title

language_tabs

language_clients

toc_footers

includes

search

highlight_theme

headingLevel

Authentication Service v1.0.0

javascript
JavaScript

javascript--nodejs
Node.JS

javascript
request

javascript--nodejs

false

darkula

2

Authentication Service v1.0.0

Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.

The authentication service

Base URLs:

/

Authentication

HTTP Authentication, scheme: bearer

LoginActivityController

LoginActivityController.getActiveUsers

Code samples

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/active-users/{range}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/active-users/{range}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /active-users/{range}

Parameters

Name	In	Type	Required	Description
range	path	string	true	none
startDate	query	string(date-time)	false	none
endDate	query	string(date-time)	false	none

Example responses

200 Response

null

Responses

Status	Meaning	Description	Schema
200	OK	LoginActivity model instance	Inline

Response Schema

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

LoginActivityController.count

Code samples

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/login-activity/count',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/login-activity/count',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /login-activity/count

Parameters

Name	In	Type	Required	Description
where	query	object	false	none

Example responses

200 Response

{
  "count": 0
}

Responses

Status	Meaning	Description	Schema
200	OK	LoginActivity model count	loopback.Count

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

LoginActivityController.findById

Code samples

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/login-activity/{id}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/login-activity/{id}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /login-activity/{id}

Parameters

Name	In	Type	Required	Description
id	path	string	true	none
filter	query	login_activity.Filter	false	none

Example responses

200 Response

{
  "id": "string",
  "actor": "string",
  "tenantId": "string",
  "loginTime": "2019-08-24T14:15:22Z",
  "tokenPayload": "string",
  "loginType": "string",
  "deviceInfo": "string",
  "ipAddress": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	LoginActivity model instance	LoginActivityWithRelations

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

LoginActivityController.find

Code samples

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/login-activity',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/login-activity',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /login-activity

Parameters

Name	In	Type	Required	Description
filter	query	login_activity.Filter	false	none

Example responses

200 Response

[
  {
    "id": "string",
    "actor": "string",
    "tenantId": "string",
    "loginTime": "2019-08-24T14:15:22Z",
    "tokenPayload": "string",
    "loginType": "string",
    "deviceInfo": "string",
    "ipAddress": "string"
  }
]

Responses

Status	Meaning	Description	Schema
200	OK	Array of LoginActivity model instances	Inline

Response Schema

Status Code 200

Name	Type	Required	Restrictions	Description
anonymous	[LoginActivityWithRelations]	false	none	[This is to maintain the daily login activity. (tsType: LoginActivityWithRelations, schemaOptions: { includeRelations: true })]
» LoginActivityWithRelations	LoginActivityWithRelations	false	none	This is to maintain the daily login activity. (tsType: LoginActivityWithRelations, schemaOptions: { includeRelations: true })
»» id	string	false	none	none
»» actor	string	false	none	none
»» tenantId	string	false	none	none
»» loginTime	string(date-time)	false	none	none
»» tokenPayload	string	false	none	none
»» loginType	string	false	none	none
»» deviceInfo	string	false	none	none
»» ipAddress	string	false	none	none

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

AppleLoginController

AppleLoginController.appleCallback

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/apple-oauth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/apple-oauth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/apple-oauth-redirect

Parameters

Name	In	Type	Required	Description
code	query	string	false	none
state	query	string	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Apple Redirect Token Response	TokenResponse

This operation does not require authentication

AppleLoginController.postLoginViaApple

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string"
}';
const headers = {
  'Content-Type':'application/x-www-form-urlencoded'
};

fetch('/auth/oauth-apple',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string"
};
const headers = {
  'Content-Type':'application/x-www-form-urlencoded'
};

fetch('/auth/oauth-apple',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/oauth-apple

Body parameter

client_id: string
client_secret: string

Parameters

Name	In	Type	Required	Description
body	body	ClientAuthRequest	false	none

Example responses

Responses

Status	Meaning	Description	Schema
200	OK	POST Call for Apple based login	None

Response Schema

This operation does not require authentication

AuthaLoginController

AuthaLoginController.postLoginViaAutha

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string"
}';
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/autha',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string"
};
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/autha',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/autha

Body parameter

client_id: string
client_secret: string

Parameters

Name	In	Type	Required	Description
body	body	ClientAuthRequest	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	POST Call for Autha based login	TokenResponse

This operation does not require authentication

AuthaLoginController.loginViaAutha

Code samples

fetch('/auth/autha',
{
  method: 'GET'

})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

fetch('/auth/autha',
{
  method: 'GET'

})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/autha

Parameters

Name	In	Type	Required	Description
client_id	query	string	false	none
client_challenge	query	string	false	none
client_challenge_method	query	string	false	none

