Identity API (1.0.0)

Download OpenAPI specification:Download

Authentication

Admin

Security Scheme Type	OpenID Connect
Connect URL	https://login.emddigital.com/

CognitoIdp

Security Scheme Type	OpenID Connect
Connect URL	https://cognito-idp.us-east-2.amazonaws.com/${UserPool}/.well-known/openid-configuration

IdentityConsumers

Security Scheme Type	OpenID Connect
Connect URL	https://login.emddigital.com/

Metering

Security Scheme Type	OpenID Connect
Connect URL	https://login.emddigital.com/

Portal

Security Scheme Type	OpenID Connect
Connect URL	https://login.emddigital.com/

User

Security Scheme Type	API Key
Header parameter name:	Authorization

DescribeJwks

Responses

DescribeOpenIdConfiguration

Responses

ListApplications

Authorizations:

Admin

query Parameters

nextToken	string (NextToken) <= 4096 characters ^[a-zA-Z0-9_-]+$
productId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

200

Content type

application/json

{"items": [{"applicationId": "string",
"callbackUrls": ["http://example.com"
],
"displayName": "string",
"effectiveDates": {"privacyPolicy": "2019-08-24T14:15:22Z",
"termsAndConditions": "2019-08-24T14:15:22Z"
},
"logoUrl": "http://example.com",
"productId": "string",
"resources": {"privacyPolicy": "http://example.com",
"termsAndConditions": "http://example.com"
},
"status": "ENABLED",
"theme": {"background": {"color": "rb",
"primaryLayer": {"color": "rb",
"rotation": 360,
"size": 100,
"x": 0,
"y": 0
},
"secondaryLayer": {"color": "rb",
"rotation": 360,
"size": 100,
"x": 0,
"y": 0
}
},
"brand": "bioreliance",
"colors": {"primary": "rb",
"secondary": "rb"
},
"parallax": true,
"pattern": "bioreliance"
},
"tokenValidity": {"accessToken": 43200,
"idToken": 43200,
"refreshToken": 7776000
}
}
],
"nextToken": "string"
}

CreateApplication

Authorizations:

Admin

Request Body schema: application/json

displayName required	string
productId required	string
callbackUrls	Array of strings or null <uri>
	object
logoUrl	string or null <uri>
	object
	object or null (Theme)
	object

Responses

Request samples

Payload

Content type

application/json

{"callbackUrls": ["http://example.com"
],
"displayName": "string",
"effectiveDates": {"privacyPolicy": "2019-08-24T14:15:22Z",
"termsAndConditions": "2019-08-24T14:15:22Z"
},
"logoUrl": "http://example.com",
"productId": "string",
"resources": {"privacyPolicy": "http://example.com",
"termsAndConditions": "http://example.com"
},
"theme": {"background": {"color": "rb",
"primaryLayer": {"color": "rb",
"rotation": 360,
"size": 100,
"x": 0,
"y": 0
},
"secondaryLayer": {"color": "rb",
"rotation": 360,
"size": 100,
"x": 0,
"y": 0
}
},
"brand": "bioreliance",
"colors": {"primary": "rb",
"secondary": "rb"
},
"parallax": true,
"pattern": "bioreliance"
},
"tokenValidity": {"accessToken": 43200,
"idToken": 43200,
"refreshToken": 7776000
}
}

Response samples

201

Content type

application/json

{"applicationId": "string"
}

DeleteApplication

Authorizations:

Admin

path Parameters

applicationId

required

string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Responses

DescribeApplication

Authorizations:

None

path Parameters

applicationId

required

string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

200

Content type

application/json

{"applicationId": "string",
"callbackUrls": ["http://example.com"
],
"displayName": "string",
"effectiveDates": {"privacyPolicy": "2019-08-24T14:15:22Z",
"termsAndConditions": "2019-08-24T14:15:22Z"
},
"logoUrl": "http://example.com",
"productId": "string",
"resources": {"privacyPolicy": "http://example.com",
"termsAndConditions": "http://example.com"
},
"status": "ENABLED",
"theme": {"background": {"color": "rb",
"primaryLayer": {"color": "rb",
"rotation": 360,
"size": 100,
"x": 0,
"y": 0
},
"secondaryLayer": {"color": "rb",
"rotation": 360,
"size": 100,
"x": 0,
"y": 0
}
},
"brand": "bioreliance",
"colors": {"primary": "rb",
"secondary": "rb"
},
"parallax": true,
"pattern": "bioreliance"
},
"tokenValidity": {"accessToken": 43200,
"idToken": 43200,
"refreshToken": 7776000
}
}

