...
Services for Account management
Description | URI | Request Method | Request Params | Request Body | Response Body | Error Conditions | Authority | ||
---|---|---|---|---|---|---|---|---|---|
Request email validation for new user. No information is saved server-side, but a URL is sent to the specified email addressl address in which the request requested information is embedded. The URL is a link in the Synapse Portal where user registration is completed. | / | useraccount/emailValidation | POST |
| fname lname | --400 Status if user name or is email is invalid or already used. | no authentication required | ||
Create new account, validating email address used. (The server creates the new account, binding the user name and email aliases, then creates a session and returns the session token.) The client must then set the account password. | /account | -- | -- | user-validation-token* | session token | 400 Status if user name or email is invalid or already used, or if the time limit has passed. | -- | ||
Set or update user name for existing account. | /username | POST | -- | username | -- | -- | self | ||
412 Status (Precondition Failed) if email is already used. | Anonymous (unauthenticated request) | ||||||||
Request email validation for existing account. No information is saved server-side but a URL is sent to the specified email address in which the request information is embedded. The URL is a link in the Synapse Portal where adding the email is completed. | /emailRequest/account/{principalId}/emailValidation | POST |
| 400 is email is invalid or 412 Status if email is already used. | self (authenticated request) | ||||
Create new account, completing email validation. The username, fname, lname and the email given previously are bound to the account. A session token is returned, i.e. the user is logged in. | /account | POST | -- | self | user-validation-token* username password first name last name | session token | 412 Status if user name or email is invalid or already used, or 400 if the time limit has passed. | Anonymous (unauthenticated request) | |
Complete the email validation to add a new email address to an existing account. User making this request must match the one who initiated the email addition request (above). If 'setNoficationEmail' request parameter is set to 'true', the new email become the user's notification email. | POST | setNotificationEmail | email-validation-token** | self | |||||
Remove an email address associated with an account. | DELETE | 400 if email is notification email | self | ||||||
Choose which email associated with the account is the notification email. | /notificationEmail | PUT | Username | 404 if email is not one of the emails | self | ||||
Retrieve the email used for notification. | /notificationEmail | GET | Username | self |
Portal provides endpoint and server appends on the right, so endpoint become a valid URL when "a1=v1&a2=v2&..." is appended and furthermore, the host name of the provided URL must be acceptable according to a regex which matches production, test or dev (local host) portal address.
*Account creation validation token contains the following, encrypted:
- first name
- last name
- domain
- time stamp
The information is either encrypted or sent in clear text but with a digital signature.
** Email validation token contains the following, encrypted:
- principalId
- domain
- time stamp
...
The information is either encrypted or sent in clear text but with a digital signature.
...
Client Usage
Create new account
Step 1: POST /account/emailValidation
Step 2: POST /account, including the token generated due to Step 1.
Add new email address
Step 1: POST /session to log in
Step 2: POST /account/{id}/emailValidation
Step 3: POST /email, including the token from Step 2.