Responses

Status	Meaning	Description	Schema
308	Permanent Redirect	Redirect to Autha login page	None

This operation does not require authentication

AuthaLoginController.authaCallback

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/autha-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/autha-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/autha-redirect

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Autha Redirect Token Response	TokenResponse

This operation does not require authentication

AzureLoginController

AzureLoginController.postLoginViaAzure

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string"
}';
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/azure',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string"
};
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/azure',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/azure

POST Call for azure based login

Body parameter

client_id: string
client_secret: string

Parameters

Name	In	Type	Required	Description
body	body	ClientAuthRequest	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Azure Token Response	TokenResponse

This operation does not require authentication

AzureLoginController.getLoginViaAzure

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/azure',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/azure',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/azure

POST Call for azure based login

Parameters

Name	In	Type	Required	Description
client_id	query	string	false	none
client_secret	query	string	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Azure Token Response	TokenResponse

This operation does not require authentication

AzureLoginController.azureCallback

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/azure-oauth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/azure-oauth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/azure-oauth-redirect

Parameters

Name	In	Type	Required	Description
code	query	string	false	none
state	query	string	false	none
session_state	query	string	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Azure Redirect Token Response	TokenResponse

This operation does not require authentication

LoginController

LoginController.changePassword

Code samples

const inputBody = '{
  "refreshToken": "string",
  "username": "string",
  "password": "string",
  "oldPassword": "string"
}';
const headers = {
  'Content-Type':'application/json',
  'Authorization':'string'
};

fetch('/auth/change-password',
{
  method: 'PATCH',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "refreshToken": "string",
  "username": "string",
  "password": "string",
  "oldPassword": "string"
};
const headers = {
  'Content-Type':'application/json',
  'Authorization':'string'
};

fetch('/auth/change-password',
{
  method: 'PATCH',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

PATCH /auth/change-password

Body parameter

{
  "refreshToken": "string",
  "username": "string",
  "password": "string",
  "oldPassword": "string"
}

Parameters

Name	In	Type	Required	Description
Authorization	header	string	false	none
body	body	ResetPasswordPartial	false	none

Responses

Status	Meaning	Description	Schema
200	OK	If User password successfully changed.	None

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

LoginController.login

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string",
  "username": "string",
  "password": "string"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json'
};

fetch('/auth/login',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string",
  "username": "string",
  "password": "string"
};
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json'
};

fetch('/auth/login',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/login

Gets you the code that will be used for getting token (webapps)

Body parameter

{
  "client_id": "string",
  "client_secret": "string",
  "username": "string",
  "password": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	LoginRequest	false	none

Example responses

200 Response

{
  "code": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Auth Code that you can use to generate access and refresh tokens using the POST /auth/token API	LoginCodeResponse
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

This operation does not require authentication

LoginController.loginWithClientUser

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string",
  "username": "string",
  "password": "string"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json'
};

fetch('/auth/login-token',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string",
  "username": "string",
  "password": "string"
};
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json'
};

fetch('/auth/login-token',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/login-token

Gets you refresh token and access token in one hit. (mobile app)

Body parameter

{
  "client_id": "string",
  "client_secret": "string",
  "username": "string",
  "password": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	LoginRequest	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Token Response Model	TokenResponse
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

This operation does not require authentication

OtpController

OtpController.checkQr

Code samples

const headers = {
  'code':'string',
  'clientId':'string'
};

fetch('/auth/check-qr-code',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'code':'string',
  'clientId':'string'
};

fetch('/auth/check-qr-code',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/check-qr-code

Returns isGenerated:true if secret_key already exist

Parameters

Name	In	Type	Required	Description
code	header	string	false	none
clientId	header	string	false	none

Example responses

Responses

Status	Meaning	Description	Schema
200	OK	secret_key already exists	None
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

Response Schema

This operation does not require authentication

OtpController.createQr

Code samples

const inputBody = '{
  "clientId": "string",
  "code": "string"
}';
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/create-qr-code',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "clientId": "string",
  "code": "string"
};
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/create-qr-code',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/create-qr-code

Generates a new qrCode for Authenticator App

Body parameter

{
  "clientId": "string",
  "code": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	AuthTokenRequest	false	none

Example responses

Responses

Status	Meaning	Description	Schema
200	OK	qrCode that you can use to generate codes in Authenticator App	None
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

Response Schema

This operation does not require authentication

OtpController.sendOtp

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string",
  "key": "string"
}';
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/send-otp',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string",
  "key": "string"
};
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/send-otp',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/send-otp

Sends OTP

Body parameter

{
  "client_id": "string",
  "client_secret": "string",
  "key": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	OtpSendRequest	false	none

Example responses

Responses

Status	Meaning	Description	Schema
200	OK	Sends otp to user	None
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

