxxxxxx"], "requestingAppId": "linux_cp", "category": "adaptive_auth_fallback_policy_v2"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "tenantId",
"communityId": "communityId",
"ids": [
"xxxxxxxx"
],
"requestingAppId": "linux_cp",
"category": "adaptive_auth_fallback_policy_v2"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "tenantId",
"communityId": "communityId",
"ids": [
"xxxxxxxx"
],
"requestingAppId": "linux_cp",
"category": "adaptive_auth_fallback_policy_v2"
},
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
[
{
"name": "auth-journey-1",
"enabled": true,
"category": "adaptive_auth_fallback_policy_v2",
"groups": {
"value": [
"group a",
"group b"
],
"operator": "overlap"
},
"requestingAppId": {
"value": "linux_cp",
"operator": "eq"
},
"usernames": {
"value": [
"username_1",
"username_2"
],
"operator": "in"
},
"decision": {
"action": "mfa_required",
"authenticationMethods": [
"password_and_otp",
"helpdesk_otp"
]
}
}
]{
"message": "This field should not be empty"
}// no response body
PUT/v2/authenticationJourney
Create V2 Authentication Journey
Create V2 Authentication Journey
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing identity provider
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
PUThttps://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'Content-Type: application/json' \ -d '"string"'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify("string")
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json="string",
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
"string"
{
"message": "This field should not be empty"
}// no response body
PATCH/v2/authenticationJourney/{id}
Update V2 Authentication Journey
Update V2 Authentication Journey
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing identity provider
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | Mongo objectId of linux authenticationJourney to update |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
PATCHhttps://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/{id}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/xxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'Content-Type: application/json' \ -d '"string"'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/xxxxxxxxx", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify("string")
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/xxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json="string",
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
"string"
{
"message": "This field should not be empty"
}// no response body
DELETE/v2/authenticationJourney/{id}
Delete AuthenticationJourney
Delete AuthenticationJourney.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Nothing to return
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | Mongo objectId of identity provider to delete |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
tenantId: xxxxxx,
communityId: xxxxxx
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/{id}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/xxxxxxxxx' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxx", "communityId": "xxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/xxxxxxxxx", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxx",
"communityId": "xxxxx"
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/v2/authenticationJourney/xxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxx",
"communityId": "xxxxx"
},
)
print(res.json())RESPONSE
204
400
401
SUCCESS
No Content
Validation data error
Unauthorized
// no response body
{
"message": "This field should not be empty"
}// no response body
Admin API
Behavior Auth
Behavior authentication (typing biometrics) management
POST/behavior_auth/random_phrase/fetch
Fetch random phrase
Fetch a random phrase for behavior auth enrollment.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns a random phrase and a user_token for enrollment.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/behavior_auth/random_phrase/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/behavior_auth/random_phrase/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/behavior_auth/random_phrase/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/behavior_auth/random_phrase/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={},
)
print(res.json())RESPONSE
200
401
404
500
Success
Unauthorized
No active phrases found
Internal Server Error
{
"data": {
"phrase": "string",
"user_token": "string"
}
}// no response body
// no response body
// no response body
POST/behavior_auth/register
Register behavior auth pattern
Register a typing pattern for behavior auth.
Multiple registration attempts are required (configurable, default 5).
Each call returns a next_step indicating whether more attempts are needed.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns next_step, user_token, and typing_data.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| phrase | string | — |
| pattern | string | — |
| user_token | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/behavior_auth/register
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/behavior_auth/register' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"phrase": "string", "pattern": "string", "user_token": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/behavior_auth/register", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"phrase": "string",
"pattern": "string",
"user_token": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/behavior_auth/register",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"phrase": "string",
"pattern": "string",
"user_token": "string"
},
)
print(res.json())RESPONSE
200
401
405
500
Success
Unauthorized
Typing phrase already enrolled
Internal Server Error
{
"data": {
"next_step": "string",
"user_token": "string",
"typing_data": {}
}
}// no response body
// no response body
// no response body
POST/behavior_auth/validate
Validate behavior auth pattern
Validate a typing pattern for behavior auth login.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns user details and a proof_of_authentication_jwt with methods: ["behavior_auth"].
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| pattern | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/behavior_auth/validate
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/behavior_auth/validate' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"pattern": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/behavior_auth/validate", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"pattern": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/behavior_auth/validate",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"pattern": "string"
},
)
print(res.json())RESPONSE
200
401
423
500
Success
Unauthorized
User is locked
Internal Server Error
{
"data": {
"username": "string",
"proof_of_authentication_jwt": "string",
"typing_data": {}
}
}// no response body
// no response body
// no response body
DELETE/behavior_auth/deregister
Deregister behavior auth pattern
Deregister the typing pattern for behavior auth.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns a confirmation message on successful deregistration.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| data | string | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/behavior_auth/deregister
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/behavior_auth/deregister' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"data": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/behavior_auth/deregister", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"data": "string"
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/behavior_auth/deregister",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"data": "string"
},
)
print(res.json())RESPONSE
200
401
404
500
Success
Unauthorized
Not Found
Internal Server Error
{
"data": {
"message": "string"
}
}// no response body
// no response body
// no response body
Admin API
Broker
Broker endpoints.
POST/broker/fetch
Fetch broker connections
Fetch broker connections.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
Returns
Returns broker connections.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/broker/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/broker/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "tenantId", "communityId": "communityId", "moduleId": "moduleId"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/broker/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "tenantId",
"communityId": "communityId",
"moduleId": "moduleId"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/broker/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "tenantId",
"communityId": "communityId",
"moduleId": "moduleId"
},
)
print(res.json())RESPONSE
200
400
401
404
500
Success
Invalid Request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
PATCH/broker/changestatus
Change status of broker connection
Change status of broker connection.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
Returns
Returns updated broker connection.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
| uid | string | — |
| enabled | string | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/broker/changestatus
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/broker/changestatus' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "tenantId", "communityId": "communityId", "moduleId": "moduleId", "uid": "xxx", "enabled": "true/false"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/broker/changestatus", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "tenantId",
"communityId": "communityId",
"moduleId": "moduleId",
"uid": "xxx",
"enabled": "true/false"
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/broker/changestatus",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "tenantId",
"communityId": "communityId",
"moduleId": "moduleId",
"uid": "xxx",
"enabled": "true/false"
},
)
print(res.json())RESPONSE
200
400
401
404
500
Success
Invalid Request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
PATCH/broker/update
Update broker connection (only name is allowed to be updated by this api)
Update broker connection.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
Returns
Returns updated broker connection.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
| uid | string | — |
| name | string | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/broker/update
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/broker/update' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "tenantId", "communityId": "communityId", "moduleId": "moduleId", "uid": "xxx", "name": "xxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/broker/update", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "tenantId",
"communityId": "communityId",
"moduleId": "moduleId",
"uid": "xxx",
"name": "xxx"
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/broker/update",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "tenantId",
"communityId": "communityId",
"moduleId": "moduleId",
"uid": "xxx",
"name": "xxx"
},
)
print(res.json())RESPONSE
200
400
401
404
500
Success
Invalid Request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
DELETE/broker/{uid}
Delete broker connection
Delete broker connection.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
Path parameters
| Name | Type | Description |
|---|---|---|
| uidrequired | string | Broker connection uid |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/broker/{uid}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/broker/<uid>' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "tenantId", "communityId": "communityId", "moduleId": "moduleId"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/broker/<uid>", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "tenantId",
"communityId": "communityId",
"moduleId": "moduleId"
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/broker/<uid>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "tenantId",
"communityId": "communityId",
"moduleId": "moduleId"
},
)
print(res.json())RESPONSE
204
400
401
404
500
Success
Invalid Request
Unauthorized
Not Found
Internal Server Error
// no response body
// no response body
// no response body
// no response body
// no response body
Admin API
External Idp
External Idp endpoints.
POST/external_idp/fetch
fetch ExternalIdp
fetch ExternalIdp
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing identity provider
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Must contain all fields to create a valid ExternalIdp IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| ids | array<object> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/external_idp/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/external_idp/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxx", "communityId": "xxxxx", "ids": ["xxxxxxx"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/external_idp/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxx",
"communityId": "xxxxx",
"ids": [
"xxxxxxx"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/external_idp/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxx",
"communityId": "xxxxx",
"ids": [
"xxxxxxx"
]
},
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
"string"
{
"message": "This field should not be empty"
}// no response body
PUT/external_idp
Create ExternalIdp
Create ExternalIdp
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing identity provider
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
PUThttps://pilot-root.1kosmos.net/adminapi/external_idp
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/external_idp' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'Content-Type: application/json' \ -d '"string"'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/external_idp", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify("string")
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/external_idp",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json="string",
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
"string"
{
"message": "This field should not be empty"
}// no response body
PATCH/external_idp/{id}
Update ExternalIdp
Update ExternalIdp
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing identity provider
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | Mongo objectId of external idp to update |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
PATCHhttps://pilot-root.1kosmos.net/adminapi/external_idp/{id}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/external_idp/xxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'Content-Type: application/json' \ -d '"string"'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/external_idp/xxxxxxxxx", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify("string")
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/external_idp/xxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json="string",
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
"string"
{
"message": "This field should not be empty"
}// no response body
DELETE/external_idp/{id}
Delete External idp
Delete External idp.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Nothing to return
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | Mongo objectId of External idp to delete |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
tenantId: xxxxxx,
communityId: xxxxxx
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/external_idp/{id}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/external_idp/xxxxxxxxx' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxx", "communityId": "xxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/external_idp/xxxxxxxxx", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxx",
"communityId": "xxxxx"
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/external_idp/xxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxx",
"communityId": "xxxxx"
},
)
print(res.json())RESPONSE
204
400
401
SUCCESS
No Content
Validation data error
Unauthorized
// no response body
{
"message": "This field should not be empty"
}// no response body
Admin API
Identity Providers
Identity Providers endpoints.
POST/idp/fetch
Fetch Identity Providers
Fetch Identity Providers.
This endpoint must be accessed by an administrator.
If identity provider for this tenant/community doesn't exist, then default one is created and returned here. <b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing identity providers' array
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
tenantId: xxxxxx,
communityId: xxxxxx,
id: xxxxxx,
type: xxxxxx,
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| id | string | — |
| type | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/idp/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/idp/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxx", "communityId": "xxxxx", "id": "mongoId", "type": "oidc"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/idp/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxx",
"communityId": "xxxxx",
"id": "mongoId",
"type": "oidc"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/idp/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxx",
"communityId": "xxxxx",
"id": "mongoId",
"type": "oidc"
},
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
[ "string" ]
{
"message": "This field should not be empty"
}// no response body
PUT/idp
Create Identity Provider
Create Identity Provider.
This endpoint must be accessed by an administrator.
Only one type of config can be created for one community. You can't create two configs with type="oidc" for one community. <b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing identity provider
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
PUThttps://pilot-root.1kosmos.net/adminapi/idp
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/idp' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'Content-Type: application/json' \ -d '"string"'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/idp", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify("string")
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/idp",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json="string",
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
"string"
{
"message": "This field should not be empty"
}// no response body
PATCH/idp/{id}
Update Identity Provider
Update Identity Provider.
This endpoint must be accessed by an administrator.
Only one type of config can exist for one community. You can't have two configs with type="oidc" for one community. <b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing updated identity provider
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | Mongo objectId of identity provider to update |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
PATCHhttps://pilot-root.1kosmos.net/adminapi/idp/{id}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/idp/xxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'Content-Type: application/json' \ -d '"string"'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/idp/xxxxxxxxx", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify("string")
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/idp/xxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json="string",
)
print(res.json())RESPONSE
200
400
401
SUCCESS
IMPORTANT - Unencrypted response is only available in Swagger
In real application, you will get data as follow:
```
{
"data": "<ecdsa_encrypted_response>",
"publicKey": "<adminapi_public_key>"
}
```
Validation data error
Unauthorized
"string"
{
"message": "This field should not be empty"
}// no response body
DELETE/idp/{id}
Delete Identity Provider
Delete Identity Provider.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Nothing to return
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | Mongo objectId of identity provider to delete |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
tenantId: xxxxxx,
communityId: xxxxxx
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/idp/{id}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/idp/xxxxxxxxx' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxx", "communityId": "xxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/idp/xxxxxxxxx", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxx",
"communityId": "xxxxx"
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/idp/xxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxx",
"communityId": "xxxxx"
},
)
print(res.json())RESPONSE
204
400
401
SUCCESS
No Content
Validation data error
Unauthorized
// no response body
{
"message": "This field should not be empty"
}// no response body
Admin API
User Attributes
User Attributes endpoints.
