Overview
This guide gives step by step instructions on how you can integrate miniOrange Identity Provider and User Store APIs with your system.
Pre-requisites
- You need to create a free trial account with miniOrange.
- Login to our console and Click on the Settings provided on the right top corner of the console.
- Copy your Api Key and follow the steps below to generate the Authentication Header.
Step 1: Create Authentication Header
To be able to call our challenge and validate Rest APIs, you will need to set the authorization headers required to make sure that the request being made is by a valid user. You can check the sample JAVA and PHP code below to get an idea on how you can create the authorization headers.
The following values need to be set in the Header of the HTTP Request being made.
Attribute | Description |
---|---|
Customer-Key | Your customer key. |
Api-Key | Your Api Key |
Timestamp | The time in milliseconds when the request is being made |
Authorization | Sha 512 Hash Value consisting of the customer key , current timestamp and api key. |
You can get your Customer-Key and Api Key by following these steps:
- Log in to your Admin Dashboard.
- Go to System Settings from the top right corner. You will find all of your information under the Account Details section.
- Java
- PHP
/* You can get customer Key and customer Api Key from your admin dashboard */
String customerKey = "<YOUR_CUSTOMER_KEY>";
String apiKey = "<YOUR_API_KEY>";
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
String currentTimeInMillis = String.valueOf(System.currentTimeMillis());
/* Creating the Hash using SHA-512 algorithm (Apache Shiro library) */
String stringToHash = customerKey + currentTimeInMillis + apiKey;
String hashValue = new Sha512Hash(stringToHash).toHex().toLowerCase();
HttpPost postRequest = new HttpPost("<URL for calling API>");
/* Setting the Authorization Header values */
postRequest.setHeader("Customer-Key", customerKey);
postRequest.setHeader("Timestamp", currentTimeInMillis);
postRequest.setHeader("Authorization", hashValue)
/* You can get customer Key and customer Api Key from your admin dashboard*/
$customerKey = "<YOUR_CUSTOMER_KEY>";
$apiKey = "<YOUR_API_KEY>";
/* Current time in milliseconds since midnight, January 1, 1970 UTC. */
$currentTimeInMillis = round(microtime(true) * 1000);
/* Creating the Hash using SHA-512 algorithm */
$stringToHash = $customerKey . number_format ( $currentTimeInMillis, 0, '', '' ) . $apiKey;
$hashValue = hash("sha512", $stringToHash);
/* Add $customerKeyHeader,$timestampHeader and $authorizationHeader in the httpheader */
$customerKeyHeader = "Customer-Key: " . $customerKey;
$timestampHeader = "Timestamp: " . number_format ( $currentTimeInMillis, 0, '', '' );
$authorizationHeader = "Authorization: " . $hashValue;
Step 2: API Details
Get All Configured OAuth Providers
To get all configured OAuth providers, you need to make a HTTP GET request to our get all OAuth Providers API.
Endpoint Information:
Type | Information |
---|---|
Method | GET |
URL | https://login.xecurify.com/api/v1/idp/oauth/{customerId}?startIndex={startIndex}&count={count} |
Request headers:
Parameters | Type |
---|---|
Customer-Key | int |
Timestamp | int |
Authorization | String |
CustomerKey
: CustomerKey is the customer key for your account and must be sent with all client requests.
Timestamp
: Timestamp specifies current time in milliseconds e.g 1474522813982.
Authorization
: Authorization specifies SHA 512 hash value of string concatenated with customerKey, time in milliseconds and api key for your account e.g sha512(customerKey + timeInMillis + apiKey). Check the Authorization Section above for more details.
