REST API Required Scopes

Application Config

/admin/api/v1/applications
  • POST (write:config_application)
  • GET (read:config_application)
/admin/api/v1/applications/{id}
  • GET (read:config_application)
  • PUT (write:config_application)
  • DELETE (delete:config_application)
/admin/api/v1/applications/{id}/saml2/metadata/descriptor
  • GET (read:config_application)

Branding API

/admin/api/v1/brands
  • POST (write:config_brand)
  • GET (read:config_brand)
/admin/api/v1/brands/{id}
  • GET (read:config_brand)
  • PUT (write:config_brand)
  • DELETE (delete:config_brand)
/admin/api/v1/admin/brand
  • GET (read:config_admin_brand)
  • PUT (write:config_admin_brand)

Consent API

/admin/api/v1/consents
  • POST (write:config_consent)
  • GET (read:config_consent)
/admin/api/v1/consents/{id}
  • GET (read:config_consent)
  • PUT (write:config_consent)

Login Provider API

/admin/api/v1/loginProviders/enterprise
  • POST (write:config_login_provider)
  • GET (read:config_login_provider)
/admin/api/v1/loginProviders/enterprise/{name}
  • PUT (write:config_login_provider)
  • GET (read:config_login_provider)
  • DELETE (delete:config_login_provider)
/admin/api/v1/loginProviders/enterprise/{enterpriseLoginProviderName}/availableNativeClaims
  • GET (read:config_login_provider)
/admin/api/v1/loginProviders/enterprise/{enterpriseLoginProviderName}/mappings
  • POST (write:config_login_provider)
  • GET (read:config_login_provider)
/admin/api/v1/loginProviders/enterprise/{enterpriseLoginProviderName}/mappings/{id}
  • PUT (write:config_login_provider)
  • GET (read:config_login_provider)
  • DELETE (delete:config_login_provider)
/admin/api/v1/loginProviders/social
  • GET (read:config_login_provider)
  • POST (write:config_login_provider)
/admin/api/v1/loginProviders/social/{id}
  • GET (read:config_login_provider)
  • PUT (write:config_login_provider)
  • DELETE (delete:config_login_provider)
/admin/api/v1/loginProviders/social/{socialLoginProviderId}/availableNativeClaims
  • GET (read:config_login_provider)
/admin/api/v1/loginProviders/social/{socialLoginProviderId}/mappings
  • POST (write:config_login_provider)
  • GET (read:config_login_provider)
/admin/api/v1/loginProviders/social/{socialLoginProviderId}/mappings/{id}
  • PUT (write:config_login_provider)
  • GET (read:config_login_provider)
  • DELETE (delete:config_login_provider)

Event Hook API

/admin/api/v1/eventHooks/descriptor
  • GET (read:config_event_hook)
/admin/api/v1/eventHooks/function
  • POST (write:config_event_hook)
  • GET (read:config_event_hook)
/admin/api/v1/eventHooks/function/{id}
  • GET (read:config_event_hook)
  • PUT (write:config_event_hook)
  • DELETE (delete:config_event_hook)
/admin/api/v1/eventHooks/function/{id}/test
  • POST (write:config_event_hook)
/admin/api/v1/eventHooks/function/{id}/test/{functionId}
  • DELETE (delete:config_event_hook)
/admin/api/v1/eventHooks/function/{id}/test/{functionId}/call
  • POST (write:config_event_hook)
/admin/api/v1/eventHooks/function/{id}/test/{functionId}/logs
  • GET (read:config_event_hook)
/admin/api/v1/eventHooks/npm/package
  • POST (read:config_event_hook)
/admin/api/v1/eventHooks/npm/search
  • POST (read:config_event_hook)

