Authentication Objects
This technical design describes implementation and API for Authentication Objects.
POST /api/authentication-objects/
Permissions
Requires authentication and authentication_objects.create permission.
Request example
Headers
Request Method: POST
Content-Type: application/json
Authorization: JWT access_tokenBody
| Key | Type | Notes |
|---|---|---|
| name | string | |
| provider | enum | Values: imanage, docusign, api_key, autologyx, microsoft_client_credentials, box_client_credentials, adobe_client_credentials, salesforce_client_credentials, oauth_client_credentials |
| description | string | |
| expiry_at | date | Optional |
| expiry_applies_to | string | Optional |
| credentials | object | Each provider has different set of credentials |
Provider iManage
| Key | Type | Notes |
|---|---|---|
| username | string | |
| password | string | |
| client_id | string | |
| client_secret | string | |
| host | string |
Provider DocuSign
| Key | Type | Notes |
|---|---|---|
| user_id | string | |
| client_id | string | |
| private_rsa_key | string | |
| host | string |
Provider Autologyx
| Key | Type | Notes |
|---|---|---|
| username | string | |
| password | string |
Provider ApiKey
| Key | Type | Notes |
|---|---|---|
| header_key | string | |
| url_key | string | |
| api_Key | string |
Provider Microsoft Client Credentials
| Key | Type | Notes |
|---|---|---|
| tenant | string | |
| client_id | string | |
| client_secret | string | |
| scope | string |
Provider Box Client Credentials
| Key | Type | Notes |
|---|---|---|
| client_id | string | |
| client_secret | string | |
| scope | string | |
| box_subject_type | enum | |
| box_subject_id | string |
Provider Adobe Client Credentials
| Key | Type | Notes |
|---|---|---|
| client_id | string | |
| client_secret | string | |
| scope | string |
Provider Salesforce Client Credentials
| Key | Type | Notes |
|---|---|---|
| client_id | string | |
| client_secret | string | |
| domain_name | string |
Provider Generic Client Credentials
| Key | Type | Notes |
|---|---|---|
| client_id | string | |
| client_secret | string | |
| scope | string | |
| token_url | url | |
| refresh_url | url | |
| additional_parameters | json_object | |
| additional_authorization_headers | json_object |
Provider ROPC Generic oAuth
| Key | Type | Notes |
|---|---|---|
| token_url | url | |
| refresh_url | url | |
| username | string | |
| password | string | |
| client_id | string | |
| client_secret | string | |
| scope | string |
Response
- Successful status
201 Created - Response body:
json
{
"id": 5,
"name": "My iManage credentials",
"provider": "imanage",
"description": "The credentials to iManage provider",
"expiry_at": "2025-02-05",
"expiry_applies_to": "client_secret",
"created_at": "2021-05-18T06:39:17.688341Z",
"created_by": {
"id ": 256,
"first_name": "John",
"last_name": "Smith",
"username": "j.smith@autologyx.com",
"company_name": "Autologyx",
"is_deleted": false
},
"modified_at": "2021-05-18T06:39:17.688394Z"
"modified_by": {
"id ": 256,
"first_name": "John",
"last_name": "Smith",
"username": "j.smith@autologyx.com",
"company_name": "Autologyx",
"is_deleted": false
},
"_meta": {
"permissions":{
"list": true,
"view": true,
"create": true,
"edit": true,
"delete": true
}
},
"credentials": <credentials>
}Errors
| Error | Response code | Message |
|---|---|---|
| "name" is missing | 400 Bad Request | "name": [ "This field is required." ] |
| "name" is null | 400 Bad Request | "name": [ "This field may not be null." ] |
| "name" has > 100 chars | 400 Bad Request | "name": [ "Ensure this field has no more than 100 characters." ] |
| "name" is not unique | 400 Bad Request | "name": [ "This field must be unique." ] |
| "expiry_at" is not a valid date | 400 Bad Request | "expiry_at": ["Date has wrong format. Use one of these formats instead: YYYY-MM-DD."] |
| "expiry_at" is not a future date | 400 Bad Request | "expiry_at": [ "Date must be in the future." ] |
| "expiry_applies_to" not provided when "expiry_at" is provided | 400 Bad Request | "expiry_applies_to": [ "This field is required when expiry_at is provided." ] |
| "expiry_at_to" not provided when "expiry_applies_to" is provided | 400 Bad Request | expiry_at": [ "This field is required when expiry_applies_to is provided." ] |
| "expiry_applies_to" has > 255 chars | 400 Bad Request | "expiry_applies_to ": [ "Ensure this field has no more than 255 characters." ] |
| "expiry_applies_to" is null when the "expiry_at" is provided | 400 Bad Request | "expiry_applies_to ": [ "This field may not be null when expiry_at is provided" ] |