Request Parameters:
Parameters | Type | Comments |
---|---|---|
customerId (required) | int | CustomerKey for your account |
startIndex (optional) | Int | Defaults to 1 if no value passed |
count (optional) | Int | Defaults to 20 if no value passed |
Sample Code for Request:
In the following code, just replace <YOUR_CUSTOMER_KEY>
, <START_INDEX>
, <COUNT>
, <AUTHORIZATION>
and <TIMESTAMP>
with the respective values
- cURL
- Java
- PHP
curl --location --request GET 'https://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>?startIndex=<START_INDEX>&count=<COUNT>' \
--header 'Authorization: <AUTHORIZATION>' \
--header 'Customer-Key: <YOUR_CUSTOMER_KEY>' \
--header 'Timestamp: <TIMESTAMP>'
OkHttpClient client = new OkHttpClient().newBuilder().build();
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = RequestBody.create(mediaType, "");
Request request = new Request.Builder()
.url("http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>?startIndex=<START_INDEX>&count=<COUNT>")
.method("GET", body)
.addHeader("Authorization", "<AUTHORIZATION>")
.addHeader("Customer-Key", "<YOUR_CUSTOMER_KEY>")
.addHeader("Timestamp", "<TIMESTAMP>")
.build();
Response response = client.newCall(request).execute();
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>?startIndex=<START_INDEX>&count=<COUNT>',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: <AUTHORIZATION>',
'Customer-Key: <YOUR_CUSTOMER_KEY>',
'Timestamp: <TIMESTAMP>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
Example Request:
https://login.xecurify.com/api/v1/idp/oauth/12312?startIndex=8&count=10
Example Response:
{
"customerId": 12312,
"status": "SUCCESS",
"message": "Identity Provider settings retrieved successfully",
"idpList": {
"totalResults": 1,
"startIndex": 1,
"itemsPerPage": 10,
"resources": [
{
"displayName": "ApiTestProvider",
"userLoginAllowed": false,
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"isDefault": false,
"domainMapping": "",
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
],
"identifier": "custom_oauth_apitestprovider",
"clientId": "adfas123123",
"clientSecret": "adfasdf12312",
"scope": "AUTHORIZATION",
"grantType": "profile",
"authorizeEndpoint": "https://localhost",
"tokenEndpoint": "https://localhost",
"userInfoEndpoint": "https://localhost",
"clientCredentialsHeaderEnabled": false,
"id": 121,
"oauthCallBackUrl": "https://xyz.miniorange.in/moas/broker/login/oauth/callback/12312"
}
]
}
}
Fetch Specific OAuth Provider
To fetch details of a configured OAuth provider, you need to make a HTTP GET request to our fetch OAuth Provider Configuration endpoint.
Endpoint Information:
Type | Information |
---|---|
Method | GET |
URL | https://login.xecurify.com/api/v1/idp/oauth/{customerId}/{id} |
Request headers:
Parameters | Type |
---|---|
Customer-Key | int |
Timestamp | int |
Authorization | String |
CustomerKey
: CustomerKey is the customer key for your account and must be sent with all client requests.
Timestamp
: Timestamp specifies current time in milliseconds e.g 1474522813982.
Authorization
: Authorization specifies SHA 512 hash value of string concatenated with customerKey, time in milliseconds and api key for your account e.g sha512(customerKey + timeInMillis + apiKey). Check the Authorization Section above for more details.
Request Parameters:
Parameters | Type | Comments |
---|---|---|
customerId (required) | int | CustomerKey for your account |
id (required) | Int | ID of your OAuth Provider |
Sample Code for Request:
In the following code, just replace <YOUR_CUSTOMER_KEY>
, <ID>
, <AUTHORIZATION>
and <TIMESTAMP>
with the respective values
- cURL
- Java
- PHP
curl --location --request GET 'http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>/<ID>' \
--header 'Authorization: <AUTHROIZATION>' \
--header 'Customer-Key: <YOUR_CUSTOMER_KEY>' \
--header 'Timestamp: <TIMESTAMP>'
OkHttpClient client = new OkHttpClient().newBuilder().build();
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = RequestBody.create(mediaType, "");
Request request = new Request.Builder()
.url("http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>/<ID>")
.method("GET", body)
.addHeader("Authorization", "<AUTHROIZATION>")
.addHeader("Customer-Key", "<YOUR_CUSTOMER_KEY>")
.addHeader("Timestamp", "<TIMESTAMP>")
.build();
Response response = client.newCall(request).execute();
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>/<ID>',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'GET',
CURLOPT_HTTPHEADER => array(
'Authorization: <AUTHROIZATION>',
'Customer-Key: <YOUR_CUSTOMER_KEY>',
'Timestamp: <TIMESTAMP>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
Example Request:
https://login.xecurify.com/api/v1/idp/oauth/12312/121
Example Response:
{
"customerId": 12312,
"status": "SUCCESS",
"message": "Identity Provider settings retrieved successfully",
"idp": {
"displayName": "ApiTestProvider",
"userLoginAllowed": false,
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"isDefault": false,
"domainMapping": "",
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
],
"identifier": "custom_oauth_apitestprovider",
"clientId": "adfas123123",
"clientSecret": "adfasdf12312",
"scope": "AUTHORIZATION",
"grantType": "profile",
"authorizeEndpoint": "https://localhost",
"tokenEndpoint": "https://localhost",
"userInfoEndpoint": "https://localhost",
"clientCredentialsHeaderEnabled": false,
"id": 121,
"oauthCallBackUrl": "https://xyz.miniorange.in/moas/broker/login/oauth/callback/12312"
}
}
Add a OAuth Provider
To add a OAuth provider, you need to make a HTTP PUT request to our add OAuth Provider Configuration endpoint.