Identity Store API

/admin/api/v1/identityStores
  • GET (read:config_identity_store)
  • POST (write:config_identity_store)
/admin/api/v1/identityStores/{name}
  • GET (read:config_identity_store)
  • PUT (write:config_identity_store)
  • DELETE (delete:config_identity_store)
/admin/api/v1/identityStores/{name}/availableNativeClaims
  • GET (read:config_identity_store)
/admin/api/v1/identityStores/{name}/nativeClaimMappings
  • GET (read:config_identity_store)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/identities
  • GET (read:account_identity)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/personal
  • PUT (write:account)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/download
  • GET (read:account_download)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/sessions
  • GET (read:account)
  • DELETE (write:account)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/sessions/{deviceId}
  • DELETE (write:account)
/admin/api/v1/identityStores/{storeId}/accounts
  • POST (write:account)
  • GET (read:account)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}
  • GET (read:account)
  • DELETE (delete:account)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/enable
  • POST (write:account)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/disable
  • POST (write:account)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/authenticators
  • POST (write:account_authenticator)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/authenticators/{authenticatorId}
  • DELETE (delete:account_authenticator)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/password/change
  • POST (write:account_authenticator)
/admin/api/v1/identityStores/{identityStoreName}/attributes
  • GET (read:config_identity_store)
  • POST (write:config_identity_store)
  • PUT (write:config_identity_store)
/admin/api/v1/identityStores/{identityStoreName}/attributes/{id}
  • GET (read:config_identity_store)
  • PUT (write:config_identity_store)
/admin/api/v1/identityStores/{storeId}/groups
  • GET (read:config_identity_store)
  • POST (write:config_identity_store)
/admin/api/v1/identityStores/{storeId}/groups/{id}
  • GET (read:config_identity_store)
  • PUT (write:config_identity_store)
  • DELETE (write:config_identity_store)
/admin/api/v1/identityStores/{storeId}/groups/{groupId}/members
  • GET (read:account &read:config_identity_store)
  • POST (write:account &read:config_identity_store)
/admin/api/v1/identityStores/{storeId}/groups/{groupId}/members/{accountId}
  • DELETE (write:account &read:config_identity_store)
/admin/api/v1/identityStores/{storeId}/accounts/{accountId}/groups
  • POST (write:account &read:config_identity_store)
/admin/api/v1/admin/identityStore/accounts
  • GET (read:admin_account)
  • POST (write:admin_account)
/admin/api/v1/admin/identityStore/accounts/{accountId}
  • GET (read:admin_account)
  • DELETE (delete:admin_account)
/admin/api/v1/admin/identityStore/accounts/{accountId}/roles
  • POST (write:admin_account)
/admin/api/v1/admin/identityStore/roles
  • GET (read:config_admin_identity_store)
  • POST (write:config_admin_identity_store)
/admin/api/v1/admin/identityStore/roles/scopes
  • GET (read:config_admin_identity_store)
/admin/api/v1/admin/identityStore/roles/{id}
  • GET (read:config_admin_identity_store)
  • PUT (write:config_admin_identity_store)
  • DELETE (write:config_admin_identity_store)
/admin/api/v1/admin/identityStore/roles/{roleId}/assignees
  • GET (read:admin_account &read:config_admin_identity_store)
  • POST (write:admin_account &read:config_admin_identity_store)
/admin/api/v1/admin/identityStore/roles/{roleId}/assignees/{accountId}
  • DELETE (write:admin_account &read:config_admin_identity_store)
/admin/api/v1/admin/identityStore/attributes
  • GET (read:config_admin_identity_store)
/admin/api/v1/admin/identityStore/nativeClaimMappings
  • GET (read:config_admin_identity_store)
/admin/api/v1/admin/identityStore/availableNativeClaims
  • GET (read:config_admin_identity_store)
/admin/api/v1/admin/identityStore/accounts/{accountId}/authenticators
  • POST (write:admin_account_authenticator)
/admin/api/v1/admin/identityStore/accounts/{accountId}/authenticators/{authenticatorId}
  • DELETE (delete:admin_account_authenticator)
/admin/api/v1/admin/identityStore/accounts/{accountId}/password/change
  • POST (write:admin_account_authenticator)
/admin/api/v1/admin/identityStore/accounts/{accountId}/identities
  • GET (read:admin_account_identity)
/admin/api/v1/admin/identityStore/accounts/{accountId}/personal
  • PUT (write:admin_account)
/admin/api/v1/admin/identityStore/accounts/{accountId}/download
  • GET (read:admin_account_download)
/admin/api/v1/admin/identityStore/accounts/{accountId}/sessions
  • GET (read:admin_account)
  • DELETE (write:admin_account)
/admin/api/v1/admin/identityStore/accounts/{accountId}/sessions/{deviceId}
  • DELETE (write:admin_account)
/admin/api/v1/admin/identityStore/accounts/{accountId}/enable
  • POST (write:admin_account)
/admin/api/v1/admin/identityStore/accounts/{accountId}/disable
  • POST (write:admin_account)

