REST API Required Scopes

Application Config

/admin/api/v1/applications

  • POST (write:config_application)
  • GET (read:config_application)

/admin/api/v1/applications/{id}

  • GET (read:config_application)
  • PUT (write:config_application)
  • DELETE (delete:config_application)

/admin/api/v1/applications/{id}/saml2/metadata/descriptor

  • GET (read:config_application)

Branding API

/admin/api/v1/brands

  • POST (write:config_brand)
  • GET (read:config_brand)

/admin/api/v1/brands/{id}

  • GET (read:config_brand)
  • PUT (write:config_brand)
  • DELETE (delete:config_brand)

/admin/api/v1/admin/brand

  • GET (read:config_admin_brand)
  • PUT (write:config_admin_brand)

Consent API

/admin/api/v1/consents

  • POST (write:config_consent)
  • GET (read:config_consent)

/admin/api/v1/consents/{id}

  • GET (read:config_consent)
  • PUT (write:config_consent)

Login Provider API

/admin/api/v1/loginProviders/enterprise

  • POST (write:config_login_provider)
  • GET (read:config_login_provider)

/admin/api/v1/loginProviders/enterprise/{name}

  • PUT (write:config_login_provider)
  • GET (read:config_login_provider)
  • DELETE (delete:config_login_provider)

/admin/api/v1/loginProviders/enterprise/{enterpriseLoginProviderName}/availableNativeClaims

  • GET (read:config_login_provider)

/admin/api/v1/loginProviders/enterprise/{enterpriseLoginProviderName}/mappings

  • POST (write:config_login_provider)
  • GET (read:config_login_provider)

/admin/api/v1/loginProviders/enterprise/{enterpriseLoginProviderName}/mappings/{id}

  • PUT (write:config_login_provider)
  • GET (read:config_login_provider)
  • DELETE (delete:config_login_provider)

/admin/api/v1/loginProviders/social

  • GET (read:config_login_provider)
  • POST (write:config_login_provider)

/admin/api/v1/loginProviders/social/{id}

  • GET (read:config_login_provider)
  • PUT (write:config_login_provider)
  • DELETE (delete:config_login_provider)

/admin/api/v1/loginProviders/social/{socialLoginProviderId}/availableNativeClaims

  • GET (read:config_login_provider)

/admin/api/v1/loginProviders/social/{socialLoginProviderId}/mappings

  • POST (write:config_login_provider)
  • GET (read:config_login_provider)

/admin/api/v1/loginProviders/social/{socialLoginProviderId}/mappings/{id}

  • PUT (write:config_login_provider)
  • GET (read:config_login_provider)
  • DELETE (delete:config_login_provider)

Event Hook API

/admin/api/v1/eventHooks/descriptor

  • GET (read:config_event_hook)

/admin/api/v1/eventHooks/function

  • POST (write:config_event_hook)
  • GET (read:config_event_hook)

/admin/api/v1/eventHooks/function/{id}

  • GET (read:config_event_hook)
  • PUT (write:config_event_hook)
  • DELETE (delete:config_event_hook)

/admin/api/v1/eventHooks/function/{id}/test

  • POST (write:config_event_hook)

/admin/api/v1/eventHooks/function/{id}/test/{functionId}

  • DELETE (delete:config_event_hook)

/admin/api/v1/eventHooks/function/{id}/test/{functionId}/call

  • POST (write:config_event_hook)

/admin/api/v1/eventHooks/function/{id}/test/{functionId}/logs

  • GET (read:config_event_hook)

/admin/api/v1/eventHooks/npm/package

  • POST (read:config_event_hook)

/admin/api/v1/eventHooks/npm/search

  • POST (read:config_event_hook)

Identity Store API

/admin/api/v1/identityStores

  • GET (read:config_identity_store)
  • POST (write:config_identity_store)

/admin/api/v1/identityStores/{name}

  • GET (read:config_identity_store)
  • PUT (write:config_identity_store)
  • DELETE (delete:config_identity_store)

/admin/api/v1/identityStores/{name}/availableNativeClaims

  • GET (read:config_identity_store)

/admin/api/v1/identityStores/{name}/nativeClaimMappings

  • GET (read:config_identity_store)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/identities

  • GET (read:account_identity)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/personal

  • PUT (write:account)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/download

  • GET (read:account_download)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/sessions

