Account API
Endpoint Index
| Action | Endpoint |
|---|---|
| Authenticate a standard account | POST /account/authenticate |
| Authenticate an admin account | POST /account/authenticateAdmin |
| Authenticate a client or tenant admin account (SSO) | POST /account/sso/authenticateClient |
| Renew an authentication token | POST /account/renewAuthentication |
| Unlock an account that has been locked out due to failed login attempts | POST /account/unlock |
| Update a password | PATCH /account/v1/accounts/password |
Authentication
POST /account/authenticate| Name | Position | Type | Required |
|---|---|---|---|
| body | body | AuthenticateRequest | optional |
| hostName | query | string | optional |
| tenantName | query | string | optional |
AuthenticateResponseNote
Use /authenticate for authenticating as a regular user (in which case you must specify a tenantName or hostName), or for an administration account for deploying configurations (in which case you should not specify a tenantName or hostName.)
POST /account/authenticateAdmin| Name | Position | Type | Required |
|---|---|---|---|
| body | body | AuthenticateRequest | optional |
| hostName | query | string | optional |
| tenantLocator | query | string | optional |
| tenantName | query | string | optional |
AuthenticateResponseNote
Use /authenticateAdmin for authenticating as a “tenant administrator.” It’s the equivalent of logging in as an administrator in the Socotra Administration UI to modify users, maintain external integrations, and query plugin logs. You must specify one of the tenantLocator, hostName, or tenantName. This type of account token cannot be used to deploy configurations.
Note
Values for hostName and tenantName can be included in either the query string or the AuthenticateRequest
POST /account/sso/authenticateClient| Name | Position | Type | Required |
|---|---|---|---|
| request | body | SsoClientAuthenticateRequest | required |
AuthenticateAdminResponsePOST /account/renewAuthenticationAuthenticateResponserequiredpassword stringusername stringoptionalhostName stringtenantName string
requiredexpiresTimestamp timestampauthorizationToken string
requiredclientId stringclientSecret stringoptionalhostName string
requiredexpiresTimestamp timestampauthorizationToken string
Account Lockout Reset
POST /account/unlock| Name | Position | Type | Required |
|---|---|---|---|
| request | body | AccountUnlockRequest | required |
voidNote
To unlock any account you must be authenticated as an admin user.
requiredusername stringoptionalhostName stringtenantName string
Note
To unlock a tenant user account you must specify both the username and hostname in the request. To unlock another admin user you must specify only the username.
Password Change
A user can change their password with the following endpoint:
PATCH /account/v1/accounts/password| Name | Position | Type | Required |
|---|---|---|---|
| passwordRequest | body | PasswordChangeRequest | required |
voidrequiredoldPassword stringpassword stringoptionallogout boolean
The logout property, if set to true, will logout all sessions for the user upon the password change. The default value is false.
Note
Note that the path for the above endpoint is /accounts and not /account.