Instance Configuration API

/admin/api/v1/instance/config
  • GET (read:config_instance)
  • POST (write:config_instance)
/admin/api/v1/instance/config/addresses
  • GET (read:config_instance || read:config_application)
/admin/api/v1/statistics/{name}
  • GET (read:statistic)

Adaptive MFA API

/admin/api/v1/adaptiveMfas
  • POST (write:config_adaptive_mfa)
  • GET (read:config_adaptive_mfa)
/admin/api/v1/adaptiveMfas/{id}
  • GET (read:config_adaptive_mfa)
  • PUT (write:config_adaptive_mfa)
  • DELETE (delete:config_adaptive_mfa)
/admin/api/v1/admin/adaptiveMfa
  • GET (read:config_admin_adaptive_mfa)
  • PUT (write:config_admin_adaptive_mfa)

Access Policy API

/admin/api/v1/accessPolicies
  • GET (read:config_api_access)
  • POST (write:config_api_access)
/admin/api/v1/accessPolicies/{policyId}
  • GET (read:config_api_access)
  • PUT (write:config_api_access)
  • DELETE (delete:config_api_access)
/admin/api/v1/accessPolicies/{policyId}/applications
  • POST (write:config_api_access)
/admin/api/v1/accessPolicies/{policyId}/applications/{clientId}
  • GET (read:config_api_access)
  • PUT (write:config_api_access)
  • DELETE (write:config_api_access)

Scopes API

/admin/api/v1/admin/api/scopes
  • GET (read:config_admin_api_access)

Notification Policy API

/admin/api/v1/notificationPolicies
  • GET (read:config_notification_policy)
  • POST (write:config_notification_policy)
/admin/api/v1/notificationPolicies/{id:[0-9]+}
  • GET (read:config_notification_policy)
  • PUT (write:config_notification_policy)
  • DELETE (delete:config_notification_policy)
/admin/api/v1/notificationPolicies/{id}/{type}
  • GET (read:config_notification_policy)
/admin/api/v1/notificationPolicies/{policyId}/{type}/{id}
  • GET (read:config_notification_policy)
  • PUT (write:config_notification_policy)
/admin/api/v1/admin/notificationPolicy/{type}
  • GET (read:config_admin_notification_policy)
/admin/api/v1/admin/notificationPolicy/{type}/{id}
  • GET (read:config_admin_notification_policy)
  • PUT (write:config_admin_notification_policy)

Password Policy API

/admin/api/v1/passwordPolicies
  • GET (read:config_password_policy)
  • POST (write:config_password_policy)
/admin/api/v1/passwordPolicies/{id}
  • GET (read:config_password_policy)
  • PUT (write:config_password_policy)
  • DELETE (delete:config_password_policy)

Self Service Policy API

/admin/api/v1/selfServicePolicies
  • GET (read:config_self_service_policy)
  • POST (write:config_self_service_policy)
/admin/api/v1/selfServicePolicies/{id}
  • GET (read:config_self_service_policy)
  • PUT (write:config_self_service_policy)
  • DELETE (delete:config_self_service_policy)

Claims API

/admin/api/v1/claim/native
  • GET (read:config_claim)
  • POST (write:config_claim)
/admin/api/v1/claim/native/{id}
  • GET (read:config_claim)
  • PUT (write:config_claim)
  • DELETE (delete:config_claim)
/admin/api/v1/claim/dialects
  • POST (write:config_claim)
  • GET (read:config_claim)
/admin/api/v1/claim/dialects/{id}
  • PUT (write:config_claim)
  • GET (read:config_claim)
  • DELETE (delete:config_claim)
/admin/api/v1/claim/dialects/{dialectId}/claims
  • POST (write:config_claim)
  • GET (read:config_claim)
/admin/api/v1/claim/dialects/{dialectId}/claims/{id}
  • PUT (write:config_claim)
  • GET (read:config_claim)
  • DELETE (delete:config_claim)

Events API

/admin/api/v1/events/account
  • GET (read:event_account)
/admin/api/v1/events/descriptor
  • GET (read:event_account)
/admin/api/v1/admin/events/account
  • GET (read:admin_event_account)
/admin/api/v1/admin/events/descriptor
  • GET (read:admin_event_account)
/admin/api/v1/admin/events/audit
  • GET (read:admin_event_audit)