Applications (Generic) REST API

The Application/Generic endpoint allows creating and managing channels through which users can authenticate to HID Authentication Service.

Note: To use the version-specific parameters/attributes, you must add api-version=N to the query parameter (that is, first digit only, for example, POST /scim/{tenant}/v2/Users?api-version=10).

The API version supported by HID Authentication Service is 10.3.0.

Previous versions of the API are also supported with the corresponding functionality. For details of the version updates, see SCIM API Revision History.

Method Details

HTTPS Method Entity Action Request URI Description

GET

Read

/configuration/{tenant}/v2/Application/Generic

Retrieve the list of all Generic Applications

GET

Read

/configuration/{tenant}/v2/ Application/Generic /{uid}

Retrieve a Generic Application

POST

Create

/configuration/{tenant}/v2/ Application/Generic

Create a Generic Application

PUT

Replace

/configuration/{tenant}/v2/ Application/Generic /{uid}

Replace a Generic Application

DELETE

Delete

/configuration/{tenant}/v2/ Application/Generic /{uid}

Delete a Generic Application

Get All Generic Applications

GET /Application/Generic

Copy

Sample Request URI

GET /configuration/{tenant}/v2/Application/Generic
Copy

Sample Request

GET /configuration/{tenant}/v2/Application/Generic
Copy

Sample Response

{
   "schemas": ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
   "totalResults": 16,
   "resources": [
      {
         "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
         "id": "CH_DIRECT",
         "meta": {
            "resourceType": "Authentication Workflow",
            "location": "https://[base-server-url]/scim/tenant/v2/Application/Generic/CH_DIRECT",
            "version": "1"
         },
         "name": "Direct channel",
         "notes": "Direct use of the Public API channel",
         "type": "Generic"
      },
      {
         "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
         "id": "CH_TRMSVC",
         "meta": {
            "resourceType": "Authentication Workflow",
            "location": "https://[base-server-url]/scim/tenant/v2/Application/Generic/CH_TRMSVC",
            "version": "1"
         },
         "name": "Terminal Services",
         "notes": "Citrix and Microsoft Terminal Services channel",
         "type": "Generic"
      },
            <--- truncated output --->
   ]
}

Get a Generic Application

GET /Application/Generic/{uid}

where {uid} is the application id.

Copy

Sample Request URI

GET /configuration/{tenant}/v2/Application/Generic/CH_ADFS
Copy

Sample Request

GET /configuration/{tenant}/v2/Application/Generic/CH_ADFS
Copy

Sample Response

{
   "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
   "id": "CH_ADFS",
   "meta": {
      "resourceType": "Authentication Workflow",
      "location": "https://[base-server-url]/scim/tenant/v2/Application/Generic/CH_ADFS",
      "version": "1"
   },
   "name": "ADFS Agent",
   "notes": "ADFS Agent Channel",
   "type": "Generic",
   "riskScoreProvider": {},
   "authenticationPolicies": [
      {
         "type": "Authenticator",
         "value": "AT_ADSOTP",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_ADSOTP"
      },
      {
         "type": "Authenticator",
         "value": "AT_ADFSAPW",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_ADFSAPW"
      }
   ],
   "adaptativeAuthenticationRules": {}
}

Create a Generic Application

POST /Application/Generic

Copy

Sample Request URI

POST /configuration/{tenant}/v2/Application/Generic
Copy

Sample Request

{
    "id": "CH_2020",
    "name": "HID Banking Demo App",
    "notes": "Demo app for banking",
    "riskScoreProvider": {
        "value": "12930",
        "failOpenBehavior": true,
        "rmschannelId": "IB",
        "rmsapplicationId": "HID-Demo"
    },
    "authenticationPolicies": [
        {"value": "AT_CUSTPKI"},
        {"value": "AT_PASA"},
        {"value": "AT_FIDO"},
        {"value": "AT_CUSTOTP"},
        {"value": "AT_CUSTPW"}
    ],
    "adaptativeAuthenticationRules": {
        "primaryAuthnBlock": [
            {
                "type": "GlobalRiskScore",
                "minValue": 900
            }
        ],
        "primaryAuthnReject": [],
        "stepUp": [
            {
                "initialPolicies": [
                    {
                        "value": "AT_CUSTPW"
                    }
                ],
                "conditions": [
                    {
                        "type": "GlobalRiskScore",
                        "minValue": 200
                    },
                    {
                        "type": "DeviceRiskScore",
                        "minValue": 150
                    }
                ],
                "stepUpPolicies": [
                    {
                        "value": "AT_PASA"
                    },
                    {
                        "value": "AT_FIDO"
                    }
                ]
            }
        ],
        "secondaryAuthnBlock": [],
        "secondaryAuthnReject": []
    }
}
Copy

