API v2: OpenID Connect Users Assignment¶
User related OpenID Connect endpoints help to create, modify, list and delete OpenID Connect configurations assignment to Users.
Data Structures¶
| Attribute | Type | Required | Description |
|---|---|---|---|
| id | string | Read-only. Protected. Unique identifier. | |
| user_id | string | yes | Immutable. Uniqueness is required in the combination of attribute user_id with attribute oidc_id. |
| oidc_id | string | yes | Immutable. Uniqueness is required in the combination of attribute oidc_id with attribute user_id. |
| oidc_sub | string | yes | OpenID Connect sub claim. |
| user_name | string | Read-only. Expensive to use. | |
| user_domain | string | Read-only. Expensive to use. | |
| user_email | string | Read-only. Expensive to use. | |
| user_organization | string | Read-only. Expensive to use. | |
| user_role | string | Read-only. Expensive to use. | |
| oidc_name | string | Read-only. Expensive to use. | |
| created_at | datetime | Read-only. Timestamp of creation. | |
| modified_at | datetime | Read-only. Timestamp of modification. | |
| removed | boolean | Read-only. | |
| builtin | boolean | Read-only; expensive to use; if true, the object is not editable. |
|
| hidden | boolean | Read-only; expensive to use; if true, the object is hidden in UI. |
Request for Retrieving Available Attributes of the UserOpenIDModel
| Method | GET
|
| Path | /api/v2/objspec/user_oidc
|
Note
To check allowed methods, available URL parameters and possible responses please refer to the API Overview section.
The next chapter describes procedures for creating separate requests.
Retrieving the List of Existing OpenID Connect Configuration Assignments to Users¶
Request
| Method | GET
|
| Path | /api/v2/user/oidc
|
Example Request
Sending GET https://10.0.0.0/api/v2/user/oidc
curl -s -k -X GET -H 'Authorization: sgfeea6jsaz4mum9su8w61877n1g06sk' 'https://10.0.214.98/api/v2/user/oidc'
Response
{
"result": "success",
"user_oidc": [
{
"user_id": "9124292845052624898",
"oidc_id": "9124292845052624898",
"oidc_sub": "John",
"user_name": "User_1",
"user_domain": "zw.local",
"user_email": "user@fudosecurity.com",
"user_role": "operator",
"oidc_name": "OKTA2",
"created_at": "2024-06-19 08:39:55.351137-07",
"modified_at": "2024-06-19 08:39:55.351137-07",
"builtin": false,
"hidden": false
}
]
}
Retrieving Existing OpenID Connect Configuration Assigned to User¶
Request
| Method | GET
|
| Path | /api/v2/user/<user_id>/oidc/<oidc_id>
|
Example Request
Sending GET https://10.0.0.0/api/v2/user/9124292845052624898/oidc/9124292845052624898
curl -s -k -X GET -H 'Authorization: sgfeea6jsaz4mum9su8w61877n1g06sk' 'https://10.0.214.98/api/v2/user/9124292845052624898/oidc/9124292845052624898'
Response
{
"result": "success",
"user_oidc": [
{
"user_id": "9124292845052624898",
"oidc_id": "9124292845052624898",
"oidc_sub": "John",
"user_name": "User_1",
"user_domain": "zw.local",
"user_email": "user@fudosecurity.com",
"user_role": "operator",
"oidc_name": "OKTA2",
"created_at": "2024-06-19 08:39:55.351137-07",
"modified_at": "2024-06-19 08:39:55.351137-07",
"builtin": false,
"hidden": false
}
]
}
Defining OpenID Connect Configuration Assignment to User¶
Request
| Method | POST
|
| Path | /api/v2/user/oidc
|
| Headers | Content-Type: Application/HTML
|
| Body | UserOpenIDModel
|
Example Request
Sending POST https://10.0.0.0/api/v2/user/oidc
curl -s -k -X POST -H 'Authorization: sgfeea6jsaz4mum9su8w61877n1g06sk' 'https://10.0.214.98/api/v2/user/oidc' -H 'Content-Type: application/json' -d'{"user_id":"9124292845052624898","oidc_id":"9124292845052624898","oidc_sub":"John"}'
Response
{
"result": "success"
}
Modifying OpenID Connect Configuration Assignment to User¶
Request
| Method | PATCH
|
| Path | /api/v2/user/<user_id>/oidc/<oidc_id>
|
| Headers | Content-Type: Application/HTML
|
| Body | UserOpenIDModel
|
Example Request
Sending PATCH https://10.0.0.0/api/v2/user/9124292845052624800/oidc/9124292845052624898
curl -s -k -X PATCH -H 'Authorization: sgfeea6jsaz4mum9su8w61877n1g06sk' 'https://10.0.214.98/api/v2/user/9124292845052624898/oidc/9124292845052624898' -H 'Content-Type: application/json' -d'{"oidc_sub":"JohnD"}'
Response
{
"result": "success"
}
Deleting OpenID Connect Configuration Assignment to User¶
Request
| Method | DELETE
|
| Path | /api/v2/user/<user_id>/oidc/<oidc_id>
|
Example Request
Sending DELETE https://10.0.0.0/api/v2/user/9124292845052624800/oidc/9124292845052624897
curl -s -k -X DELETE -H 'Authorization: vg1ei6rgo58fsbobr7octp0w3afd9vsm' https://10.0.214.98/api/v2/user/9124292845052624800/oidc/9124292845052624897
Response
{
"result": "success"
}