REST API:login Resource
From AgileApps Support Wiki
Revision as of 21:28, 29 September 2015 by imported>Aeric (ââLogging In as Customer Support)
Performs a Login action via the REST API
Requirements
- User must have a valid account on the AgileApps Cloud platform
- All subsequent REST API calls execute within the context of the User that is logged in. As with all UI actions, this means that any subsequent REST API calls (to access levels, data visibility, team membership, etc.), are governed by the Data Access Permissions granted to the User.
Logging In
- Method
- POST
- URI
- https://{yourDomain}/networking/rest/login
- Request
<platform> <login> <userName>jim@acme.com</userName> <password>jimacme</password> </login> </platform>
- Response
- Session identifier required for succeeding REST calls, along with user details such as first name, last name, and employee number.
<platform> <login> <userId>qwe123rty456</userId> <email>jim@acme.com</email> <userName>jim@acme.com</userName> <firstName>Jim</firstName> <lastName>Acme</lastName> <organizationName>Acme Inc.</organizationName> <organizationId>473474</organizationId> <timeZone>12</timeZone> <primaryTeamId>1</primaryTeamId> <employeeNumber></employeeNumber> <sessionId>xyz789uio987</sessionId> <cookieString>...</cookieString> <startingAppId type="" uri="https://{{domain}}/networking/rest/application/446yyt677wwz" displayValue="">446yyt677wwz</startingAppId> <userLocale>en</userLocale> <userDateFormat>MM/dd/yyyy</userDateFormat> </login> <message> <code>0</code> <description>Success</description> </message> </platform>
- See also: REST API:Error Codes
- Fields
These fields are required when logging in:
Name Type Description userName String User's login name password String User's login password
Sample Login Client
- This code from the BaseClient sample program uses the Apache wink RestClient to make a REST login request and get a sessionId. It uses the Apache Wink client to post the login request, and calls a utility method defined in the BaseUtil] class to extract the sessionId from the response.
package demo.rest; //HTTP Classes import org.apache.wink.client.RestClient; import org.apache.wink.client.Resource; import org.apache.wink.client.ClientResponse; import org.apache.commons.httpclient.HttpStatus; // Apache Utilities import org.apache.commons.lang.StringUtils; // Java Utilities import java.util.List; import java.io.InputStream; import javax.ws.rs.core.MultivaluedMap; /* * A base client that handles login and logout and provides utility * methods for programs that use REST APIs. * * Note: * This class uses the Apache wink RestClient, which makes it * pretty easy to make requests and handle responses. */ public class BaseClient { String sessionId; RestClient client; String baseUrl = "https://{{domain}}"; String username = "yourName"; String password = "yourPassword"; public String login() { String url = baseUrl + "/networking/rest/login"; String xml = "<platform>" + "<login>" + "<userName>"+username+"</userName>" + "<password>"+password+"</password>" + "</login>" + "</platform>"; try { System.out.println("Logging in"); this.client = new RestClient(); Resource resource = client.resource(url); resource.contentType("application/xml"); resource.accept("application/xml"); ClientResponse response = resource.post(xml); // Combine cookie parameters from the response header, // making a cookie string for use in subsequent requests. MultivaluedMap<String,String> headers = response.getHeaders(); String cookieString = ""; List<String> cookieParams = headers.get("Set-Cookie"); cookieString = StringUtils.join(cookieParams, "; "); return cookieString; } catch (Exception e) { e.printStackTrace(); } return null; } // ...Various utility methods... public static void main(String args[]) { BaseClient client = new BaseClient(); String cookie = client.login(); System.out.println("Session Cookie is: " + cookie); client.logout(); } }
Login using a SAML Assertion
SAML token data is sent to the platform in a login request. On success, a cookie string containing the session identifier is returned for use in subsequent API calls, along with the logged in user's data.
- Learn more:
- Method
- POST
- URI
- https://{domain}/networking/rest/login/samlAssertion
- Request
<platform> <login> <samlToken><![CDATA[ ...token data goes here... ]]></samlToken> </login> </platform>
- Response
<platform> <login> <cookieString>login=""; Path=/; Secure; HttpOnly</cookieString> <!-- SESSION COOKIE --> <userId>3a6765af611144f187f5682c74a8a4fe</userId> <email>jim.acme@lj.com</email> <userName>jim.acme</userName> <firstName>Jim</firstName> <lastName>Acme</lastName> <organizationName>AAL2</organizationName> <organizationId>1968305239</organizationId> <timeZone>12</timeZone> <primaryTeamId>1</primaryTeamId> <employeeNumber/> <sessionId>8B453777A3952F79E68994A22F9D754A</sessionId> <startingAppId type="" uri="https://www.jitvm.com/networking/rest/application/" displayValue=""/> <userLocale>en</userLocale> <userDateFormat>MM/dd/yyyy</userDateFormat> <photoId/> <thumbnailPhotoId/> <isRelayEnabled>true</isRelayEnabled> <accessProfileId>5</accessProfileId> <accessibleApplications> <application type="" uri="..." displayValue="Service Desk">1</application> <application type="" uri="..." displayValue="TestAPP">...</application> </accessibleApplications> </login> <message> <code>0</code> <description>Success</description> </message> </platform>
- Error Codes
Platform Code with Http Status Description __TBD: -100 or -1__ UNAUTHORIZED (401) SAML token was not accepted __TBD: -100 or -1__ BAD_REQUEST (400) Any other exception or error
Learn more:
- See the REST API:Error Codes for common Http error codes
- See the javadoc constants for a complete list of PlatformException error-code constants.
Logging In as Customer Support
Login to a client tenancy as the "Customer Support" user, with system admin privileges.
- Method
- POST
- URI
- https://{yourDomain}/networking/rest/login/customerSupport
- Request
<platform> <login> <userName>Adrian@AceAdmin.com</userName> <password>AdrianAdmin</password> <client_tenant_id>464938724568972</client_tenant_id> </login> </platform>
- Response
- Session identifier required for succeeding REST calls, along with user details such as first name, last name, and employee number.
- Fields
These fields are required:
- userName - Tenant admin's login name
- password - Tenant admin's password
- client_tenant_id - ID of the tenant to log into
Doing a Proxy Login
Permissions permitting, login to a client tenancy as a user in that tenancy, in order to review and/or fix the environment in which the customer is having problems.
- Method
- POST
- URI
- https://{yourDomain}/networking/rest/login/proxyLogin
- Request
<platform> <login> <userName>Adrian@AceAdmin.com</userName> <password>AdrianAdmin</password> <proxy_user_id>464938724568972</proxy_user_id> </login> </platform>
- Response
- Session identifier required for succeeding REST calls, along with user details such as first name, last name, and employee number.
- Fields
These fields are required:
- userName - Tenant admin's login name
- password - Tenant admin's password
- proxy_user_id - ID of the user the admin will "become", for the duration of session
Switching Back to Your Original Session
This resource restores your original session, after having logged in to another tenancy using proxyLogin, so you don't have to log out of the customer's tenancy and then log in all over again. (It can be used in a REST client, or simply pasted into your browser to restore your previous session.)
- Method
- GET
- URI
- https://{yourDomain}/networking/rest/login/proxyLogin/switchBack
- Response
- Session identifier required for succeeding REST calls, along with user details such as first name, last name, and employee number.