Response Schema

This operation does not require authentication

OtpController.verifyOtp

Code samples

const inputBody = '{
  "key": "string",
  "otp": "string"
}';
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/verify-otp',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "key": "string",
  "otp": "string"
};
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/verify-otp',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/verify-otp

Gets you the code that will be used for getting token (webapps)

Body parameter

{
  "key": "string",
  "otp": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	OtpLoginRequest	false	none

Example responses

Responses

Status	Meaning	Description	Schema
200	OK	Auth Code that you can use to generate access and refresh tokens using the POST /auth/token API	None
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

Response Schema

This operation does not require authentication

CognitoLoginController

CognitoLoginController.postLoginViaCognito

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string"
}';
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/cognito',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string"
};
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/cognito',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/cognito

Body parameter

client_id: string
client_secret: string

Parameters

Name	In	Type	Required	Description
body	body	ClientAuthRequest	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	POST Call for Cognito based login	TokenResponse

This operation does not require authentication

CognitoLoginController.loginViaCognito

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/cognito',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/cognito',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/cognito

Parameters

Name	In	Type	Required	Description
client_id	query	string	false	none
client_secret	query	string	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Cognito Token Response (Deprecated: Possible security issue if secret is passed via query params, please use the post endpoint)	TokenResponse

This operation does not require authentication

CognitoLoginController.cognitoCallback

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/cognito-auth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/cognito-auth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/cognito-auth-redirect

Parameters

Name	In	Type	Required	Description
code	query	string	false	none
state	query	string	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Cognito Redirect Token Response	TokenResponse

This operation does not require authentication

FacebookLoginController

FacebookLoginController.postLoginViaFacebook

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string"
}';
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/facebook',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string"
};
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/facebook',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/facebook

Body parameter

client_id: string
client_secret: string

Parameters

Name	In	Type	Required	Description
body	body	ClientAuthRequest	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	POST Call for Facebook based login	TokenResponse

This operation does not require authentication

FacebookLoginController.facebookCallback

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/facebook-auth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/facebook-auth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/facebook-auth-redirect

Parameters

Name	In	Type	Required	Description
code	query	string	false	none
state	query	string	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Facebook Redirect Token Response	TokenResponse

This operation does not require authentication

ForgetPasswordController

ForgetPasswordController.forgetPassword

Code samples

const inputBody = '{
  "username": "string",
  "client_id": "string",
  "client_secret": "string"
}';
const headers = {
  'Content-Type':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/forget-password',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "username": "string",
  "client_id": "string",
  "client_secret": "string"
};
const headers = {
  'Content-Type':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/forget-password',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/forget-password

Body parameter

{
  "username": "string",
  "client_id": "string",
  "client_secret": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	ForgetPasswordDto	false	none

Responses

Status	Meaning	Description	Schema
204	No Content	Success Response.	None
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

ForgetPasswordController.resetPassword

Code samples

const inputBody = '{
  "token": "string",
  "password": "string",
  "client_id": "string",
  "client_secret": "string"
}';
const headers = {
  'Content-Type':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/reset-password',
{
  method: 'PATCH',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "token": "string",
  "password": "string",
  "client_id": "string",
  "client_secret": "string"
};
const headers = {
  'Content-Type':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/reset-password',
{
  method: 'PATCH',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

PATCH /auth/reset-password

Body parameter

{
  "token": "string",
  "password": "string",
  "client_id": "string",
  "client_secret": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	ResetPasswordWithClient	false	none

Responses

Status	Meaning	Description	Schema
204	No Content	If User password successfully changed.	None

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

ForgetPasswordController.verifyResetPasswordLink

Code samples

fetch('/auth/verify-reset-password-link?token=string',
{
  method: 'GET'

})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

fetch('/auth/verify-reset-password-link?token=string',
{
  method: 'GET'

})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/verify-reset-password-link

Parameters

Name	In	Type	Required	Description
token	query	string	true	none

Responses

Status	Meaning	Description	Schema
200	OK	Check if Token Is Valid and not Expired.	None

This operation does not require authentication

GoogleLoginController

GoogleLoginController.postLoginViaGoogle

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string"
}';
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/google',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string"
};
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/google',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/google

Body parameter

client_id: string
client_secret: string

Parameters

Name	In	Type	Required	Description
body	body	ClientAuthRequest	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	POST Call for Google based login	TokenResponse

This operation does not require authentication

GoogleLoginController.loginViaGoogle

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/google',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/google',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/google

Parameters

Name	In	Type	Required	Description
client_id	query	string	false	none
client_secret	query	string	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Google Token Response,

     (Deprecated: Possible security issue if secret is passed via query params, 
      please use the post endpoint)|[TokenResponse](#schematokenresponse)|