| "expiry_at_to" is null when the "expiry_applies_to" is provided | 400 Bad Request | "expiry_at ": [ "This field may not be null when expiry_applies_to is provided" ] |
| "expiry_applies_to" is blank | 400 Bad Request | expiry_applies_to ": [ "This field may not be blank." ] |
| "provider" is missing | 400 Bad Request | "provider": [ "This field is required." ] |
| "provider" is null | 400 Bad Request | "provider": [ "This field may not be null." ] |
| "provider" is not a choice | 400 Bad Request | "provider": [ "{ provider } is not a valid choice" ] |
| "description" has > 500 chars | 400 Bad Request | "description": [ "Ensure this field has no more than 500 characters." ] |
| "description" is null | 400 Bad Request | "description": [ "This field may not be null." ] |
| "credentials" is missing | 400 Bad Request | "credentials": [ "This field is required." ] |
| "credentials" is null | 400 Bad Request | "credentials": [ "This field may not be null." ] |
| Limit of Authentication exceeded | 400 Bad Request | "type": [ "Limit of 100 Authentication Objects has been exceeded" ] |
| Provider integration is both inactive and disabled | 400 Bad Request | "details": ["<provider_name> integration requires activation and enablement to perform this action."] |
| Provider integration is inactive | 400 Bad Request | "details": ["<provider_name> integration requires activation to perform this action."] |
| Provider integration is disabled | 400 Bad Request | "details": ["<provider_name> integration requires enablement to perform this action."] |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
Provider "IManage"
| Error | Response code | Message |
|---|---|---|
| "username" is missing | 400 Bad Request | "username": [ "This field is required." ] |
| "username" is null | 400 Bad Request | "username": [ "This field may not be null." ] |
| "username" has > 255 chars | 400 Bad Request | "username": [ "Ensure this field has no more than 255 characters." ] |
| "password" is missing | 400 Bad Request | "password": [ "This field is required." ] |
| "password" is null | 400 Bad Request | "password": [ "This field may not be null." ] |
| "password" has > 255 chars | 400 Bad Request | "password": [ "Ensure this field has no more than 255 characters." ] |
| "client_id" is missing | 400 Bad Request | "client_id": [ "This field is required." ] |
| "client_id" is null | 400 Bad Request | "client_id": [ "This field may not be null." ] |
| "client_id" has > 255 chars | 400 Bad Request | "client_id": [ "Ensure this field has no more than 255 characters." ] |
| "client_secret" has > 255 chars | 400 Bad Request | "client_secret": [ "Ensure this field has no more than 200 characters." ] |
| "host" is missing | 400 Bad Request | "host": [ "This field is required." ] |
| "host" is null | 400 Bad Request | "host": [ "This field may not be null." ] |
| "host" has > 200 chars | 400 Bad Request | "host": [ "Ensure this field has no more than 200 characters." ] |
| "host" is not valid | 400 Bad Request | "host": [ "Enter a valid URL" ] |
Provider "DocuSign"
| Error | Response code | Message |
|---|---|---|
| "user_id" is missing | 400 Bad Request | "user_id": [ "This field is required." ] |
| "user_id" is null | 400 Bad Request | "user_id": [ "This field may not be null." ] |
| "user_id" has > 255 chars | 400 Bad Request | "user_id": [ "Ensure this field has no more than 255 characters." ] |
| "client_id" is missing | 400 Bad Request | "client_id": [ "This field is required." ] |
| "client_id" is null | 400 Bad Request | "client_id": [ "This field may not be null." ] |
| "client_id" has > 255 chars | 400 Bad Request | "client_id": [ "Ensure this field has no more than 255 characters." ] |
| "private_rsa_key" is missing | 400 Bad Request | "private_rsa_key": [ "This field is required." ] |
| "private_rsa_key" is null | 400 Bad Request | "private_rsa_key": [ "This field may not be null." ] |
| "private_rsa_key" has > 2000 chars | 400 Bad Request | "private_rsa_key": [ "Ensure this field has no more than 2000 characters." ] |
| "host" is missing | 400 Bad Request | "host": [ "This field is required." ] |
| "host" is null | 400 Bad Request | "host": [ "This field may not be null." ] |
| "host" has > 200 chars | 400 Bad Request | "host": [ "Ensure this field has no more than 200 characters." ] |
| "host" is not valid | 400 Bad Request | "host": [ " \fake_host\ is not a valid choice." ] |
Provider "Autologyx"
| Error | Response code | Message |
|---|---|---|
| "username" is missing | 400 Bad Request | "username": [ "This field is required." ] |