GET/attributes
Fetch User Attributes
Fetch User Attributes.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Query
moduleId (required)
ObjectID - id of module to fetch attributes from
Returns
Returns encrypted array of user attributes objects
Query parameters
| Name | Type | Description |
|---|---|---|
| moduleIdrequired | string | ObjectID - id of module to fetch attributes from |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/attributes
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/attributes?moduleId=<moduleId>' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/attributes?moduleId=<moduleId>", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/attributes?moduleId=<moduleId>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
404
Success
publicKey is publicKey of Users Mgmt API, useful for decryption response
data is ECDSA encrypted object represents array of user attributes:
```
[
{
"_id": "ObjectId",
"name": "name",
"attribute": "attribute",
"moduleId": "ObjectId"
}
]
```
Validation data error
Unauthorized
No attributes found
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/attributes
Create User Attributes
Create User Attributes.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns encrypted object represents creation result
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
"moduleId": "xxx",
"attributes": [
{
"name": "xxx",
"attribute": "xxx"
}
]
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| moduleId | string | — |
| attributes | array<object> | — |
PUThttps://pilot-root.1kosmos.net/adminapi/attributes
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/attributes' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"moduleId": "xxx", "attributes": [{"name": "xxx", "attribute": "xxx"}]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/attributes", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"moduleId": "xxx",
"attributes": [
{
"name": "xxx",
"attribute": "xxx"
}
]
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/attributes",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"moduleId": "xxx",
"attributes": [
{
"name": "xxx",
"attribute": "xxx"
}
]
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of Users Mgmt API, useful for decryption response
data is ECDSA encrypted object represents creation result:
```
{
"created": [
{
"_id": "ObjectId",
"name": "name",
"attribute": "attribute",
"moduleId": "ObjectId"
}
],
"errors": []
}
```
Validation data error
Unauthorized
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
PATCH/attributes/{attributeId}
Update User Attribute
Update User Attribute.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Params
attributeId (required)
ObjectID - id of user attribute to update
Returns
Returns encrypted object represents updated user attribute
Path parameters
| Name | Type | Description |
|---|---|---|
| attributeIdrequired | string | ObjectID - id of user attribute to update |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
"name": "xxx",
"attribute": "xxx"
"moduleId": "xxxxxxxxxxxxxxxxxxxxx"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| name | string | — |
| attribute | string | — |
| moduleId | string | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/attributes/{attributeId}
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/attributes/<attributeId>' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"name": "xxx", "attribute": "xxx", "moduleId": "xxxxxxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/attributes/<attributeId>", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"name": "xxx",
"attribute": "xxx",
"moduleId": "xxxxxxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/attributes/<attributeId>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"name": "xxx",
"attribute": "xxx",
"moduleId": "xxxxxxxxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
404
Success
publicKey is publicKey of Users Mgmt API, useful for decryption response
data is ECDSA encrypted object represents updated user atrribute:
```
{
"_id": "ObjectId",
"name": "name",
"attribute": "attribute",
"moduleId": "ObjectId"
}
```
Validation data error
Unauthorized
No attribute found
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
DELETE/attributes/{attributeId}
Delete User Attribute
Update User Attribute.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Params
attributeId (required)
ObjectID - id of user attribute to delete
Returns
204 No Content
Path parameters
| Name | Type | Description |
|---|---|---|
| attributeIdrequired | string | ObjectID - id of user attribute to delete |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
"moduleId": "xxxxxxxxxxxxxxxxxxxxx"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| moduleId | string | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/attributes/{attributeId}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/attributes/<attributeId>' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"moduleId": "xxxxxxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/attributes/<attributeId>", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"moduleId": "xxxxxxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/attributes/<attributeId>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"moduleId": "xxxxxxxxxxxxxx"
},
)
print(res.json())RESPONSE
204
400
401
404
Success
Validation path error
Unauthorized
No attribute found
// no response body
{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Auth Proxy
Auth Proxy endpoints.
POST/authproxy/fetch
Fetch AuthProxy config
Fetch AuthProxy endpoint fetch the authproxy config form the instance caas by tenant and community id.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
ids (optional)
ids : array
Returns
Returns authProxy configurations.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| ids | array<string> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/authproxy/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/authproxy/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxx", "communityId": "xxxxxx", "ids": ["xxxxx"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authproxy/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxx",
"communityId": "xxxxxx",
"ids": [
"xxxxx"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/authproxy/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxx",
"communityId": "xxxxxx",
"ids": [
"xxxxx"
]
},
)
print(res.json())RESPONSE
200
400
401
404
500
Success
Invalid Request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
PUT/authproxy/config/{id}
Set AuthProxy Config
Set AuthProxy endpoint set the authproxy config on instance caas
This endpoint must be accessed without login.
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Request Body
### name (required) name : string
### authScheme (required) authScheme : array
### pushKeyword (required) pushKeyword : string
### ivrKeyword (optional) ivrKeyword : string
### isDefaultAuthMethodEnable (optional) isDefaultAuthMethodEnable : boolean (default: false)
### defaultAuthMethod (optional) defaultAuthMethod : string (push or ivr) - only saved when isDefaultAuthMethodEnable is true
Returns
Returns object with configured authProxy
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | uid for creating configuration; |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
PUThttps://pilot-root.1kosmos.net/adminapi/authproxy/config/{id}
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/authproxy/config/xxxxxxxxxxx' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authproxy/config/xxxxxxxxxxx", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/authproxy/config/xxxxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"name": "string",
"authScheme": "array",
"pushKeyword": "string",
"ivrKeyword": "string",
"isDefaultAuthMethodEnable": "boolean",
"defaultAuthMethod": "string"
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{}{
"message": "This field should not be empty"
}// no response body
// no response body
DELETE/authproxy/config/{id}
Delete authproxy config
Delete authproxy config from the instance caas.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
Returns
Returns 204 status code on success.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| idrequired | string | uid for creating configuration; |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
DELETEhttps://pilot-root.1kosmos.net/adminapi/authproxy/config/{id}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/authproxy/config/xxxxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authproxy/config/xxxxxxxxxxx", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/authproxy/config/xxxxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
204
400
401
404
500
Success
Invalid Request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
Admin API
Authz
Authz endpoints.
GET/authz/role/fetch
Fetch All Roles
Get all available roles for community.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/authz/role/fetch
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/authz/role/fetch' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authz/role/fetch", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/authz/role/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
[ "role1", "role2", "role3" ]
{
"message": "This field should not be empty"
}// no response body
// no response body
GET/authz/role/fetch/{roleName}
Fetch One Role
Get a role object with given roleId.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Path parameters
| Name | Type | Description |
|---|---|---|
| roleNamerequired | string | Role Name (string) |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/authz/role/fetch/{roleName}
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/authz/role/fetch/xxxxxxxxxx' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authz/role/fetch/xxxxxxxxxx", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/authz/role/fetch/xxxxxxxxxx",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"id": "xxxxxxxxxxx",
"name": "xxxxxxxxxxxxxxxx",
"description": "xxxxx",
"createdBy": "xxxxxxxxx",
"permissions": [],
"tenantId": "xxxxxxxxxxx",
"communityId": "xxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
POST/authz/authorization/fetch
Authorizations by userId
Get authorizations for user. Only for admins
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request Authorizations for given userId:
{
"objectType": "string, required", // "user"
"objectId": "string, required", // userUid
"subjectType": "string, required", // "community"
"subjectId": "objectId, required" // communityId
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| objectType | string | — |
| objectId | string | — |
| subjectType | string | — |
| subjectId | objectId | — |
POSThttps://pilot-root.1kosmos.net/adminapi/authz/authorization/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/authz/authorization/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"objectType": "user", "objectId": "xxxxxxxxxxxxxxxx", "subjectType": "community", "subjectId": "xxxxxxxxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authz/authorization/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"objectType": "user",
"objectId": "xxxxxxxxxxxxxxxx",
"subjectType": "community",
"subjectId": "xxxxxxxxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/authz/authorization/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"objectType": "user",
"objectId": "xxxxxxxxxxxxxxxx",
"subjectType": "community",
"subjectId": "xxxxxxxxxxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
[
{
"id": "id",
"subjectType": "community",
"subjectId": "communityId",
"objectType": "objectType",
"objectId": "objectId",
"role": {
"name": "name",
"createdBy": "createdBy",
"description": "description",
"permissions": [
"p1",
"p2"
]
}
}
]{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Consent
Consent endpoints.
GET/config/consents/ipfs/{ipfsHash}
Get historical consent by IPFS hash
Retrieve a historical consent document by its IPFS hash.
This endpoint must be accessed by an administrator (tenant_admin or community_admin).
AdminAPI proxies this request to CaaS, which fetches the document from IPFS.
<b>:: Note for website ::</b>
+ Response is ECDSA encrypted in production
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing the historical consent document stored in IPFS
Path parameters
| Name | Type | Description |
|---|---|---|
| ipfsHashrequired | string | The IPFS content hash (CID) of the consent document |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/config/consents/ipfs/{ipfsHash}
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/config/consents/ipfs/<ipfsHash>' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/consents/ipfs/<ipfsHash>", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/config/consents/ipfs/<ipfsHash>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
403
404
500
Success
publicKey is publicKey of AdminAPI, useful for decryption response
data is ECDSA encrypted object containing the historical consent document
Validation data error (e.g. missing or empty ipfsHash)
Unauthorized
Forbidden - insufficient permissions (requires tenant_admin or community_admin)
Consent document not found for the given IPFS hash
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
// no response body
// no response body
GET/config/consents/{type}
Get consent configuration by type
Get the current consent configuration for the specified type.
This endpoint must be accessed by an administrator (tenant_admin or community_admin).
AdminAPI proxies this request to CaaS, which owns the consent data.
Supported types: biometric (more types can be added to CONSENT_TYPES).
<b>:: Note for website ::</b>
+ Response is ECDSA encrypted in production
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing the consent configuration for the given type
Path parameters
| Name | Type | Description |
|---|---|---|
| typerequired | string | The consent type |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/config/consents/{type}
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/config/consents/<type>' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/consents/<type>", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/config/consents/<type>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
403
500
Success
publicKey is publicKey of AdminAPI, useful for decryption response
data is ECDSA encrypted object containing the consent configuration:
```
{
"type": "string (e.g. biometric)",
"isEnabled": "boolean",
"title": "string",
"subtitle": "string",
"body": "string (base64 encoded)",
"acknowledgeText": "string",
"ipfsHash": "string (current IPFS hash)",
"history": [
{
"ipfsHash": "string",
"updatedAt": "string"
}
]
}
```
Validation data error (e.g. invalid type value)
Unauthorized
Forbidden - insufficient permissions (requires tenant_admin or community_admin)
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
// no response body
PUT/config/consents
Create or update consent configuration
Create or update consent configuration for the community.
This endpoint must be accessed by an administrator (tenant_admin or community_admin).
AdminAPI validates the request and proxies to CaaS, which handles IPFS storage and hash computation.
The type field determines which consent is being updated.
When isEnabled is true, title, body, and acknowledgeText are required.
When isEnabled is false, content fields are optional (can be empty strings).
The body field must be base64 encoded when isEnabled is true.
Audit events are fired by CaaS conditionally based on type (currently only biometric fires E_BIOMETRIC_CONSENT_UPDATED events). The event includes admin user's IP address and user-agent (from eventData), consent document ID (ipfsHash), and a list of actions describing what changed (e.g. enabled, disabled, changed_title, changed_subtitle, changed_body, changed_acknowledge_text).
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing the updated consent configuration
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unencrypted data as well, it is only a preview available in Swagger
{
type: "string required - consent type (e.g. 'biometric')",
isEnabled: "boolean required (strict) - enable or disable the consent",
title: "string required when isEnabled=true, optional otherwise",
body: "string required when isEnabled=true (must be base64 encoded), optional otherwise",
subtitle: "string optional",
acknowledgeText: "string required when isEnabled=true, optional otherwise"
}| Field | Type | Description |
|---|---|---|
| datarequired | string | ECDSA encrypted JSON string containing the consent data (see UpdateConsentPayload for decrypted shape). In Swagger preview mode, send the unencrypted object directly. |
PUThttps://pilot-root.1kosmos.net/adminapi/config/consents
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/consents' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"data": "ecdsa_encrypted_string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/consents", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"data": "ecdsa_encrypted_string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/consents",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"data": "ecdsa_encrypted_string"
},
)
print(res.json())RESPONSE
200
400
401
403
500
Success
publicKey is publicKey of AdminAPI, useful for decryption response
data is ECDSA encrypted object containing the updated consent configuration
Validation data error (e.g. missing required fields, invalid type, body not base64 when isEnabled=true)
Unauthorized
Forbidden - insufficient permissions (requires tenant_admin or community_admin)
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
// no response body
Admin API
Radius
Radius endpoints.