  • GET (read:account)
  • DELETE (write:account)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/sessions/{deviceId}

  • DELETE (write:account)

/admin/api/v1/identityStores/{storeId}/accounts

  • POST (write:account)
  • GET (read:account)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}

  • GET (read:account)
  • DELETE (delete:account)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/enable

  • POST (write:account)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/disable

  • POST (write:account)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/authenticators

  • POST (write:account_authenticator)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/authenticators/{authenticatorId}

  • DELETE (delete:account_authenticator)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/password/change

  • POST (write:account_authenticator)

/admin/api/v1/identityStores/{identityStoreName}/attributes

  • GET (read:config_identity_store)
  • POST (write:config_identity_store)
  • PUT (write:config_identity_store)

/admin/api/v1/identityStores/{identityStoreName}/attributes/{id}

  • GET (read:config_identity_store)
  • PUT (write:config_identity_store)

/admin/api/v1/identityStores/{storeId}/groups

  • GET (read:config_identity_store)
  • POST (write:config_identity_store)

/admin/api/v1/identityStores/{storeId}/groups/{id}

  • GET (read:config_identity_store)
  • PUT (write:config_identity_store)
  • DELETE (write:config_identity_store)

/admin/api/v1/identityStores/{storeId}/groups/{groupId}/members

  • GET (read:account &read:config_identity_store)
  • POST (write:account &read:config_identity_store)

/admin/api/v1/identityStores/{storeId}/groups/{groupId}/members/{accountId}

  • DELETE (write:account &read:config_identity_store)

/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/groups

  • POST (write:account &read:config_identity_store)

/admin/api/v1/admin/identityStore/accounts

  • GET (read:admin_account)
  • POST (write:admin_account)

/admin/api/v1/admin/identityStore/accounts/{accountId}

  • GET (read:admin_account)
  • DELETE (delete:admin_account)

/admin/api/v1/admin/identityStore/accounts/{accountId}/roles

  • POST (write:admin_account)

/admin/api/v1/admin/identityStore/roles

  • GET (read:config_admin_identity_store)
  • POST (write:config_admin_identity_store)

/admin/api/v1/admin/identityStore/roles/scopes

  • GET (read:config_admin_identity_store)

/admin/api/v1/admin/identityStore/roles/{id}

  • GET (read:config_admin_identity_store)
  • PUT (write:config_admin_identity_store)
  • DELETE (write:config_admin_identity_store)

/admin/api/v1/admin/identityStore/roles/{roleId}/assignees

  • GET (read:admin_account &read:config_admin_identity_store)
  • POST (write:admin_account &read:config_admin_identity_store)

/admin/api/v1/admin/identityStore/roles/{roleId}/assignees/{accountId}

  • DELETE (write:admin_account &read:config_admin_identity_store)

/admin/api/v1/admin/identityStore/attributes

  • GET (read:config_admin_identity_store)

/admin/api/v1/admin/identityStore/nativeClaimMappings

  • GET (read:config_admin_identity_store)

/admin/api/v1/admin/identityStore/availableNativeClaims

  • GET (read:config_admin_identity_store)

/admin/api/v1/admin/identityStore/accounts/{accountId}/authenticators

  • POST (write:admin_account_authenticator)

/admin/api/v1/admin/identityStore/accounts/{accountId}/authenticators/{authenticatorId}

  • DELETE (delete:admin_account_authenticator)

/admin/api/v1/admin/identityStore/accounts/{accountId}/password/change

  • POST (write:admin_account_authenticator)

/admin/api/v1/admin/identityStore/accounts/{accountId}/identities

  • GET (read:admin_account_identity)

/admin/api/v1/admin/identityStore/accounts/{accountId}/personal

  • PUT (write:admin_account)

/admin/api/v1/admin/identityStore/accounts/{accountId}/download

  • GET (read:admin_account_download)

/admin/api/v1/admin/identityStore/accounts/{accountId}/sessions

  • GET (read:admin_account)
  • DELETE (write:admin_account)

/admin/api/v1/admin/identityStore/accounts/{accountId}/sessions/{deviceId}

  • DELETE (write:admin_account)

/admin/api/v1/admin/identityStore/accounts/{accountId}/enable

  • POST (write:admin_account)

/admin/api/v1/admin/identityStore/accounts/{accountId}/disable

  • POST (write:admin_account)