| "username" is null | 400 Bad Request | "username": [ "This field may not be null." ] |
| "username" has > 255 chars | 400 Bad Request | "username": [ "Ensure this field has no more than 255 characters." ] |
| "username" is not valid | 400 Bad Request | "username": [ "Enter a valid email address" ] |
| "password" is missing | 400 Bad Request | "password": [ "This field is required." ] |
| "password" is null | 400 Bad Request | "password": [ "This field may not be null." ] |
| "password" has > 255 chars | 400 Bad Request | "password": [ "Ensure this field has no more than 255 characters." ] |
Provider "Microsoft Client Credentials"
| Error | Response code | Message |
|---|---|---|
| "tenant" is missing | 400 Bad Request | "tenant": [ "This field is required." ] |
| "tenant" is null | 400 Bad Request | "tenant": [ "This field may not be null." ] |
| "tenant" has > 255 chars | 400 Bad Request | "tenant": [ "Ensure this field has no more than 255 characters." ] |
| "client_id" is missing | 400 Bad Request | "client_id": [ "This field is required." ] |
| "client_id" is null | 400 Bad Request | "client_id": [ "This field may not be null." ] |
| "client_id" has > 120 chars | 400 Bad Request | "client_id": [ "Ensure this field has no more than 120 characters." ] |
| "client_secret" is missing | 400 Bad Request | "client_secret": [ "This field is required." ] |
| "client_secret" is null | 400 Bad Request | "client_secret": [ "This field may not be null." ] |
| "client_secret" has > 120 chars | 400 Bad Request | "client_secret": [ "Ensure this field has no more than 120 characters." ] |
| "scope" is missing | 400 Bad Request | "scope": [ "This field is required." ] |
| "scope" is null | 400 Bad Request | "scope": [ "This field may not be null." ] |
| "scope" has > 255 chars | 400 Bad Request | "scope": [ "Ensure this field has no more than 255 characters." ] |
Provider "Box Client Credentials"
| Error | Response code | Message |
|---|---|---|
| "client_id" is missing | 400 Bad Request | "client_id": [ "This field is required." ] |
| "client_id" is null | 400 Bad Request | "client_id": [ "This field may not be null." ] |
| "client_id" has > 120 chars | 400 Bad Request | "client_id": [ "Ensure this field has no more than 120 characters." ] |
| "client_secret" is missing | 400 Bad Request | "client_secret": [ "This field is required." ] |
| "client_secret" is null | 400 Bad Request | "client_secret": [ "This field may not be null." ] |
| "client_secret" has > 120 chars | 400 Bad Request | "client_secret": [ "Ensure this field has no more than 120 characters." ] |
| "scope" has > 255 chars | 400 Bad Request | "scope": [ "Ensure this field has no more than 255 characters." ] |
| "box_subject_id" is missing | 400 Bad Request | "box_subject_id": [ "This field is required." ] |
| "box_subject_id" is null | 400 Bad Request | "box_subject_id": [ "This field may not be null." ] |
| "box_subject_id" has > 255 chars | 400 Bad Request | "box_subject_id": [ "Ensure this field has no more than 255 characters." ] |
| "box_subject_type" is missing | 400 Bad Request | "box_subject_type": [ "This field is required." ] |
| "box_subject_type" is null | 400 Bad Request | "box_subject_type": [ "This field may not be null." ] |
| "box_subject_type" not a valid enum value | 400 Bad Request | "box_subject_type": [ " ""value" is not a valid choice."] |
Provider "Adobe Client Credentials"
| Error | Response code | Message |
|---|---|---|
| "client_id" is missing | 400 Bad Request | "client_id": [ "This field is required." ] |
| "client_id" is null | 400 Bad Request | "client_id": [ "This field may not be null." ] |
| "client_id" has > 120 chars | 400 Bad Request | "client_id": [ "Ensure this field has no more than 120 characters." ] |
| "client_secret" is missing | 400 Bad Request | "client_secret": [ "This field is required." ] |
| "client_secret" is null | 400 Bad Request | "client_secret": [ "This field may not be null." ] |
| "client_secret" has > 120 chars | 400 Bad Request | "client_secret": [ "Ensure this field has no more than 120 characters." ] |
| "scope" is missing | 400 Bad Request | "scope": [ "This field is required." ] |
| "scope" is null | 400 Bad Request | "scope": [ "This field may not be null." ] |
| "scope" has > 255 chars | 400 Bad Request | "scope": [ "Ensure this field has no more than 255 characters." ] |
Provider "Generic Client Credentials"
| Error | Response code | Message |
|---|---|---|
| "client_id" is missing | 400 Bad Request | "client_id": [ "This field is required." ] |
| "client_id" is null | 400 Bad Request | "client_id": [ "This field may not be null." ] |