This operation does not require authentication

GoogleLoginController.googleCallback

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/google-auth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/google-auth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/google-auth-redirect

Parameters

Name	In	Type	Required	Description
code	query	string	false	none
state	query	string	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Google Redirect Token Response	TokenResponse

This operation does not require authentication

InstagramLoginController

InstagramLoginController.postLoginViaInstagram

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string"
}';
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/instagram',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string"
};
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/instagram',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/instagram

Body parameter

client_id: string
client_secret: string

Parameters

Name	In	Type	Required	Description
body	body	ClientAuthRequest	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	POST Call for Instagram based login	TokenResponse

This operation does not require authentication

InstagramLoginController.instagramCallback

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/instagram-auth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/instagram-auth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/instagram-auth-redirect

Parameters

Name	In	Type	Required	Description
code	query	string	false	none
state	query	string	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Instagram Redirect Token Response	TokenResponse

This operation does not require authentication

KeycloakLoginController

KeycloakLoginController.postLoginViaKeycloak

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string"
}';
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/keycloak',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string"
};
const headers = {
  'Content-Type':'application/x-www-form-urlencoded',
  'Accept':'application/json'
};

fetch('/auth/keycloak',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/keycloak

POST Call for keycloak based login

Body parameter

client_id: string
client_secret: string

Parameters

Name	In	Type	Required	Description
body	body	ClientAuthRequest	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Keycloak Token Response	TokenResponse

This operation does not require authentication

KeycloakLoginController.loginViaKeycloak

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/keycloak',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/keycloak',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/keycloak

Parameters

Name	In	Type	Required	Description
client_id	query	string	false	none
client_secret	query	string	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Keycloak Token Response	TokenResponse

This operation does not require authentication

KeycloakLoginController.keycloakCallback

Code samples

const headers = {
  'Accept':'application/json'
};

fetch('/auth/keycloak-auth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json'
};

fetch('/auth/keycloak-auth-redirect',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/keycloak-auth-redirect

Parameters

Name	In	Type	Required	Description
code	query	string	false	none
state	query	string	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Keycloak Redirect Token Response	TokenResponse

This operation does not require authentication

TokensController

TokensController.me

Code samples

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/me',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/me',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/me

To get the user details

Example responses

200 Response

{
  "deleted": true,
  "deletedAt": "2019-08-24T14:15:22Z",
  "deletedBy": "string",
  "createdAt": "2019-08-24T14:15:22Z",
  "updatedAt": "2019-08-24T14:15:22Z",
  "createdBy": "string",
  "updatedBy": "string",
  "id": "string",
  "username": "string",
  "email": "string",
  "phone": "string",
  "name": "string",
  "designation": "string",
  "photoUrl": "string",
  "gender": "M",
  "dob": "2019-08-24T14:15:22Z",
  "defaultTenantId": "string",
  "authClientIds": [
    0
  ],
  "lastLogin": "2019-08-24T14:15:22Z",
  "permissions": [
    "string"
  ],
  "role": "string",
  "deviceInfo": {},
  "age": 0,
  "externalAuthToken": "string",
  "externalRefreshToken": "string",
  "authClientId": 0,
  "userPreferences": {},
  "tenantId": "string",
  "userTenantId": "string",
  "passwordExpiryTime": "2019-08-24T14:15:22Z",
  "status": 1
}

Responses

Status	Meaning	Description	Schema
200	OK	User Object	AuthUser
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

TokensController.getToken

Code samples

const inputBody = '{
  "clientId": "string",
  "code": "string"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json'
};

fetch('/auth/token',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "clientId": "string",
  "code": "string"
};
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json'
};

fetch('/auth/token',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/token

Send the code received from the POST /auth/login api and get refresh token and access token (webapps)

Body parameter

{
  "clientId": "string",
  "code": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	AuthTokenRequest	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Token Response	TokenResponse
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

This operation does not require authentication

TokensController.exchangeToken

Code samples

const inputBody = '{
  "refreshToken": "string",
  "tenantId": "string"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json'
};

fetch('/auth/token-refresh',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "refreshToken": "string",
  "tenantId": "string"
};
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json'
};

fetch('/auth/token-refresh',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/token-refresh

Gets you a new access and refresh token once your access token is expired

Body parameter

{
  "refreshToken": "string",
  "tenantId": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	AuthRefreshTokenRequest	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	New Token Response	TokenResponse
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

This operation does not require authentication

TokensController.switchToken

Code samples

const inputBody = '{
  "refreshToken": "string",
  "tenantId": "string"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/token-switch',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "refreshToken": "string",
  "tenantId": "string"
};
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/token-switch',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/token-switch

To switch the access-token

Body parameter

{
  "refreshToken": "string",
  "tenantId": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	AuthRefreshTokenRequest	false	none

