Applications (CardAuth) REST API
The Application/CardAuth endpoint allows creating and managing all the definitions (device type, credential type and authentication policy) required for contactless card authentication.
To use the version-specific parameters/attributes, you must add api-version=N to the query parameter.
Previous versions of the API are also supported with the corresponding functionality.
Method Details
HTTPS Method | Entity Action | Request URI | Description |
---|---|---|---|
Read |
/configuration/{tenant}/v2/Application/CardAuth |
Retrieve the list of all CardAuth Applications |
|
Read |
/configuration/{tenant}/v2/ Application/CardAuth /{uid} |
Retrieve a CardAuth Application |
|
Create |
/configuration/{tenant}/v2/ Application/CardAuth |
Create a CardAuth Application |
|
Delete |
/configuration/{tenant}/v2/ Application/CardAuth /{uid} |
Delete a CardAuth Application |
Required Permissions
Function | Required Permissions |
---|---|
GET ALL |
|
GET |
|
CREATE |
|
REPLACE |
|
DELETE |
|
Get All CardAuth Applications
GET /Application/CardAuth
Sample Response
{
"schemas": ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
"totalResults": 1,
"resources": [
{
"schemas": ["urn:hid:scim:api:idp:2.0:application:CardAuth"],
"id": "APP_CARD",
"meta": {
"resourceType": "Card Auth Application",
"location": "https://[base-server-url]/scim/tenant/v2/Application/CardAuth/APP_CARD",
"version": "1"
},
"name": "MiFare cards application",
"notes": "Application for MiFare 1K Contactless Writable cards",
"type": "MiFare Standard 1K, Contactless Writable",
"credentialType": {
"id": "CT_CARD"
},
"deviceType": {
"id": "DT_CARD",
"maximumDevicePerUser": 5
},
"authenticatorPolicy": {
"id": "AT_CARD",
"defaultValidDaysAdd": -1,
"defaultValidDaysEdit": -1,
"disableThreshold": 5,
"defaultExpiryThreshold": -1,
"sessionTimeout": 3600000,
"sessionValidPeriod": 86400000,
"disabledTimeReset": 0,
"levelOfAssurance": "urn:hidaaas:policy:at_card"
}
}
]
}
Get a CardAuth Application
GET /Application/CardAuth/{uid}
where {uid} is the application id.
Sample Response
{
"schemas": ["urn:hid:scim:api:idp:2.0:application:CardAuth"],
"id": "APP_CARD",
"meta": {
"resourceType": "Card Auth Application",
"location": "https://[base-server-url]/scim/tenant/v2/Application/CardAuth/APP_CARD",
"version": "1"
},
"name": "MiFare cards application",
"notes": "Application for MiFare 1K Contactless Writable cards",
"type": "MiFare Standard 1K, Contactless Writable",
"credentialType": {
"id": "CT_CARD"
},
"deviceType": {
"id": "DT_CARD",
"maximumDevicePerUser": 5
},
"authenticatorPolicy": {
"id": "AT_CARD",
"defaultValidDaysAdd": -1,
"defaultValidDaysEdit": -1,
"disableThreshold": 5,
"defaultExpiryThreshold": -1,
"sessionTimeout": 3600000,
"sessionValidPeriod": 86400000,
"disabledTimeReset": 0,
"levelOfAssurance": "urn:hidaaas:policy:at_card1"
}
}
Create a CardAuth Application
POST /Application/CardAuth
Attributes for compatible applications are:
Attribute | Description |
---|---|
deviceType |
|
credentialType |
|
authenticatorPolicy |
|
Sample Request
{
"id": "APP_CARD",
"type": "MiFare Standard 1K, Contactless Writable",
"name": "MiFare cards application",
"notes": "Application for MiFare 1K Contactless Writable cards",
"deviceType": {
"id": "DT_CARD",
"maximumDevicePerUser": 16
},
"credentialType": {
"id": "CT_CARD"
},
"authenticatorPolicy": {
"id": "AT_CARD",
"defaultValidDaysAdd": 1825,
"defaultValidDaysEdit": 1825,
"disableThreshold": -1,
"defaultExpiryThreshold": -1,
"sessionTimeout": 1000000,
"sessionValidPeriod": 10000000,
"disabledTimeReset": -1,
"levelOfAssurance": "urn:hidaaas:policy:at_card"
}
}
The authentication type is bound to the:
-
Channel - CH_EXTRAPP
-
User type - UT_EMP
The application definitions are created with the following names and notes:
-
Authentication Policy:
-
"name": “Contactless Card Policy”
-
"notes": “Contactless card authentication policy”
-
-
Device Type:
-
"name": “Contactless Card Device”
-
"notes": “Generic device for readable and writable contactless cards”
-
-
Credential Type:
-
"name": “Contactless Card Credential”
-
"notes": “Generic credential for readable and writable contactless cards”
-
Sample Response
{
"schemas": ["urn:hid:scim:api:idp:2.0:application:CardAuth"],
"id": "APP_CARD",
"meta": {
"resourceType": "Card Auth Application",
"location": "https://[base-server-url]/scim/tenant/v2/Application/CardAuth/APP_CARD",
"version": "1"
},
"name": "MiFare cards application",
"notes": "Application for MiFare 1K Contactless Writable cards",
"type": "MiFare Standard 1K, Contactless Writable",
"credentialType": {
"id": "CT_CARD"
},
"deviceType": {
"id": "DT_CARD",
"maximumDevicePerUser": 16
},
"authenticatorPolicy": {
"id": "AT_CARD",
"defaultValidDaysAdd": 1825,
"defaultValidDaysEdit": 1825,
"disableThreshold": -1,
"defaultExpiryThreshold": -1,
"sessionTimeout": 1000000,
"sessionValidPeriod": 10000000,
"disabledTimeReset": -1,
"levelOfAssurance": "urn:hidaaas:policy:at_card"
}
}
Delete a CardAuth Application
DELETE /Application/CardAuth/{uid}
Where {uid} is the adapter id.