Endpoint Information:
Type | Information |
---|---|
Method | PUT |
URL | https://login.xecurify.com/api/v1/idp/oauth/{customerId} |
Request headers:
Parameters | Type |
---|---|
Content-Type | application/json |
Customer-Key | int |
Timestamp | int |
Authorization | String |
CustomerKey
: CustomerKey is the customer key for your account and must be sent with all client requests.
Timestamp
: Timestamp specifies current time in milliseconds e.g 1474522813982.
Authorization
: Authorization specifies SHA 512 hash value of string concatenated with customerKey, time in milliseconds and api key for your account e.g sha512(customerKey + timeInMillis + apiKey). Check the Authorization Section above for more details.
Main Request Parameters:
Parameters | Type | Comments |
---|---|---|
customerId (required) | int | CustomerKey for your account |
identifier (required) | string | A unique value to identify your IdP |
displayName (required) | string | This value would be used to display to Users |
clientId (required) | string | ClientID generated by the provider |
clientSecret (required) | string | ClientSecret generated by the provider |
scope (optional) | string | Defaults to profile if not provided |
grantType (required) | string | Needs to be Authorization or Password |
authorizeEndpoint (optional) | string | Authorization Endpoint of the Provider |
tokenEndpoint (optional) | string | Token Endpoint of the provider |
userInfoEndpoint (optional) | string | User Info Endpoint of the provider to fetch user details |
Sample Code for Request:
In the following code, just replace <AUTHORIZATION>
and <TIMESTAMP>
with the respective values
- cURL
- Java
- PHP
curl --location --request PUT 'http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>' \
--header 'Authorization: <AUTHROIZATION>' \
--header 'Customer-Key: <YOUR_CUSTOMER_KEY>' \
--header 'Timestamp: <TIMESTAMP>' \
--header 'Content-Type: application/json' \
--data-raw '{
"clientId": "adfas123123",
"clientSecret": "adfasdf12312",
"grantType": "AUTHORIZATION",
"scope": "profile",
"authorizeEndpoint": "https://localhost",
"tokenEndpoint": "https://localhost",
"userInfoEndpoint": "https://localhost",
"clientCredentialsHeaderEnabled": false,
"identifier": "custom_oauth",
"displayName": "ApiTestProvider",
"userLoginAllowed": false,
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"isDefault": false,
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
]
}'
OkHttpClient client = new OkHttpClient().newBuilder().build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{
\"clientId\": \"adfas123123\",
\"clientSecret\": \"adfasdf12312\",
\"grantType\": \"AUTHORIZATION\",
\"scope\": \"profile\",
\"authorizeEndpoint\": \"https://localhost\",
\"tokenEndpoint\": \"https://localhost\",
\"userInfoEndpoint\": \"https://localhost\",
\"clientCredentialsHeaderEnabled\": false,
\"identifier\": \"custom_oauth\",
\"displayName\": \"ApiTestProvider\",
\"userLoginAllowed\": false,
\"domainMapping\": \"\",
\"showIdpToUsers\": false,
\"promptForUserRegistration\": false,
\"sendConfiguredAttributes\": false,
\"isDefault\": false,
\"attributeMapping\": [
{
\"incomingAttribute\": \"\",
\"outgoingAttribute\": \"\"
}
]
}");
Request request = new Request.Builder()
.url("http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>")