POST/radius/fetch
Fetch radius configurations
Fetch radius configurations.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
Returns
Returns radius configurations.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| ids | array<string> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/radius/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/radius/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "tenantId", "communityId": "communityId", "ids": ["ids"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/radius/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "tenantId",
"communityId": "communityId",
"ids": [
"ids"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/radius/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "tenantId",
"communityId": "communityId",
"ids": [
"ids"
]
},
)
print(res.json())RESPONSE
200
400
401
404
500
Success
Invalid Request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
PUT/radius/config/{uid}
Set radius configuration
Set radius configuration.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
name (required)
name : string
authScheme (required)
authScheme : array
pushKeyword (required)
pushKeyword : string
Returns
Returns Set radius configuration.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| uidrequired | string | uid for creating configuration; |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| name | string | — |
| authScheme | array<string> | — |
| pushKeyword | string | — |
| ivrKeyword | string | — |
| ivrLine | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/radius/config/{uid}
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/radius/config/Do not enter anything, use 'Authorize' fields' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"name": "name", "authScheme": ["push"], "pushKeyword": "pushKeyword", "ivrKeyword": "phone", "ivrLine": "phone"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/radius/config/Do not enter anything, use 'Authorize' fields", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"name": "name",
"authScheme": [
"push"
],
"pushKeyword": "pushKeyword",
"ivrKeyword": "phone",
"ivrLine": "phone"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/radius/config/Do not enter anything, use 'Authorize' fields",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"name": "name",
"authScheme": [
"push"
],
"pushKeyword": "pushKeyword",
"ivrKeyword": "phone",
"ivrLine": "phone"
},
)
print(res.json())RESPONSE
200
400
401
404
500
Success
Invalid Request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
DELETE/radius/config/{uid}
Delete radius configuration
Delete radius configuration.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
Returns
Returns Set radius configuration.
This API throw an error if something goes wrong.
Path parameters
| Name | Type | Description |
|---|---|---|
| uidrequired | string | uid for creating configuration; |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
DELETEhttps://pilot-root.1kosmos.net/adminapi/radius/config/{uid}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/radius/config/Do not enter anything, use 'Authorize' fields' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/radius/config/Do not enter anything, use 'Authorize' fields", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/radius/config/Do not enter anything, use 'Authorize' fields",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
404
500
Success
Invalid Request
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
Admin API
Reset Password
Reset Password endpoints.
POST/password_reset
/password_reset
Self reset user's own password based on code and otp and id proofing.
code and otp are sent to user via email and phone respectively.
ID proofing URL sent to user via email and phone respectively.
<b>:: Notes for website ::</b>
+ Default request body is {data: ecdsa_string}
+ This API can accept any query params which will be passed to template
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
code (optional) // if SSPR is enabled, this is not required
code : string
otp (optional)
otp : string
newPassword (required)
newPassword : string
user_token (required)
user_token : string
Returns
Send reset password link via email or SMS.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| code | string | — |
| otp | string | — |
| newPassword | string | — |
| user_token | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/password_reset
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/password_reset' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxx", "code": "xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx", "otp": "NNNN", "newPassword": "xxXX@#$XXxx", "user_token": "ecdsa_encryted_string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/password_reset", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxx",
"code": "xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx",
"otp": "NNNN",
"newPassword": "xxXX@#$XXxx",
"user_token": "ecdsa_encryted_string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/password_reset",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"tenantId": "xxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxx",
"code": "xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx",
"otp": "NNNN",
"newPassword": "xxXX@#$XXxx",
"user_token": "ecdsa_encryted_string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"code": 200,
"message": "Ok"
}// no response body
// no response body
// no response body
POST/password_reset/user/fetch
/password_reset/user/fetch
Fetch user object and user_token with acr code for self password reset.
<b>:: Notes for website ::</b>
+ Default request body is {data: ecdsa_string}
+ This API can accept any query params which will be passed to template
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
code (required)
code : string
Returns
Send account creation verification magic link via email.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| code | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/password_reset/user/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/password_reset/user/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxx", "code": "xxxx-xxxx-xxxxx-xxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/password_reset/user/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxx",
"code": "xxxx-xxxx-xxxxx-xxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/password_reset/user/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"tenantId": "xxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxx",
"code": "xxxx-xxxx-xxxxx-xxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
404
410
429
500
Success
Invalid request
Unauthorized
Not Found
Gone
Too Many Requests
Internal Server Error
{
"user": {
"username": "string",
"uid": "string",
"type": "basic",
"disbaled": false,
"firstname": "string",
"email": "string",
"phone": "string",
"urn": "string"
},
"user_token": "ecdsa_encryted_string"
}// no response body
// no response body
// no response body
// no response body
// no response body
// no response body
PUT/password_reset/sendverify
/password_reset/sendverify
Sends self reset password verification magic link email.
<b>:: Notes for website ::</b>
+ Default request body is {data: ecdsa_string}
+ This API can accept any query params which will be passed to template
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
destination (required)
destination : string
user_token (required)
user_token : string
tenantId (required)
tenantId : string
communityId (required)
communityId : string
captchaToken (required)
captchaToken : string
license (optional, if valid license was provided, bypass captcha checking)
license : string
Returns
Send account creation verification magic link via email.
This API throw an error if something goes wrong.
Query parameters
| Name | Type | Description |
|---|---|---|
| SAMLRequest | string | SAML SAMLRequest |
| RelayState | string | SAML RelayState |
| SigAlg | string | SAML SigAlg |
| Signature | string | SAML Signature |
| ForceAuthn | string | SAML ForceAuthn |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| destination | string | — |
| user_token | string | — |
| tenantId | string | — |
| communityId | string | — |
| captchaToken | string | — |
| license | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/password_reset/sendverify
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/password_reset/sendverify?SAMLRequest=<SAMLRequest>&RelayState=<RelayState>&SigAlg=<SigAlg>&Signature=<Signature>&ForceAuthn=<ForceAuthn>' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"destination": "string", "user_token": "string", "tenantId": "string", "communityId": "string", "captchaToken": "string", "license": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/password_reset/sendverify?SAMLRequest=<SAMLRequest>&RelayState=<RelayState>&SigAlg=<SigAlg>&Signature=<Signature>&ForceAuthn=<ForceAuthn>", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"destination": "string",
"user_token": "string",
"tenantId": "string",
"communityId": "string",
"captchaToken": "string",
"license": "string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/password_reset/sendverify?SAMLRequest=<SAMLRequest>&RelayState=<RelayState>&SigAlg=<SigAlg>&Signature=<Signature>&ForceAuthn=<ForceAuthn>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"destination": "string",
"user_token": "string",
"tenantId": "string",
"communityId": "string",
"captchaToken": "string",
"license": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"code": 200,
"message": "Ok"
}// no response body
// no response body
// no response body
Admin API
Secret Store
Secret Store endpoints.
POST/secret-store/create
Create a new secret
Create a new secret with encrypted value storage.
This endpoint must be accessed by a community administrator.
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds
### publickey (required) Public key
### authorization (required) JWT
Returns
Response gives created secret metadata (no value)
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
{
"tenantId": "required string",
"communityId": "required string",
"tag": "required string - must start with letter [a-zA-Z] and contain only [a-zA-Z0-9_]",
"value": "required string - secret value to encrypt"
}IMPORTANT - you can send unencrypted data and you will get unencrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantIdrequired | string | Tenant identifier |
| communityIdrequired | string | Community identifier |
| tagrequired | string | Secret identifier. Must start with a letter [a-zA-Z] and contain only [a-zA-Z0-9_] |
| valuerequired | string | Secret value to be encrypted and stored |
POSThttps://pilot-root.1kosmos.net/adminapi/secret-store/create
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/secret-store/create' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "tenant_123", "communityId": "community_456", "tag": "stripe_api_key", "value": "sk_test_4eC39HqLyjWDarjtT1zdp7dc"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/secret-store/create", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "tenant_123",
"communityId": "community_456",
"tag": "stripe_api_key",
"value": "sk_test_4eC39HqLyjWDarjtT1zdp7dc"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/secret-store/create",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "tenant_123",
"communityId": "community_456",
"tag": "stripe_api_key",
"value": "sk_test_4eC39HqLyjWDarjtT1zdp7dc"
},
)
print(res.json())RESPONSE
201
400
401
403
409
Secret created successfully
Validation data error
Unauthorized
Forbidden
Secret with this tag already exists
{
"tag": "stripe_api_key",
"createdBy": "admin@example.com",
"createdTs": 1704067200,
"tenantId": "tenant_123",
"communityId": "community_456"
}{
"message": "This field should not be empty"
}// no response body
// no response body
// no response body
POST/secret-store/delete
Delete a secret
Delete a secret by tag.
This endpoint must be accessed by a community administrator.
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds
### publickey (required) Public key
### authorization (required) JWT
Returns
Response gives success message
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
{
"tenantId": "required string",
"communityId": "required string",
"tag": "required string - secret identifier to delete"
}IMPORTANT - you can send unencrypted data, it is only available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantIdrequired | string | Tenant identifier |
| communityIdrequired | string | Community identifier |
| tagrequired | string | Secret identifier to delete |
POSThttps://pilot-root.1kosmos.net/adminapi/secret-store/delete
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/secret-store/delete' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "tenant_123", "communityId": "community_456", "tag": "stripe_api_key"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/secret-store/delete", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "tenant_123",
"communityId": "community_456",
"tag": "stripe_api_key"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/secret-store/delete",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "tenant_123",
"communityId": "community_456",
"tag": "stripe_api_key"
},
)
print(res.json())RESPONSE
200
400
401
403
404
Success
Validation data error
Unauthorized
Forbidden
Secret not found
{
"message": "Secret deleted successfully"
}{
"message": "This field should not be empty"
}// no response body
// no response body
// no response body
POST/secret-store/fetch
Get secret store list
Get list of secrets for a tenant-community. Returns metadata only (tag, createdBy, createdTs) without secret values.
This endpoint must be accessed by a community administrator.
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds
### publickey (required) Public key
### authorization (required) JWT
Returns
Response gives list of secrets metadata (no values)
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
{
"tenantId": "string",
"communityId": "string"
}IMPORTANT - you can send unencrypted data and you will get unencrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantIdrequired | string | Tenant identifier |
| communityIdrequired | string | Community identifier |
POSThttps://pilot-root.1kosmos.net/adminapi/secret-store/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/secret-store/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "tenant_123", "communityId": "community_456"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/secret-store/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "tenant_123",
"communityId": "community_456"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/secret-store/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "tenant_123",
"communityId": "community_456"
},
)
print(res.json())RESPONSE
200
400
401
403
Success
Validation data error
Unauthorized
Forbidden
[
{
"tag": "stripe_api_key",
"createdBy": "admin@example.com",
"createdTs": 1704067200,
"tenantId": "tenant_123",
"communityId": "community_456"
}
]{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Template Config
Template Config endpoints.
POST/config/template/fetch
get templates
Get templates config.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing templates config
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
purposes: ["string"] //array is optional
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| purposes | array<string> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/config/template/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/config/template/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "purposes": ["xxxxxxxx"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/template/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"purposes": [
"xxxxxxxx"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/config/template/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"purposes": [
"xxxxxxxx"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/template
create/update template
Create or update template config.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing template config
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| templateData | object | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/template
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/template' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "templateData": {"self_onboarding": {"email": {"uuid": {"name": "xyz", "subject": "Abc", "data": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "isDefault": true}}, "sms": {"uuid": {"name": "xyz", "isDefault": true, "data": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"}}}}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/template", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"templateData": {
"self_onboarding": {
"email": {
"uuid": {
"name": "xyz",
"subject": "Abc",
"data": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"isDefault": true
}
},
"sms": {
"uuid": {
"name": "xyz",
"isDefault": true,
"data": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
}
}
}
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/template",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"templateData": {
"self_onboarding": {
"email": {
"uuid": {
"name": "xyz",
"subject": "Abc",
"data": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"isDefault": true
}
},
"sms": {
"uuid": {
"name": "xyz",
"isDefault": true,
"data": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}
}
}
}
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
DELETE/config/template
delete template
Delete template config.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
204 No Content
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
key_paths: ["string required"]
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| key_paths | array<string> | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/config/template
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/config/template' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "key_paths": ["xxxxxxxx"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/template", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"key_paths": [
"xxxxxxxx"
]
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/config/template",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"key_paths": [
"xxxxxxxx"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Branding
Branding endpoints.
