### GET /management/v4/{tenantId}/config/idps/google Source: https://cloud.ibm.com/apidocs/app-id/management.json Get the Google identity provider configuration. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Responses #### 200 - The Google identity provider configuration is returned as a JSON object, including the status and credentials. [Learn more](/docs/appid?topic=appid-social#google). **googleConfigParams** - **isActive** (boolean) (required): The status of the configuration. - **config** (object): The details of the configuration. - **idpId** (string) (required): The client ID. By default, Google is enabled as an identity provider by using IBM credentials. You can add your own credentials by creating an account on the [Google Developer Console](https://console.cloud.google.com/){ :external} and obtaining a client ID and secret. - **secret** (string) (required): The client secret. By default, Google is enabled as an identity provider by using IBM credentials. You can add your own credentials by creating an account on the [Google Developer Console](https://console.cloud.google.com/){ :external} and obtaining a client ID and secret. #### 400 - The tenant ID or request body is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify user permissions. #### 500 - Returned because of an internal server error. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/config/idps/google" ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/config/tokens Source: https://cloud.ibm.com/apidocs/app-id/management.json Get the token configuration. [Learn more](/docs/appid?topic=appid-key-concepts). ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Responses #### 200 - Returns a JSON object of the App ID tokens properties. **tokensConfigResponse** - **idTokenClaims** (array (union)): The claims of the identity token. Array items: - **source** (string (saml|cloud_directory|appid_custom|facebook|google|ibmid|attributes|roles)) (required): The source of the claim of the token. ("saml"|"cloud_directory"|"appid_custom"|"facebook"|"google"|"ibmid"|"attributes"|"roles") - **sourceClaim** (string): The source claim. - **destinationClaim** (string): The destination claim. - **accessTokenClaims** (array (union)): The claims of the access token. Array items: - **access** (object): The expiration data of the access token. (example: {"expires_in":3600}) - **refresh** (object): The expiration and activity data of the refresh token. (example: {"expires_in":2592000,"enabled":true}) - **anonymousAccess** (object): The expiration and activity data of the anonymous token. (example: {"expires_in":2592000,"enabled":true}) #### 400 - The tenant ID or request body is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify user permissions. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/config/tokens" ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/config/idps/custom Source: https://cloud.ibm.com/apidocs/app-id/management.json Get the Custom identity configuration. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Responses #### 200 - The Custom identity configuration is returned as a JSON object that contains the PEM public key and the isActive status. **customIdPConfigParams** - **isActive** (boolean) (required): The status of the configuration. - **config** (object): The details of the configuration. - **publicKey** (string): The public key. #### 400 - The tenant ID or request body is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify user permissions. #### 500 - Returned because of an internal server error. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/config/idps/custom" ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/config/ui/languages Source: https://cloud.ibm.com/apidocs/app-id/management.json Get the list of languages that can be used to customize email templates for Cloud Directory. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Responses #### 200 - The localization data is returned as a JSON object. **getLanguages** #### 400 - The tenant ID or languages are missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify permissions. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/config/ui/languages" ``` ``` -------------------------------- ### POST /management/v4/{tenantId}/cloud_directory/sign_up Source: https://cloud.ibm.com/apidocs/app-id/management.json Start the sign-up process. [Learn more](/docs/appid?topic=appid-branded). ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. - **shouldCreateProfile** (boolean, query, required): A boolean indication if a profile must be created for the Cloud Directory user. - **language** (string, query, optional): Preferred language for resource. Format as described at RFC5646. ### Request Body **Content-Type:** application/json **Content-Type:** application/x-www-form-urlencoded **Content-Type:** multipart/form-data ### Responses #### 201 - The new Cloud Directory user data is returned as a JSON object. Full user data can be found [here](https://tools.ietf.org/html/rfc7643#section-8.2){: external}. **getUser** #### 400 - The tenant ID or request body is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify user permissions. #### 409 - The email address exists. ### Example Usage ```bash curl -X POST "//management/v4/{tenantId}/cloud_directory/sign_up?shouldCreateProfile=true&language=en" \ -H "Content-Type: application/json" \ -d '{ "example": "data" }' ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/config/cloud_directory/mfa Source: https://cloud.ibm.com/apidocs/app-id/management.json Get the MFA configuration registered with the App ID Instance. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Responses #### 200 - The MFA configuration that is registered with the App ID tenant is returned as a JSON object. **getMFAConfiguration** - **isActive** (boolean) (required): The status of the configuration. #### 400 - The tenant ID is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify permissions. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/config/cloud_directory/mfa" ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/config/idps/ibmid Source: https://cloud.ibm.com/apidocs/app-id/management.json Get the IBMid identity provider configuration. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Responses #### 200 - The IBMid identity provider configuration is returned as a JSON object, including the status and credentials. **ibmidConfigParams** - **isActive** (boolean) (required): The status of the configuration. (example: true) - **config** (object): The details of the configuration. - **idpId** (string) (required): The IBMid client ID. You can find the IBMid client ID, secret, and phase can be found on the IBMid application registration page. For more details, see our [documentation](/docs/appid?topic=appid-ibmid). (example: "appID") - **secret** (string) (required): The IBMid client secret. You can find the IBMid client ID, secret, and phase can be found on the IBMid application registration page. For more details, see our [documentation](/docs/appid?topic=appid-ibmid). (example: "appsecret") - **preProd** (boolean) (required): The IBMid pre-production phase. You can find the IBMid client ID, secret and phase can be found on the IBMid application registration page. For more details, see our [documentation](/docs/appid?topic=appid-ibmid). (example: true) - **ciBased** (boolean): The IBMid production phase. You can find the IBMid client ID, secret and phase can be found on the IBMid application registration page. For more details, see our [documentation](/docs/appid?topic=appid-ibmid). (example: true) #### 400 - The tenant ID or request body is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify user permissions. #### 500 - Returned because of an internal server error. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/config/idps/ibmid" ``` ``` -------------------------------- ### POST /management/v4/{tenantId}/cloud_directory/sign_up/confirmation_result Source: https://cloud.ibm.com/apidocs/app-id/management.json Get the sign-up confirmation result. [Learn more](/docs/appid?topic=appid-branded). ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Request Body **Content-Type:** application/x-www-form-urlencoded - **context** (string) (required): The context that is used to get the verification or forgot password confirmation result. ### Responses #### 200 - The sign-up confirmation result is returned as a JSON object. **confirmationResultOK** - **success** (boolean) (required): The status of the request. - **uuid** (string) (required): The user's unique ID. #### 400 - The tenant ID or context is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify user permissions. #### 404 - The context was not found. **confirmationResultFailure** - **errorCode** (string) - **message** (string) ### Example Usage ```bash curl -X POST "//management/v4/{tenantId}/cloud_directory/sign_up/confirmation_result" \ -H "Content-Type: application/json" \ -d '{ "example": "data" }' ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/config/cloud_directory/mfa/channels Source: https://cloud.ibm.com/apidocs/app-id/management.json Get all the MFA channels registered with the App ID Instance. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Responses #### 200 - A list of all the MFA channels that are registered with the App ID tenant ID is returned as a JSON object. **getAllMfaChannels** - **channels** (array (object)) (required): A list of all the MFA channels that are registered with a specific App ID instance. Array items: - **type** (string) (required): The type of channel. - **isActive** (boolean) (required): The status of the configuration. - **config** (object): The configuration of the mfa channel. - **key** (string): The key. - **secret** (string): The secret. - **from** (string): The sender details. - **provider** (string): The provider. #### 400 - The tenant ID is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify permissions. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/config/cloud_directory/mfa/channels" ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/cloud_directory/{userId}/userinfo Source: https://cloud.ibm.com/apidocs/app-id/management.json Get the Cloud Directory user System for Cross-domain Identity Management (SCIM) and the profile related to it. [Learn more](/docs/appid?topic=appid-cd-users). ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. - **userId** (string, path, required): The ID assigned to a user when they sign in by using Cloud Directory. You can find the userId by navigating to **App ID > Cloud Directory > Users** in the UI and clicking the user's email. ### Responses #### 200 - The user's data is returned as a JSON object. **getUserAndProfile** #### 400 - Invalid tenant ID/user ID. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify permissions. #### 404 - The user is not found. The user is not found. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/cloud_directory/{userId}/userinfo" ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/applications Source: https://cloud.ibm.com/apidocs/app-id/management.json View all applications registered with the App ID Instance. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Responses #### 200 - A list of all the applications that are registered with the App ID tenant ID is returned as a JSON object. **getAllServerAppClients** - **applications** (array (object)) (required): The applications registered with the App ID instance. Array items: - **clientId** (string): The client ID. - **tenantId** (string): The tenant ID. - **secret** (string): The secret. - **name** (string): The application name. - **oAuthServerUrl** (string): The oauth server URL. - **type** (string): The application type. #### 400 - The tenant ID is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify permissions. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/applications" ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/users/{id}/roles Source: https://cloud.ibm.com/apidocs/app-id/management.json View a list of roles that are associated with a specific user. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. - **id** (string, path, required): The user's identifier ('subject' in identity token). You can find the userProfileId by navigating to **App ID > Cloud Directory > Users** in the UI and clicking the user's email. ### Responses #### 200 - The list of roles is returned as a JSON object. **getUserRolesResponse** - **roles** (array (object)): The user's roles. Array items: - **id** (string): The role ID. (example: "111c22c3-38ea-4de8-b5d4-338744d83b0f") - **name** (string): The role name. (example: "adult") #### 400 - The tenant ID or user ID is missing or invalid. #### 401 - The request is unauthorized. Be sure that you pass a valid IAM token in the authorization header of your request. #### 403 - You have insufficient permissions. Contact your administrator to verify your permissions. #### 404 - The user wasn't found. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/users/{id}/roles" ``` ``` -------------------------------- ### POST /management/v4/{tenantId}/roles Source: https://cloud.ibm.com/apidocs/app-id/management.json Create a role for a registered application. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Request Body **Content-Type:** application/json - **name** (string) (required): The role name. (example: "child") - **description** (string): The role description. (example: "Limits the available movie options to films that might be more appropriate for younger viewers.") - **access** (array (object)) (required): The access data. Array items: - **application_id** (string) (required): The application ID. (example: "de33d272-f8a7-4406-8fe8-ab28fd457be5") - **scopes** (array (string)) (required): The scopes. (example: ["cartoons"]) **Content-Type:** application/x-www-form-urlencoded - **name** (string) (required): The role name. (example: "child") - **description** (string): The role description. (example: "Limits the available movie options to films that might be more appropriate for younger viewers.") - **access** (array (object)) (required): The access data. Array items: - **application_id** (string) (required): The application ID. (example: "de33d272-f8a7-4406-8fe8-ab28fd457be5") - **scopes** (array (string)) (required): The scopes. (example: ["cartoons"]) **Content-Type:** multipart/form-data - **name** (string) (required): The role name. (example: "child") - **description** (string): The role description. (example: "Limits the available movie options to films that might be more appropriate for younger viewers.") - **access** (array (object)) (required): The access data. Array items: - **application_id** (string) (required): The application ID. (example: "de33d272-f8a7-4406-8fe8-ab28fd457be5") - **scopes** (array (string)) (required): The scopes. (example: ["cartoons"]) ### Responses #### 201 - The role for the registered application is created and returned as a JSON object. **createRolesResponse** - **id** (string) (required): The role ID. (example: "12345678-1234-1234-1234-123456789013") - **name** (string) (required): The role name. (example: "child") - **description** (string): The description. (example: "Limits the available movie options to films that might be more appropriate for younger viewers.") - **access** (array (object)) (required): The access data. Array items: - **application_id** (string) (required): THe application ID. (example: "de33d272-f8a7-4406-8fe8-ab28fd457be5") - **scopes** (array (string)) (required): The scopes. (example: ["cartoons"]) #### 400 - The payload is missing or invalid. #### 401 - The request is unauthorized. Be sure that you pass a valid IAM token in the authorization header of your request. #### 403 - You have insufficient permissions. Contact your administrator to verify your permissions. #### 409 - The role exists. Choose a new name or update your existing role. ### Example Usage ```bash curl -X POST "//management/v4/{tenantId}/roles" \ -H "Content-Type: application/json" \ -d '{ "name": "child", "description": "Limits the available movie options to films that might be more appropriate for younger viewers.", "access": [ { "application_id": "de33d272-f8a7-4406-8fe8-ab28fd457be5", "scopes": [ "cartoons" ] } ] }' ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/config/cloud_directory/advanced_password_management Source: https://cloud.ibm.com/apidocs/app-id/management.json Get the configuration of advanced password management. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Responses #### 200 - View the advanced password management configuration. **apmSchema** - **advancedPasswordManagement** (object) (required): The configuration details of advanced password management. - **enabled** (boolean) (required): The status of the configuration. - **passwordReuse** (object) (required): The configuration of password reuse. - **enabled** (boolean) (required): The status of the configuration. - **config** (object): The limits of password reuse. - **maxPasswordReuse** (number) (required): The maximum times that a password can be reused. - **preventPasswordWithUsername** (object) (required): The configuration of the prevention of password reuse. - **enabled** (boolean) (required): The status of the configuration. - **passwordExpiration** (object) (required): The configuration of password expiration. - **lockOutPolicy** (object) (required): The configuration of the lockout policy. - **minPasswordChangeInterval** (object): The configuration of the minimum interval for password change. #### 400 - The tenant ID is invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify user permissions. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/config/cloud_directory/advanced_password_management" ``` ``` -------------------------------- ### PUT /management/v4/{tenantId}/config/idps/google Source: https://cloud.ibm.com/apidocs/app-id/management.json Configure Google to set up a single sign-on experience for your users. By using Google, your users are able to sign in with credentials with which they are already familiar. [Learn more](/docs/appid?topic=appid-social#google). ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Request Body **Content-Type:** application/json - **isActive** (boolean) (required): The status of the configuration. (example: true) - **config** (object): The details of the configuration. - **idpId** (string) (required): The application ID. (example: "appID") - **secret** (string) (required): The application secret. (example: "appsecret") **Content-Type:** application/x-www-form-urlencoded - **isActive** (boolean) (required): The status of the configuration. (example: true) - **config** (object): The details of the configuration. - **idpId** (string) (required): The application ID. (example: "appID") - **secret** (string) (required): The application secret. (example: "appsecret") **Content-Type:** multipart/form-data - **isActive** (boolean) (required): The status of the configuration. (example: true) - **config** (object): The details of the configuration. - **idpId** (string) (required): The application ID. (example: "appID") - **secret** (string) (required): The application secret. (example: "appsecret") ### Responses #### 200 - The Google configuration was updated. The identity provider data is returned as a JSON object. **googleConfigParamsPUT** - **isActive** (boolean) (required): The status of the configuration. - **config** (object): The details of the configuration. - **idpId** (string) (required): The client ID. By default, Google is enabled as an identity provider by using IBM credentials. You can add your own credentials by creating an account on the [Google Developer Console](https://console.cloud.google.com/){ :external} and obtaining a client ID and secret. - **secret** (string) (required): The client secret. By default, Google is enabled as an identity provider by using IBM credentials. You can add your own credentials by creating an account on the [Google Developer Console](https://console.cloud.google.com/){ :external} and obtaining a client ID and secret. #### 400 - The tenant ID or request body is missing or invalid. The tenant ID can be found in the service credentials. