Prerequisites
API Contract
HTTP Method | Endpoint | Request | Return | Authorization |
---|---|---|---|---|
Swagger Url : IAM Controller | ||||
GET | /iam/user/{userUuid}/device?requestorUsername={requestorUsername} |
Request Header: x-api-key : {api-key} x-requestor-token :{requestor-token} x-application-uuid :{application-uuid} |
Response Body { "devices": [{"active": true, "dateCreated": 0, "deviceName":"string", "deviceUuid": "string", "failedLoginAttempts":0, "lastLogin": 0, "locked": true, } ], "responseStatus": { } |
Protected by IAM Introspect API
|
Swagger API Docs: https://api.haventec.com/authenticate/v1-2/api-docs.html#/iam-controller
Authenticate API : https://api.haventec.com/authenticate/v1-2 /iam/user/{userUuid}/device?requestorUsername={requestorUsername}
- userUuid: We can list a user's devices by providing the user's uuid. e.g. 9ea02090-0627-42c2-8273-26b7029b62e6
- requestorUsername: It is the ' username ' passed in the HTTP request in step 3. ' The user sends a HTTP request to the IAM to log in and get a JWT ' in Configure Haventec IAM with the client and users.
The HTTP headers that need to be passed with the API mentioned above are:
- x-api-key: It is the ' API key ' on the Haventec Console application details page as shown in the image below.
- x-requestor-token: It is the ' access_token ' in the response received after running the curl command in step 3. The user sends a HTTP request to the IAM to log in and get a JWT in Configure Haventec IAM with the client and users.
- x-application-uuid: It is the ' Application UUID ' on the Haventec Console application details page as shown in the image below.
Authenticate API Error Codes
Error Code |
Message Thrown |
Scenarios |
Recommended Action |
AN-USER-1000
|
Invalid UserUuid |
Passed the wrong userUuid in the request. |
Pass the correct userUuid in the request. |
AN-APLI-1005 |
Invalid ApplicationUuid |
Passed the wrong application-uuid in the request. |
Pass the correct application-uuid as mentioned above. |
AN-VALI-1003
|
Invalid username format |
Passed the wrong requestorUsername in the request body. |
Pass the correct requestorUsername as mentioned above. |
AN-JWTT-1001
|
Invalid JWT Token |
Passed the wrong requestor-token in the request. |
Pass the correct requestor-token as mentioned above. |
AN-VALI-1001 |
Application UUID was not found |
Passed application-uuid does not exist in Authenticate. |
Pass the correct application-uuid as mentioned above. |
AN-OIAM-1001 |
The application does not have IAM properties enabled |
The application is not configured with proper IAM properties. |
Please follow this link Configure Haventec Connect Application to enable Introspect IAM API to configure IAM Intropsect properties correctly. |
AN-OIAM-1002 |
IAM client_id not configured |
The client_id is not configured properly. |
Please follow this link Configure Haventec Connect Application to enable Introspect IAM API to configure client_id correctly. |
AN-OIAM-1003 |
IAM client_secret not configured |
The client_secret is not configured properly. |
Please follow this link Configure Haventec Connect Application to enable Introspect IAM API to configure client_secret correctly. |
AN-OIAM-1004 |
IAM Introspect url not configured |
The Introspect url is not configured properly. |
Please follow this link Configure Haventec Connect Application to enable Introspect IAM API to configure IAM Introspect url correctly. |
AN-OIAM-1006 |
IAM role path not configured |
The Role JSON path is not configured properly. |
Please follow this link Configure Haventec Connect Application to enable Introspect IAM API to configure Role JSON path correctly. |
AN-OIAM-1005 |
IAM role not configured |
The Allowed role is not configured properly. |
Please follow this link Configure Haventec Connect Application to enable Introspect IAM API to configure the Allowed role correctly. |
AN-OIAM-1007 |
Role path format |
The Introspect url is not configured properly. |
Please follow this link Configure Haventec Connect Application to enable Introspect IAM API to configure IAM Introspect url correctly. |
AN-OIAM-1008 |
IAM user denied access |
The externally authenticated user e.g. CRM user is not active. |
Please follow this link Configure Haventec IAM with the client and users step 3. The user sends a HTTP request to the IAM to log in and get a JWT to check if the access_token generated is active or not. If not. Generate a new access_token and use it as a requestor-token in the request. |
AN-AUTH-1017 |
User not found in the application |
The userUuid passed is wrong and there is no user in Authenticate with the given userUuid. |
Pass the correct userUuid as explained in the above steps. |
AN-USER-1018 |
Request to get user's devices is denied |
The userUuid passed does not belong to the given application. |
Pass the right userUuid as explained in the above steps. |
Comments
0 comments
Please sign in to leave a comment.