POST/branding/fetch
Get Branding Config
Get Branding Config.
This endpoint must be accessed without login.
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
Returns
Returns object with branding colors and images
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/branding/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/branding/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/branding/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/branding/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"tenantId": "string",
"communityId": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"bg_color_left_panel": "hex color - string",
"bg_color_right_panel": "hex color - string",
"heading_text_color": "hex color - string",
"primary_button_color": "hex color - string",
"active_tab_text_color": "hex color - string",
"links_color": "hex color - string",
"community_logo_img": "base64 image string",
"bg_img_left_panel": "base64 image string",
"default_login_method": "qr | username",
"username_label": "string",
"disclaimer_message": "string (optional)",
"heading_label": "string",
"app_download_override": {
"enabled": "boolean",
"content": "string",
"url": "string"
},
"bg_img_fullscreen_enabled": "boolean",
"username_hidden_on_desktop": "boolean",
"copyright_message_disabled": "boolean"
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxx/xxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/branding
Set Branding Config
Set Branding Config.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Returns object with branding colors and images
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request should contain *publicKey* field with caller's public key
Request body contains *data* field with encrypted object below:
{
"bg_color_left_panel": "hex color - string (required)",
"bg_color_right_panel": "hex color - string (required)",
"heading_text_color": "hex color - string (required)",
"primary_button_color": "hex color - string (required)",
"active_tab_text_color": "hex color - string (required)",
"links_color": "hex color - string (required)",
"community_logo_img": "base64 image string (required)",
"bg_img_left_panel": "base64 image string (required)",
"qr_code_corner_squares_color": "hex color - string (optional),
"qr_code_dots_color": "hex color - string (optional),
"qr_code_logo": "image url string (optional)",
"default_login_method": "qr | username (optional)",
"username_label": "string (optional)",
"helpDeskButtonEnabled": "boolean (optional)",
"helpDeskButtonData" : "object (optional)",
"disclaimer_message": "string (optional)",
"heading_label": "string (optional)",
"bg_img_fullscreen_enabled": "boolean (optional)",
"app_download_override": {
"enabled": "boolean (optional)",
"content": "string (required when enabled is true)",
"url": "string (required when enabled is true, must be valid URL)"
},
"username_hidden_on_desktop": "boolean (optional)",
"copyright_message_disabled": "boolean (optional)"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| bg_color_left_panel | string | — |
| bg_color_right_panel | string | — |
| primary_button_color | string | — |
| heading_text_color | string | — |
| links_color | string | — |
| active_tab_text_color | string | — |
| bg_img_left_panel | string | — |
| qr_code_logo | string | — |
| qr_code_corner_squares_color | string | — |
| qr_code_dots_color | string | — |
| community_logo_img | string | — |
| default_login_method | string | — |
| username_label | string | — |
| disclaimer_message | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/branding
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/branding' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "ABC123", "communityId": "ABC123", "bg_color_left_panel": "ABC123", "bg_color_right_panel": "ABC123", "primary_button_color": "ABC123", "heading_text_color": "ABC123", "links_color": "ABC123", "active_tab_text_color": "ABC123", "bg_img_left_panel": "xxxxxxxxxxxxxxxxxxxx", "qr_code_logo": "https://1k-dev.1kosmos.net/image.png", "qr_code_corner_squares_color": "ABC123", "qr_code_dots_color": "ABC123", "community_logo_img": "xxxxxxxxxxxxxxxxxxxxxxxxx", "default_login_method": "username", "username_label": "Corporate Username", "disclaimer_message": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/branding", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "ABC123",
"communityId": "ABC123",
"bg_color_left_panel": "ABC123",
"bg_color_right_panel": "ABC123",
"primary_button_color": "ABC123",
"heading_text_color": "ABC123",
"links_color": "ABC123",
"active_tab_text_color": "ABC123",
"bg_img_left_panel": "xxxxxxxxxxxxxxxxxxxx",
"qr_code_logo": "https://1k-dev.1kosmos.net/image.png",
"qr_code_corner_squares_color": "ABC123",
"qr_code_dots_color": "ABC123",
"community_logo_img": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"default_login_method": "username",
"username_label": "Corporate Username",
"disclaimer_message": "string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/branding",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "ABC123",
"communityId": "ABC123",
"bg_color_left_panel": "ABC123",
"bg_color_right_panel": "ABC123",
"primary_button_color": "ABC123",
"heading_text_color": "ABC123",
"links_color": "ABC123",
"active_tab_text_color": "ABC123",
"bg_img_left_panel": "xxxxxxxxxxxxxxxxxxxx",
"qr_code_logo": "https://1k-dev.1kosmos.net/image.png",
"qr_code_corner_squares_color": "ABC123",
"qr_code_dots_color": "ABC123",
"community_logo_img": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"default_login_method": "username",
"username_label": "Corporate Username",
"disclaimer_message": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"bg_color_left_panel": "hex color - string",
"bg_color_right_panel": "hex color - string",
"heading_text_color": "hex color - string",
"primary_button_color": "hex color - string",
"active_tab_text_color": "hex color - string",
"links_color": "hex color - string",
"community_logo_img": "base64 image string",
"bg_img_left_panel": "base64 image string",
"default_login_method": "qr | username",
"username_label": "string",
"helpDeskButtonEnabled": "boolean",
"helpDeskButtonData" : "object",
"heading_label": "string",
"bg_img_fullscreen_enabled": "boolean",
"app_download_override": {
"enabled": "boolean",
"content": "string",
"url": "string"
},
"username_hidden_on_desktop": "boolean",
"copyright_message_disabled": "boolean"
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxx/xxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Downloadables
Downloadables endpoints.
POST/downloadables/artifact/fetch
Download artifacts
Download specified artifacts.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
Returns
Downloads broker.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
| type | string | — |
| os | string | — |
| version | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/downloadables/artifact/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/downloadables/artifact/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "tenant1", "communityId": "community1", "moduleId": "module1", "type": "broker", "os": "windows", "version": "latest"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/downloadables/artifact/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "tenant1",
"communityId": "community1",
"moduleId": "module1",
"type": "broker",
"os": "windows",
"version": "latest"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/downloadables/artifact/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "tenant1",
"communityId": "community1",
"moduleId": "module1",
"type": "broker",
"os": "windows",
"version": "latest"
},
)
print(res.json())RESPONSE
200
400
401
404
500
Success.
Invalid Request
Unauthorized
Software Not Found
Internal Server Error
// no response body
// no response body
// no response body
// no response body
// no response body
POST/downloadables/versions/fetch
Get software download info
Download software (broker, radius).
This endpoint must be accessed by an administrator.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Software version info.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
software: ["string required"],
latest: "boolean optional, defaults to true",
os: ["string required"]
}| Field | Type | Description |
|---|---|---|
| software | array<string> | — |
| latest | boolean | — |
| os | array<string> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/downloadables/versions/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/downloadables/versions/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"software": ["broker"], "latest": true, "os": ["windows"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/downloadables/versions/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"software": [
"broker"
],
"latest": true,
"os": [
"windows"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/downloadables/versions/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"software": [
"broker"
],
"latest": true,
"os": [
"windows"
]
},
)
print(res.json())RESPONSE
200
401
404
500
Success
Unauthorized
Broker Not Found
Internal Server Error
{
"artifacts": [
{
"software": "radius",
"os": "linux",
"displayVersion": "pl_gr_1.07.02",
"version": "pl_gr_1.07.02"
}
]
}// no response body
// no response body
// no response body
Admin API
Environment
Environment endpoints.
GET/environment
/environment
Provide details regarding the environments.
Returns
Returns an environment object
GEThttps://pilot-root.1kosmos.net/adminapi/environment
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/environment' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/environment", {
method: "GET",
headers: {
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/environment",
headers={
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
200
Success
// no response body
PATCH/environment
Update environment attributes
Set environment configuration at the platform internal level.
This endpoint must be accessed by a community administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
**Headers*
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
**Returns*
Returns object with public key and encrypted data containing platform environment config data
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
sessionMaxAgeMinutes: 60
}| Field | Type | Description |
|---|---|---|
| sessionMaxAgeMinute | number | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/environment
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/environment' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"sessionMaxAgeMinute": 60}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/environment", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"sessionMaxAgeMinute": 60
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/environment",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"sessionMaxAgeMinute": 60
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"sessionMaxAgeMinute": 60
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Healthz
Healthz endpoints.
GET/healthz
Get healthz.
Get healthz
Returns
Returns a healthz object
- ``
version = <git-tag>.<commit-id>.<dob>``
- ``
git-tag``: When code is compiled from a git-tag, this must carry the tag name. This should match one of the git tags. - ``
commit-id``: This is the git-commit-id. eg: When code is built from this, the hex code, in the end, is the commit it. - ``
dob``: Date Of Build. This is epoc-time-in-se conds that tell the time when the build was created. - if the code is not built from a git-tag, then the ``
version =<commit-id>.<dob>``
GEThttps://pilot-root.1kosmos.net/adminapi/healthz
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/healthz' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/healthz", {
method: "GET",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/healthz",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
200
Success
```
{
"status": "all services operational",
"publicKey": "string" //same as <service>/publickeys endpoint,
"code": "200",
"version": "<version>" //as defined above
}
```
{
"status": "all services operational",
"publicKey": "//same as <service>/publickeys endpoint",
"code": "200",
"version": "xxxx.xxxx.xxxx"
}GET/platform_health
Get Platform Health.
Get healthz
Returns
Returns a healthz object
- ``
version = <git-tag>.<commit-id>.<dob>``
- ``
git-tag``: When code is compiled from a git-tag, this must carry the tag name. This should match one of the git tags. - ``
commit-id``: This is the git-commit-id. eg: When code is built from this, the hex code, in the end, is the commit it. - ``
dob``: Date Of Build. This is epoc-time-in-se conds that tell the time when the build was created. - if the code is not built from a git-tag, then the ``
version =<commit-id>.<dob>``
GEThttps://pilot-root.1kosmos.net/adminapi/platform_health
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/platform_health' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/platform_health", {
method: "GET",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/platform_health",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
200
Success
```
{
"status": "all services operational",
"publicKey": "string" //same as <service>/publickeys endpoint,
"code": "200",
"version": "<version>" //as defined above
}
```
{
"status": "all services operational",
"publicKey": "//same as <service>/publickeys endpoint",
"code": "200",
"version": "xxxx.xxxx.xxxx"
}Admin API
IDP Config
IDP Config endpoints.
POST/config/idp_config/fetch
get IDP Config
Get Indentity Provider's config.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing IDP config
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required"
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/config/idp_config/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/config/idp_config/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/idp_config/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/config/idp_config/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/idp_config
Set IDP Config
Create or update Indentity Provider's config.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing IDP config
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
signingCert: "string required",
signingKey: "string required",
encryptionCert: "string required",
encryptionKey: "string required",
entityId: "string required",
authnRequestsSigned: "boolean required",
sso_bindings: ['string required'],
slo_bindings: ['string required'],
identifier: "string optional"
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| signingCert | string | — |
| signingKey | string | — |
| encryptionCert | string | — |
| encryptionKey | string | — |
| entityId | string | — |
| authnRequestsSigned | boolean | — |
| sso_bindings | array<string> | — |
| slo_bindings | array<string> | — |
| identifier | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/idp_config
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/idp_config' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "signingCert": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "signingKey": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "encryptionCert": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "encryptionKey": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "entityId": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "authnRequestsSigned": true, "sso_bindings": ["string"], "slo_bindings": ["string"], "identifier": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/idp_config", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"signingCert": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"signingKey": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"encryptionCert": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"encryptionKey": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"entityId": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"authnRequestsSigned": true,
"sso_bindings": [
"string"
],
"slo_bindings": [
"string"
],
"identifier": "string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/idp_config",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"signingCert": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"signingKey": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"encryptionCert": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"encryptionKey": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"entityId": "xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"authnRequestsSigned": true,
"sso_bindings": [
"string"
],
"slo_bindings": [
"string"
],
"identifier": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Idproofing Session
Idproofing Session endpoints.
