Version: 2.1.0

User Management

The cidaas users API provides functionality to:

Read, add, update, and delete users
Provide self-services for users
Invite users and assign them to user groups

The core entity is the UserAccount.

The unique identifier of a user is the sub
User accounts have attributes to describe the user:
- System fields describe core user data. Most attributes are optional and can be enabled/disabled
- Custom fields define organization-wide user account profiles
A user gets identified by their identity (identities):
- An identity has system fields like family_name, given_name, email, mobile_number, and provider. The default provider is self for company-provided UserAccounts
- An identity can be used with any standard-compliant OpenID, OAuth, and SAML2 providers
User identifiers are:
- By default: email, mobile_number, and username of each identity
- Custom fields typed as username become user identifiers

Authentication

OAuth 2.0: oauth2
OAuth 2.0: oauth2_user_flows

Security Scheme Type:	oauth2
OAuth Flow (authorizationCode):	Token URL: https://domain/token-srv/token Authorization URL: https://domain/authz-srv/authz Scopes: openid: openid scope to generate an id_token which requires read access to users profile: openid scope profile to have access to user profile email: openid scope email to have access to user's email and email_verified claims phone: openid scope phone to have access to user's phone_number and phone_number_verified claims address: openid scope to access user's address identities: allows access to identity claims of a user cidaas:users_search: allows search for users cidaas:register: allows registration (add) of new users cidaas:users_invite: allows invitation of a new user cidaas:users_read: allows read of user cidaas:users_write: allows update of user cidaas:users_delete: allows deletion of user cidaas:userupdate: allows the user to update its own user profile cidaas:userinfo: allows to read userinfo cidaas:deleteuser: allows deletion of user consents: retrieves the accepted consents roles: scope to retrieve default user roles of CIDAAS_USERS group groups: scope to retrieve groups of user
OAuth Flow (clientCredentials):	Token URL: https://domain/token-srv/token Scopes: openid: openid scope to generate an id_token which requires read access to users profile: openid scope profile to have access to user profile email: openid scope email to have access to user's email and email_verified claims phone: openid scope phone to have access to user's phone_number and phone_number_verified claims address: openid scope to access user's address identities: allows access to identity claims of a user cidaas:users_search: allows search for users cidaas:register: allows registration (add) of new users cidaas:users_invite: allows invitation of a new user cidaas:users_read: allows read of user cidaas:users_write: allows update of user cidaas:users_delete: allows deletion of user cidaas:deleteuser: allows deletion of user consents: retrieves the accepted consents roles: scope to retrieve default user roles of CIDAAS_USERS group groups: scope to retrieve groups of user
OAuth Flow (implicit):	Authorization URL: https://domain/authz-srv/authz Scopes: openid: openid scope to generate an id_token which requires read access to users profile: openid scope profile to have access to user profile email: openid scope email to have access to user's email and email_verified claims phone: openid scope phone to have access to user's phone_number and phone_number_verified claims address: openid scope to access user's address identities: allows access to identity claims of a user cidaas:users_search: allows search for users cidaas:register: allows registration (add) of new users cidaas:users_invite: allows invitation of a new user cidaas:users_read: allows read of user cidaas:users_write: allows update of user cidaas:users_delete: allows deletion of user cidaas:userupdate: allows the user to update its own user profile cidaas:userinfo: allows to read userinfo cidaas:deleteuser: allows deletion of user consents: retrieves the accepted consents roles: allows to retrieve default user roles of CIDAAS_USERS group groups: allows to retrieve groups of user

Security Scheme Type:	oauth2
OAuth Flow (authorizationCode):	Token URL: https://domain/token-srv/token Authorization URL: https://domain/authz-srv/authz Scopes: openid: openid scope to generate an id_token which requires read access to users profile: openid scope profile to have access to user profile email: openid scope email to have access to user's email and email_verified claims phone: openid scope phone to have access to user's phone_number and phone_number_verified claims address: openid scope to access user's address identities: allows access to identity claims of a user cidaas:users_search: allows search for users cidaas:register: allows registration (add) of new users cidaas:users_invite: allows invitation of a new user cidaas:users_read: allows read of user cidaas:users_write: allows update of user cidaas:users_delete: allows deletion of user cidaas:userupdate: allows the user to update its own user profile cidaas:userinfo: allows to read userinfo cidaas:deleteuser: allows deletion of user consents: retrieves the accepted consents roles: scope to retrieve default user roles of CIDAAS_USERS group groups: scope to retrieve groups of user
OAuth Flow (implicit):	Authorization URL: https://domain/authz-srv/authz Scopes: openid: openid scope to generate an id_token which requires read access to users profile: openid scope profile to have access to user profile email: openid scope email to have access to user's email and email_verified claims phone: openid scope phone to have access to user's phone_number and phone_number_verified claims address: openid scope to access user's address identities: allows access to identity claims of a user cidaas:users_search: allows search for users cidaas:register: allows registration (add) of new users cidaas:users_invite: allows invitation of a new user cidaas:users_read: allows read of user cidaas:users_write: allows update of user cidaas:users_delete: allows deletion of user cidaas:userupdate: allows the user to update its own user profile cidaas:userinfo: allows to read userinfo cidaas:deleteuser: allows deletion of user consents: retrieves the accepted consents roles: allows to retrieve default user roles of CIDAAS_USERS group groups: allows to retrieve groups of user

Contact

cidaas support: [email protected]

URL: https://support.cidaas.com

Terms of Service

https://www.cidaas.com/terms-of-use/

User Management

Authentication​

Contact

Terms of Service

Authentication