Services for Account management

Description	URI	Request Method	Request Params	Request Body	Response Body	Error Conditions	Authority
Request email validation for new user. No information is saved server-side, but a URL is sent to the specified email address in which the requested information is embedded. The URL is a link in the Synapse Portal where user registration is completed.	/account/emailValidation	POST	domain (Synapse or Bridge) (This customizes the endpoint in the emailed URL.) portal endpoint	fname lname email		400 is email is invalid or 412 Status (Precondition Failed) if email is already used.	Anonymous (unauthenticated request)
Request email validation for existing account. No information is saved server-side but a URL is sent to the specified email address in which the request information is embedded. The URL is a link in the Synapse Portal where adding the email is completed.	/account/{principalId}/emailValidation	POST	domain (Synapse or Bridge) (This customizes the endpoint in the emailed URL.) portal endpoint	email		400 is email is invalid or 412 Status if email is already used.	self (authenticated request)
Create new account, completing email validation. The username, fname, lname and the email given previously are bound to the account. A session token is returned, i.e. the user is logged in.	/account	POST	--	user-validation-token* username password first name last name	session token	412 Status if user name or email is invalid or already used, or 400 if the time limit has passed.	Anonymous (unauthenticated request)
Complete the email validation to add a new email address to an existing account. User making this request must match the one who initiated the email addition request (above). If 'setNoficationEmail' request parameter is set to 'true', the new email become the user's notification email.	/email	POST	setNotificationEmail	email-validation-token**			self
Remove an email address associated with an account.	/email	DELETE	email			400 if email is notification email	self
Choose which email associated with the account is the notification email.	/notificationEmail	PUT		Username		404 if email is not one of the emails	self
Retrieve the email used for notification.	/notificationEmail	GET			Username		self

Portal provides endpoint and server appends on the right, so endpoint become a valid URL when "a1=v1&a2=v2&..." is appended and furthermore, the host name of the provided URL must be acceptable according to a regex which matches production, test or dev (local host) portal address.

*Account creation validation token contains the following, encrypted:

first name
last name
email
domain
time stamp

** Email validation token contains the following, encrypted:

email
principalId
domain
time stamp

Client Usage

Create new account

Step 1: POST /account/emailValidation

Step 2: POST /account, including the token generated due to Step 1.

Add new email address

Step 1: POST /session to log in

Step 2: POST /account/{id}/emailValidation

Step 3: POST /email, including the token from Step 2.

Browser not supported