/
Account managment

Account managment

Jun 03, 2014

Services for Account management

Description

URI

Request Method

Request Params

Request Body

Response Body

Error Conditions

Authority

Description

URI

Request Method

Request Params

Request Body

Response Body

Error Conditions

Authority

Request email validation for new user. No information is saved server-side, but a URL is sent to the specified email address in which the requested information is embedded.  The URL is a link in the Synapse Portal where user registration is completed.

/account/emailValidation

POST

  • domain (Synapse or Bridge) (This customizes the endpoint in the emailed URL.)

  • portal endpoint

fname

lname

email

 

400 is email is invalid or 412 Status (Precondition Failed) if email is  already used.

Anonymous (unauthenticated request)

Request email validation for existing account.  No information is saved server-side but a URL is sent to the specified email address in which the request information is embedded.  The URL is a link in the Synapse Portal where adding the email is completed.

/account/{principalId}/emailValidation

POST

  • domain (Synapse or Bridge) (This customizes the endpoint in the emailed URL.)

  • portal endpoint

email

 

400 is email is invalid or 412 Status if email is already used.

self (authenticated request)

Create new account, completing email validation.  The username, fname, lname and the email given previously are bound to the account.  A session token is returned, i.e. the user is logged in.

/account

POST

--

user-validation-token*

username

password

first name

last name

session token

412 Status if user name or email is invalid or already used, or 400 if the time limit has passed.

Anonymous (unauthenticated request)

Complete the email validation to add a new email address to an existing account.  User making this request must match the one who initiated the email addition request (above).  If 'setNoficationEmail' request parameter is set to 'true', the new email become the user's notification email.

/email

POST

setNotificationEmail

email-validation-token**

 

 

self

Remove an email address associated with an account.

/email

DELETE

email

 

 

400 if email is notification email

self

Choose which email associated with the account is the notification email.

/notificationEmail

PUT

 

Username

 

404 if email is not one of the emails

self

Retrieve the email used for notification.

/notificationEmail

GET

 

 

Username

 

self

 

Portal provides endpoint and server appends on the right, so endpoint become a valid URL when "a1=v1&a2=v2&..." is appended and furthermore, the host name of the provided URL must be acceptable according to a regex which matches production, test or dev (local host) portal address.

 

 

*Account creation validation token contains the following, encrypted:

  • first name

  • last name

  • email

  • domain

  • time stamp

 

** Email validation token contains the following, encrypted:

  • email

  • principalId

  • domain

  • time stamp

 

Client Usage

Create new account

Step 1:  POST /account/emailValidation

Step 2: POST /account, including the token generated due to Step 1.

Add new email address

Step 1: POST /session to log in

Step 2: POST /account/{id}/emailValidation

Step 3: POST /email, including the token from Step 2.