Credential REST API
The Credential endpoint allows creating and managing credentials used to authenticate users.
Credentials are stored in devices and contain information used to authenticate users, and are linked to a
The API version supported by HID Authentication Service is
Previous versions of the API are also supported with the corresponding functionality.
Method Details
HTTPS Method | Entity Action | Request URI | Description |
---|---|---|---|
Read |
/scim/{tenant}/v2/Credential |
Retrieve credentials filtered by attributes |
|
Read |
/scim/{tenant}/v2/Credential/{id}:(String) |
Retrieve a known credential |
|
Search |
/scim/{tenant}/v2/Credential/.search |
Search for credential |
|
Replace |
/scim/{tenant}/v2/Credential/{id}:(String) |
Fully replace a known credential |
|
Delete |
/scim/{tenant}/v2/Credential/{id}:(String) |
Delete a known credential |
Get a Credential
[GET] /Credential/{id}
Sample Response
{
"schemas": ["urn:hid:scim:api:idp:2.0:Credential"],
"id": "11385",
"externalId": "jdoeCT_ACODE",
"meta": {
"resourceType": "Credential",
"location": "https://[base-server-url]/scim/tenant/v2/Credential/11385",
"version": "1"
},
"type": "CT_ACODE",
"status": {
"status": "ACTIVE",
"active": true,
"expiryDate": "2018-11-21T14:14:59Z"
},
"attributes": [
{
"name": "MY_ATTR0",
"type": "string",
"value": "value0",
"readOnly": false
},
{
"name": "MY_ATTR1",
"type": "string",
"value": "value1",
"readOnly": false
},
{
"name": "EXPIRY_THRESHOLD_OF_ACTIVATION_CODE",
"type": "string",
"value": "-1",
"readOnly": false
}
],
"totalUsed": "0"
}
Replace a Credential
[PUT] /Credential/{id}
Accept: application/scim+json
Updatable attributes:
-
status.status
-
attributes
Current Status | Possible Transition |
---|---|
PENDING |
ACTIVE |
ACTIVE |
SUSPENDED, REVOKED |
SUSPENDED |
ACTIVE, REVOKED |
REVOKED |
TERMINATED |
If attributes is not present in the request, its content will be deleted
Sample Request to update the credential from the previous GET Credential sample. The updates are:
-
Attribute MY-ATTR0 is removed
-
Attribute MY-ATTR1 value is changed
{
"schemas": ["urn:hid:scim:api:idp:2.0:Credential"],
"id": "11385",
"externalId": "jdoeCT_ACODE",
"meta": {
"resourceType": "Credential",
"created": "2017-11-21T13:58:40Z",
"location": "https://[base-server-url]/scim/tenant/v2/Credential/11385",
"version": "1"
},
"type": "CT_ACODE",
"status": {
"status": "ACTIVE",
"active": true,
"expiryDate": "2018-11-21T13:58:40Z",
"startDate": "2017-11-21T13:58:40Z"
},
"attributes": [ {
"name": "EXPIRY_THRESHOLD_OF_ACTIVATION_CODE",
"type": "string",
"value": "-1",
"readOnly": false
},
{
"name": "MY_ATTR1",
"type": "string",
"value": "new value",
"readOnly": false
}],
"totalUsed": "0"
}
Sample Response
{
"schemas": ["urn:hid:scim:api:idp:2.0:Credential"],
"id": "11385",
"externalId": "jdoeCT_ACODE",
"meta": {
"resourceType": "Credential",
"location": "https://[base-server-url]/scim/tenant/v2/Credential/11385",
"version": "1"
},
"type": "CT_ACODE",
"status": {
"status": "ACTIVE",
"active": true,
"expiryDate": "2018-11-21T14:16:07Z"
},
"attributes": [
{
"name": "MY_ATTR1",
"type": "string",
"value": "new value",
"readOnly": false
},
{
"name": "EXPIRY_THRESHOLD_OF_ACTIVATION_CODE",
"type": "string",
"value": "-1",
"readOnly": false
}
],
"totalUsed": "0"
}
Search for a Credential
Supported search criteria are:
SCIM Attribute | Operators supported |
---|---|
type |
eq |
externalid |
eq |
id |
eq |
status.expiryDate |
eq, gt, lt |
status.status |
eq |
Where the filter attribute can be used to reduce the number of records you want to see.
You can use the and operator within the filters.
Delete a Credential
All the delete endpoints follow the same standard pattern and can be reached through the following URL pattern:
Accept: application/scim+json