Tokens Vault REST API

The TokensVault endpoint allows searching for pseudonymizations tokens in an exported audit log to get their original value.

For the attributes of the base resource type, see urn:hid:scim:api:idp:2.0:PseudonymizationToken.

Method Details

HTTPS Method	Entity Action	Request URI	Description
GET	Read	/scim/{tenant}/v2/TokensVault	Get all tokens filtered by attributes
GET	Read	/scim/{tenant}/v2/TokensVault/{uid}	Get the original (clear) value of a token
POST	Search	/scim/{tenant}/v2/TokensVault/.search	Search for pseudonymizations tokens in the audit

Required Permissions

Function	Required Permissions
GET	Read Token
POST	Search Token

Get a Token Clear Value

[GET] /TokensVault/{uid}

Where {uid} is the token.

Copy

Sample Request URI

[GET] /scim/{tenant}/v2/TokensVault/e52bbe12-6c9e-4b05-b622-af57ceaccf06

Copy

Sample Response

{
    "schemas": ["urn:hid:scim:api:idp:2.0:PseudonymizationToken"],
    "token": "e52bbe12-6c9e-4b05-b622-af57ceaccf06",
    "value": "myuser@company.com"
}

Search for Tokens

Supported search criteria are:

SCIM Attribute	Operators supported	Description
ownerId	eq	User ID of the token owner
ownerExtId	eq	User external ID of the token owner
token	eq	Unique token value (same as a GET Token Value in Get a Token Clear Value)
value	eq	Token’s original (clear) value

Copy

Sample Request URI

[POST] /scim/{tenant}/v2/TokensVault/.search

Copy

Sample Request

{ 
    "schemas": ["urn:ietf:params:scim:api:messages:2.0:SearchRequest"],
    "filter": "ownerExtId eq myuser",
    "count": 2,
    "startIndex": 1
}

Where:

The filter attribute can be used to reduce the number of records you want to see.

You can use the and operator within the filters.
The following attributes can be used for a paginated search:
- count can be used to limit the size of the search results
- startIndex specifies the index of the first result returned (where 0 will returned the same paginated result as 1)
The result will contain a totalResults attribute to allow you to compute the number of pages.

Note:
The maximum number of rows returned per request is 100, even if you specify a higher count value. Therefore, for lists that are longer than 100 elements, it is mandatory for you to paginate the results.

Copy

Sample Response

{
    "schemas": ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
    "totalResults": 2,
    "resources": [
        {
            "schemas": ["urn:hid:scim:api:idp:2.0:PseudonymizationToken"],
            "token": "b0152e88-cad6-4e1d-90c5-2a2154100a88",
            "value": "my firstname",
            "ownerId": "11438",
            "ownerExtId": "myuser"
        },
        {
            "schemas": ["urn:hid:scim:api:idp:2.0:PseudonymizationToken"],
            "token": "f97be5d9-c0e8-4955-a480-6a6b3b470adf",
            "value": "+33601020304",
            "ownerId": "11438",
            "ownerExtId": "myuser"
        }
    ]
}

Note: For further information, see Searching with the SCIM API.