| "client_id" has > 120 chars | 400 Bad Request | "client_id": [ "Ensure this field has no more than 120 characters." ] |
| "client_secret" is missing | 400 Bad Request | "client_secret": [ "This field is required." ] |
| "client_secret" is null | 400 Bad Request | "client_secret": [ "This field may not be null." ] |
| "client_secret" has > 120 chars | 400 Bad Request | "client_secret": [ "Ensure this field has no more than 120 characters." ] |
| "scope" is null | 400 Bad Request | "scope": [ "This field may not be null." ] |
| "scope" has > 255 chars | 400 Bad Request | "scope": [ "Ensure this field has no more than 255 characters." ] |
| "token_url" is missing | 400 Bad Request | "token_url": [ "This field is required." ] |
| "token_url" is null | 400 Bad Request | "token_url": [ "This field may not be null." ] |
| "token_url" has > 255 chars | 400 Bad Request | "token_url": [ "Ensure this field has no more than 255 characters." ] |
| "token_url" not valid URL | 400 Bad Request | "token_url": [ "Enter a valid URL." ] |
| "refresh_url" is null | 400 Bad Request | "refresh_url": [ "This field may not be null." ] |
| "refresh_url" has > 255 chars | 400 Bad Request | "refresh_url": [ "Ensure this field has no more than 255 characters." ] |
| "refresh_url" not valid URL | 400 Bad Request | "refresh_url": [ "Enter a valid URL." ] |
| "additional_parameters" is null | 400 Bad Request | "additional_parameters": [ "This field may not be null." ] |
| "additional_parameters" has > 5000 chars | 400 Bad Request | "additional_parameters": [ "Ensure this field has no more than 255 characters (it has {value}." ] |
| "additional_parameters" is not Object | 400 Bad Request | "additional_parameters": [ "Value must be valid JSON object." ] |
| "additional_authorization_headers" is null | 400 Bad Request | "additional_authorization_headers": [ "This field may not be null." ] |
| "additional_authorization_headers" has > 5000 chars | 400 Bad Request | "additional_authorization_headers": [ "Ensure this field has no more than 255 characters (it has {value}." ] |
| "additional_authorization_headers" is not Object | 400 Bad Request | "additional_authorization_headers": [ "Value must be valid JSON object." ] |
Provider "ROPC Generic oAuth"
| Error | Response code | Message |
|---|---|---|
| "token_url" is missing | 400 Bad Request | "token_url": [ "This field is required." ] |
| "token_url" is null | 400 Bad Request | "token_url": [ "This field may not be null." ] |
| "token_url" has > 255 chars | 400 Bad Request | "token_url": [ "Ensure this field has no more than 255 characters." ] |
| "token_url" not valid URL | 400 Bad Request | "token_url": [ "Enter a valid URL." ] |
| "refresh_url" is null | 400 Bad Request | "refresh_url": [ "This field may not be null." ] |
| "refresh_url" has > 255 chars | 400 Bad Request | "refresh_url": [ "Ensure this field has no more than 255 characters." ] |
| "refresh_url" not valid URL | 400 Bad Request | "refresh_url": [ "Enter a valid URL." ] |
| "username" is missing | 400 Bad Request | "username": [ "This field is required." ] |
| "username" is null | 400 Bad Request | "username": [ "This field may not be null." ] |
| "username" has > 255 chars | 400 Bad Request | "username": [ "Ensure this field has no more than 255 characters." ] |
| "password" is missing | 400 Bad Request | "password": [ "This field is required." ] |
| "password" is null | 400 Bad Request | "password": [ "This field may not be null." ] |
| "password" has > 255 chars | 400 Bad Request | "password": [ "Ensure this field has no more than 255 characters." ] |
| "client_id" is missing | 400 Bad Request | "client_id": [ "This field is required." ] |
| "client_id" is null | 400 Bad Request | "client_id": [ "This field may not be null." ] |
| "client_id" has > 255 chars | 400 Bad Request | "client_id": [ "Ensure this field has no more than 255 characters." ] |
| "client_secret" is missing | 400 Bad Request | "client_secret": [ "This field is required." ] |
| "client_secret" is null | 400 Bad Request | "client_secret": [ "This field may not be null." ] |
| "client_secret" has > 255 chars | 400 Bad Request | "client_secret": [ "Ensure this field has no more than 255 characters." ] |
| "scope" is null | 400 Bad Request | "scope": [ "This field may not be null." ] |
| "scope" has > 255 chars | 400 Bad Request | "scope": [ "Ensure this field has no more than 255 characters." ] |
GET /api/authentication-objects/
Returns list of Authentication Objects.
Permissions
Requires authentication and authentication_objects.list permission.