POST/idproofing/session/{sessionId}/poll
Poll ID Proofing Session
This endpoint will poll the idproofing session result and return the success/fail status.
This endpoint must be accessed by an all users
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
Returns
Returns object with user_token
Path parameters
| Name | Type | Description |
|---|---|---|
| sessionIdrequired | string | ID of the Id Proofing session |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
tenantId: xxxxxx,
communityId: xxxxxx,
user_token: "xxxxxxxxxx" // encrypted user token
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| user_token | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/idproofing/session/{sessionId}/poll
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/idproofing/session/xxxxxxxxxxxxxxx-xxx-xxxxx/poll' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxx", "communityId": "xxxxxx", "user_token": "ecdsa_encrypted_string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/idproofing/session/xxxxxxxxxxxxxxx-xxx-xxxxx/poll", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxx",
"communityId": "xxxxxx",
"user_token": "ecdsa_encrypted_string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/idproofing/session/xxxxxxxxxxxxxxx-xxx-xxxxx/poll",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"tenantId": "xxxxxx",
"communityId": "xxxxxx",
"user_token": "ecdsa_encrypted_string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"username": "username", // username of the user
"user_token": "xxxxxxxxxx", // encrypted user token
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"username": "username_string",
"user_token": "ecdsa_encrypted_string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/idproofing/session/create
Create ID Proofing Session
Create an Id Proofing session to verify identity to reset password.
This endpoint must be accessed by an all users
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
Returns
Returns object with user_token
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
tenantId: xxxxxx, // required
communityId: xxxxxx, // required
destinationHash: "xxxxxxxxxx", // hash of email or phone number required
destinationChannel: "email" // or "sms" required
user_token: "xxxxxxxxxx", // encrypted user token required
captchaToken: "xxxxxxxxxx", // captcha token optional
license: "xxxxxxxx-xxxx" // license optional
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| destinationHash | string | — |
| destinationChannel | string | — |
| user_token | string | — |
| captchaToken | string | — |
| license | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/idproofing/session/create
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/idproofing/session/create' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxx", "communityId": "xxxxxxxxx", "destinationHash": "sha512_encrypted_string", "destinationChannel": "email", "user_token": "ecdsa_encrypted_string", "captchaToken": "captcha_token_string", "license": "license_key_string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/idproofing/session/create", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxx",
"communityId": "xxxxxxxxx",
"destinationHash": "sha512_encrypted_string",
"destinationChannel": "email",
"user_token": "ecdsa_encrypted_string",
"captchaToken": "captcha_token_string",
"license": "license_key_string"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/idproofing/session/create",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"tenantId": "xxxxxxxxx",
"communityId": "xxxxxxxxx",
"destinationHash": "sha512_encrypted_string",
"destinationChannel": "email",
"user_token": "ecdsa_encrypted_string",
"captchaToken": "captcha_token_string",
"license": "license_key_string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"sessionId": "sessionId", // id of the session
"user_token": "xxxxxxxxxx", // encrypted user token
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"sessionId": "session_id_string",
"user_token": "ecdsa_encrypted_string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Instance Config
Instance Config endpoints.
GET/instance_config/self_registration_config
Get Instance Self Registration config
Fetch Instance Self Registration config.
This endpoint must be accessed by an super admin.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing Self Registration Config
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/instance_config/self_registration_config
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/instance_config/self_registration_config' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/instance_config/self_registration_config", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/instance_config/self_registration_config",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
401
500
Success
Unauthorized
Internal Server Error
{
"allowed": true
}// no response body
// no response body
PUT/instance_config/self_registration_config
Set Instance Self Registration config
Create or update Instance Self Registration config.
This endpoint must be accessed by an super admin.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing Self Registration Config
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
allowed: "boolean required"
}| Field | Type | Description |
|---|---|---|
| allowed | boolean | — |
PUThttps://pilot-root.1kosmos.net/adminapi/instance_config/self_registration_config
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/instance_config/self_registration_config' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"allowed": true}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/instance_config/self_registration_config", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"allowed": true
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/instance_config/self_registration_config",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"allowed": true
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"allowed": true
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Login sessions
API for terminating sessions
DELETE/loginsessions/admin/user/all
Delete user's all active sessions.
Allows Administrator with necessary permissions to delete all existing sessions for the specified user.
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
- Nothing to return
- Throws an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| username | string | — |
| moduleId | string | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/loginsessions/admin/user/all
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/loginsessions/admin/user/all' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"username": "string", "moduleId": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/loginsessions/admin/user/all", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"username": "string",
"moduleId": "string"
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/loginsessions/admin/user/all",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"username": "string",
"moduleId": "string"
},
)
print(res.json())RESPONSE
204
400
401
404
500
No Content
Validation data error
Unauthorized
Not found
Internal Server Error
// no response body
{
"message": "This field should not be empty"
}// no response body
// no response body
// no response body
DELETE/loginsessions/user/other
Delete user’s other sessions (keeps current session active).
Allows user terminates all the other active sessions
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Request Body
### username (required) username : string
### moduleId (required) moduleId : string
Returns
- Nothing to return
- Throws an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
DELETEhttps://pilot-root.1kosmos.net/adminapi/loginsessions/user/other
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/loginsessions/user/other' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/loginsessions/user/other", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/loginsessions/user/other",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
204
401
500
No Content
Unauthorized
Internal Server Error
// no response body
// no response body
// no response body
Admin API
Self Registration Config
Self Registration Config endpoints.
POST/config/self_registration_config/fetch
Get self registration config for community
Get self registration config for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required"
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/config/self_registration_config/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/config/self_registration_config/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/self_registration_config/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/config/self_registration_config/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"allowed": true
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/self_registration_config
Set self registration config for community
Set self registration config for community.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
allowed: "boolean"
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| allowed | boolean | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/self_registration_config
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/self_registration_config' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "allowed": true}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/self_registration_config", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"allowed": true
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/self_registration_config",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"allowed": true
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"allowed": true
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Service Key
Service Key endpoints.
GET/servicekeys
Get service keys
This endpoint returns available service keys. The license you are using must be of authLevel 'system'
Headers
licensekey (required)
License key encrypted with ECDSA
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Returns
Returns array with service keys
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| licensekeyrequired | string | License key encrypted with ECDSA / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/servicekeys
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/servicekeys' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'licensekey: YOUR_LICENSE_KEY' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/servicekeys", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"licensekey": "YOUR_LICENSE_KEY",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/servicekeys",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"licensekey": "YOUR_LICENSE_KEY",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
[
{
"tag": "xxxxx",
"keyId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"keySecret": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"type": "xxxxx"
}
]// no response body
// no response body
// no response body
DELETE/servicekey/{keyId}
Reset Service Key
This endpoint resets service key for given keyId. Deletes current one and recreates a new one. The license you are using must be of authLevel 'system'
Parameters
keyId (required)
The keyId of service key to reset
Headers
licensekey (required)
License key encrypted with ECDSA
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Returns
Returns re-created service key
Path parameters
| Name | Type | Description |
|---|---|---|
| keyIdrequired | string | keyId of service key to reset |
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| licensekeyrequired | string | License key encrypted with ECDSA / Try Authorize 🔒 |
DELETEhttps://pilot-root.1kosmos.net/adminapi/servicekey/{keyId}
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/servicekey/<keyId>' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'licensekey: YOUR_LICENSE_KEY' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/servicekey/<keyId>", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"licensekey": "YOUR_LICENSE_KEY",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/servicekey/<keyId>",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"licensekey": "YOUR_LICENSE_KEY",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
[
{
"tag": "xxxxx",
"keyId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"keySecret": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx",
"type": "xxxxx"
}
]// no response body
// no response body
// no response body
Admin API
Session
Session endpoints.
POST/session/response/fetch
Fetch session response
Get Authenticate info.
- verify license (with license mgmt API)
- sessionId must not be expired
- caller's publicKey must match SessionAuth.publicKey
- return associated SessionAuthResponse
- note:
- SessionAuthResponse object must get deleted after successfully fetch
- If session has expired, return appropriate error/message and delete both AuthSession and SessionAuthResponse entries.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (optional)
Bearer JWT
Request Body
sessionId (required)
The sessionId key is type of string and required.
tenantId (required)
The tenantId key is type of string and required.
communityId (required)
The communityId key is type of string and required.
transient (optional)
The transient key is type of boolean and optional.
authenticateMethod (optional)
Is type of string ['qr', 'stepUp', 'push'] (optional).
aliasUsed (optional)
The aliasUsed key is type of boolean and optional.
Returns
Returns the Authenticate info.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorization | string | JWT |
Request body
Auth session data
| Field | Type | Description |
|---|---|---|
| sessionId | string | — |
| communityId | string | — |
| tenantId | string | — |
| transient | boolean | — |
| authenticateMethod | string | — |
| aliasUsed | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/session/response/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/session/response/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"sessionId": "xxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "XXXXXXXXXXXXXXXXX", "tenantId": "XXXXXXXXXXXXXXXXX", "transient": "true/false", "authenticateMethod": "xxxxxx", "aliasUsed": "xxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/session/response/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"sessionId": "xxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "XXXXXXXXXXXXXXXXX",
"tenantId": "XXXXXXXXXXXXXXXXX",
"transient": "true/false",
"authenticateMethod": "xxxxxx",
"aliasUsed": "xxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/session/response/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"sessionId": "xxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "XXXXXXXXXXXXXXXXX",
"tenantId": "XXXXXXXXXXXXXXXXX",
"transient": "true/false",
"authenticateMethod": "xxxxxx",
"aliasUsed": "xxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
403
404
Success
Success
Unauthorized
License is not valid for this community
Not found
{
"user": "object",
"pon_data": "object",
"jwt_token": "string"
}{
"message": "This field should not be empty"
}// no response body
// no response body
// no response body
PUT/session/new
Create a new session
Creates a new AuthSession object.
- verify the license (with license management API)
- create a new sessionId = new uuid()
- create entry into the DB
- publicKey is in the request headers
- return created sessionId
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
tag (required)
The tag key is type of string and required.
url (required)
The url key is type of string and required.
communityName (required)
The communityName key is type of string and required.
tenantId (required)
The tenantId key is type of string and required.
communityId (required)
The communityId key is type of string and required.
authPage (optional)
The authPage key is type of string and optional.
scopes (optional)
The scopes key is type of string and optional.
authtype (required)
The authtype key is type of string and required.
metadata (optional)
Metadata object which supports "saml", "oidc" and "authenticationType" properties
Returns
Returns created sessionId
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
New session data
| Field | Type | Description |
|---|---|---|
| tagrequired | string | — |
| urlrequired | string | — |
| communityNamerequired | string | — |
| tenantIdrequired | string | — |
| communityIdrequired | string | — |
| authPage | string | — |
| scopes | string | — |
| authtyperequired | string | — |
| metadata | object | — |
PUThttps://pilot-root.1kosmos.net/adminapi/session/new
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/session/new' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"tag": "tagName", "url": "url", "communityName": "communityName", "tenantId": "tenant id", "communityId": "community id", "authPage": "string", "scopes": "string", "authtype": "string", "metadata": {"purpose": "authentication", "username": "username", "saml": "saml request - optional", "oidc": "oidc request - optional", "authenticationType": "liveid_selfie - optional"}}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/session/new", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tag": "tagName",
"url": "url",
"communityName": "communityName",
"tenantId": "tenant id",
"communityId": "community id",
"authPage": "string",
"scopes": "string",
"authtype": "string",
"metadata": {
"purpose": "authentication",
"username": "username",
"saml": "saml request - optional",
"oidc": "oidc request - optional",
"authenticationType": "liveid_selfie - optional"
}
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/session/new",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"tag": "tagName",
"url": "url",
"communityName": "communityName",
"tenantId": "tenant id",
"communityId": "community id",
"authPage": "string",
"scopes": "string",
"authtype": "string",
"metadata": {
"purpose": "authentication",
"username": "username",
"saml": "saml request - optional",
"oidc": "oidc request - optional",
"authenticationType": "liveid_selfie - optional"
}
},
)
print(res.json())RESPONSE
200
400
401
403
404
Success
Success
Unauthorized
License is not valid for this community
Not found
{
"sessionId": "xxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"sessionEnv": "XXXXXXXXXXXXXXXXX",
"sessionUrl": "XXXXXXXXXXXXXXXXX"
}{
"message": "This field should not be empty"
}// no response body
// no response body
// no response body
Admin API
Session Attributes Config
Session Attributes Config endpoints.
