Try WSO2 Cloud for Free
Sign in

All docs This doc
||
Skip to end of metadata
Go to start of metadata

Before you begin...

To consume the APIs listed on this page, follow the steps in the Getting Started guide and get the OAuth bearer token with the apim:subscribe scope.


REST APIs that can be invoked with an admin access token 

The following is a list of APIs you can invoke with an access token with an access token generated with admin credentials.

Subscriber authentication API

HTTP request methodPOST
URLhttps://gateway.api.cloud.wso2.com/api/am/user/subscriber/authenticate/ 
Headers

Content-Type: application/json
Authorization: Bearer <Bearer token received by following prerequisites>

Payload
{
    "username":"alex@wso2.com@testcompany",
    "password":”xxxx”    
}

Username is constructed using the email address(alex@wso2.com) and tenant domain(testcompany).

Successful invocation
{
   "success": true,
   "authenticated": true,
   "message": "User is successfully authenticated."
   }
   {
   "success": true,
   "authenticated": false,
   "message": "Authentication data is invalid."
}
If the security token is invalid
<ns1:XMLFault xmlns:ns1="http://cxf.apache.org/bindings/xformat">
   <ns1:faultstring>org.apache.cxf.interceptor.security.AuthenticationException: Unauthenticated request</ns1:faultstring>
</ns1:XMLFault>

The failure error given above will be converted into JSON format in the future releases of this API.


Subscriber invitation API

HTTP request methodPOST
URLhttps://gateway.api.cloud.wso2.com/api/am/user/subscriber/
Headers

Content-Type: application/json
Authorization: Bearer <Bearer token received by following prerequisites>

Payload
{
    "username":"alex.cse@gmail.com@testcompany",   
}

Username is constructed using the email address(‘alex.cse@gmail.com’) and tenant domain(testcompany).

Successful invocation
{
   "success": true,
   "message": "User is invited successfully."    
}
If the security token is invalid
<ns1:XMLFault xmlns:ns1="http://cxf.apache.org/bindings/xformat">
   <ns1:faultstring>org.apache.cxf.interceptor.security.AuthenticationException: Unauthenticated request</ns1:faultstring>
</ns1:XMLFault>

The failure error given above will be converted into JSON format in the future releases of this API.


Subscriber invitation verification API

Before you begin...

This API is required to invite a member or approve a self sign up request made by a user. You need to obtain the registration link of the user to invoke this API. This is an intermediate step to verify the confirmation key of members, before adding them to your organization

HTTP request methodPOST
URLhttps://gateway.api.cloud.wso2.com/api/am/user/subscriber/confirm-invitee/
Headers

Content-Type: application/json
Authorization: Bearer <Bearer token received by following prerequisites>

Payload
{
        "confirmationKey":"a346c52d-f9b0-4415-c409-00300dbc23ba",
        "isStoreInvitee":"true",
        "isInvitee": null
}

The confirmation key is retrieved from the invitation link received by the end user you need to add to the organization. A sample is given below.

https://wso2store.wso2.com/site/pages/confirm-verification.jag?confirmation=11508277-080d-45e4-b7ac-956f76c3f93f&isStoreInvitee=true&tenant=mycompany.

You need to extract the following information, required for the request query parameters.

ParameterDescription
isStoreInviteeObtained from the one-time link of a self-signed up user. If not found, pass this parameter with a null value.
IsInviteeObtained from the one-time link of an invited user. If not found, pass this parameter with a null value.
Successful invocation for new users to WSO2 Cloud
{
		"success":true,
		"message":"Successfully confirmed the the confirmation key for the user sam@wso2.com","data":"{\"confirmationKey\":\"a346c52d-f9b0-4415-c409-00300dbc23ba\",\"email\":\"sam@wso2.com\"}"
}

You can add the user after successful confirmation

Successful invocation for existing users to WSO2 Cloud
{
		"success":true,
		"message":"The user : sam@wso2.com has been successfully invited. Please use the same password to login"
}
Unsuccessful invocation (Invalid code)
 {
     "success":false,
     "message":"The link you are trying to click or the provided confirmation code has expired or is not valid"
}


Subscriber registration API

Recommendation

The tenant admin is recommended to perform this task.

HTTP request methodPOST
URLhttps://gateway.api.cloud.wso2.com/api/am/user/subscriber/addUser
Headers

Content-Type: application/json
Authorization: Bearer <Bearer token received by following prerequisites>

Payload
{
    "confirmationKey" : "63621eb8-b8f7-40a6-cf3b-af02e8db722a",
    "password":"sam211!1",
    "firstName": "Sam",
    "lastName" : "de Mel"
}

The confirmation key is retrieved from the invitation link received by the end user. Note the guidelines below to for the formats of the input parameters

ParameterDescription
Password

The password should have at least three of the criteria mentioned below.