Sample Response

{
   "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
   "id": "CH_2020",
   "meta": {
      "resourceType": "Authentication Workflow",
      "location": "https://[base-server-url]/scim/tenant/v2/Application/Generic/CH_2020",
      "version": "1"
   },
   "name": "HID Banking Demo App",
   "notes": "Demo app for banking",
   "type": "Generic",
   "riskScoreProvider": {
      "value": "12930",
      "failOpenBehavior": true,
      "rmschannelId": "IB",
      "rmsapplicationId": "HID-Demo",
      "$ref": "https://[base-server-url]/scim/tenant/v2/RiskScoreProvider/12930"
   },
   "authenticationPolicies": [
      {
         "type": "Authenticator",
         "value": "AT_PASA",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_PASA"
      },
      {
         "type": "Authenticator",
         "value": "AT_CUSTOTP",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTOTP"
      },
      {
         "type": "Authenticator",
         "value": "AT_CUSTPW",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTPW"
      },
      {
         "type": "Authenticator",
         "value": "AT_CUSTPKI",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTPKI"
      },
      {
         "type": "Authenticator",
         "value": "AT_FIDO",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_FIDO"
      }
   ],
   "adaptativeAuthenticationRules": {
      "primaryAuthnBlock": [{
         "type": "GlobalRiskScore",
         "minValue": 900
      }],
      "stepUp": [{
         "initialPolicies": [{
            "type": "Authenticator",
            "value": "AT_CUSTPW",
            "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTPW"
         }],
         "conditions": [
            {
               "type": "GlobalRiskScore",
               "minValue": 200
            },
            {
               "type": "DeviceRiskScore",
               "minValue": 150
            }
         ],
         "stepUpPolicies": [
            {
               "type": "Authenticator",
               "value": "AT_PASA",
               "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_PASA"
            },
            {
               "type": "Authenticator",
               "value": "AT_FIDO",
               "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_FIDO"
            }
         ]
      }]
   }
}

Update a Generic Application

PUT /Application/Generic/{uid}

where {uid} is the adapter id.

Note: As a best practice, use GET to retrieve the current data for the resource before using PUT.
Copy

Sample Request URI

PUT /configuration/{tenant}/v2/Application/Generic/CH_2020
Copy

Sample request where notes and rmsapplicationId are updated and two authentication policies are removed

{
    "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
    "id": "CH_2020",
    "notes": "Demo app for banking (updated)",
    "riskScoreProvider": {
        "value": "12930",
        "rmsapplicationId": "HID-Demo (updated)"
    },
    "authenticationPolicies": [
        {"value": "AT_FIDO"},
        {"value": "AT_PASA"},
        {"value": "AT_CUSTPW"}
    ]
}
Copy

Sample Response

{
   "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
   "id": "CH_2020",
   "meta": {
      "resourceType": "Authentication Workflow",
      "location": "https://[base-server-url]/scim/tenant/v2/Application/Generic/CH_2020",
      "version": "1"
   },
   "name": "HID Banking Demo App",
   "notes": "Demo app for banking (updated)",
   "type": "Generic",
   "riskScoreProvider": {
      "value": "12930",
      "failOpenBehavior": true,
      "rmschannelId": "IB",
      "rmsapplicationId": "HID-Demo (updated)",
      "$ref": "https://[base-server-url]/scim/tenant/v2/RiskScoreProvider/12930"
   },
   "authenticationPolicies": [
      {
         "type": "Authenticator",
         "value": "AT_PASA",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_PASA"
      },
      {
         "type": "Authenticator",
         "value": "AT_CUSTPW",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTPW"
      },
      {
         "type": "Authenticator",
         "value": "AT_FIDO",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_FIDO"
      }
   ],
   "adaptativeAuthenticationRules": {
      "primaryAuthnBlock": [{
         "type": "GlobalRiskScore",
         "minValue": 900
      }],
      "stepUp": [{
         "initialPolicies": [{
            "type": "Authenticator",
            "value": "AT_CUSTPW",
            "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTPW"
         }],
         "conditions": [
            {
               "type": "GlobalRiskScore",
               "minValue": 200
            },
            {
               "type": "DeviceRiskScore",
               "minValue": 150
            }
         ],
         "stepUpPolicies": [
            {
               "type": "Authenticator",
               "value": "AT_PASA",
               "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_PASA"
            },
            {
               "type": "Authenticator",
               "value": "AT_FIDO",
               "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_FIDO"
            }
         ]
      }]
   }
}

Delete a Generic Application

DELETE /Application/Generic/{uid}

Where {uid} is the adapter id.

Copy

Sample Request URI

DELETE /configuration/{tenant}/v2/Application/Generic/CH_2020
Copy

Sample Request

DELETE /configuration/{tenant}/v2/Application/Generic/CH_2020
Copy

Sample Response

HTTP 204 No Content