POST/config/session_attributes/fetch
get BlockID session attributes Config
Get BlockID session, ledger, identity attributes Config.
This endpoint can be accessed by everyone.
This endpoint returns every data when accessed by administrator.
This endpoint returns partial data when accessed by normal user (only identity attributes).
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing session, ledger, identity attributes config
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger Getting community session attribute pass tenant id and community id in request
{
tenantId: "string required",
communityId: "string required",
local_key_paths: ["blockid_session_attributes"] // always this value or empty array
global_key_paths: ["blockid_session_attributes", "blockid_ledger_attributes", "identity_attributes"] // always one or more of these values or empty array
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| local_key_paths | array<string> | — |
| global_key_paths | array<string> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/config/session_attributes/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/config/session_attributes/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "local_key_paths": ["blockid_session_attributes"], "global_key_paths": ["blockid_session_attributes", "blockid_ledger_attributes", "identity_attributes"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/session_attributes/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"local_key_paths": [
"blockid_session_attributes"
],
"global_key_paths": [
"blockid_session_attributes",
"blockid_ledger_attributes",
"identity_attributes"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/config/session_attributes/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"local_key_paths": [
"blockid_session_attributes"
],
"global_key_paths": [
"blockid_session_attributes",
"blockid_ledger_attributes",
"identity_attributes"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Following ECDSA encrypted object is returned:
```
{
custom: localCaas.blockid_session_attributes, // array of strings: ["a1", "a2"]
baseline: globalCaas.blockid_session_attributes, // array of strings: ["a3", "a4"]
ledger: globalCaas.blockid_ledger_attributes // array of strings ["a5", "a6"],
identity: globalCaas.identity_attributes // array of objects [{ "attribute": "a7", "displayName: "A7" }],
}
```
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
PUT/config/session_attributes
Set BlockID session attributes Config
Create or update BlockID session attributes Config.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing session attributes config
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
data: ["string", "string"],
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| data | array<string> | — |
PUThttps://pilot-root.1kosmos.net/adminapi/config/session_attributes
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/config/session_attributes' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "data": ["first_name"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/session_attributes", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"data": [
"first_name"
]
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/config/session_attributes",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"data": [
"first_name"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
User Consent
User Consent endpoints.
POST/user_consent/check
Check User Consent
Check User Consent.
This endpoint can be access by any logged in user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT with wallet
Returns
Returns object with public key and encrypted data containing information whether consent is granted
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
spId: "string - required",
scopeIds: "array of scope uuid fields - required (at least 1 element)",
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| spId | string | — |
| scopeIds | array<string> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/user_consent/check
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/user_consent/check' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"spId": "xxxxxx", "scopeIds": ["uuid of scope"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/user_consent/check", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"spId": "xxxxxx",
"scopeIds": [
"uuid of scope"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/user_consent/check",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"spId": "xxxxxx",
"scopeIds": [
"uuid of scope"
]
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of Adminapi API, useful for decryption response
data is ECDSA encrypted object represents following:
```
{
"nonGrantedScopes": [
{
"uuid": "string",
"name": "string",
"claims": ["string", ...]
}
],
...
}
```
Validation data error or missing at least one of scopes with given scopeIds
Unauthorized
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
PUT/user_consent
Create User Consent
Create User Consent.
This endpoint can be access by any logged in user. User should have wallet in his token
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT with wallet
Returns
Returns object with public key and encrypted data containing consent's uuid and consentStatus
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
{
version: "string - required",
transactionId: "string - optional",
uuid: "string - required",
ts: "integer - optional, default is epoch time which is now in seconds"
method: "web | mobile - required",
authenticator: "object - required":
{
name: "string - required",
id: "string - required",
version: "string - required",
os: "string - required",
},
controller: "object - required":
{
type: "string - required",
name: "string - required",
id: "string - required",
entityId: "string - required"
}
scopes: "array - required, at least 1 item"
[
{
name: "string - required",
uuid: "string - required",
claims: "array of objects - optional",
}
],
signature: "string - required",
type: "explicit | implicit - required",
status: "'granted', 'denied' or 'revoked' - required",
ssoMethod: "string optional"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| version | string | — |
| transactionId | string | — |
| uuid | string | — |
| ts | number | — |
| method | string | — |
| authenticator | object | — |
| controller | object | — |
| scopes | array<object> | — |
| type | string | — |
| status | string | — |
| ssoMethod | string | — |
PUThttps://pilot-root.1kosmos.net/adminapi/user_consent
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/user_consent' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"version": "xxxxxxx", "transactionId": "xxxxxxx", "uuid": "xxxxxxx", "ts": 1234567890, "method": "web", "authenticator": {"name": "xxxxxxx", "id": "xxxxxxx", "version": "xxxxxxx", "os": "xxxxxxx"}, "controller": {"type": "xxxxxxx", "name": "xxxxxxx", "id": "xxxxxxx", "entityId": "xxxxxxx"}, "scopes": [{"name": "xxxxx", "uuid": "xxxxx", "claims": [{}]}], "type": "explicit", "status": "granted", "ssoMethod": "string optional"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/user_consent", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"version": "xxxxxxx",
"transactionId": "xxxxxxx",
"uuid": "xxxxxxx",
"ts": 1234567890,
"method": "web",
"authenticator": {
"name": "xxxxxxx",
"id": "xxxxxxx",
"version": "xxxxxxx",
"os": "xxxxxxx"
},
"controller": {
"type": "xxxxxxx",
"name": "xxxxxxx",
"id": "xxxxxxx",
"entityId": "xxxxxxx"
},
"scopes": [
{
"name": "xxxxx",
"uuid": "xxxxx",
"claims": [
{}
]
}
],
"type": "explicit",
"status": "granted",
"ssoMethod": "string optional"
})
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/user_consent",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"version": "xxxxxxx",
"transactionId": "xxxxxxx",
"uuid": "xxxxxxx",
"ts": 1234567890,
"method": "web",
"authenticator": {
"name": "xxxxxxx",
"id": "xxxxxxx",
"version": "xxxxxxx",
"os": "xxxxxxx"
},
"controller": {
"type": "xxxxxxx",
"name": "xxxxxxx",
"id": "xxxxxxx",
"entityId": "xxxxxxx"
},
"scopes": [
{
"name": "xxxxx",
"uuid": "xxxxx",
"claims": [
{}
]
}
],
"type": "explicit",
"status": "granted",
"ssoMethod": "string optional"
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of Adminapi API, useful for decryption response
data is ECDSA encrypted object represents following:
```
{
"uuid": "string"
"consentStatus": "string",
}
```
Validation data error
Unauthorized
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
Admin API
User PIN
User PIN management
POST/user_pin/register
Register user PIN
Register a new PIN for the authenticated user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns the status of registered user pin.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| pin | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/user_pin/register
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/user_pin/register' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"pin": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/user_pin/register", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"pin": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/user_pin/register",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"pin": "string"
},
)
print(res.json())RESPONSE
200
400
401
405
500
Success
Invalid request
Unauthorized
PIN already enrolled
Internal Server Error
{
"data": {
"status": true
}
}// no response body
// no response body
// no response body
// no response body
DELETE/user_pin
Delete user PIN
Delete the PIN for the authenticated user.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns a confirmation message on successful deletion.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| data | string | — |
DELETEhttps://pilot-root.1kosmos.net/adminapi/user_pin
cURL
Node.js
Python
curl -X DELETE 'https://pilot-root.1kosmos.net/adminapi/user_pin' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"data": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/user_pin", {
method: "DELETE",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"data": "string"
})
});
const data = await res.json();import requests
res = requests.delete(
"https://pilot-root.1kosmos.net/adminapi/user_pin",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"data": "string"
},
)
print(res.json())RESPONSE
200
401
404
500
Success
Unauthorized
Not Found
Internal Server Error
{
"data": {
"message": "string"
}
}// no response body
// no response body
// no response body
Admin API
User Properties
User Properties endpoints.
POST/user_properties/check_unique/alias
Check if the alias provided is unique
Check if the alias provided is unique.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
alias (required)
user : object
Returns
Returns a boolean indicating if alias is unique.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| alias | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/user_properties/check_unique/alias
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/user_properties/check_unique/alias' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"alias": "test-alias"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/user_properties/check_unique/alias", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"alias": "test-alias"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/user_properties/check_unique/alias",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"alias": "test-alias"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"isUnique": false
}// no response body
// no response body
// no response body
POST/user_properties/update
Update user properties
Update user properties.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
user (required)
user : object
mobiles (optional, array of strings)
mobiles : array
landlines (optional, array of strings)
landlines : array
aliases (optional, object)
aliases : object
Returns
Returns the user properties.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| user | object | — |
| aliases | object | — |
| mobiles | array<object> | — |
| landlines | array<object> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/user_properties/update
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/user_properties/update' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "user": {"username": "string", "uid": "string", "authModuleId": "string"}, "aliases": {"alias1": "test-alias1", "alias2": "test-alias2", "alias3": "test-alias3", "alias4": "test-alias4", "alias5": "test-alias5", "alias6": "test-alias6", "alias7": "test-alias7", "alias8": "test-alias8"}, "mobiles": ["4075156743"], "landlines": ["4075156743", "4075156712"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/user_properties/update", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"user": {
"username": "string",
"uid": "string",
"authModuleId": "string"
},
"aliases": {
"alias1": "test-alias1",
"alias2": "test-alias2",
"alias3": "test-alias3",
"alias4": "test-alias4",
"alias5": "test-alias5",
"alias6": "test-alias6",
"alias7": "test-alias7",
"alias8": "test-alias8"
},
"mobiles": [
"4075156743"
],
"landlines": [
"4075156743",
"4075156712"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/user_properties/update",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"user": {
"username": "string",
"uid": "string",
"authModuleId": "string"
},
"aliases": {
"alias1": "test-alias1",
"alias2": "test-alias2",
"alias3": "test-alias3",
"alias4": "test-alias4",
"alias5": "test-alias5",
"alias6": "test-alias6",
"alias7": "test-alias7",
"alias8": "test-alias8"
},
"mobiles": [
"4075156743"
],
"landlines": [
"4075156743",
"4075156712"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"tenantId": "string",
"communityId": "string",
"user": {
"username": "string",
"uid": "string",
"authModuleId": "string"
},
"aliases": {
"alias1": "test-alias1",
"alias2": "test-alias2",
"alias3": "test-alias3",
"alias4": "test-alias4",
"alias5": "test-alias5",
"alias6": "test-alias6",
"alias7": "test-alias7",
"alias8": "test-alias8"
},
"mobiles": [
"4075156743"
],
"landlines": [
"4075156743",
"4075156712"
]
}// no response body
// no response body
// no response body
Admin API
Account OTP
Account OTP endpoints.
PUT/generate/account_otp
Create Account OTP
Create Account OTP for user and return cycle time remaining seconds with OTP.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns the Account OTP with cycle time.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
PUThttps://pilot-root.1kosmos.net/adminapi/generate/account_otp
cURL
Node.js
Python
curl -X PUT 'https://pilot-root.1kosmos.net/adminapi/generate/account_otp' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/generate/account_otp", {
method: "PUT",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.put(
"https://pilot-root.1kosmos.net/adminapi/generate/account_otp",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
429
500
Success.<br /><br />
Returns reencrypted response from Adminconsole.
Invalid request
Unauthorized
Too Many Requests. User has exceeded the OTP rate limit.
Response includes retryAfterSeconds in the response body.
Internal Server Error
{
"data": {
"code": "000001",
"secondsRemaining": 25
},
"publicKey": "xxxxxx"
}// no response body
// no response body
// no response body
// no response body
Admin API
Auth Scheme
Auth Scheme endpoints.
PATCH/authscheme/default/modules
Set modules for default auth scheme
Set modules for default auth scheme.
This endpoint must be accessed by community or tenant admin.