Request example
Headers
Request Method: GET
Content-Type: application/json
Authorization: JWT access_tokenResponse
| Key | Type | Notes |
|---|---|---|
| limit | int | |
| offset | int | |
| total_count | int | Total number of forms visible to the user (based on permissions). |
| filtered_count | int | Number of forms visible to the user (based on permissions) with filters applied. |
| next | URL / null | Next page URL (null if there is no next page) |
| previous | URL / null | Previous page URL (null if there is no previous page) |
| results | Array | Described in the next table. |
Response results array
| Key | Type | Notes |
|---|---|---|
| id | int | |
| name | string | |
| description | string | |
| provider | enum | Values: imanage, docusign, api_key, autologyx, microsoft_client_credentials, box_client_credentials, adobe_client_credentials, salesforce_client_credentials, oauth_client_credentials |
| expiry_at | date | |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| _meta.permissions | Object | Dict describing permissions. |
Response example
- Status
200 OK - Body
json
{
"limit": 100,
"offset": 0,
"filtered_count": 1,
"total_count": 20,
"next": null,
"previous": null,
"results": [
{
"id": 5,
"name": "My iManage credentials",
"description": "The credentials to iManage provider"
"provider": "imanage",
"expiry_at": "2021-08-22",
"created_at": "2021-08-12T11:21:51.877690+02:00",
"created_by": <user>,
"modified_at": "2021-09-14T11:11:31.127734+02:00",
"modified_by": <user>,
"_meta": {
"permissions": {
"list": true,
"view": true,
"edit": true,
"create": true,
"delete": true,
}
}
}
]
}Sorting
| Parameter | Example | Notes |
|---|---|---|
| id | {build}/api/object-class-forms/?ordering=id | Ascending |
| id | {build}/api/object-class-forms/?ordering=-id | Descending (-) |
| name | {build}/api/object-class-forms/?ordering=name | Ascending |
| name | {build}/api/object-class-forms/?ordering=-name | Descending (-) |
| expiry_at | {build}/api/object-class-forms/?ordering=expiry_at | Ascending |
| expiry_at | {build}/api/object-class-forms/?ordering=-expiry_at | Descending (-) |
| created_at | {build}/api/object-class-forms/?ordering=created_at | Ascending |
| created_at | {build}/api/object-class-forms/?ordering=-created_at | Descending (-) |
| modified_at | {build}/api/object-class-forms/?ordering=modified_at | Ascending |
| modified_at | {build}/api/object-class-forms/?ordering=-modified_at | Descending (-) |
Filtering
| Parameter | Predicates | Example |
|---|---|---|
| id | = | {build}/api/object-class-forms/?id=9 |
| name | standard string | {build}/api/object-class-forms/?name__icontains=foobar |
| provider | standard enum | {build}/api/object-class-forms/?provider_in=provider |
| expiry_at | standard date | {build}/api/object-class-forms/?expiry_at=2022-01-01 |
| created_at | standard datetime | {build}/api/object-class-forms/?created_at__gte=2022-01-01 |
| created_by | standard set | {build}/api/object-class-forms/?created_by__in=123,234,345 |
| modified_at | standard datetime | {build}/api/object-class-forms/?modified_at__range=2022-01-01,2022-01-31 |
| modified_by | standard set | {build}/api/object-class-forms/?modified_by=123 |
Errors
| Error | Response code | Message |
|---|---|---|
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
GET /api/authentication-objects/id/
Returns details of Authentication Objects.
Permissions
Requires authentication and authentication_objects.view permission.
Request example
Headers
Request Method: GET
Content-Type: application/json
Authorization: JWT access_tokenResponse example
- Status
200 OK - Body
json
{
"id": 5,
"name": "My iManage credentials",
"description": "The credentials to iManage provider",
"expiry_at": "2025-02-05",
"expiry_applies_to": "client_secret",
"provider": "imanage",
"created_at": "2021-08-12T11:21:51.877690+02:00",
"created_by": <user>,
"modified_at": "2021-09-14T11:11:31.127734+02:00",
"modified_by": <user>,
"_meta": {
"permissions": {
"list": true,
"view": true,
"edit": true,
"create": true,
"delete": true,
}
},
"credentials": <credentials>
}Autologyx
json
{
...
"credentials": {
"username": "user@example.com"
}
}DocuSign
json
{
...
"credentials": {
"user_id": "some-user-id",
"client_id": "some-client-id",
"host": "https://...."
}
}API Key
json
{
...
"credentials": {
"method": "send_in_header",
"key": "MyHeader"
}
}Adobe Client Credentials
json
{
...
"credentials": {
"client_id": "some-client-id",
"scope": "scope"
}
}Box
json
{
...
"credentials": {
"client_id": "some-client-id",
"scope": "read, write",
"box_subject_type": "user"
"box_subject_type": "user-id"
}
}Generic Client Credentials
json
{
...
"credentials": {
"token_url": "https://oauth-client-credentials.com",
"refresh_url": "https://oauth-client-credentials.com", # included only if not empty
"client_id": "some-client-id", # included only if not empty
"scope": "scope", # included only if not empty
"additional_parameters": {"key": "val"},
"additional_authorization_headers": {"key": "val"},
}
}ROPC Generic oAuth
json
{
...
"credentials": {
"token_url": "https://example.com/oauth/refresh",
"refresh_url": "https://example.com/oauth/token", # included only if not empty
"username": "user@example.com",
"client_id": "some-client-id", # included only if not empty
"scope": "read, write", # included only if not empty
}
}iManage
json
{
...
"credentials": {
"username": "user@example.com",
"client_id": "some-client-id",
"host": "https://...."
}
}Microsoft Client Credentials
json
{
...
"credentials": {
"tenant": "common",
"client_id": "some-client-id",
"scope": "https://graph.microsoft.com/.default"
}
}Salesforce Client Credentials
json
{
...
