Exists | Method | URI | Auth filtered? | Body | Parameters | Return value | Description | Differences (from existing methods) |
---|---|---|---|---|---|---|---|---|
POST | /session | LoginCredentials | Session | Normal login | Does not fail if the user has not signed the terms of use. Instead, a boolean is returned along with the session token. The client can use that boolean to throw a TermsOfUseException. Note: trying to make an authenticated request will still fail if the terms haven't been accepted. Terms ofuse cannot be signed here. | |||
PUT | /session | Session | Revalidates a session token. No longer necessary, but removal will break the analytical clients. | Note: This will still fail (403) if the user has not signed the terms of use. | ||||
DELETE | /session | Invalidated token | ||||||
POST | /user | NewUser | sendPasswordmail=true (Not implemented yet) | Creates a new user | No longer goes through the auth filter. This was originally done because GET /user was filtered. Parameter will let the client specify if Synapse should sent a "Welcome" email or a "Set your password" email. | |||
POST | /user/password | ChangePasswordRequest | Changes the user's password, regardless of whether they have accepted the terms of use | Replaces /changePassword and /registeringUserPassword | ||||
POST | /user/password/email | Username | Sends a password reset email (containing a session token) | Replaces /registeringUserEmail, /userPasswordEmail, and /apiPasswordEmail | ||||
POST | /termsOfUse | Session | Accepts the terms of use via a session token | New method | ||||
GET | /secretKey | SecretKey | Gets the user's API key | |||||
DELETE | /secretKey | Invalidates the user's API key | ||||||
POST | /openIdCallback | (OpenID params) acceptsTermsOfUse=false createUserIfNecessary=false | Session | Login via OpenID, with options to create a new user and sign the terms of use | Terms ofuse cannot be signed here. |
...