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) Bearer JWT
Returns
Returns updated auth scheme
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| modules | array<string> | — |
PATCHhttps://pilot-root.1kosmos.net/adminapi/authscheme/default/modules
cURL
Node.js
Python
curl -X PATCH 'https://pilot-root.1kosmos.net/adminapi/authscheme/default/modules' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx", "modules": ["string"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/authscheme/default/modules", {
method: "PATCH",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"modules": [
"string"
]
})
});
const data = await res.json();import requests
res = requests.patch(
"https://pilot-root.1kosmos.net/adminapi/authscheme/default/modules",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
"modules": [
"string"
]
},
)
print(res.json())RESPONSE
200
400
401
404
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"_id": "_id",
"tag": "tag",
"enabled": true,
"isDefault": true,
"dbModule": {
"_id": "_id",
"id": "id",
"type": "db",
"method": "authn",
"name": "Internal User Store",
"criteria": "criteria"
}
"modules": [
{
"_id": "_id",
"id": "id",
"type": "type",
"method": "method",
"name": "name",
"criteria": "criteria"
}
]
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Not Found
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
// no response body
Admin API
Authenticate V 2
Authenticate V 2 endpoints.
POST/v2/request_access
/v2/request_access
Request access with facts
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Returns
Returns the user info, user_token and next. (password)
Or the user info, pon_data and jwt token. (otp)
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key |
| authorization | string | JWT Access Token / Try Authorize 🔒 |
| facts | string | (encrypted) json object containing "deviceId", "deviceDomain" |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| username | string | — |
| web_otp | string | — |
| hw_otp | string | — |
| mobile_totp | string | — |
| any_otp | string | — |
| profile_otp | string | — |
| password | string | — |
| uwlSessionId | string | — |
| SAMLResponse | string | — |
| mobile | string | — |
| landline | string | — |
| challengeHash | string | — |
| biometricConsentAccepted | boolean | — |
| webauthnAssertion | object | — |
| isPreauthenticated | boolean | EAM flag — true when user arrives via Entra EAM id_token_hint flow |
| interactionUid | string | OIDC interaction UID — used to fetch oid/tid from the server-side interaction record during EAM flow |
| behavior_auth | object | Behavior auth (typing biometrics) data for behavior_auth_and_user_pin journey |
| user_pin | string | User PIN for behavior_auth_and_user_pin journey (second factor) |
POSThttps://pilot-root.1kosmos.net/adminapi/v2/request_access
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/v2/request_access' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'facts: <value>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "username": "string", "web_otp": "string", "mobile_totp": "string", "hw_otp": "string", "any_otp": "string", "profile_otp": "string", "password": "string", "uwlSessionId": "string", "challengeHash": "some string", "SAMLResponse": "string, b64 encoded xml", "isPreauthenticated": true, "interactionUid": "OIDC interaction UID", "behavior_auth": {"pattern": "TypingDNA pattern string", "phrase": "notoriety pink holly puppy", "user_token": "token from previous response"}, "user_pin": "1234"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/v2/request_access", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"facts": "<value>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"username": "string",
"web_otp": "string",
"mobile_totp": "string",
"hw_otp": "string",
"any_otp": "string",
"profile_otp": "string",
"password": "string",
"uwlSessionId": "string",
"challengeHash": "some string",
"SAMLResponse": "string, b64 encoded xml",
"isPreauthenticated": true,
"interactionUid": "OIDC interaction UID",
"behavior_auth": {
"pattern": "TypingDNA pattern string",
"phrase": "notoriety pink holly puppy",
"user_token": "token from previous response"
},
"user_pin": "1234"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/v2/request_access",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"facts": "<value>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"username": "string",
"web_otp": "string",
"mobile_totp": "string",
"hw_otp": "string",
"any_otp": "string",
"profile_otp": "string",
"password": "string",
"uwlSessionId": "string",
"challengeHash": "some string",
"SAMLResponse": "string, b64 encoded xml",
"isPreauthenticated": true,
"interactionUid": "OIDC interaction UID",
"behavior_auth": {
"pattern": "TypingDNA pattern string",
"phrase": "notoriety pink holly puppy",
"user_token": "token from previous response"
},
"user_pin": "1234"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"jwt": "string",
"next": {
"step": "need_mfa",
"allowed_factors": [
"behavior_auth"
],
"step_token": "string",
"phrase": "notoriety pink holly puppy"
}
}// no response body
// no response body
// no response body
Admin API
Authz V 2
Authz V 2 endpoints.
GET/v2/authz/roles/fetch
Fetch All Roles
Get all available roles for community.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing self registration config for community
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/v2/authz/roles/fetch
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/v2/authz/roles/fetch' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/v2/authz/roles/fetch", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/v2/authz/roles/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
[ "role1", "role2", "role3" ]
{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Caas Config
Caas Config endpoints.
POST/config/fetch
Get Global Caas Config
Get Global Caas Config.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object with public key and encrypted data containing global Caas config
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
tenantId: "string required",
communityId: "string required",
key_paths: ["string required"]
}| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| key_paths | array<string> | — |
POSThttps://pilot-root.1kosmos.net/adminapi/config/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/config/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "key_paths": ["string"]}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/config/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"key_paths": [
"string"
]
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/config/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "string",
"communityId": "string",
"key_paths": [
"string"
]
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Validation data error
Unauthorized
Internal Server Error
{}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Certificate
Certificate endpoints.
POST/certificate/generate
Generate certificate and private key
Generate certificate and private key.
This endpoint must be accessed by admin
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) Bearer JWT
Returns
Returns object with generated certificate and privateKey
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
Request body contains *data* field with encrypted object below:
{
"keySize": "number, required",
"algorithm": "string, required",
"expirationDays": "number, required"
}| Field | Type | Description |
|---|---|---|
| keySize | number | — |
| algorithm | string | — |
| expirationDays | number | — |
POSThttps://pilot-root.1kosmos.net/adminapi/certificate/generate
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/certificate/generate' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"keySize": 1024, "algorithm": "sha256", "expirationDays": 365}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/certificate/generate", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"keySize": 1024,
"algorithm": "sha256",
"expirationDays": 365
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/certificate/generate",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"keySize": 1024,
"algorithm": "sha256",
"expirationDays": 365
},
)
print(res.json())RESPONSE
200
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"cert": "cert",
"privateKey": "privateKey",
"fingerprints": {
"sha1": "sha1",
"sha256": "sha256",
"sha384": "sha384",
"sha512": "sha512"
},
"keySize": "keySize",
"algorithm": "algorithm",
"expirationDate": "expirationDate",
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Unauthorized
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
Admin API
Community Auth Info
Community Auth Info endpoints.
POST/community_auth_info/fetch
/community_auth_info/fetch
Fetch community auth info.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
dns (required)
dns : string
communityName (required)
communityName : string
Returns
Returns the community auth info.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| dns | string | — |
| communityName | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/community_auth_info/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/community_auth_info/fetch' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"dns": "string", "communityName": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/community_auth_info/fetch", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"dns": "string",
"communityName": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/community_auth_info/fetch",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"dns": "string",
"communityName": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
{
"community": "object",
"tenant": "object",
"authScheme": "object",
"settings": "object",
"branding": "object",
"password_reset_options": "object"
}// no response body
// no response body
// no response body
Admin API
ECDSA Helper
ECDSA Helper endpoints.
POST/ecdsa_helper/{method}
/ecdsa_helper/{method}
Encrypt and decrypt the data string by public key and private key.
Parameters
method (optional)
The method parameter is type of enum. Default value is encrypt.
This parameter only accepts following values
encrypt, decrypt
Request Body
dataStr (required)
The dataStr key is type of string.
publicKey (required)
The publicKey is type of string.
privateKey (required)
The privateKey is type of string.
Returns
Returns the encrypted/decrypted string.
This API throw an error if something goes wrong. A common source of error is public or private key is not valid.
Path parameters
| Name | Type | Description |
|---|---|---|
| method | string | — |
Request body
| Field | Type | Description |
|---|---|---|
| dataStr | string | — |
| publicKey | string | — |
| privateKey | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/ecdsa_helper/{method}
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/ecdsa_helper/<method>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'x-jwt-token: YOUR_JWT' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"dataStr": "Hey, This is example data string.", "publicKey": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx=", "privateKey": "xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/ecdsa_helper/<method>", {
method: "POST",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"dataStr": "Hey, This is example data string.",
"publicKey": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx=",
"privateKey": "xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/ecdsa_helper/<method>",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
},
json={
"dataStr": "Hey, This is example data string.",
"publicKey": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx=",
"privateKey": "xxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="
},
)
print(res.json())RESPONSE
200
successful operation
{
"data": "xxxxxxxxxxxxxxxxxxxx"
}Admin API
Hardwareotp
Hardwareotp endpoints.
POST/hardwareotp/onespan/test
Test OneSpan Connection
Test OneSpan server Connection.
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Returns object with branding colors and images
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try to Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try to Authorize 🔒 |
Request body
Request should contain *publicKey* field with caller's public key
Request body contains *data* field with encrypted object below:
{
"user_name": "string (required)",
"otp": "number (required)",
}IMPORTANT - you can send unencrypted data, and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| user_name | string | — |
| otp | number | — |
POSThttps://pilot-root.1kosmos.net/adminapi/hardwareotp/onespan/test
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/hardwareotp/onespan/test' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"user_name": "XYZ", "otp": "123456"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/hardwareotp/onespan/test", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"user_name": "XYZ",
"otp": "123456"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/hardwareotp/onespan/test",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"user_name": "XYZ",
"otp": "123456"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
IMPORTANT - you can send unencrypted data, and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"code": "200",
"message": "Success."
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
Helpdesk
Helpdesk endpoints.
POST/helpdesk-passcode/generate
Generate Helpdesk Passcode
Generate a one-time passcode for a user on behalf of helpdesk admin.
This endpoint allows administrators with appropriate permissions to generate temporary passcodes for users who need assistance accessing their accounts.
The passcode is returned encrypted and is not sent to the user via email/SMS. The admin provides the passcode to the user through other means (phone, in-person, etc.).
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds
publickey (required)
Public key for ECDSA encryption
authorization (required)
Bearer JWT token with 'user.helpdesk-passcode.generate' permission
Request Body
userId (required)
User identifier (email or username) : string
communityId (required)
Community ID (MongoDB ObjectId) : string
tenantId (required)
Tenant ID (MongoDB ObjectId) : string
validitySeconds (required)
Passcode validity period in seconds (60-86400) : number
serviceName (required)
Service name (must be "1KosmosHelpdeskAdminCode") : string
Returns
Returns encrypted passcode with expiration details.
The response includes the generated passcode, validity period, and expiration timestamp.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | Bearer JWT token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| datarequired | string | ECDSA encrypted request data |
POSThttps://pilot-root.1kosmos.net/adminapi/helpdesk-passcode/generate
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/helpdesk-passcode/generate' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"data": "encrypted_string_here"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/helpdesk-passcode/generate", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"data": "encrypted_string_here"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/helpdesk-passcode/generate",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"data": "encrypted_string_here"
},
)
print(res.json())RESPONSE
200
400
401
403
429
500
Success.<br /><br />
Returns encrypted passcode response.
Bad Request - Invalid data or fallback authentication not enabled
Unauthorized - Invalid or missing JWT token
Forbidden - User lacks required permission
Too Many Requests. User has exceeded the OTP rate limit.
Response includes retryAfterSeconds in the response body.
Internal Server Error
{
"data": "string",
"publicKey": "string"
}// no response body
// no response body
// no response body
// no response body
// no response body
Admin API
Image
Image endpoints.
POST/image/upload
Upload Image
Upload Image
This endpoint must be accessed by an administrator
Headers
### requestid (required) JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
### publickey (required) Public key
### authorization (required) JWT
Returns
Returns object with url of the image
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
POSThttps://pilot-root.1kosmos.net/adminapi/image/upload
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/image/upload' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/image/upload", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/image/upload",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
400
401
500
Success
The publicKey of WebServer API used in decrypting
Response body contains *data* field with encrypted object below:
```
{
"url": "image url - string",
}
```
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
Validation data error
Unauthorized
Internal Server Error
{
"url": "xxxxxxxxxx"
}{
"message": "This field should not be empty"
}// no response body
// no response body
Admin API
JWT
JWT endpoints.
POST/jwt/verifyToken
/jwt/verifyToken
Verify JWT token Anybody can use this endpoint This endpoint also checks if user has active login session, if user exists, is not disabled and is active, otherwise it destroys all user login sessions
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Request Body
token (required)
token : string
Returns
Returns a decoded token value.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
Request body
Request body contains 'data' field with encrypted object below:
IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
{
token: "string required"
}| Field | Type | Description |
|---|---|---|
| token | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/jwt/verifyToken
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/jwt/verifyToken' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"token": "xxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/jwt/verifyToken", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"token": "xxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/jwt/verifyToken",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"token": "xxxx"
},
)
print(res.json())RESPONSE
200
401
Invalid / Expired Token.
