REST API for user management

The following REST APIs are available for managing user and their permissions in FMPS.

Register a new user

A POST method that registers a new user, and can only be used when typeOfAuth is set as USERLOGIN in development.json. Only a user with administrative privileges can register other users.

Request URL

http://<FMPS_server>:<port>/v16/auth/register

Header

Name	Type	Description
`content-type`	String	Type of content that is sent in the request.
`X-Access-Token`	String	The authentication token that is sent in the request. This must be of another user with administrative privileges.

Header example

{
  "content-type": "application/json",
  "X-Access-Token": "eyJ0eXAiOiJKhjshjafakjfkadfas"
}

The authorization header must also contain the basic authentication type authorization containing credentials (email and password) of the user who is to be registered. For example:

Authorization: Basic YWJjZEBhZG9iZS5jb206YWJjZA==

Request body

Name	Type	Description
`email`	JSON	An email ID with which the user account is created.

JSON body example

{"email":"fmadmin@adobe.com"}

Successful response

Returns a HTTP 200 (Successful) response with the user object.

Error response

Code	Type	Description
`400`	String	A bad request is sent.
`406`	String	The request is not acceptable
`409`	String	User with the same credentials is already present.

Change user permission

A PUT method that changes the user permissions. There are two types of user permissions: USER and ADMIN. Only a user with ADMIN permissions can invoke this API.

To assign administrative permissions to your default (first) LDAP user, you will have to use the MongoDB’s command-line tool. See Install and configure MongoDB for more details.

Request URL

http://<FMPS_server>:<port>/v16/user/changePermission/:id

Header

Name	Type	Description
`content-type`	String	Type of content that is sent in the request.
`X-Access-Token`	String	The authentication token that is sent in the request. This must be of another user with administrative permissions.

Header example

{
  "content-type": "application/json",
  "X-Access-Token": "eyJ0eXAiOiJKhjshjafakjfkadfas"
}

Parameter

Name	Type	Description
`id`	String	The user ID of a user whose has to be granted administrative permissions.

Parameter example

5e4302fafdfdfadsfdfasgafsafgsag

Request body

Name	Type	Description
userPermission	String	The type of permission that you want to assign to the user. Use `ADMIN` for administrative permissions, and `USER` for non-administrative permissions.

JSON body example

{
"userPermission": "ADMIN"
}

Successful response

Returns a HTTP 200 (Successful) response with the user object.

Error response

Code	Type	Description
`400`	String	A bad request is sent.
`422`	String	The request is sent with incorrect data.

User login with USERLOGIN authentication

A POST method that logs the user into the system when USERLOGIN authentication mechanism is used.

Request URL

http://<FMPS_server>:<port>/v16/auth/login

Header

Name	Type	Description
`content-type`	String	Type of content that is sent in the request.
`X-Access-Token`	String	The authentication token that is sent in the request.
Authorization	String	A USERLOGIN (basic) authentication type authorization header containing credentials (email and password) of the user that wants to login.

Header example

{  "content-type": "application/json",}

The authorization header must also contain the basic authentication type authorization containing credentials (email and password) of the user who wants to login. For example:

Authorization: Basic dXNlcm5hbWVAYWRvYmUuY29tOnBhc3N3b3Jk

Successful response

Returns a HTTP 200 (Successful) response with the user’s access token.

Error response

Code	Type	Description
`400`	String	A bad request is sent.
`403`	String	Access not granted.
`406`	String	The request is not acceptable.

User login with LDAP authentication

A POST method that logs the user into the system when LDAP authentication mechanism is used.

Request URL

http://<FMPS_server>:<port>/v16/auth/ldap

Header

Name	Type	Description
`content-type`	String	Type of content that is sent in the request.
Authorization	String	A USERLOGIN (basic) authentication type authorization header containing credentials (email and password) of the user that wants to login.

Header example

{  "content-type": "application/json",}

The authorization header must also contain the basic authentication type authorization header containing credentials (email and password) of the user who wants to login. For example:

Authorization: Basic dXNlcm5hbWVAYWRvYmUuY29tOnBhc3N3b3Jk

Successful response

Returns a HTTP 200 (Successful) response with the user’s access token.

Error response

Code	Type	Description
`400`	String	A bad request is sent.
`401`	String	Use is not authorized.
`406`	String	The request is not acceptable.