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify user permissions. #### 500 - Returned due to an internal server error. ### Example Usage ```bash curl -X PUT "//management/v4/{tenantId}/config/idps/google" \ -H "Content-Type: application/json" \ -d '{ "example": "data" }' ``` ``` -------------------------------- ### POST /management/v4/{tenantId}/applications Source: https://cloud.ibm.com/apidocs/app-id/management.json Register a new application with the App ID instance. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Request Body **Content-Type:** application/json - **name** (string) (required): The application name to be registered. Application name cannot exceed 50 characters. - **type** (string): The type of application to be registered. Allowed types are regularwebapp and singlepageapp. **Content-Type:** application/x-www-form-urlencoded - **name** (string) (required): The application name to be registered. Application name cannot exceed 50 characters. - **type** (string): The type of application to be registered. Allowed types are regularwebapp and singlepageapp. **Content-Type:** multipart/form-data - **name** (string) (required): The application name to be registered. Application name cannot exceed 50 characters. - **type** (string): The type of application to be registered. Allowed types are regularwebapp and singlepageapp. ### Responses #### 200 - The new registered application data is returned as a JSON object. **getAllServerAppClients** - **applications** (array (object)) (required): The applications registered with the App ID instance. Array items: - **clientId** (string): The client ID. - **tenantId** (string): The tenant ID. - **secret** (string): The secret. - **name** (string): The application name. - **oAuthServerUrl** (string): The oauth server URL. - **type** (string): The application type. #### 400 - The tenant ID or request body is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify user permissions. #### 500 - Returned because of an internal server error. ### Example Usage ```bash curl -X POST "//management/v4/{tenantId}/applications" \ -H "Content-Type: application/json" \ -d '{ "name": "App1", "type": "regularwebapp" }' ``` ``` -------------------------------- ### Schema: getAllServerAppClients Source: https://cloud.ibm.com/apidocs/app-id/management.json Schema definition for getAllServerAppClients ```markdown ## Schema: getAllServerAppClients Schema definition for getAllServerAppClients **Type:** object - **applications** (array (object)) (required): The applications registered with the App ID instance. Array items: - **clientId** (string): The client ID. - **tenantId** (string): The tenant ID. - **secret** (string): The secret. - **name** (string): The application name. - **oAuthServerUrl** (string): The oauth server URL. - **type** (string): The application type. ``` -------------------------------- ### POST /management/v4/{tenantId}/users Source: https://cloud.ibm.com/apidocs/app-id/management.json Create a profile for a user that you know needs access to your app before they sign in to your app for the first time. [Learn more](/docs/appid?topic=appid-preregister). ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Request Body **Content-Type:** application/json - **idp** (unknown) (required): The identity provider. (example: "saml") ("saml"|"cloud_directory"|"facebook"|"google"|"appid_custom"|"ibmid") - **idp-identity** (string) (required): The identity details of the user. (example: "appid@ibm.com") - **profile** (object): The profile. - **attributes** (object): The custom attributes. (example: {"points":"150"}) **Content-Type:** application/x-www-form-urlencoded - **idp** (unknown) (required): The identity provider. (example: "saml") ("saml"|"cloud_directory"|"facebook"|"google"|"appid_custom"|"ibmid") - **idp-identity** (string) (required): The identity details of the user. (example: "appid@ibm.com") - **profile** (object): The profile. - **attributes** (object): The custom attributes. (example: {"points":"150"}) **Content-Type:** multipart/form-data - **idp** (unknown) (required): The identity provider. (example: "saml") ("saml"|"cloud_directory"|"facebook"|"google"|"appid_custom"|"ibmid") - **idp-identity** (string) (required): The identity details of the user. (example: "appid@ibm.com") - **profile** (object): The profile. - **attributes** (object): The custom attributes. (example: {"points":"150"}) ### Responses #### 201 - View the ID of the created user. #### 400 - The tenant