"credentials": {
"client_id": "some-client-id",
"domain_name": "common"
}
}Errors
| Error | Response code | Message |
|---|---|---|
| Authentication object with "id" does not exist | 404 Not Found | "detail": "Not found." |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
PATCH /api/authentication-objects/id/
Updates the Authentication Object.
Permissions
Requires authentication and authentication_objects.edit permission.
Request example
Headers
Request Method: PATCH
Content-Type: application/json
Authorization: JWT access_tokenBody
json
{
"name": "My updated iManage credentials",
"description": "The updated credentials to iManage provider"
"credentials": {
...
}iManage
json
{
...
"credentials": {
"username": "username",
"password": "notObvious",
"client_id": "some-client-id",
"client_secret": "client-secret",
"host": "https://...."
}
}DocuSign
json
{
...
"credentials": {
"user_id": "some-user-id",
"client_id": "some-client-id",
"private_rsa_key": "some-private-rsa-key",
"host": "https://...."
}
}Autologyx
json
{
...
"credentials": {
"username": "user@example.com",
"password": "notObvious",
}
}Microsoft Client Credentials
json
{
...
"credentials": {
"tenant": "common",
"client_id": "some-client-id",
"client_secret": "some-client-secret",
"scope": "https://graph.microsoft.com/.default"
}
}Box Client Credentials
json
{
...
"credentials": {
"client_id": "some-client-id",
"client_secret": "some-client-secret",
"scope": "scope",
"box_subject_type": "user",
"box_subject_id": "8949874",
}
}Adobe Client Credentials
json
{
...
"credentials": {
"client_id": "some-client-id",
"client_secret": "some-client-secret",
"scope": "scope"
}
}Salesforce Client Credentials
json
{
...
"credentials": {
"client_id": "some-client-id",
"client_secret": "some-client-secret",
"domain_name": "common"
}
}Generic Client Credentials
json
{
...
"credentials": {
"client_id": "some-client-id",
"client_secret": "some-client-secret",
"scope": "https://graph.microsoft.com/.default",
"token_url": "https://graph.microsoft.com/token",
"refresh_url": "https://graph.microsoft.com/token",
"additional_parameters": {},
"additional_authorization_headers": {},
}
}ROPC Generic oAuth
json
{
...
"credentials": {
"token_url": "https://example.com/oauth/refresh",
"refresh_url": "https://example.com/oauth/token",
"username": "user@example.com",
"password": "notObvious",
"client_id": "some-client-id",
"client_secret": "some-client-secret",
"scope": "read",
}
}Response
| Key | Type | Notes |
|---|---|---|
| id | int | |
| name | string | |
| description | string | |
| provider | enum | Values: imanage, docusign, api_key, autologyx, microsoft_client_credentials, box_client_credentials, adobe_client_credentials, salesforce_client_credentials, oauth_client_credentials |
| expiry_at | date | Optional |
| expiry_applies_to | string | Optional |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| _meta.permissions | Object | Dict describing permissions. |
| credentials | Object | A dict with publicly visible credentials. |
Response example
- Status
200 OK - Body
json
{
"id": 5,
"name": "My updated iManage credentials",
"description": "The updated credentials to iManage provider",
"expiry_at": "2025-02-05",
"expiry_applies_to": "client_secret",
"provider": "imanage",
"created_at": "2021-08-12T11:21:51.877690+02:00",
"created_by": <user>,
"modified_at": "2021-09-14T11:11:31.127734+02:00",
"modified_by": <user>,
"_meta": {
"permissions": {
"list": true,
"view": true,
"edit": true,
"create": true,
"delete": true,
}
},
"credentials": <credentials>
}Restrictions
- The provider cannot be changed once the Authentication Object has been created. Any attempt to change it will be silently ignored.
Errors
| Error | Response code | Message |
|---|---|---|
| Authentication object with "id" does not exist | 404 Not Found | "detail": "Not found." |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
| "expiry_at" is not a valid date | 400 Bad Request | "expiry_at": ["Date has wrong format. Use one of these formats instead: YYYY-MM-DD."] |
| "expiry_at" is not a future date | 400 Bad Request | "expiry_at": [ "Date must be in the future." ] |
| "expiry_applies_to" not provided when "expiry_at" is provided | 400 Bad Request | "expiry_applies_to": [ "This field is required when expiry_at is provided." ] |
| "expiry_at_to" not provided when "expiry_applies_to" is provided | 400 Bad Request | expiry_at": [ "This field is required when expiry_applies_to is provided." ] |
| "expiry_applies_to" has > 255 chars | 400 Bad Request | "expiry_applies_to ": [ "Ensure this field has no more than 255 characters." ] |
| "expiry_applies_to" is null when the "expiry_at" is provided | 400 Bad Request | "expiry_applies_to ": [ "This field may not be null when expiry_at is provided" ] |
| "expiry_at_to" is null when the "expiry_applies_to" is provided | 400 Bad Request | "expiry_at ": [ "This field may not be null when expiry_applies_to is provided" ] |
| "expiry_applies_to" is blank | 400 Bad Request | expiry_applies_to ": [ "This field may not be blank." ] |
| Provider integration is inactive | 400 Bad Request | "details": ["<provider_name> integration requires activation to perform this action."] |
DELETE /api/authentication-objects/id/
Deletes the Authentication object.
