Introduction
The Authenticate Introspect APIs enable a user external to Haventec to be able to perform certain functions on Haventec Authenticate users, such as getting details, lock/unlock the user and their devices.
An external user needs to have been authenticated using the IAM, and with the required permissions to be able to perform the actions.
When invoked, the Authenticate Introspect API validates the JWT of the external user against the IAM introspect endpoint to authenticate, so the user JWT does not need to be an Authenticate JWT.
Intended Audience
The Haventec Introspect APIs can be used by system integrators to enable updates to Haventec from their external systems.
For example, CRM staff users can directly update Haventec records from the CRM.
Prerequisites
To be able to use Authenticate Introspect APIs see the following link:
Sequence Diagram
This sequence diagram describes the interactions between your external service (as Client), IAM, and Authenticate, for the "Get user details" use case. The other use-cases follow the same pattern.
For details on the APIs and their requests and responses, see the section below.
Authenticate Introspect API Use Cases
Below are the Introspect APIs of Authenticate that can be used once the feature is enabled for your application.
See the Prerequisites above to enable the feature.
- Get user's details
- Lock and unlock user
- List user's devices
- Lock and unlock user's devices
- Delete user's devices
- Generate OTP for a user
Java SDK Introspect method Use Case
To update the user's email and mobile number in both Haventec Connect and Authenticate, the request must be initiated from the Java SDK.
See the Prerequisites above to enable the feature.
Comments
0 comments
Please sign in to leave a comment.