Applications (Generic) REST API

The Application/Generic endpoint allows creating and managing channels through which users can authenticate to HID Authentication Service.

Note: The API version supported by HID Authentication Service is 10.3.0.

To use the version-specific parameters/attributes, you must add api-version=N to the query parameter.

Previous versions of the API are also supported with the corresponding functionality. For details of the version updates, see SCIM API Revision History.

Method Details

HTTPS Method Entity Action Request URI Description

GET

Read

/configuration/{tenant}/v2/Application/Generic

Retrieve the list of all Generic Applications

GET

Read

/configuration/{tenant}/v2/ Application/Generic /{uid}

Retrieve a Generic Application

POST

Create

/configuration/{tenant}/v2/ Application/Generic

Create a Generic Application

PUT

Replace

/configuration/{tenant}/v2/ Application/Generic /{uid}

Replace a Generic Application

DELETE

Delete

/configuration/{tenant}/v2/ Application/Generic /{uid}

Delete a Generic Application

Required Permissions

Function Required Permissions

GET ALL

  • Read reference data

GET

  • Read reference data

CREATE

  • Read reference data

  • Manage adapter configuration

  • Channel configuration

  • Read authentication type

  • Update authentication type

REPLACE

  • Read reference data

  • Manage adapter configuration

  • Channel configuration

  • Read authentication type

  • Update authentication type

DELETE

  • Read reference data

  • Manage adapter configuration

  • Channel configuration

  • Read authentication type

  • Update authentication type

Get All Generic Applications

GET /Application/Generic

Copy

Sample Request URI

GET /configuration/{tenant}/v2/Application/Generic
Copy

Sample Request

GET /configuration/{tenant}/v2/Application/Generic
Copy

Sample Response

{
   "schemas": ["urn:ietf:params:scim:api:messages:2.0:ListResponse"],
   "totalResults": 16,
   "resources": [
      {
         "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
         "id": "CH_DIRECT",
         "meta": {
            "resourceType": "Authentication Workflow",
            "location": "https://[base-server-url]/scim/tenant/v2/Application/Generic/CH_DIRECT",
            "version": "1"
         },
         "name": "Direct channel",
         "notes": "Direct use of the Public API channel",
         "type": "Generic"
      },
      {
         "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
         "id": "CH_TRMSVC",
         "meta": {
            "resourceType": "Authentication Workflow",
            "location": "https://[base-server-url]/scim/tenant/v2/Application/Generic/CH_TRMSVC",
            "version": "1"
         },
         "name": "Terminal Services",
         "notes": "Citrix and Microsoft Terminal Services channel",
         "type": "Generic"
      },
            <--- truncated output --->
   ]
}

Get a Generic Application

GET /Application/Generic/{uid}

where {uid} is the application id.

Copy

Sample Request URI

GET /configuration/{tenant}/v2/Application/Generic/CH_ADFS
Copy

Sample Request

GET /configuration/{tenant}/v2/Application/Generic/CH_ADFS
Copy

Sample Response

{
   "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
   "id": "CH_ADFS",
   "meta": {
      "resourceType": "Authentication Workflow",
      "location": "https://[base-server-url]/scim/tenant/v2/Application/Generic/CH_ADFS",
      "version": "1"
   },
   "name": "ADFS Agent",
   "notes": "ADFS Agent Channel",
   "type": "Generic",
   "riskScoreProvider": {},
   "authenticationPolicies": [
      {
         "type": "Authenticator",
         "value": "AT_ADSOTP",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_ADSOTP"
      },
      {
         "type": "Authenticator",
         "value": "AT_ADFSAPW",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_ADFSAPW"
      }
   ],
   "adaptativeAuthenticationRules": {}
}

Create a Generic Application

POST /Application/Generic

Copy

Sample Request URI

POST /configuration/{tenant}/v2/Application/Generic
Copy

Sample Request

{
    "id": "CH_2020",
    "name": "HID Banking Demo App",
    "notes": "Demo app for banking",
    "riskScoreProvider": {
        "value": "12930",
        "failOpenBehavior": true,
        "rmschannelId": "IB",
        "rmsapplicationId": "HID-Demo"
    },
    "authenticationPolicies": [
        {"value": "AT_CUSTPKI"},
        {"value": "AT_PASA"},
        {"value": "AT_FIDO"},
        {"value": "AT_CUSTOTP"},
        {"value": "AT_CUSTPW"}
    ],
    "adaptativeAuthenticationRules": {
        "primaryAuthnBlock": [
            {
                "type": "GlobalRiskScore",
                "minValue": 900
            }
        ],
        "primaryAuthnReject": [],
        "stepUp": [
            {
                "initialPolicies": [
                    {
                        "value": "AT_CUSTPW"
                    }
                ],
                "conditions": [
                    {
                        "type": "GlobalRiskScore",
                        "minValue": 200
                    },
                    {
                        "type": "DeviceRiskScore",
                        "minValue": 150
                    }
                ],
                "stepUpPolicies": [
                    {
                        "value": "AT_PASA"
                    },
                    {
                        "value": "AT_FIDO"
                    }
                ]
            }
        ],
        "secondaryAuthnBlock": [],
        "secondaryAuthnReject": []
    }
}
Copy

