Using the REST APIs
Learn more about how to authorize and use Strivacity Fusion REST APIs.

Overview

Fusion exposes its REST APIs via a combination of API Access Policies and the OIDC Client Credentials Flow. Once you have set up an application and configured the access policy, access to the various REST APIs are granted by sending a Client Credentials request with a particular set of scopes and an audience to receive an access token, and then using that access token in the Authorization header of the request to the given API.

API Authorization Flow

1) To start the Client Credentials flow, request an access token with the desired scopes and audience:
1
curl --request POST \
2
--url 'https://BRAND_DOMAIN.strivacity.com/oauth2/token' \
3
--user CLIENT_ID:CLIENT_SECRET \
4
--header 'content-type: application/x-www-form-urlencoded' \
5
--data grant_type=client_credentials \
6
--data audience=https://BRAND_DOMAIN.strivacity.com \
7
--data scope='OPTION:ENTITY'
Copied!
Assuming that the configured API Access Policy grants access to the given scope, you should receive an access token in response.
1
{
2
"access_token": "0F75ipYAEeB1SvYeXtBoLAQS03ADYGhg_LyML64BY5M.Ed6HP3bmTna2JVYRX5A3Zy1s3Em3Bc5caZPOsO8RGNg",
3
"expires_in": 3599,
4
"scope": "OPTION:ENTITY",
5
"token_type": "bearer"
6
}
Copied!
The access token is an opaque JWT Bearer Token, and can be used as authorization to the desired API.
1
curl -H 'Accept: application/json' \
2
-H "Authorization: Bearer 0F75ipYAEeB1SvYeXtBoLAQS03ADYGhg_LyML64BY5M.Ed6HP3bmTna2JVYRX5A3Zy1s3Em3Bc5caZPOsO8RGNg" \
3
https://BRAND_DOMAIN.strivacity.com/admin/api/v1/instanceConfigs
Copied!
You should receive your JSON payload from the desired API.
1
{
2
"hostingRegion": "US",
3
"instanceAddress": "BRAND_DOMAIN.strivacity.com",
4
"companyName": "BRAND_DOMAIN"
5
}
Copied!

Scopes

A scope is constructed by selecting an option of read, write, or delete followed by a colon and the desired entity.
1
OPTION:ENTITY
Copied!
An example for accessing the Adaptive MFA Policy API would be:
1
read:adaptive_mfa
Copied!
Please see REST API Required Scopes for more information on the scopes required to access a particular API. For additional information on these APIs, please see the following items within this section of the Fusion documentation, or see our Postman API Directory at https://api.strivacity.com/.
Last modified 7d ago
Export as PDF
Copy link