UpdateApplication

Authorizations:

Admin

path Parameters

applicationId

required

string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Request Body schema: application/json

callbackUrls	Array of strings or null <uri>
displayName	string
	object
logoUrl	string or null <uri>
productId	string
	object
	object or null (Theme)
	object

Responses

Request samples

Payload

Content type

application/json

{"callbackUrls": ["http://example.com"
],
"displayName": "string",
"effectiveDates": {"privacyPolicy": "2019-08-24T14:15:22Z",
"termsAndConditions": "2019-08-24T14:15:22Z"
},
"logoUrl": "http://example.com",
"productId": "string",
"resources": {"privacyPolicy": "http://example.com",
"termsAndConditions": "http://example.com"
},
"theme": {"background": {"color": "rb",
"primaryLayer": {"color": "rb",
"rotation": 360,
"size": 100,
"x": 0,
"y": 0
},
"secondaryLayer": {"color": "rb",
"rotation": 360,
"size": 100,
"x": 0,
"y": 0
}
},
"brand": "bioreliance",
"colors": {"primary": "rb",
"secondary": "rb"
},
"parallax": true,
"pattern": "bioreliance"
},
"tokenValidity": {"accessToken": 43200,
"idToken": 43200,
"refreshToken": 7776000
}
}

ListApplicationPolicies

Authorizations:

Admin

path Parameters

applicationId

required

string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

query Parameters

nextToken

string (NextToken) <= 4096 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

200

Content type

application/json

{"items": [{"conditions": [{"tenantId": ["string"
],
"type": "TENANT"
}
],
"effect": "ALLOW",
"policyId": "string"
}
],
"nextToken": "string"
}

CreateApplicationPolicy

Authorizations:

Admin

path Parameters

applicationId

required

string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Request Body schema: application/json

	Array of PolicyConditionTenant (object) or PolicyConditionTeam (object) (PolicyCondition) <= 10 characters [ items ]
effect required	string (PolicyEffect) Enum: "ALLOW" "DENY"
policyId	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Responses

Request samples

Payload

Content type

application/json

{"conditions": [{"tenantId": ["string"
],
"type": "TENANT"
}
],
"effect": "ALLOW",
"policyId": "string"
}

Response samples

201

Content type

application/json

{"policyId": "string"
}

DeleteApplicationPolicy

Authorizations:

Admin

path Parameters

applicationId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$
policyId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Responses

ListApplicationClientSecrets

Authorizations:

Admin

path Parameters

applicationId

required

string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

query Parameters

nextToken

string (NextToken) <= 4096 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

200

Content type

application/json

{"items": [{"secret": "string",
"status": "ENABLED"
}
],
"nextToken": "string"
}

CreateApplicationClientSecret

Authorizations:

Admin

path Parameters

applicationId

required

string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

201

Content type

application/json

{"secret": "string"
}

ListApplicationTokens

Authorizations:

Admin

path Parameters

applicationId

required

string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

query Parameters

nextToken	string (NextToken) <= 4096 characters ^[a-zA-Z0-9_-]+$
type	string (TokenType) Enum: "APPLICATION" "PERSONAL"

Responses

Response samples

200

Content type

application/json

{"items": [{"accessTokensCreated": 0,
"displayName": "string",
"expirationDate": "2019-08-24T14:15:22Z",
"lastUsedDate": "2019-08-24T14:15:22Z",
"rate": 0,
"status": "ENABLED",
"throttled": true,
"token": "string",
"tokenId": "string",
"type": "APPLICATION"
}
],
"nextToken": "string"
}

CreateApplicationToken

Authorizations:

Admin

path Parameters

applicationId

required

string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Request Body schema: application/json

displayName	string <= 32 characters Short description of the token
lifetime	number [ 0 .. 158112000 ] Default: 158112000 Expiration in seconds from today. The default is 158,112,000 (5 years).
rate	number [ 10 .. 10 ] Default: 10 Requests per second allowed for this token.
type	string (TokenType) Enum: "APPLICATION" "PERSONAL"