Example responses

200 Response

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Switch access token with the tenant id provided.	TokenResponse
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

PasswordlessController

PasswordlessController.startPasswordless

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string",
  "key": "string"
}';
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/passwordless/start',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string",
  "key": "string"
};
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/passwordless/start',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/passwordless/start

Sends OTP

Body parameter

{
  "client_id": "string",
  "client_secret": "string",
  "key": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	OtpSendRequest	false	none

Example responses

Responses

Status	Meaning	Description	Schema
200	OK	Sends otp to user	None
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

Response Schema

This operation does not require authentication

PasswordlessController.verifyPasswordless

Code samples

const inputBody = '{
  "key": "string",
  "otp": "string"
}';
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/passwordless/verify',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "key": "string",
  "otp": "string"
};
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/passwordless/verify',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/passwordless/verify

Gets you the code that will be used for getting token (webapps)

Body parameter

{
  "key": "string",
  "otp": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	OtpLoginRequest	false	none

Example responses

Responses

Status	Meaning	Description	Schema
200	OK	Auth Code that you can use to generate access and refresh tokens using the POST /auth/token API	None
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

Response Schema

This operation does not require authentication

SignupController

SignupController.requestSignup

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string",
  "email": "string",
  "data": {}
}';
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/signup/create-token',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string",
  "email": "string",
  "data": {}
};
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/signup/create-token',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/signup/create-token

Body parameter

{
  "client_id": "string",
  "client_secret": "string",
  "email": "string",
  "data": {}
}

Parameters

Name	In	Type	Required	Description
body	body	SignupRequestDto	false	none

Responses

Status	Meaning	Description	Schema
204	No Content	Success Response.	None
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

This operation does not require authentication

SignupController.signupWithToken

Code samples

const inputBody = '{
  "email": "string",
  "password": "string"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/signup/create-user',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "email": "string",
  "password": "string"
};
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/signup/create-user',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/signup/create-user

Body parameter

{
  "email": "string",
  "password": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	LocalUserEmailPasswordProfileDto	false	none

Example responses

200 Response

{
  "email": "string",
  "password": "string"
}

Responses

Status	Meaning	Description	Schema
200	OK	Success Response.	LocalUserEmailPasswordProfileDto
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

SignupController.signupFast

Code samples

const inputBody = '{
  "client_id": "string",
  "client_secret": "string",
  "username": "string",
  "password": "string",
  "email": "string",
  "phone": "string"
}';
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/signup/fast',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "client_id": "string",
  "client_secret": "string",
  "username": "string",
  "password": "string",
  "email": "string",
  "phone": "string"
};
const headers = {
  'Content-Type':'application/json'
};

fetch('/auth/signup/fast',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /auth/signup/fast

Body parameter

{
  "client_id": "string",
  "client_secret": "string",
  "username": "string",
  "password": "string",
  "email": "string",
  "phone": "string"
}

Parameters

Name	In	Type	Required	Description
body	body	SignupFastRequestDto	false	none

Responses

Status	Meaning	Description	Schema
204	No Content	Success Response.	None
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

This operation does not require authentication

SignupController.verifyInviteToken

Code samples

const headers = {
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/signup/verify-token',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

const headers = {
  'Authorization':'Bearer {access-token}'
};

fetch('/auth/signup/verify-token',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /auth/signup/verify-token

Responses

Status	Meaning	Description	Schema
200	OK	Success Response.	None
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

LogoutController

LogoutController.logoutRedirect

Code samples

fetch('/logout/redirect',
{
  method: 'GET'

})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');

fetch('/logout/redirect',
{
  method: 'GET'

})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

GET /logout/redirect

Parameters

Name	In	Type	Required	Description
state	query	string	false	none

Responses

Status	Meaning	Description	Schema
200	OK	Return value of LogoutController.logoutRedirect	None

This operation does not require authentication

LogoutController.logout

Code samples

const inputBody = '{
  "refreshToken": "string"
}';
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json',
  'Authorization':'string'
};

fetch('/logout',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

const fetch = require('node-fetch');
const inputBody = {
  "refreshToken": "string"
};
const headers = {
  'Content-Type':'application/json',
  'Accept':'application/json',
  'Authorization':'string'
};

fetch('/logout',
{
  method: 'POST',
  body: JSON.stringify(inputBody),
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});

POST /logout

To logout

Body parameter

{
  "refreshToken": "string"
}

Parameters

Name	In	Type	Required	Description
Authorization	header	string	false	This is the access token which is required to authenticate user.
returnTo	query	string	false	This is the url to which user will be redirected after logout.
body	body	RefreshTokenRequestPartial	false	none