Permissions
Requires authentication and authentication_objects.delete permission.
Request example
- Headers
Request Method: DELETE
Location: /api/authentication-objects/9/
Authorization: JWT access_tokenResponse example
- Status
204 No Content - Body
Errors
| Error | Response code | Message |
|---|---|---|
| Authentication Object in use - Sequences | 400 Forbidden | "detail": "Authentication Object is in use by Sequences." |
| Authentication Object in use - Outbound e-mail settings | 400 Forbidden | "detail": "Authentication Object is in use by Outbound Mail Setup." |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
| Authentication object with "id" does not exist | 404 Not Found | "detail": "Not found." |
| Provider integration is inactive | 400 Bad Request | "details": ["<provider_name> integration requires activation to perform this action."] |
OPTIONS /api/authentication-objects/
Permissions
Requires authentication only.
Request example
- Headers
Request Method: OPTIONS
Location: /api/authentication-objects/Response example
- Status
200 OK - Body
json
{
"list": {
"columns": [
{
"alias": "id",
"type": "int",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
},
{
"alias": "name",
"type": "string",
"predicates": [
"exact",
"iexact",
"contains",
"icontains",
"startswith",
"istartswith",
"endswith",
"iendswith"
],
"sort_ok": true
},
{
"alias": "provider",
"type": "enum",
"predicates": [
"exact",
"in"
],
"sort_ok": false,
"values": [
{
"value": "autologyx",
"text": "Autologyx"
},
{
"value": "docu_sign",
"text": "DocuSign"
},
{
"value": "api_key",
"text": "Api Key"
},
{
"value": "adobe_client_credentials",
"text": "Adobe Client Credentials"
},
{
"value": "box_client_credentials",
"text": "Box Client Credentials"
},
{
"value": "oauth_client_credentials",
"text": "Generic Client Credentials"
},
{
"value": "oauth_ropc",
"text": "ROPC Generic oAuth"
},
{
"value": "imanage",
"text": "iManage"
},
{
"value": "microsoft_client_credentials",
"text": "Microsoft Client Credentials"
},
{
"value": "salesforce_client_credentials",
"text": "Salesforce Client Credentials"
}
]
},
{
"alias": "description",
"type": "string",
"predicates": [],
"sort_ok": false
},
{
"alias": "expiry_at",
"type": "date",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range",
"isnull"
],
"sort_ok": true
},
{
"alias": "created_at",
"type": "datetime",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
},
{
"alias": "modified_at",
"type": "datetime",
"predicates": [
"exact",
"gt",
"gte",
"lt",
"lte",
"range"
],
"sort_ok": true
},
{
"alias": "created_by",
"type": "user",
"predicates": [
"exact",
"in"
],
"sort_ok": false,
"autocomplete": "/api/users/autocomplete/?text__icontains="
},
{
"alias": "modified_by",
"type": "user",
"predicates": [
"exact",
"in"
],
"sort_ok": false,
"autocomplete": "/api/users/autocomplete/?text__icontains="
}
]
},
"details": {
"schema": [
{
"alias": "name",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 100
}
]
},
{
"alias": "description",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 500
}
]
},
{
"alias": "expiry_at",
"type": "date",
"required": false,
"validators": [
{
"type": "date_in_future"
}
]
},
{
"alias": "expiry_applies_to",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "provider",
"type": "enum",
"values": [
{
"value": "autologyx",
"text": "Autologyx"
},
{
"value": "docu_sign",
"text": "DocuSign"
},
{
"value": "api_key",
"text": "Api Key"
},
{
"value": "adobe_client_credentials",
"text": "Adobe Client Credentials"
},
{
"value": "box_client_credentials",
"text": "Box Client Credentials"
},
{
"value": "oauth_client_credentials",
"text": "Generic Client Credentials"
},
{
"value": "oauth_ropc",
"text": "ROPC Generic oAuth"
},
{
"value": "imanage",
"text": "iManage"
},
{
"value": "microsoft_client_credentials",
"text": "Microsoft Client Credentials"
},
{
"value": "salesforce_client_credentials",
"text": "Salesforce Client Credentials"
}
],
"required": true
},
{
"alias": "credentials",
"schema": [],
"schema_by_provider": [
{
"provider": "autologyx",
"schema": [
{
"alias": "username",
"type": "email",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "password",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
}
]
},
{
"provider": "docu_sign",
"schema": [
{
"alias": "user_id",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "client_id",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "private_rsa_key",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 2000
}
]
},
{
"alias": "host",
"type": "enum",
"required": true,
"values": [
{
"value": "account.docusign.com",
"text": "account.docusign.com"
},
{
"value": "account-d.docusign.com",
"text": "account-d.docusign.com"
}
]
}
]
},
{
"provider": "api_key",
"schema": [
{
"alias": "api_key",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 8000
}
]
},
{
"alias": "method",
"type": "enum",
"required": true,
"values": [
{
"value": "send_in_header",
"text": "Send in header"
},
{
"value": "send_in_query_string",
"text": "Send in query string"
}
]
},
{
"alias": "key",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
}
]
},
{
"provider": "adobe_client_credentials",
"schema": [
{
"alias": "client_id",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 120
}
]
},
{