ID, IdP type, or IdP identity ID is missing or invalid. #### 401 - The request is unauthorized by the platform. To be authorized, an IAM token with the valid permissions must be provided in Authorization header. #### 403 - You are not authorized to complete this operation. Contact the service owner or admin to verify your permissions. #### 409 - The user ID for the provided IdP exists. #### 500 - Returned because of an internal server error. ### Example Usage ```bash curl -X POST "//management/v4/{tenantId}/users" \ -H "Content-Type: application/json" \ -d '{ "idp": "saml", "idp-identity": "appid@ibm.com", "profile": { "attributes": { "points": "150" } } }' ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/config/capture_runtime_activity Source: https://cloud.ibm.com/apidocs/app-id/management.json Get a JSON object that contains the auditing status of the tenant. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Responses #### 200 - The auditing status of the tenant is returned as a JSON object. #### 400 - The tenant ID is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify permissions. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/config/capture_runtime_activity" ``` ``` -------------------------------- ### POST /management/v4/{tenantId}/cloud_directory/import Source: https://cloud.ibm.com/apidocs/app-id/management.json Import Cloud Directory users list that was exported by using the [export](/apidocs/app-id/management#clouddirectoryimport) endpoint. The format for import is the same format in which the users are exported from the initial instance. You can add up to only 50 users per request. To add all of your users through a single request, use the [import all users](/apidocs/app-id/management#clouddirectoryimportall) API endpoint. [Learn more](/docs/appid?topic=appid-cd-users). ```markdown ### Parameters - **encryption_secret** (string, query, required): The encryption secret is a custom string that is used to encrypt and decrypt the exported data. Retain the encryption secret as you need it to use the import all users API. Note: IBM does not store the secret so if the secret is lost, you can't access the exported data. - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Request Body **Content-Type:** application/json **Content-Type:** application/x-www-form-urlencoded **Content-Type:** multipart/form-data ### Responses #### 200 - Import Cloud Directory users from another instance of App ID. The format for import is the same format in which the users are exported from the initial instance. You can add up to 50 users per request. **importResponse** - **added** (number): The number of profiles that are imported successfully. - **active** (boolean): The status of the request. (example: false) - **lockedUntil** (integer): The number of milliseconds of inactivity after which users will be locked of their accounts. (example: 1834879417592) - **failed** (number): The number of users that failed to import. - **failReasons** (array (object)): The reasons why users failed to import. Array items: - **originalId** (string): The original ID. - **id** (string): The ID. - **email** (string): The email. - **userName** (string): THe username. - **error** (object): The error message. #### 400 - The tenant ID or user ID is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify permissions. #### 404 - The Cloud Directory user was not found. ### Example Usage ```bash curl -X POST "//management/v4/{tenantId}/cloud_directory/import?encryption_secret=string" \ -H "Content-Type: application/json" \ -d '{ "itemsPerPage": 2, "totalResults": 2, "users": [ { "scimUser": { "originalId": "e403878c-3ab5-4e99-8953-bb57b05387d8", "name": { "givenName": "Jane", "familyName": "Doe", "formatted": "Jane Doe" }, "displayName": "Jane Doe", "active": true, "emails": [ { "value": "user09857654@mail.com", "primary": true } ] }, "passwordHash": "xveImwVxuO7jxRQlRveKgBXD4WoAG0aIHVTY0GLSuTQbfTIsTNy753LFE9kdReAnBTIbSOeQ69UKJdnIxBZZkm9oWf8wsmwWeZwU9njZDDdhxzJWfvAv6Y/XjAqvNdWvJfV3Tag/zwQtKaET6Sc2gSbFL8L1X1wRR/msNA+NSfg=", "passwordHashAlg": "PBKDF2WithHmacSHA512", "profile": { "attributes": { "points": 100 } }, "roles": [] }, { "scimUser": { "originalId": "66ad3522-2251-4531-abff-3e3aad66b650", "userName": "myUserName", "name": { "givenName": "John", "familyName": "Doe", "formatted": "John Doe" }, "displayName": "John Doe", "active": true, "emails": [ { "value": "user0987654@mail.com", "primary": true } ] }, "passwordHash": "YKmBYObTprREAKqjl8F94ofE5lF5lr7Zuc/eJ0Sylvx6IOgI97M56n16U0aGWqBVTu2/P8xayrr6utoH/Uok5v/3Ct9jddXlxhkA1odqgQslJdXiCcBHn/49xU9iejCu6p3PL/81vBfcBGxTll2xeHzF+0qF4rxzn91H6TuNH4o=", "passwordHashAlg": "PBKDF2WithHmacSHA512", "profile": { "attributes": { "points": 150 } }, "roles": [ "adult", "child" ] } ] }' ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/cloud_directory/Users Source: https://cloud.ibm.com/apidocs/app-id/management.json Get the list of Cloud Directory users. [Learn more](/docs/appid?topic=appid-cloud-directory). ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. - **startIndex** (integer, query, optional): The first result in a set list of results. - **count** (integer, query, optional): The maximum number of results per page. - **query** (string, query, optional): The users by identity field. ### Responses #### 200 - The Cloud Directory users data is returned as a JSON object. Find more information about full user data [here](https://tools.ietf.org/html/rfc7643#section-8.2){: external}. **getAllUsers** - **totalResults** (number): The number of results. - **itemsPerPage** (number): The number of items per page. - **active** (boolean): The status of the user profile. (example: false) - **lockedUntil** (integer): The time limit until which the user is locked out of their account. (example: 1834879417592) - **Resources** (array (object)) (required): The list of Cloud Directory users. #### 400 - The tenant ID is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify permissions. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/cloud_directory/Users?startIndex=0&count=0&query=string" ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/config/cloud_directory/rate_limit Source: https://cloud.ibm.com/apidocs/app-id/management.json Get the rate limit configuration registered with the App ID Instance. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. ### Responses #### 200 - The rate limit configuration that is registered with the App ID tenant is returned as a JSON object. #### 400 - The tenant ID or request body is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify user permissions. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/config/cloud_directory/rate_limit" ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/cloud_directory/export/download Source: https://cloud.ibm.com/apidocs/app-id/management.json Download a JSON file of all of the Cloud Directory users from an instance of App ID. Before you can download the file, you must generate it by running the [export all users](/apidocs/app-id/management#clouddirectoryexportall) API endpoint. Note: You must regenerate the exported file if the deadline you configured before you ran the export request (or the 7-day default deadline) is expired. You can choose to manually delete the export by sending a request to the [delete](/apidocs/app-id/management#clouddirectorydownloadexportdelete) endpoint. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. - **id** (string, query, required): The export job ID that is returned from the export all users API. ### Responses #### 200 - The full list of users in your Cloud Directory and their profiles is returned as a JSON attachment. **downloadExport** #### 204 - The file that contains the list of users in your Cloud Directory and their profiles was not found. Empty response body #### 400 - The tenant ID or export job ID is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with the valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify permissions. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/cloud_directory/export/download?id=string" ``` ``` -------------------------------- ### GET /management/v4/{tenantId}/applications/{clientId} Source: https://cloud.ibm.com/apidocs/app-id/management.json Get a specific application registered with the App ID Instance. ```markdown ### Parameters - **tenantId** (string, path, required): The service tenant ID. The tenant ID can be found in the service credentials. You can create a service credential if one does not exist. - **clientId** (string, path, required): The application client ID. The client ID can be found in the application credentials or service credentials. You might need to create a service credential if one does not exist. ### Responses #### 200 - A specific application that is registered with the App ID tenant ID is returned as a JSON object. **getAllServerAppClients** - **applications** (array (object)) (required): The applications registered with the App ID instance. Array items: - **clientId** (string): The client ID. - **tenantId** (string): The tenant ID. - **secret** (string): The secret. - **name** (string): The application name. - **oAuthServerUrl** (string): The oauth server URL. - **type** (string): The application type. #### 400 - The tenant ID is missing or invalid. #### 401 - The user is unauthorized. To be authorized, a user needs an IAM token with valid permissions. #### 403 - The user has insufficient permissions. Contact the service owner or admin to verify permissions. ### Example Usage ```bash curl -X GET "//management/v4/{tenantId}/applications/{clientId}" ``` ``` -------------------------------- ### Schema: themeColorConfigParam Source: https://cloud.ibm.com/apidocs/app-id/management.json Schema definition for themeColorConfigParam ```markdown ## Schema: themeColorConfigParam Schema definition for themeColorConfigParam **Type:** object ```