Users and UserGroups Declarative Interface

Declarative API

Check high-level overview of the Declarative API Interface first. To see the entire API specification, visit API reference .

Manage Users

Next to an entity interface where user can manage each user entity individually, there is a declarative interface allowing all users to be managed at once. The endpoint is

  • /api/layout/users.

Whenever you upload a new layout with users, all the existing will be completely deleted.

The user used for boostrap of an organization can’t be removed, it must be presented in the declarative payload.

User’s details consideration

The platform concept expects all user’s details to be managed and stored in external OIDC compatible service and therefore no details about users are stored at the server side. There are only this information hold, the identifier of user, its authentication to the authentication manager, and related user group(s) eventually.

Manage User Groups

Next to an entity interface where user can manage each user group entity individually, there is a declarative interface allowing all user groups to be managed at once. The endpoint is

  • /api/layout/userGroups.

Whenever you upload a new layout with user groups, all the existing will be completely deleted.

The user group used for boostrap of an organization can’t be removed, it must be presented in the declarative payload.

User Group’s details consideration

There are no details for the user group available then the identifier, and a list of parents (user groups).

Examples

First, be aware of your application endpoint. For Helm Chart deployment, it represents the https://<organization-hostname> value. For the All-in-One docker image, the default endpoint is http://localhost:3000.

In the following examples the endpoint is substituted by $ENDPOINT variable;

Retrieve all users

curl -H "Authorization: Bearer YWRtaW46Ym9vdHN0cmFwOmFkbWluMTIz" \
  $ENDPOINT/api/layout/users > users-layout.json

Restore/redefine all users

curl -H "Authorization: Bearer YWRtaW46Ym9vdHN0cmFwOmFkbWluMTIz" \
  -H "Content-Type: application/json" \
  -X PUT \
  $ENDPOINT/api/layout/users -d @users-layout.json

Users declarative document

AuthId is replaced by dummy value

{
   "users" : [
     {
       "id" : "admin",
       "userGroups" : [
         {
           "id" : "adminGroup",
           "type" : "userGroup"
         }
       ]
     },
     {
       "authId": "<abcd...>",
       "id": "test",
       "userGroups" : [
         {
           "id" : "develGroup",
           "type" : "userGroup"
         }
       ]
     }
   ]
}

Retrieve all user groups

curl -H "Authorization: Bearer YWRtaW46Ym9vdHN0cmFwOmFkbWluMTIz" \
  $ENDPOINT/api/layout/userGroups > userGroups-layout.json

Restore/redefine all user groups

curl -H "Authorization: Bearer YWRtaW46Ym9vdHN0cmFwOmFkbWluMTIz" \
  -H "Content-Type: application/json" \
  -X PUT \
  $ENDPOINT/api/layout/userGroups -d @userGroups-layout.json

User groups declarative document

{
   "userGroups" : [
      {
         "id" : "adminGroup"
      },
      {
         "parents" : [
            {
               "id" : "adminGroup",
               "type" : "userGroup"
            }
         ],
         "id" : "develGroup"
      }
   ]
}