  • Uppercase letters
  • Lowercase letters
  • Numbers
  • Special characters
firstNameThe first name of the user (alphanumeric characters only)
lastNameThe last name of the user (alphanumeric characters only)
Successful invocation
{
	"success":true,
	"message":"Successfully added the user to the tenant testrest"
}
Unsuccessful invocation
{
    "success":false,"
    message":"Unable to retrieve user information. Invalid confirmation key provided. Please check the confirmation key and try again"
}


Reset password APIs

Step 1 - Initiation of the password reset API

Reset password initiation API
HTTP request methodPOST
URLhttps://gateway.api.cloud.wso2.com/api/am/user/subscriber/reset-password/initiate
Headers

Content-Type: application/json
Authorization: Bearer <Bearer token received by following prerequisites>

Payload
{
	"email":"sam@wso2.com",
	"callbackURL": "http://myapp.com/reset-password"
}
ParameterDescription
emailThe registration email of the user you need to reset the password of.
callbackURL

The URL the user is redirected to once they receive the email to reset the password. Two parameters will be appended with the callback URL which are needed to make the next request. You do not need to append this as it will auto get appended to the URL provided above. You need to extract those two parameters and send it in the request 2.

If a callback URL is not specified then the redirection would be the default redirection to the wso2 cloud reset password page.

An example of such a custom callback URL returned to the user is shown below
http://myapp.com/reset-password?id=sam@wso2.com&confirmation=14f6b1dc-75b7-472c-8a1f-11455f669dbd

ParameterDescription
idThe email of the user
confirmationCodeThe confirmation code which is returned for the password reset to be passed to the request 2

Follow Step 2 and 3 after you are re-directed.

Successful invocation
{
	"success":true,
	"message":"Successfully added the user to the tenant testrest"
}

Unsuccessful invocation (Invalid security token)
{
    "success":false,"
    message":"Unable to retrieve user information. Invalid confirmation key provided. Please check the confirmation key and try again"
}


Step 2 - Verifying the input values for password reset

Reset password verification API
HTTP request methodPOST
URLhttps://gateway.api.cloud.wso2.com/api/am/user/subscriber/reset-password/verify
Headers

Content-Type: application/json
Authorization: Bearer <Bearer token received by following prerequisites>

Payload
{
"email":"sam@wso2.com",
"confirmationKey":"14f6b1dc-75b7-472c-8a1f-11455f669dbd"
}
ParameterDescription
emailThe ID returned from the request in Step 1.
confirmationKey

The confirmation parameter appended to the callback URL in Step 1

Successful invocation
{  
   "success":true,
   "message":"Provided verification code for the email sam@wso2.com has been successfully verified",
  "data":"{\"confirmationKey\":\"e0ed4sf-2a36s-40ae-80ea 							eeffc5c41e2c\",\"verified\":true,\"userName\":\"sam@wso2.com\",\"email\":\"sam@wso2.com\"}"
}

You have to extract the confirmationKey from data for Step 3.


Step 3 - Confirming password reset with new password

Reset password confirmation API
HTTP Request methodPOST
URLhttps://gateway.api.cloud.wso2.com/api/am/user/subscriber/reset-password/confirm
Headers

Content-Type: application/json
Authorization: Bearer <Bearer token received by following prerequisites>

Payload
{
"email":"sam@wso2.com",
"confirmationKey":"d4602-264a-4ef8-95fa-ea03291c1d64",
“newPassword”:”XXXXXXX”
}
ParameterDescription
emailThe email returned from the data element in Step 2.
confirmationKeyThe key returned from the data element in Step 2.
newPasswordYour new password, after the reset.
Successful invocation
{  
   "success":true,
   "message":"Password has been successfully reset for the user sam@wso2.com. Please login with your new password."
}

You have now successfully reset the password, after completing the steps listed above.


Log download API

HTTP request methodGET
URL

https://gateway.api.cloud.wso2.com/api/logs?logType=<log-type>&date=<yyyy-mm-dd>

The following table describes the valid logType and date values that you can pass in the URL:

ParameterValid values
logType

Either load-balancer or gateway.

date
The current date or a prior date in the following format:

yyyy-mm-dd in Pacific Standard Time
For example, 2019-03-20.

Note

Specifying a future date is not valid and will result in an unsuccessful invocation.

Headers

Content-Type: application/json
Authorization: Bearer <Bearer token received by following prerequisites>

{
   “archiveFileUrl” : “https://link-to-archive-file”,
   “validPeriodInSeconds” : 300
}
{
 "message": <An error message describing the reason that caused an unsuccesful invocation>
}


REST APIs that can be invoked with a subscriber access token

API Store statistics API


HTTP Request methodPOST
URLhttps://gateway.api.cloud.wso2.com/api/am/user/subscriber/statistics
Headers

Content-Type: application/json
Authorization: Bearer <Bearer token received by following prerequisites>

Payload
{
	"statisticsType" : "getProviderAPIUsage",
	"toDate":"2018-02-22 17:11",
	"fromDate": "2016-09-28 00:00"
}
ParameterDescription
statisticsType

The type of statistics you need to retrieve for a particular time period.

  • getTopAppUsers - Top Users For Applications

  • getAppApiCallType - API Usage from Resource Path

  • getPerAppAPIFaultCount - Faulty Invocations per Application

  • getProviderAPIUsage - API Usage per Application

toDate
The end date of the required period.
fromDate
The start date of the required period.



Note that your response will differ according to the requested type of statistics. A succesful invocation would be similar to the sample given below.

Successful invocation
{  
   "success":true,
   "message":"Successfully retrieved the statistics data for the statistics type getTopAppUsers for the user sam@wso2.com@testcompany",
"data":"[{\"appName\":\"iot_ui_testcompany\",\"userCountArray\":[{\"count\":52,\"user\":\"sam@wso2.com@testcompany\"}]}]"
}
  • No labels