Sample Response

{
   "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
   "id": "CH_2020",
   "meta": {
      "resourceType": "Authentication Workflow",
      "location": "https://[base-server-url]/scim/tenant/v2/Application/Generic/CH_2020",
      "version": "1"
   },
   "name": "HID Banking Demo App",
   "notes": "Demo app for banking",
   "type": "Generic",
   "riskScoreProvider": {
      "value": "12930",
      "failOpenBehavior": true,
      "rmschannelId": "IB",
      "rmsapplicationId": "HID-Demo",
      "$ref": "https://[base-server-url]/scim/tenant/v2/RiskScoreProvider/12930"
   },
   "authenticationPolicies": [
      {
         "type": "Authenticator",
         "value": "AT_PASA",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_PASA"
      },
      {
         "type": "Authenticator",
         "value": "AT_CUSTOTP",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTOTP"
      },
      {
         "type": "Authenticator",
         "value": "AT_CUSTPW",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTPW"
      },
      {
         "type": "Authenticator",
         "value": "AT_CUSTPKI",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTPKI"
      },
      {
         "type": "Authenticator",
         "value": "AT_FIDO",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_FIDO"
      }
   ],
   "adaptativeAuthenticationRules": {
      "primaryAuthnBlock": [{
         "type": "GlobalRiskScore",
         "minValue": 900
      }],
      "stepUp": [{
         "initialPolicies": [{
            "type": "Authenticator",
            "value": "AT_CUSTPW",
            "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTPW"
         }],
         "conditions": [
            {
               "type": "GlobalRiskScore",
               "minValue": 200
            },
            {
               "type": "DeviceRiskScore",
               "minValue": 150
            }
         ],
         "stepUpPolicies": [
            {
               "type": "Authenticator",
               "value": "AT_PASA",
               "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_PASA"
            },
            {
               "type": "Authenticator",
               "value": "AT_FIDO",
               "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_FIDO"
            }
         ]
      }]
   }
}

Update a Generic Application

PUT /Application/Generic/{uid}

where {uid} is the adapter id.

Note: As a best practice, use GET to retrieve the current data for the resource before using PUT.
Copy

Sample Request URI

PUT /configuration/{tenant}/v2/Application/Generic/CH_2020
Copy

Sample request where notes and rmsapplicationId are updated and two authentication policies are removed

{
    "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
    "id": "CH_2020",
    "notes": "Demo app for banking (updated)",
    "riskScoreProvider": {
        "value": "12930",
        "rmsapplicationId": "HID-Demo (updated)"
    },
    "authenticationPolicies": [
        {"value": "AT_FIDO"},
        {"value": "AT_PASA"},
        {"value": "AT_CUSTPW"}
    ]
}
Copy

Sample Response

{
   "schemas": ["urn:hid:scim:api:idp:2.0:Application"],
   "id": "CH_2020",
   "meta": {
      "resourceType": "Authentication Workflow",
      "location": "https://[base-server-url]/scim/tenant/v2/Application/Generic/CH_2020",
      "version": "1"
   },
   "name": "HID Banking Demo App",
   "notes": "Demo app for banking (updated)",
   "type": "Generic",
   "riskScoreProvider": {
      "value": "12930",
      "failOpenBehavior": true,
      "rmschannelId": "IB",
      "rmsapplicationId": "HID-Demo (updated)",
      "$ref": "https://[base-server-url]/scim/tenant/v2/RiskScoreProvider/12930"
   },
   "authenticationPolicies": [
      {
         "type": "Authenticator",
         "value": "AT_PASA",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_PASA"
      },
      {
         "type": "Authenticator",
         "value": "AT_CUSTPW",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTPW"
      },
      {
         "type": "Authenticator",
         "value": "AT_FIDO",
         "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_FIDO"
      }
   ],
   "adaptativeAuthenticationRules": {
      "primaryAuthnBlock": [{
         "type": "GlobalRiskScore",
         "minValue": 900
      }],
      "stepUp": [{
         "initialPolicies": [{
            "type": "Authenticator",
            "value": "AT_CUSTPW",
            "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_CUSTPW"
         }],
         "conditions": [
            {
               "type": "GlobalRiskScore",
               "minValue": 200
            },
            {
               "type": "DeviceRiskScore",
               "minValue": 150
            }
         ],
         "stepUpPolicies": [
            {
               "type": "Authenticator",
               "value": "AT_PASA",
               "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_PASA"
            },
            {
               "type": "Authenticator",
               "value": "AT_FIDO",
               "$ref": "https://[base-server-url]/scim/tenant/v2/Policy/Authenticator/AT_FIDO"
            }
         ]
      }]
   }
}

Delete a Generic Application

DELETE /Application/Generic/{uid}

Where {uid} is the adapter id.

Copy

Sample Request URI

DELETE /configuration/{tenant}/v2/Application/Generic/CH_2020
Copy

Sample Request

DELETE /configuration/{tenant}/v2/Application/Generic/CH_2020
Copy

Sample Response

HTTP 204 No Content