Example responses

200 Response

{
  "success": true
}

Responses

Status	Meaning	Description	Schema
200	OK	Success Response	SuccessResponse
400	Bad Request	The syntax of the request entity is incorrect.	None
401	Unauthorized	Invalid Credentials.	None
404	Not Found	The entity requested does not exist.	None
422	Unprocessable Entity	The syntax of the request entity is incorrect	None

To perform this operation, you must be authenticated by means of one of the following methods: HTTPBearer

Schemas

TokenResponse

{
  "accessToken": "string",
  "refreshToken": "string",
  "expiresIn": 0,
  "expiresAt": 0,
  "pubnubToken": "string"
}

TokenResponse

Properties

Name	Type	Required	Restrictions	Description
accessToken	string	true	none	This property is supposed to be a string and is a required field
refreshToken	string	true	none	This property is supposed to be a string and is a required field
expiresIn	number	true	none	none
expiresAt	number	true	none	none
pubnubToken	string	false	none	none

AuthTokenRequest

{
  "clientId": "string",
  "code": "string"
}

AuthTokenRequest

Properties

Name	Type	Required	Restrictions	Description
clientId	string	true	none	none
code	string	true	none	none

Function

null

Properties

None

AuthRefreshTokenRequest

{
  "refreshToken": "string",
  "tenantId": "string"
}

AuthRefreshTokenRequest

Properties

Name	Type	Required	Restrictions	Description
refreshToken	string	true	none	none
tenantId	string	false	none	none

AuthUser

{
  "deleted": true,
  "deletedAt": "2019-08-24T14:15:22Z",
  "deletedBy": "string",
  "createdAt": "2019-08-24T14:15:22Z",
  "updatedAt": "2019-08-24T14:15:22Z",
  "createdBy": "string",
  "updatedBy": "string",
  "id": "string",
  "username": "string",
  "email": "string",
  "phone": "string",
  "name": "string",
  "designation": "string",
  "photoUrl": "string",
  "gender": "M",
  "dob": "2019-08-24T14:15:22Z",
  "defaultTenantId": "string",
  "authClientIds": [
    0
  ],
  "lastLogin": "2019-08-24T14:15:22Z",
  "permissions": [
    "string"
  ],
  "role": "string",
  "deviceInfo": {},
  "age": 0,
  "externalAuthToken": "string",
  "externalRefreshToken": "string",
  "authClientId": 0,
  "userPreferences": {},
  "tenantId": "string",
  "userTenantId": "string",
  "passwordExpiryTime": "2019-08-24T14:15:22Z",
  "status": 1
}

AuthUser

Properties

Name	Type	Required	Restrictions	Description
deleted	boolean	false	none	none
deletedAt	string(date-time)¦null	false	none	none
deletedBy	string¦null	false	none	none
createdAt	string(date-time)	false	none	none
updatedAt	string(date-time)	false	none	none
createdBy	string	false	none	none
updatedBy	string	false	none	none
id	string	false	none	none
username	string	true	none	none
email	string	false	none	none
phone	string	false	none	none
name	string	false	none	none
designation	string	false	none	none
photoUrl	string	false	none	none
gender	string	false	none	This field takes a single character as input in database. 'M' for male and 'F' for female.
dob	string(date-time)	false	none	none
defaultTenantId	string	false	none	none
authClientIds	[number]	false	none	none
lastLogin	string(date-time)	false	none	none
permissions	[string]	false	none	none
role	string	true	none	none
deviceInfo	object	false	none	This property consists of two optional fields. 1. userAgent 2. deviceId
age	number	false	none	none
externalAuthToken	string	false	none	none
externalRefreshToken	string	false	none	none
authClientId	number	false	none	none
userPreferences	object	false	none	none
tenantId	string	false	none	none
userTenantId	string	false	none	none
passwordExpiryTime	string(date-time)	false	none	none
status	number	false	none	none

Enumerated Values

Property	Value
gender	M
gender	F
gender	O
status	1
status	2
status	3
status	0
status	4

LoginCodeResponse

{
  "code": "string"
}

LoginCodeResponse

Properties

Name	Type	Required	Restrictions	Description
code	string	true	none	This property is supposed to be a string and is a required field

LoginRequest

{
  "client_id": "string",
  "client_secret": "string",
  "username": "string",
  "password": "string"
}

LoginRequest

Properties

Name	Type	Required	Restrictions	Description
client_id	string	true	none	This property is supposed to be a string and is a required field
client_secret	string	false	none	This property is supposed to be a string and is a required field
username	string	true	none	This property is supposed to be a string and is a required field
password	string	true	none	This property is supposed to be a string and is a required field

ResetPasswordPartial

{
  "refreshToken": "string",
  "username": "string",
  "password": "string",
  "oldPassword": "string"
}