Responses

Request samples

Payload

Content type

application/json

{"displayName": "string",
"lifetime": 158112000,
"rate": 10,
"type": "APPLICATION"
}

Response samples

201

Content type

application/json

{"accessTokensCreated": 0,
"displayName": "string",
"expirationDate": "2019-08-24T14:15:22Z",
"lastUsedDate": "2019-08-24T14:15:22Z",
"rate": 0,
"status": "ENABLED",
"throttled": true,
"token": "string",
"tokenId": "string",
"type": "APPLICATION"
}

DeleteApplicationToken

Authorizations:

Admin

path Parameters

applicationId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$
tokenId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Responses

UpdateApplicationToken

Authorizations:

Admin

path Parameters

applicationId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$
tokenId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Request Body schema: application/json

status

string (TokenStatus)

Enum: "ENABLED" "DISABLED"

Responses

Request samples

Payload

Content type

application/json

{"status": "ENABLED"
}

DescribeApplicationUser

Look up the userId for a user identified by an application ID and application user ID.

This is required by a few privileged services such as the Metering service to map a user ID from an application to the user ID used by the Metering service. This is a sensitive API and access should be granted only to core services of the platform.

Authorizations:

IdentityConsumers

path Parameters

applicationId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$
applicationUserId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

200
404

Content type

application/json

{"email": "string",
"tenantId": "string",
"userId": "string"
}

DescribeClient

path Parameters

applicationId

required

string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

200

Content type

application/json

{"applicationId": "string",
"callbackUrls": ["http://example.com"
],
"displayName": "string",
"effectiveDates": {"privacyPolicy": "2019-08-24T14:15:22Z",
"termsAndConditions": "2019-08-24T14:15:22Z"
},
"logoUrl": "http://example.com",
"productId": "string",
"resources": {"privacyPolicy": "http://example.com",
"termsAndConditions": "http://example.com"
},
"status": "ENABLED",
"theme": {"background": {"color": "rb",
"primaryLayer": {"color": "rb",
"rotation": 360,
"size": 100,
"x": 0,
"y": 0
},
"secondaryLayer": {"color": "rb",
"rotation": 360,
"size": 100,
"x": 0,
"y": 0
}
},
"brand": "bioreliance",
"colors": {"primary": "rb",
"secondary": "rb"
},
"parallax": true,
"pattern": "bioreliance"
},
"tokenValidity": {"accessToken": 43200,
"idToken": 43200,
"refreshToken": 7776000
}
}

CreateAuthorizationCode

Authorizations:

CognitoIdp (

aws.cognito.signin.user.admin

)

Request Body schema: application/x-www-form-urlencoded

client_id required	string
code_challenge	string <= 256 characters
code_challenge_method	string Value: "S256"
consent	string Default: false
nonce	string <= 64 characters
redirect_uri required	string <uri>
response_type required	string Value: "code"
scope required	string Enum: "openid email" "openid" "email openid"
state	string <= 8192 characters

Responses

Response samples

200

Content type

application/json

{"code": "string",
"state": "string"
}

ListLoginTenants

query Parameters

domain

required

string

Responses

Response samples

200

Content type

application/json

{"items": [{"sso": {"configurationId": "string",
"enabled": true
},
"tenantId": "string"
}
]
}

CreateToken

Request Body schema: application/x-www-form-urlencoded

One of

client_id	string
client_secret	string
code required	string
code_verifier	string
grant_type required	string Value: "authorization_code"
redirect_uri required	string

Responses

Response samples

200

Content type

application/json

{"access_token": "string",
"expires_in": 3600,
"id_token": "string",
"refresh_token": "string",
"token_type": "Bearer"
}

DescribeUser

The location property is an approximation of the user's location, derived from requestor's IP address. If the request is made by a backend, then the location will be derived from the public IP address of the server. If the location could not be derived then response will not include the location property.