.method("PUT", body)
.addHeader("Authorization", "<AUTHROIZATION>")
.addHeader("Customer-Key", "<YOUR_CUSTOMER_KEY>")
.addHeader("Timestamp", "<TIMESTAMP>")
.addHeader("Content-Type", "application/json")
.build();
Response response = client.newCall(request).execute();
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'PUT',
CURLOPT_POSTFIELDS =>'{
"clientId": "adfas123123",
"clientSecret": "adfasdf12312",
"grantType": "AUTHORIZATION",
"scope": "profile",
"authorizeEndpoint": "https://localhost",
"tokenEndpoint": "https://localhost",
"userInfoEndpoint": "https://localhost",
"clientCredentialsHeaderEnabled": false,
"identifier": "custom_oauth",
"displayName": "ApiTestProvider",
"userLoginAllowed": false,
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"isDefault": false,
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
]
}',
CURLOPT_HTTPHEADER => array(
'Authorization: <AUTHROIZATION>',
'Customer-Key: <YOUR_CUSTOMER_KEY>',
'Timestamp: <TIMESTAMP>',
'Content-Type: application/json'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
Example Request:
https://login.xecurify.com/api/v1/idp/oauth/12312
Example Request body:
{
"clientId": "adfas123123",
"clientSecret": "adfasdf12312",
"grantType": "AUTHORIZATION",
"scope": "profile",
"authorizeEndpoint": "https://localhost",
"tokenEndpoint": "https://localhost",
"userInfoEndpoint": "https://localhost",
"clientCredentialsHeaderEnabled": false,
"identifier": "custom_oauth",
"displayName": "ApiTestProvider",
"userLoginAllowed": false,
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"isDefault": false,
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
]
}
Example Response:
{
"customerId": 12312,
"status": "SUCCESS",
"message": "Identity Provider created successfully",
"idp": {
"displayName": "ApiTestProvider",
"userLoginAllowed": false,
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"isDefault": false,
"domainMapping": "",
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
],
"identifier": "custom_oauth_apitestprovider",
"clientId": "adfas123123",
"clientSecret": "adfasdf12312",
"scope": "AUTHORIZATION",
"grantType": "profile",
"authorizeEndpoint": "https://localhost",
"tokenEndpoint": "https://localhost",
"userInfoEndpoint": "https://localhost",
"clientCredentialsHeaderEnabled": false,
"id": 121,
"oauthCallBackUrl": "https://xyz.miniorange.in/moas/broker/login/oauth/callback/12312"
}
}
Update a OAuth Provider
To update a OAuth provider, you need to make a HTTP PATCH request to our update OAuth Provider Configuration endpoint.
Endpoint Information:
Type | Information |
---|---|
Method | PATCH |
URL | https://login.xecurify.com/api/v1/idp/oauth/{customerId}/{id} |
Request headers:
Parameters | Type |
---|---|
Content-Type | application/json |
Customer-Key | int |
Timestamp | int |
Authorization | String |
CustomerKey
: CustomerKey is the customer key for your account and must be sent with all client requests.
Timestamp
: Timestamp specifies current time in milliseconds e.g 1474522813982.
Authorization
: Authorization specifies SHA 512 hash value of string concatenated with customerKey, time in milliseconds and api key for your account e.g sha512(customerKey + timeInMillis + apiKey). Check the Authorization Section above for more details.