ResetPasswordPartial

Properties

Name	Type	Required	Restrictions	Description
refreshToken	string	false	none	none
username	string	false	none	This property is supposed to be a string and is a required field
password	string	false	none	This property is supposed to be a string and is a required field
oldPassword	string	false	none	This property is supposed to be a string and is a required field

ResetPassword

{
  "refreshToken": "string",
  "username": "string",
  "password": "string",
  "oldPassword": "string"
}

ResetPassword

Properties

Name	Type	Required	Restrictions	Description
refreshToken	string	true	none	none
username	string	true	none	This property is supposed to be a string and is a required field
password	string	true	none	This property is supposed to be a string and is a required field
oldPassword	string	false	none	This property is supposed to be a string and is a required field

ClientAuthRequest

{
  "client_id": "string",
  "client_secret": "string"
}

ClientAuthRequest

Properties

Name	Type	Required	Restrictions	Description
client_id	string	true	none	This property is supposed to be a string and is a required field
client_secret	string	true	none	This property is supposed to be a string and is a required field

SuccessResponse

{
  "success": true
}

SuccessResponse

Properties

Name	Type	Required	Restrictions	Description
success	boolean	false	none	none

RefreshTokenRequestPartial

{
  "refreshToken": "string"
}

RefreshTokenRequestPartial

Properties

Name	Type	Required	Restrictions	Description
refreshToken	string	false	none	none

RefreshTokenRequest

{
  "refreshToken": "string"
}

RefreshTokenRequest

Properties

Name	Type	Required	Restrictions	Description
refreshToken	string	true	none	none

OtpSendRequest

{
  "client_id": "string",
  "client_secret": "string",
  "key": "string"
}

OtpSendRequest

Properties

Name	Type	Required	Restrictions	Description
client_id	string	true	none	This property is supposed to be a string and is a required field
client_secret	string	false	none	This property is supposed to be a string and is a required field
key	string	true	none	This property is supposed to be a string and is a required field

OtpLoginRequest

{
  "key": "string",
  "otp": "string"
}

OtpLoginRequest

Properties

Name	Type	Required	Restrictions	Description
key	string	true	none	This property is supposed to be a string and is a required field
otp	string	true	none	This property is supposed to be a string and is a required field

ForgetPasswordDto

{
  "username": "string",
  "client_id": "string",
  "client_secret": "string"
}

ForgetPasswordDto

Properties

Name	Type	Required	Restrictions	Description
username	string	true	none	none
client_id	string	true	none	none
client_secret	string	true	none	none

AuthClient

{
  "deleted": true,
  "deletedAt": "2019-08-24T14:15:22Z",
  "deletedBy": "string",
  "createdAt": "2019-08-24T14:15:22Z",
  "updatedAt": "2019-08-24T14:15:22Z",
  "createdBy": "string",
  "updatedBy": "string",
  "id": 0,
  "name": "string",
  "description": "string",
  "clientType": "string",
  "clientId": "string",
  "clientSecret": "string",
  "redirectUrl": "string",
  "logoutRedirectUrl": "string",
  "redirectUris": [
    "string"
  ],
  "postLogoutRedirectUris": [
    "string"
  ],
  "secret": "string",
  "accessTokenExpiration": 0,
  "refreshTokenExpiration": 0,
  "authCodeExpiration": 0
}

AuthClient

Properties

Name	Type	Required	Restrictions	Description
deleted	boolean	false	none	none
deletedAt	string(date-time)¦null	false	none	none
deletedBy	string¦null	false	none	none
createdAt	string(date-time)	false	none	none
updatedAt	string(date-time)	false	none	none
createdBy	string	false	none	none
updatedBy	string	false	none	none
id	number	false	none	none
name	string	false	none	none
description	string	false	none	none
clientType	string	false	none	none
clientId	string	true	none	none
clientSecret	string	false	none	none
redirectUrl	string	false	none	none
logoutRedirectUrl	string	false	none	none
redirectUris	[string]	false	none	none
postLogoutRedirectUris	[string]	false	none	none
secret	string	true	none	none
accessTokenExpiration	number	true	none	none
refreshTokenExpiration	number	true	none	none
authCodeExpiration	number	true	none	none

ResetPasswordWithClient

{
  "token": "string",
  "password": "string",
  "client_id": "string",
  "client_secret": "string"
}

ResetPasswordWithClient

Properties

Name	Type	Required	Restrictions	Description
token	string	true	none	none
password	string	true	none	none
client_id	string	true	none	none
client_secret	string	true	none	none

SignupFastRequestDto

{
  "client_id": "string",
  "client_secret": "string",
  "username": "string",
  "password": "string",
  "email": "string",
  "phone": "string"
}

