Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel2
maxLevel2
outlinefalse
typeflat
separatorbrackets
printabletrue

...

Check the list of available endpoints and methods to create and modify users using the Provisioning API.

Endpoints and methods

Description

Status
colourYellow
titleGET
 /v2/accounts/{accountName}/tokens see below

Get

Returns a list of all the tokens for the provided account.

Status
colourYellow
titleGET
/v2/accounts/{accountName}/tokens/{tokenId} see below

Returns all the information of a single token, including the actual token.

Status
colourGreen
titlePOST
/v2/accounts/{accountName}/tokens see below

Create

Creates a new token.

Status
colourBlue
titlePUT
/v2/accounts/{accountName}/tokens/{tokenId}/enable see below

Enable

Enables a token.

Status
colourBlue
titlePUT
/v2/accounts/{accountName}/tokens/{tokenId}/disable see below

Disable

Disables a token.

Status
colourBlue
titlePUT
/v2/accounts/{accountName}/tokens/{tokenId}/rename see below

Change

Changes the name associated with a token.

Status
colourRed
titleDELETE
/v2/accounts/{accountName}/tokens/{tokenId} see below

Delete

Deletes a token.

Endpoints and methods

Anchor

...

getList

...

getList
GET /v2/accounts/{accountName}/tokens

Lists all the tokens for the provided account. This endpoint returns the information about the tokens and their IDs , but NOT the tokens themselves does not include the actual token values for security reasons.

Expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

accountName required

string

The name of the account.

Find below a request example:

Code Block
https://api-us.devo.com/xxx/v2/accounts/sampleAccount/tokens
Expand
titleResponse

Code

Description

200

Successful response. List of tokens retrieved.

Code Block
[
  {
    "name": "a",
    "id": 1,
    "scope": "table://*.** level://admin",
    "owner": "web-testing+auto-admin@devo.com",
    "user": "web-testing+auto-admin@devo.com",
    "audience": "apiv2-admin aggregations apiv2",
    "token_type": "Bearer",
    "active": true,
    "expiration": "2024-11-26T14:38:18.000+0000",
    "account": "autotestsampleAccount",
    "created": "2024-11-25T14:38:18.000+0000",
    "updated": "2024-11-25T14:38:18.000+0000",
    "expires_in_seconds": 86400
  },
  {
    "name": "b",
    "id": 2,
    "scope": "table://*.** level://admin",
    "owner": "web-testing+auto-admin@devo.com",
    "user": "web-testing+auto-admin@devo.com",
    "audience": "apiv2-admin aggregations apiv2",
    "token_type": "Bearer",
    "active": true,
    "expiration": "2024-11-26T14:38:18.000+0000",
    "account": "autotestsampleAccount",
    "created": "2024-11-25T14:38:18.000+0000",
    "updated": "2024-11-25T14:38:18.000+0000",
    "expires_in_seconds": 86400
  }
]

4xx

Bad request.

Code Block
{
  "error": {
    "code": 4xx,
    "message": "string"
  }
}

...

Anchor

...

getToken

...

getToken
GET /v2/accounts/{accountName}/tokens/{tokenId}

Returns the full information on details of a single token , identified by its ID. The response to this request includes the actual token value.

Expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

accountName required

string

The name of the account.

tokenId required

string

The ID of the token.

Find below a request example:

Code Block
https://api-us.devo.com/xxx/v2/accounts/sampleAccount/tokens/3
Expand
titleResponse

Code

Description

200

Successful response. List of tokens Token retrieved.

Code Block
{
  "name": "test",
  "id": 3,
  "scope": "table://*.** level://admin",
  "owner": "web-testing+auto-admin@devo.com",
  "user": "web-testing+auto-admin@devo.com",
  "audience": "apiv2-admin aggregations apiv2",
  "token_type": "Bearer",
  "active": true,
  "expiration": "2024-11-26T14:38:18.000+0000",
  "token": "31089320378051f1a2ee17c14028f056",
  "account": "sampleAccount",
  "created": "2024-11-25T14:38:18.000+0000",
  "updated": "2024-11-25T14:38:18.000+0000",
  "expires_in_seconds": 86400
}

4xx

Bad request.

Code Block
{
  "error": {
    "code": 4xx,
    "message": "string"
  }
}

...

Anchor

...

createToken

...

createToken
POST/

...

Add an internal user to a multitenant domain.