Authorizations:

User

query Parameters

location	string Value: "ip"
identities	string Value: "true" experimental, may change in the future

Responses

Response samples

200

Content type

application/json

{"email": "user@example.com",
"identities": [{"externalId": "string",
"tenantId": "string"
}
],
"location": {"city": "Boston",
"country": "US",
"latitude": 42.364,
"longitude": -71.0265,
"metroCode": "506",
"postalCode": "02128",
"subdivision": "MA",
"timeZone": "America/New_York"
},
"sub": "753487e7-10bc-4e69-b3b2-4da33721ea3e"
}

DescribeUserPost

The location property is an approximation of the user's location, derived from requestor's IP address. If the request is made by a backend, then the location will be derived from the public IP address of the server. If the location could not be derived then response will not include the location property.

Authorizations:

User

query Parameters

location	string Value: "ip"
identities	string Value: "true" experimental, may change in the future

Responses

Response samples

200

Content type

application/json

{"email": "user@example.com",
"identities": [{"externalId": "string",
"tenantId": "string"
}
],
"location": {"city": "Boston",
"country": "US",
"latitude": 42.364,
"longitude": -71.0265,
"metroCode": "506",
"postalCode": "02128",
"subdivision": "MA",
"timeZone": "America/New_York"
},
"sub": "753487e7-10bc-4e69-b3b2-4da33721ea3e"
}

CreateTeam

Authorizations:

User

Request Body schema: application/json

createdDate	string <date-time>
displayName required	string
membersCount	number
namespace	string (Namespace) <= 512 characters ^(/\|(/[0-9a-zA-Z_-]+)+)$ Default: "/" Cannot be changed after the team is created.
	Array of objects (Tags) <= 10 items [ items ]
teamId	string
updatedDate	string <date-time>

Responses

Request samples

Payload

Content type

application/json

{"createdDate": "2019-08-24T14:15:22Z",
"displayName": "string",
"membersCount": 0,
"namespace": "/",
"tags": [{"key": "string",
"value": "string"
}
],
"teamId": "string",
"updatedDate": "2019-08-24T14:15:22Z"
}

Response samples

201

Content type

application/json

{"teamId": "string"
}

DescribeTeam

Authorizations:

User

path Parameters

teamId

required

string

Responses

Response samples

200

Content type

application/json

{"createdDate": "2019-08-24T14:15:22Z",
"displayName": "string",
"membersCount": 0,
"namespace": "/",
"status": "ENABLED",
"tags": [{"key": "string",
"value": "string"
}
],
"teamId": "string",
"updatedDate": "2019-08-24T14:15:22Z"
}

ListTeamInvitations

Authorizations:

User

path Parameters

teamId

required

string

query Parameters

nextToken

string (NextToken) <= 4096 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

200

Content type

application/json

{"items": [{"email": "user@example.com",
"expirationDate": "2019-08-24T14:15:22Z",
"invitationId": "string",
"role": "MAINTAINER",
"state": "CREATED",
"tags": [{"key": "string",
"value": "string"
}
]
}
],
"nextToken": "string"
}

CreateTeamInvitation

Authorizations:

User

path Parameters

teamId

required

string

Request Body schema: application/json

email required	string <email>
expirationDate	string <date-time>
role required	string (MembershipRole) Enum: "MAINTAINER" "MEMBER"
state	string (TeamInvitationState) Enum: "CREATED" "ACCEPTED" "EXPIRED"
	Array of objects (Tags) <= 10 items [ items ]

Responses

Request samples

Payload

Content type

application/json

{"email": "user@example.com",
"expirationDate": "2019-08-24T14:15:22Z",
"role": "MAINTAINER",
"state": "CREATED",
"tags": [{"key": "string",
"value": "string"
}
]
}

Response samples

201

Content type

application/json

{"invitationId": "string"
}

RemoveTeamInvitation

Authorizations:

User

path Parameters

teamId required	string
invitationId required	string

query Parameters

applicationId

string

Responses

DescribeTeamInvitation

Authorizations:

User

path Parameters

teamId required	string
invitationId required	string

query Parameters

applicationId

string

Responses

Response samples

200

Content type

application/json

{"email": "user@example.com",
"expirationDate": "2019-08-24T14:15:22Z",
"invitationId": "string",
"role": "MAINTAINER",
"state": "CREATED",
"tags": [{"key": "string",
"value": "string"
}
]
}

AcceptTeamInvitation

Authorizations:

User

path Parameters

teamId required	string
invitationId required	string

query Parameters

applicationId

string

Responses

ListTeamMembers

Authorizations:

User

path Parameters

teamId

required

string

query Parameters

nextToken

string (NextToken) <= 4096 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

200

Content type

application/json

{"items": [{"email": "string",
"memberSince": "2019-08-24T14:15:22Z",
"namespace": "/",
"role": "MAINTAINER",
"tags": [{"key": "string",
"value": "string"
}
],
"teamId": "string",
"userId": "string"
}
],
"nextToken": "string"
}

RemoveTeamMembership

Authorizations:

User

path Parameters

teamId required	string
applicationUserId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Responses

DescribeTeamMembership

Authorizations:

User

path Parameters

teamId required	string
applicationUserId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

200

Content type

application/json

{"email": "string",
"memberSince": "2019-08-24T14:15:22Z",
"namespace": "/",
"role": "MAINTAINER",
"tags": [{"key": "string",
"value": "string"
}
],
"teamId": "string",
"userId": "string"
}

CreateTeamMembership

Authorizations:

User

path Parameters

teamId required	string
applicationUserId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Request Body schema: application/json

namespace	string (Namespace) <= 512 characters ^(/\|(/[0-9a-zA-Z_-]+)+)$ Default: "/" Cannot be changed after the team is created.
role required	string (MembershipRole) Enum: "MAINTAINER" "MEMBER"
	Array of objects (Tags) <= 10 items [ items ]

Responses

Request samples

Payload

Content type

application/json

{"namespace": "/",
"role": "MAINTAINER",
"tags": [{"key": "string",
"value": "string"
}
]
}

UpdateTeamMembership

Authorizations:

User

path Parameters

teamId required	string
applicationUserId required	string (Identifier) <= 88 characters ^[a-zA-Z0-9_-]+$

Request Body schema: application/json

role required	string (MembershipRole) Enum: "MAINTAINER" "MEMBER"
	Array of objects (Tags) <= 10 items [ items ]

Responses

Request samples

Payload

Content type

application/json

{"role": "MAINTAINER",
"tags": [{"key": "string",
"value": "string"
}
]
}

ListTenants

Authorizations:

Admin

query Parameters

nextToken

string (NextToken) <= 4096 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

200

Content type

application/json

{"items": [{"administratorTeamId": "string",
"displayName": "string",
"sso": {"configurationId": "string",
"enabled": true
},
"status": "ENABLED",
"tenantId": "string"
}
],
"nextToken": "string"
}

CreateTenant

Authorizations:

Admin

Request Body schema: application/json

displayName required	string
productId	string
	object

Responses

Request samples

Payload

Content type

application/json

{"displayName": "string",
"sso": {"configurationId": "string",
"enabled": true
}
}

Response samples

201

Content type

application/json

{"tenantId": "string"
}

DeleteTenant

Authorizations:

Admin

path Parameters

tenantId

required

string

Responses

DescribeTenant

Authorizations:

Admin

path Parameters

tenantId

required

string

Responses

Response samples

200

Content type

application/json

{"administratorTeamId": "string",
"displayName": "string",
"sso": {"configurationId": "string",
"enabled": true
},
"status": "ENABLED",
"tenantId": "string"
}

UpdateTenant

Authorizations:

Admin

path Parameters

tenantId

required

string

Request Body schema: application/json

displayName	string
	object

Responses

Request samples

Payload

Content type

application/json

{"displayName": "string",
"sso": {"configurationId": "string",
"enabled": true
}
}

ListTenantDomains

Authorizations:

Admin

path Parameters

tenantId

required

string

query Parameters

nextToken

string (NextToken) <= 4096 characters ^[a-zA-Z0-9_-]+$

Responses

Response samples

200

Content type

application/json

{"items": [{"dnsRecord": {"name": "string",
"type": "string",
"value": "string"
},
"domainName": "string",
"status": "VERIFIED"
}
],
"nextToken": "string"
}

CreateTenantDomain

Authorizations:

Admin

path Parameters

tenantId

required

string

Request Body schema: application/json

domainName

required

string (DomainName) <= 64 characters ^[a-z0-9-\.]+$

Domains containing unicode characters must be punycode encoded.

Responses

Request samples

Payload

Content type

application/json

{"domainName": "string"
}