SignupFastRequestDto

Properties

Name	Type	Required	Restrictions	Description
client_id	string	true	none	This property is supposed to be a string and is a required field
client_secret	string	false	none	This property is supposed to be a string and is a required field
username	string	true	none	none
password	string	false	none	none
email	string	false	none	none
phone	string	false	none	none

SignupRequestDto

{
  "client_id": "string",
  "client_secret": "string",
  "email": "string",
  "data": {}
}

SignupRequestDto

Properties

Name	Type	Required	Restrictions	Description
client_id	string	true	none	This property is supposed to be a string and is a required field
client_secret	string	false	none	This property is supposed to be a string and is a required field
email	string	true	none	none
data	object	false	none	none

LocalUserEmailPasswordProfileDto

{
  "email": "string",
  "password": "string"
}

LocalUserEmailPasswordProfileDto

Properties

Name	Type	Required	Restrictions	Description
email	string	true	none	none
password	string	true	none	none

SignupRequest

{
  "email": "string",
  "expiry": "string",
  "clientId": "string"
}

SignupRequest

Properties

Name	Type	Required	Restrictions	Description
email	string	true	none	none
expiry	string	false	none	none
clientId	string	false	none	none

LoginActivityWithRelations

{
  "id": "string",
  "actor": "string",
  "tenantId": "string",
  "loginTime": "2019-08-24T14:15:22Z",
  "tokenPayload": "string",
  "loginType": "string",
  "deviceInfo": "string",
  "ipAddress": "string"
}

LoginActivityWithRelations

Properties

Name	Type	Required	Restrictions	Description
id	string	false	none	none
actor	string	false	none	none
tenantId	string	false	none	none
loginTime	string(date-time)	false	none	none
tokenPayload	string	false	none	none
loginType	string	false	none	none
deviceInfo	string	false	none	none
ipAddress	string	false	none	none

Date

null

Properties

None

loopback.Count

{
  "count": 0
}

loopback.Count

Properties

Name	Type	Required	Restrictions	Description
count	number	false	none	none

login_activity.Filter

{
  "offset": 0,
  "limit": 100,
  "skip": 0,
  "order": "string",
  "where": {},
  "fields": {
    "id": true,
    "actor": true,
    "tenantId": true,
    "loginTime": true,
    "tokenPayload": true,
    "loginType": true,
    "deviceInfo": true,
    "ipAddress": true
  }
}

login_activity.Filter

Properties

Name	Type	Required	Restrictions	Description
offset	integer	false	none	none
limit	integer	false	none	none
skip	integer	false	none	none
order	any	false	none	none

oneOf

Name	Type	Required	Restrictions	Description
» anonymous	string	false	none	none

xor

Name	Type	Required	Restrictions	Description
» anonymous	[string]	false	none	none

continued

Name	Type	Required	Restrictions	Description
where	object	false	none	none
fields	any	false	none	none

oneOf

Name	Type	Required	Restrictions	Description
» anonymous	object	false	none	none
»» id	boolean	false	none	none
»» actor	boolean	false	none	none
»» tenantId	boolean	false	none	none
»» loginTime	boolean	false	none	none
»» tokenPayload	boolean	false	none	none
»» loginType	boolean	false	none	none
»» deviceInfo	boolean	false	none	none
»» ipAddress	boolean	false	none	none

xor

Name	Type	Required	Restrictions	Description
» anonymous	[string]	false	none	none

Files

openapi.md

Latest commit

History

openapi.md

File metadata and controls

Authentication Service v1.0.0

Authentication

LoginActivityController

LoginActivityController.getActiveUsers

Parameters

Responses

Response Schema

LoginActivityController.count

Parameters

Responses

LoginActivityController.findById

Parameters

Responses

LoginActivityController.find

Parameters

Responses

Response Schema

AppleLoginController

AppleLoginController.appleCallback

Parameters

Responses

AppleLoginController.postLoginViaApple

Parameters

Responses

Response Schema

AuthaLoginController

AuthaLoginController.postLoginViaAutha

Parameters

Responses

AuthaLoginController.loginViaAutha

Parameters

Responses

AuthaLoginController.authaCallback

Responses

AzureLoginController

AzureLoginController.postLoginViaAzure

Parameters

Responses

AzureLoginController.getLoginViaAzure

Parameters

Responses

AzureLoginController.azureCallback

Parameters

Responses

LoginController

LoginController.changePassword

Parameters

Responses

LoginController.login

Parameters

Responses

LoginController.loginWithClientUser

Parameters

Responses

OtpController

OtpController.checkQr

Parameters

Responses

Response Schema

OtpController.createQr

Parameters

Responses

Response Schema

OtpController.sendOtp

Parameters

Responses

Response Schema

OtpController.verifyOtp

Parameters

Responses

Response Schema

CognitoLoginController

CognitoLoginController.postLoginViaCognito

Parameters