Every user in a domain needs to have at least one role assigned to them, either one of the default roles in the application or a custom role. While creating users in a domain, keep in mind the following restrictions:

  • Internal users cannot be used immediately after creation - they must first be activated through a link sent to the email address provided. The activation process also requires the user to create a password.

  • The first user added to a new domain must be internal and must be the domain owner. Owners cannot be deleted, and a domain can only have one owner.

Note

You’ll need the multitenant API keys to create the first user in the domain, and its role must be OWNER. Check an example of this below.

  • To assign a user (new or existing) as a domain owner, use the role OWNER when creating the user. This will create the user with the role ADMIN but with OWNER privileges. The ADMIN role is exclusive and cannot be combined with other roles.

Note

Notice that even though the role OWNER is used to assign a user the ownership of a domain, this is interpreted as ADMIN role, flagged as OWNER, so the actual role (for policies, permissions…) is actually ADMIN, and that value will be returned in the responses (along with a boolean OWNER flag).

  • This method can be also used to add an existing user to a different domain. In this case, the user will keep their original user name and phone number, ignoring any new value provided for them. The field externalId is ignored too since it only has meaning for external users (who might not have a password in the platform).

...

titleRequest

Query string parameters

Query string parameters are added after the path parameters, preceded by a question mark (?) and separated by an ampersand (&)

...

Parameter

...

Type

...

Description

...

skipMailValidation required

...

boolean

...

Set this to true to skip the email address validation step when creating a user for the domain. In this case, the user must already exist in the platform and therefore already have a password. Default value is false.

Note

Note that in order to use this parameter, you must use multitenant domain credentials to authorize your request.

Request body

The request JSON body must include the userInfo object with the following key-value pairs:

...

Parameter

...

Type

...

Description

...

domain required

...

string

...

Domain name. Must match the expression "^[A-Za-z]A-Za-z0-9_-?$".

...

userName required

...

string

...

Name of the new user. Must match the expression "^(([a-zA-Z0-9À-ÿ])+([ _'.@-]))([a-zA-Z0-9À-ÿ])$".

This field will be ignored if you are adding an already existing user to a different domain, and the current value will be kept.

...

email required

...

string

...

Enter the email address of the new user.

...

role required

...

string

...

Role of the new user. Basic roles in Devo are:

  • OWNER

  • ADMIN

  • NO_PRIVILEGES

Custom roles must match the expression "^(([a-zA-Z0-9])+([ _-]))([a-zA-Z0-9])$".

Check more info about roles at the top of this endpoint section.

...

phone

...

string

...

Phone number of the new user. Must match the expression "^+(?:[0-9] ?){6,14}[0-9]$".

This field will be ignored if you are adding an already existing user to a different domain, and the current value will be kept.

Find below a request example:

Code Block
https://api-us.devo.com/probio/user/internal?skipValidation=false

And this is an example of a request body, including the required JSON object. In this example, we are adding the first user (owner) of a domain:

Code Block
{
  "domain": "domainName@resellerName",
  "userName": "Frank",
  "email": "user@devo.com",
  "role": "OWNER"
}

...

titleResponse

...

Code

...

Description

...

200

Successful response. User added to the given domain.

...

v2/accounts/{accountName}/tokens

Creates a new token.

Expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

accountName required

string

The name of the account.

Payload:

Code Block
{
  "name": "string",
  "owner": "email",
  "user": "email",
  "audience": "string",
  "scopes": "string",
  "expiresInSeconds": 86400
}
  • name is optional, and defaults to 'Unnamed' when not present.

  • user is optional and only required when a user is creating a token on behalf of another user. The credentials are resolved for the value of this field (which defaults to the owner when not present).

  • audience is required (samples: apiv2, apiv2-admin, alerts, aggregations, http).

  • scopes is optional and defaults to 'default' when not present.

  • expiresInSeconds is optional and defaults to 86400 when not present. Use the value -1 to create a permanent token.

Find below a request example:

Code Block
https://api-us.devo.com/xxx/v2/accounts/sampleAccount/tokens
Expand
titleResponse
Info

Creating a token returns the location header with the URI where the resource can be located.

Code

Description

200

Successful response. Token created.

Code Block
{
  TBD 
}

4xx

Bad request.

Code Block
{
  "error": {
    "code": 4xx,
    "message": "string"
  }
}

...

