...
| Description | URI | Request Method | Request Params | Request Body | Response Body | Error Conditions | Authority | ||
|---|---|---|---|---|---|---|---|---|---|
| Request email validation for new user. No information is saved server-side, but a URL is sent to the specified email addressl address in which the request information is embedded. The URL is a link in the Synapse Portal where user registration is completed. | / | useremailValidation | POST | domain (Synapse or Bridge) | fname lname | --400 Status if user name or email is invalid or already used. | no authentication required | ||
| Create new account, validating email address used. (The server creates the new account, binding the user name and email aliases, then creates a session and returns the session token.) The client must then set the account password. | /account | -- | -- | user-validation-token* | session token | 400 Status if user name or email is invalid or already used, or if the time limit has passed. | -- | ||
| Set or update user name for existing account. | /username | POST | -- | username | -- | -- | self | ||
| Anonymous (unauthenticated request) | |||||||||
| Request email validation for existing account. No information is saved server-side but a URL is sent to the specified email address in which the request information is embedded. The URL is a link in the Synapse Portal where adding the email is completed. | /emailRequestemailValidation | POST | domain (Synapse or Bridge) | 400 Status if email is invalid or already used. | self (authenticated request) | ||||
| Create new account, completing email validation. The username and email given previously are bound to the account. A session token is returned, i.e. the user is logged in. The client must then set the account password. | /account | POST | -- | user-validation- | self token* username | session token | 400 Status if user name or email is invalid or already used, or if the time limit has passed. | Anonymous (unauthenticated request) | |
| Complete the email validation to add a new email address to an existing account. User making this request must match the one who initiated the email addition request (above). | POST | -- | email-validation-token** | self |
...
*Account creation validation token contains the following, encrypted:
- first name
- last name
- domain
- time stamp
The information is either encrypted or sent in clear text but with a digital signature.
** Email validation token contains the following, encrypted:
- principalId
- domain
- time stamp
...