Main Request Parameters:
Parameters | Type | Comments |
---|---|---|
customerId (required) | int | CustomerKey for your account |
id (required) | Int | ID of your OAuth Provider IdP |
identifier (required) | string | A unique value to identify your IdP |
displayName (required) | string | This value would be used to display to Users |
clientId (required) | string | ClientID generated by the provider |
clientSecret (required) | string | ClientSecret generated by the provider |
scope (optional) | string | Defaults to profile if not provided |
grantType (required) | string | Needs to be Authorization or Password |
authorizeEndpoint (optional) | string | Authorization Endpoint of the Provider |
tokenEndpoint (optional) | string | Token Endpoint of the provider |
userInfoEndpoint (optional) | string | User Info Endpoint of the provider to fetch user details |
Sample Code for Request:
In the following code, just replace <YOUR_CUSTOMER_KEY>
, <ID>
, <ENTITY_ID>
, <LOGIN_URL>
, <LOGOUT_URL>
, <X509_CERT>
, <AUTHORIZATION>
and <TIMESTAMP>
with the respective values
- cURL
- Java
- PHP
curl --location --request PATCH 'http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>/<ID>' \
--header 'Authorization: <AUTHROIZATION>' \
--header 'Customer-Key: <YOUR_CUSTOMER_KEY>' \
--header 'Timestamp: <TIMESTAMP>' \
--header 'Content-Type: application/json' \
--data-raw '{
"clientId": "adfas123123",
"clientSecret": "adfasdf12312",
"grantType": "AUTHORIZATION",
"scope": "profile",
"authorizeEndpoint": "https://localhost",
"tokenEndpoint": "https://localhost",
"userInfoEndpoint": "https://localhost",
"clientCredentialsHeaderEnabled": false,
"identifier": "custom_oauth",
"displayName": "ApiTestProvider",
"userLoginAllowed": false,
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"isDefault": false,
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
]
}'
OkHttpClient client = new OkHttpClient().newBuilder().build();
MediaType mediaType = MediaType.parse("application/json");
RequestBody body = RequestBody.create(mediaType, "{
\"clientId\": \"adfas123123\",
\"clientSecret\": \"adfasdf12312\",
\"grantType\": \"AUTHORIZATION\",
\"scope\": \"profile\",
\"authorizeEndpoint\": \"https://localhost\",
\"tokenEndpoint\": \"https://localhost\",
\"userInfoEndpoint\": \"https://localhost\",
\"clientCredentialsHeaderEnabled\": false,
\"identifier\": \"custom_oauth\",
\"displayName\": \"ApiTestProvider\",
\"userLoginAllowed\": false,
\"domainMapping\": \"\",
\"showIdpToUsers\": false,
\"promptForUserRegistration\": false,
\"sendConfiguredAttributes\": false,
\"isDefault\": false,
\"attributeMapping\": [
{
\"incomingAttribute\": \"\",
\"outgoingAttribute\": \"\"
}
]
}");
Request request = new Request.Builder()
.url("http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>/<ID>")
.method("PATCH", body)
.addHeader("Authorization", "<AUTHROIZATION>")
.addHeader("Customer-Key", "<YOUR_CUSTOMER_KEY>")
.addHeader("Timestamp", "<TIMESTAMP>")
.addHeader("Content-Type", "application/json")
.build();
Response response = client.newCall(request).execute();
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>/<ID>',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'PATCH',
CURLOPT_POSTFIELDS =>'{
"clientId": "adfas123123",
"clientSecret": "adfasdf12312",
"grantType": "AUTHORIZATION",
"scope": "profile",
"authorizeEndpoint": "https://localhost",
"tokenEndpoint": "https://localhost",
"userInfoEndpoint": "https://localhost",
"clientCredentialsHeaderEnabled": false,
"identifier": "custom_oauth",
"displayName": "ApiTestProvider",
"userLoginAllowed": false,
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"isDefault": false,
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
]
}',
CURLOPT_HTTPHEADER => array(
'Authorization: <AUTHROIZATION>',
'Customer-Key: <YOUR_CUSTOMER_KEY>',
'Timestamp: <TIMESTAMP>',
'Content-Type: application/json'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
Example Request:
https://login.xecurify.com/api/v1/idp/oauth/12312/93