Instance Configuration API

/admin/api/v1/instance/config

  • GET (read:config_instance)
  • POST (write:config_instance)

/admin/api/v1/instance/config/addresses

  • GET (read:config_instance || read:config_application)

/admin/api/v1/statistics/{name}

  • GET (read:statistic)

Adaptive MFA API

/admin/api/v1/adaptiveMfas

  • POST (write:config_adaptive_mfa)
  • GET (read:config_adaptive_mfa)

/admin/api/v1/adaptiveMfas/{id}

  • GET (read:config_adaptive_mfa)
  • PUT (write:config_adaptive_mfa)
  • DELETE (delete:config_adaptive_mfa)

/admin/api/v1/admin/adaptiveMfa

  • GET (read:config_admin_adaptive_mfa)
  • PUT (write:config_admin_adaptive_mfa)

Access Policy API

/admin/api/v1/accessPolicies

  • GET (read:config_api_access)
  • POST (write:config_api_access)

/admin/api/v1/accessPolicies/{policyId}

  • GET (read:config_api_access)
  • PUT (write:config_api_access)
  • DELETE (delete:config_api_access)

/admin/api/v1/accessPolicies/{policyId}/applications

  • POST (write:config_api_access)

/admin/api/v1/accessPolicies/{policyId}/applications/{clientId}

  • GET (read:config_api_access)
  • PUT (write:config_api_access)
  • DELETE (write:config_api_access)

Scopes API

/admin/api/v1/admin/api/scopes

  • GET (read:config_admin_api_access)

Notification Policy API

/admin/api/v1/notificationPolicies

  • GET (read:config_notification_policy)
  • POST (write:config_notification_policy)

/admin/api/v1/notificationPolicies/{id:[0-9]+}

  • GET (read:config_notification_policy)
  • PUT (write:config_notification_policy)
  • DELETE (delete:config_notification_policy)

/admin/api/v1/notificationPolicies/{id}/{type}

  • GET (read:config_notification_policy)

/admin/api/v1/notificationPolicies/{policyId}/{type}/{id}

  • GET (read:config_notification_policy)
  • PUT (write:config_notification_policy)

/admin/api/v1/admin/notificationPolicy/{type}

  • GET (read:config_admin_notification_policy)

/admin/api/v1/admin/notificationPolicy/{type}/{id}

  • GET (read:config_admin_notification_policy)
  • PUT (write:config_admin_notification_policy)

Password Policy API

/admin/api/v1/passwordPolicies

  • GET (read:config_password_policy)
  • POST (write:config_password_policy)

/admin/api/v1/passwordPolicies/{id}

  • GET (read:config_password_policy)
  • PUT (write:config_password_policy)
  • DELETE (delete:config_password_policy)

Self Service Policy API

/admin/api/v1/selfServicePolicies

  • GET (read:config_self_service_policy)
  • POST (write:config_self_service_policy)

/admin/api/v1/selfServicePolicies/{id}

  • GET (read:config_self_service_policy)
  • PUT (write:config_self_service_policy)
  • DELETE (delete:config_self_service_policy)

Claims API

/admin/api/v1/claim/native

  • GET (read:config_claim)
  • POST (write:config_claim)

/admin/api/v1/claim/native/{id}

  • GET (read:config_claim)
  • PUT (write:config_claim)
  • DELETE (delete:config_claim)

/admin/api/v1/claim/dialects

  • POST (write:config_claim)
  • GET (read:config_claim)

/admin/api/v1/claim/dialects/{id}

  • PUT (write:config_claim)
  • GET (read:config_claim)
  • DELETE (delete:config_claim)

/admin/api/v1/claim/dialects/{dialectId}/claims

  • POST (write:config_claim)
  • GET (read:config_claim)

/admin/api/v1/claim/dialects/{dialectId}/claims/{id}

  • PUT (write:config_claim)
  • GET (read:config_claim)
  • DELETE (delete:config_claim)

Events API

/admin/api/v1/events/account

  • GET (read:event_account)

/admin/api/v1/events/descriptor

  • GET (read:event_account)

/admin/api/v1/admin/events/account

  • GET (read:admin_event_account)

/admin/api/v1/admin/events/descriptor

  • GET (read:admin_event_account)

/admin/api/v1/admin/events/audit

  • GET (read:admin_event_audit)