Anchor
enableToken
enableToken
PUT/v2/accounts/{accountName}/tokens/{tokenId}/enable

Enable token by ID.

Expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

accountName required

string

The name of the account.

tokenId required

string

The ID of the token.

Find below a request example:

Code Block
https://api-us.devo.com/xxx/v2/accounts/sampleAccount/tokens/3/enable
Expand
titleResponse

Set the roles of a user in a given domain.

Query string parameters

Query string parameters are added after the path parameters, preceded by a question mark (?) and separated by an ampersand (&)

keepExisting

Request body

The request JSON body must include the following key-value pairs
Expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

userEmail required

string

Enter the email of the required user.

domainName required

string

Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName}

Parameter

Type

Description

boolean

Set this to true to keep the current roles of the user, plus the new ones added through this request. The default value is false.

Code

Description

200

Successful response. Token enabled.

4xx

Bad request.

Code Block
{
  "error": {
    "code": 4xx,
    "message": "string"
: "string" } }

...


  }
}

...

Anchor
path11
path11
PUT/v2/accounts/{accountName}/tokens/{tokenId}/disable

Disable token by ID.

Expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

accountName required

string

The name of the account.

tokenId required

string

The ID of the token.

Find below a request example:

Code Block
https://api-us.devo.com/xxx/v2/accounts/sampleAccount/tokens/3/disable
Expand
titleResponse

Code

Description

200

Successful response. Token disabled.

4xx

Bad request.

Code Block
{
  "error": {
    "code": 4xx,
    "message": "string"
  }
}

...

Anchor
renameToken
renameToken
PUT/v2/accounts/{accountName}/tokens/{tokenId}/rename

This endpoint updates the name associated with a token, identified by its ID.

[ "role1", "role2", "role3" ]
Expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Code Block

Parameter

Type

Description

roles

accountName required

object

string

Enter the list of role names separated by commas. Basic roles in Devo are:

  • OWNER

  • ADMIN

  • NO_PRIVILEGES

Custom roles must match the expression "^(([a-zA-Z0-9])+([ _-]))([a-zA-Z0-9])$".

Find below a request example:

Code Block
https://api-us.devo.com/probio/user/email/user@devo.com/domain/domainName@resellerName/role?keepExisting=true

And this is an example of a request body, including the required JSON object:

The name of the account.

tokenId required

string

The ID of the token.

Payload:

Code Block
{
  "value": "your new token name"
}

If the new name is empty or null, the service will still return OK, but the token name will remain unchanged.

Find below a request example:

Code Block
https://api-us.devo.com/xxx/v2/accounts/sampleAccount/tokens/3/rename
Expand
titleResponse

Code

Description

200

Successful response.

Roles updated

Token renamed.

4xx

Bad request.

Code Block
{
  "error": {
    "code": 4xx,
    "message": "string"
  }
}

...

Anchor

...

deleteToken

...

deleteToken
DELETE/

...

v2/

...

accounts/{

...

accountName}/

...

Removes the indicated roles from the user in the specified domain.

...

titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

...

Parameter

...

Type

...

Description

...

userEmail required

...

string

...

Enter the email of the required user.

...

domainName required

...

string

...

Enter the name of the required domain. You must enter the full domain name using the format {domainName}@{resellerName}

Request body

...

tokens/{tokenId}

Deletes a token from an account.

Note

Only to be used when the token is to be removed from the service. There is no coming back from this, and once a token is deleted then it's gone for good.

List of role names to be deleted, separated by commas. Basic roles in Devo are:

  • OWNER

  • ADMIN

  • NO_PRIVILEGES

Custom roles must match the expression "^(([a-zA-Z0-9])+([ _-]))([a-zA-Z0-9])$"
Expand
titleRequest

Path parameters

Add the following path parameters as part of the endpoint:

Parameter

Type

Description

roles

accountName required

object

string

The name of the account.

tokenId required

string

The ID of the token.

Find below a request example:

Code Block
https://api-us.devo.com/probioxxx/userv2/emailaccounts/user@devo.comsampleAccount/domaintokens/domainName@resellerName/role

And this is an example of a request body, including the required JSON object:

Code Block
[
  "role1", "role2", "role3"
]
3
Expand
titleResponse

Code

Description

200

Successful response.

Roles removed from user

Token deleted.

4xx

Bad request.

Code Block
{
  "error": {
    "code": 4xx,
    "message": "string"
  }
}