Example Request body:
{
"clientId": "adfas123123",
"clientSecret": "adfasdf12312",
"grantType": "AUTHORIZATION",
"scope": "profile",
"authorizeEndpoint": "https://localhost",
"tokenEndpoint": "https://localhost",
"userInfoEndpoint": "https://localhost",
"clientCredentialsHeaderEnabled": false,
"identifier": "custom_oauth",
"displayName": "ApiTestProvider",
"userLoginAllowed": false,
"domainMapping": "",
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"isDefault": false,
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
]
}
Example Response:
{
"customerId": 12312,
"status": "SUCCESS",
"message": "Identity Provider created successfully",
"idp": {
"displayName": "ApiTestProvider",
"userLoginAllowed": false,
"showIdpToUsers": false,
"promptForUserRegistration": false,
"sendConfiguredAttributes": false,
"isDefault": false,
"domainMapping": "",
"attributeMapping": [
{
"incomingAttribute": "",
"outgoingAttribute": ""
}
],
"identifier": "custom_oauth_apitestprovider",
"clientId": "adfas123123",
"clientSecret": "adfasdf12312",
"scope": "AUTHORIZATION",
"grantType": "profile",
"authorizeEndpoint": "https://localhost",
"tokenEndpoint": "https://localhost",
"userInfoEndpoint": "https://localhost",
"clientCredentialsHeaderEnabled": false,
"id": 121,
"oauthCallBackUrl": "https://xyz.miniorange.in/moas/broker/login/oauth/callback/12312"
}
}
Delete a OAuth Provider
To detele a OAuth provider, you need to make a HTTP DELETE request to our delete OAuth Provider endpoint.
Endpoint Information:
Type | Information |
---|---|
Method | DELETE |
URL | https://login.xecurify.com/api/v1/idp/oauth/{customerId}/{id} |
Request headers:
Parameters | Type |
---|---|
Customer-Key | int |
Timestamp | int |
Authorization | String |
CustomerKey
: CustomerKey is the customer key for your account and must be sent with all client requests.
Timestamp
: Timestamp specifies current time in milliseconds e.g 1474522813982.
Authorization
: Authorization specifies SHA 512 hash value of string concatenated with customerKey, time in milliseconds and api key for your account e.g sha512(customerKey + timeInMillis + apiKey). Check the Authorization Section above for more details.
Main Request Parameters:
Parameters | Type | Comments |
---|---|---|
customerId (required) | int | CustomerKey for your account |
id (required) | Int | ID of your OAuth Provider |
Sample Code for Request:
In the following code, just replace <YOUR_CUSTOMER_KEY>
, <ID>
, <AUTHORIZATION>
and <TIMESTAMP>
with the respective values
- cURL
- Java
- PHP
curl --location --request DELETE 'http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>/<ID>' \
--header 'Authorization: <AUTHROIZATION>' \
--header 'Customer-Key: <YOUR_CUSTOMER_KEY>' \
--header 'Timestamp: <TIMESTAMP>'
OkHttpClient client = new OkHttpClient().newBuilder().build();
MediaType mediaType = MediaType.parse("text/plain");
RequestBody body = RequestBody.create(mediaType, "");
Request request = new Request.Builder()
.url("http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>/<ID>")
.method("DELETE", body)
.addHeader("Authorization", "<AUTHROIZATION>")
.addHeader("Customer-Key", "<YOUR_CUSTOMER_KEY>")
.addHeader("Timestamp", "<TIMESTAMP>")
.build();
Response response = client.newCall(request).execute();
<?php
$curl = curl_init();
curl_setopt_array($curl, array(
CURLOPT_URL => 'http://login.xecurify.com/api/v1/idp/oauth/<YOUR_CUSTOMER_KEY>/<ID>',
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => '',
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 0,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => 'DELETE',
CURLOPT_HTTPHEADER => array(
'Authorization: <AUTHROIZATION>',
'Customer-Key: <YOUR_CUSTOMER_KEY>',
'Timestamp: <TIMESTAMP>'
),
));
$response = curl_exec($curl);
curl_close($curl);
echo $response;
Example Request:
https://login.xecurify.com/api/v1/idp/oauth/12312/93
Example Response:
{
"customerId": 12312,
"status": "SUCCESS",
"message": "Identity deleted successfully",
}