{
"data": "object",
"publicKey": "string"
}// no response body
Admin API
Password Policy
Password Policy endpoints.
POST/pwd-policy/fetch
Get password policy by moduleId.
Get password policy by moduleId.
- Any license.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Returns
Password policy rules with descriptions.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| licensekeyrequired | string | License key encrypted with ECDSA / Try Authorize 🔒 |
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
Request body
Request body contains *data* field with encrypted object below:
{
"tenantId": "required string",
"communityId": "required string",
"moduleId": "required string"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/pwd-policy/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/pwd-policy/fetch' \
-H 'licensekey: YOUR_LICENSE_KEY' \
-H 'requestid: <ecdsa-requestid>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "moduleId": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/pwd-policy/fetch", {
method: "POST",
headers: {
"licensekey": "YOUR_LICENSE_KEY",
"requestid": "<ecdsa-requestid>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"moduleId": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/pwd-policy/fetch",
headers={
"licensekey": "YOUR_LICENSE_KEY",
"requestid": "<ecdsa-requestid>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET"
},
json={
"tenantId": "string",
"communityId": "string",
"moduleId": "string"
},
)
print(res.json())RESPONSE
200
400
404
Success
data is ECDSA encrypted object returns rules and descriptions:
```
{
"rules": {
"min": N,
"special": true,
"number": true,
"noUsername": false,
"noSpaces": true,
"allowInRow": N
},
"descriptions": [
"xxxxx xxxx xxxxx N xxxxxxx"
]
}
```
Bad request, Auth Module type not Supported
Module Not found
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
Admin API
Permission
Permission endpoints.
POST/permission/fetch
Fetch permissions.
Fetch permissions.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 60 seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
moduleId (required)
moduleId : string
uid (required)
uid : string
Returns
Returns the list of permissions.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| licensekeyrequired | string | License key encrypted with ECDSA / Try Authorize 🔒 |
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 60 seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
| uid | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/permission/fetch
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/permission/fetch' \
-H 'licensekey: YOUR_LICENSE_KEY' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxx", "communityId": "xxxxx", "moduleId": "xxxxx", "uid": "xxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/permission/fetch", {
method: "POST",
headers: {
"licensekey": "YOUR_LICENSE_KEY",
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxx",
"communityId": "xxxxx",
"moduleId": "xxxxx",
"uid": "xxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/permission/fetch",
headers={
"licensekey": "YOUR_LICENSE_KEY",
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxx",
"communityId": "xxxxx",
"moduleId": "xxxxx",
"uid": "xxxxx"
},
)
print(res.json())RESPONSE
200
400
401
500
Success
Invalid request
Unauthorized
Internal Server Error
[
{
"_id": "xxxxx",
"permission": "xxxxx",
"objectId": "xxxxx",
"objectType": "user",
"subjectId": "xxxxx",
"subjectType": "xxxxx",
"createdBy": "xxxxx"
}
]// no response body
// no response body
// no response body
Admin API
Public Key
Public Key endpoints.
GET/publickeys
/publickeys
Returns ecdsa public key for this service.
Returns
Returns a public key object
GEThttps://pilot-root.1kosmos.net/adminapi/publickeys
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/publickeys' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/publickeys", {
method: "GET",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/publickeys",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
200
401
Invalid hawk signature / ID found.
{
"publicKey": ""
}// no response body
Admin API
SAML
SAML endpoints.
POST/saml/samlRequest/generate
/saml/samlRequest/generate
Generate SAML Request.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Request Body
SAMLRequest (required)
SAMLRequest
Returns
Returns information to perform SAML SSO.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| idpId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/saml/samlRequest/generate
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/saml/samlRequest/generate' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'authorization: Bearer YOUR_TOKEN' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "5f3d8d0cd866fa61019cf968", "communityId": "5f3d8d0cd866fa61019cf969", "idpId": "65c4ec704fc64768749ee0b3"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/saml/samlRequest/generate", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "5f3d8d0cd866fa61019cf968",
"communityId": "5f3d8d0cd866fa61019cf969",
"idpId": "65c4ec704fc64768749ee0b3"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/saml/samlRequest/generate",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "5f3d8d0cd866fa61019cf968",
"communityId": "5f3d8d0cd866fa61019cf969",
"idpId": "65c4ec704fc64768749ee0b3"
},
)
print(res.json())RESPONSE
200
400
401
420
500
Success
Invalid request
Unauthorized
Service Provider claims could not be fulfilled
Internal Server Error
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
// no response body
// no response body
Admin API
Service Directory
Service Directory endpoints.
GET/sd
Get all service directories.
Get all service directories.
Returns
Returns all service directories.
GEThttps://pilot-root.1kosmos.net/adminapi/sd
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/sd' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'Authorization: Bearer YOUR_TOKEN' \ -H 'x-jwt-token: YOUR_JWT' \ -H 'license: YOUR_LICENSE_KEY'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/sd", {
method: "GET",
headers: {
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/sd",
headers={
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"Authorization": "Bearer YOUR_TOKEN",
"x-jwt-token": "YOUR_JWT",
"license": "YOUR_LICENSE_KEY"
}
)
print(res.json())RESPONSE
200
{
"name1": "https://xxx.xxxxxx.xxx/xxxxx",
"name2": "https://xxx.xxxxxx.xxx/xxxxx",
"name3": "https://xxx.xxxxxx.xxx/xxxxx"
}Admin API
Service Provider Catalog
Service Provider Catalog endpoints.
GET/spcatalog/list
get list of Service Provider Catalog item
Get Service Provider Catalog item.
This endpoint must be accessed by an administrator.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
authorization (required)
JWT
Returns
Returns object represents list of service providers catalog items
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
| publickeyrequired | string | Public Key / Try Authorize 🔒 |
| authorizationrequired | string | JWT Access Token / Try Authorize 🔒 |
GEThttps://pilot-root.1kosmos.net/adminapi/spcatalog/list
cURL
Node.js
Python
curl -X GET 'https://pilot-root.1kosmos.net/adminapi/spcatalog/list' \ -H 'requestid: <ecdsa-requestid>' \ -H 'publickey: <public-key>' \ -H 'authorization: Bearer YOUR_TOKEN' \ -H 'keyId: YOUR_KEY_ID' \ -H 'keySecret: YOUR_KEY_SECRET' \ -H 'license: YOUR_LICENSE_KEY' \ -H 'Authorization: Bearer YOUR_TOKEN'
const res = await fetch("https://pilot-root.1kosmos.net/adminapi/spcatalog/list", {
method: "GET",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
});
const data = await res.json();import requests
res = requests.get(
"https://pilot-root.1kosmos.net/adminapi/spcatalog/list",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"authorization": "Bearer YOUR_TOKEN",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
}
)
print(res.json())RESPONSE
200
401
404
Response body contains 'data' field with encrypted object below:
```
{
"spCatalogItemOne": {
name: "name",
logo: "logo",
sso_url: "sso_url",
template: "template"
},
"spCatalogItemTwo": {
name: "name",
logo: "logo",
sso_url: "sso_url",
template: "template"
}
}
```
Unauthorized
Not found
{
"data": "xxxxxxxxxxxxxxxxxxxx",
"publicKey": "xxxxxxxxxxxxxxxxxxxx"
}// no response body
// no response body
Admin API
Sign nonce
API for signing nonce
POST/nonce/sign
Sign a nonce
Sign a nonce sent by the UI.
<b>:: Note for website ::</b>
+ Default request body is {data: ecdsa_string}
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
licensekey (optional)
License key auth-type is a service/system, encrypted using ECDSA
Request Body
tenantId (required)
tenantId : string
communityId (required)
communityId : string
nonce (required)
nonce : string
Returns
Returns a singed nonce value.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| requestidrequired | string | JSON string encrypted with ECDSA containing "appid", "uuid", and "ts" (epoch timestamp in seconds). |
| publickeyrequired | string | Public Key |
Request body
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| nonce | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/nonce/sign
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/nonce/sign' \
-H 'requestid: <ecdsa-requestid>' \
-H 'publickey: <public-key>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "string", "communityId": "string", "nonce": "string"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/nonce/sign", {
method: "POST",
headers: {
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "string",
"communityId": "string",
"nonce": "string"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/nonce/sign",
headers={
"requestid": "<ecdsa-requestid>",
"publickey": "<public-key>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY"
},
json={
"tenantId": "string",
"communityId": "string",
"nonce": "string"
},
)
print(res.json())RESPONSE
200
400
401
500
Successfully signed nonce
Invalid request
Unauthorized
Internal Server Error
{
"signed_nonce": "string"
}// no response body
// no response body
// no response body
Admin API
Test Connection
Test Connection endpoints.
POST/test-connection
Test auth module connection by moduleId.
test auth module.
- Key must be authorized for community.
Headers
requestid (required)
JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now
publickey (required)
Public key
Returns
Test Connection rules with descriptions.
This API throw an error if something goes wrong.
Headers
| Name | Type | Description |
|---|---|---|
| licensekeyrequired | string | License key encrypted with ECDSA / Try Authorize 🔒 |
| requestidrequired | string | JSON string encrypted with ECDSA which should contain "appid" (string), "uuid" (string) and "ts" (number) representing epoch timestamp in seconds - it shouldn't be more or less than 'environment.allowed_time_span' seconds from now / Try Authorize 🔒 |
Request body
Request body contains *data* field with encrypted object below:
{
"tenantId": "required string",
"communityId": "required string",
"moduleId": "required string"
}IMPORTANT - you can send unencrypted data and you will get unecrypted data as well, it is only a preview available in Swagger
| Field | Type | Description |
|---|---|---|
| tenantId | string | — |
| communityId | string | — |
| moduleId | string | — |
POSThttps://pilot-root.1kosmos.net/adminapi/test-connection
cURL
Node.js
Python
curl -X POST 'https://pilot-root.1kosmos.net/adminapi/test-connection' \
-H 'licensekey: YOUR_LICENSE_KEY' \
-H 'requestid: <ecdsa-requestid>' \
-H 'keyId: YOUR_KEY_ID' \
-H 'keySecret: YOUR_KEY_SECRET' \
-H 'license: YOUR_LICENSE_KEY' \
-H 'Authorization: Bearer YOUR_TOKEN' \
-H 'Content-Type: application/json' \
-d '{"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxx", "communityId": "xxxxxxxxxxxxxxxxxxxxxxxx", "moduleId": "xxxxxxxxxxxxxxxxxxxxxxxx"}'const res = await fetch("https://pilot-root.1kosmos.net/adminapi/test-connection", {
method: "POST",
headers: {
"licensekey": "YOUR_LICENSE_KEY",
"requestid": "<ecdsa-requestid>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN",
"Content-Type": "application/json"
},
body: JSON.stringify({
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"moduleId": "xxxxxxxxxxxxxxxxxxxxxxxx"
})
});
const data = await res.json();import requests
res = requests.post(
"https://pilot-root.1kosmos.net/adminapi/test-connection",
headers={
"licensekey": "YOUR_LICENSE_KEY",
"requestid": "<ecdsa-requestid>",
"keyId": "YOUR_KEY_ID",
"keySecret": "YOUR_KEY_SECRET",
"license": "YOUR_LICENSE_KEY",
"Authorization": "Bearer YOUR_TOKEN"
},
json={
"tenantId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"communityId": "xxxxxxxxxxxxxxxxxxxxxxxx",
"moduleId": "xxxxxxxxxxxxxxxxxxxxxxxx"
},
)
print(res.json())RESPONSE
200
400
401
Success
publicKey is publicKey of User Management API, useful for decryption response
data is ECDSA encrypted object represents updated auth module:
```
{
"_id": "ObjectID",
"communityId": "ObjectID",
"type": "db", // ad | ldap | db | azuread
"subtype": "datastore", // for ad | ldap | azuread: "directory", for db: "datastore"
"method": "authn", // for ad | ldap | db | azuread : "authn"
"name": "Auth Module Name",
"enabled": true,
"mode": "broker/direct",
"status": true,
"message": "connection success/failed",
"config": {} // see below config response samples
}
```
config object for type **azuread**:
```
{
"appName": "string",
"tenantId": "string",
"tenantName": "string",
"clientId": "string",
"clientSecret": "string",
"loginBasePath": "string",
"graphApiBasePath": "string"
}
```
Invalid request
Unauthorized
{
"data": "xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxx="
}// no response body
// no response body
© 2026 1Kosmos · Web Admin Backend services v2.1Generated from the OpenAPI spec · adminapi.json