"alias": "client_secret",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 120
}
]
},
{
"alias": "scope",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
}
]
},
{
"provider": "box_client_credentials",
"schema": [
{
"alias": "client_id",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 120
}
]
},
{
"alias": "client_secret",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 120
}
]
},
{
"alias": "scope",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "box_subject_type",
"type": "enum",
"required": true,
"values": [
{
"value": "user",
"text": "user"
},
{
"value": "enterprise",
"text": "enterprise"
}
]
},
{
"alias": "box_subject_id",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
}
]
},
{
"provider": "oauth_client_credentials",
"schema": [
{
"alias": "client_id",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 120
}
]
},
{
"alias": "client_secret",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 120
}
]
},
{
"alias": "scope",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "token_url",
"type": "url",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "refresh_url",
"type": "url",
"required": false,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "additional_parameters",
"type": "json_object",
"required": false,
"validators": [
{
"type": "max_length",
"length": 5000
}
]
},
{
"alias": "additional_authorization_headers",
"type": "json_object",
"required": false,
"validators": [
{
"type": "max_length",
"length": 5000
}
]
}
]
},
{
"provider": "oauth_ropc",
"schema": [
{
"alias": "token_url",
"type": "url",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "refresh_url",
"type": "url",
"required": false,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "username",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "password",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "client_id",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "client_secret",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "scope",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 255
}
]
}
]
},
{
"provider": "imanage",
"schema": [
{
"alias": "username",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "password",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "client_id",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "client_secret",
"type": "string",
"required": false,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "host",
"type": "url",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
}
]
},
{
"provider": "microsoft_client_credentials",
"schema": [
{
"alias": "tenant",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
},
{
"alias": "client_id",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 120
}
]
},
{
"alias": "client_secret",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 120
}
]
},
{
"alias": "scope",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
}
]
},
{
"provider": "salesforce_client_credentials",
"schema": [
{
"alias": "client_id",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 120
}
]
},
{
"alias": "client_secret",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 120
}
]
},
{
"alias": "domain_name",
"type": "string",
"required": true,
"validators": [
{
"type": "max_length",
"length": 255
}
]
}
]
}
]
}
]
},
"restrictions": {
"limit_items": 100
}
}GET /api/authentication-objects/id/usage/
Permissions
Requires authentication and authentication_objects.view permission.
Request example
- Headers
Request Method: GET
Location: /api/authentication-objects/1/usage/
Authorization: JWT access_tokenResponse
| Key | Type | Notes |
|---|---|---|
| num_of_outbound_mail_setup | int | |
| sequences | array | |
| num_of_sequences | int |
Response sequences array
| Key | Type | Notes |
|---|---|---|
| id | int | Sequence id |
| name | str | Name of sequence |
Response example
- Status
200 OK - Body
json
{
"num_of_outbound_mail_setup": 0,
"sequences": [
{
"id": 1,
"name": "sequence1"
},
{
"id": 7,
"name": "sequence_test"
}
],
"num_of_sequences": 2,
}Errors
| Error | Response code | Message |
|---|---|---|
id is invalid | 404 Bad Request | 'detail': "Not found." |
| Unauthorized API call | 403 Bad Request | 'detail': "You do not have permission to perform this action." |
POST /api/authentication-objects/test/
Returns a status for given credentials:
- True – if credentials are correct
- False – if there was authentication error
Permissions
Requires authentication and authentication_objects.edit permission.
Request example
Headers
Request Method: POST
Content-Type: application/json
Authorization: JWT access_tokenBody
For provider specific credentials, see #POST /api/authentication-objects/
json
{
"name": "Authentication object",
"description": "Description",
"provider": "autologyx",
"credentials": {
"username": "some_username@example.test",
"password": "password"
}
}Response
json
{
"status": true
}Errors
| Error | Response code | Message |
|---|---|---|
| Provider integration is both inactive and disabled | 400 Bad Request | "details": ["<provider_name> integration requires activation and enablement to perform this action."] |
| Provider integration is inactive | 400 Bad Request | "details": ["<provider_name> integration requires activation to perform this action."] |
| Provider integration is disabled | 400 Bad Request | "details": ["<provider_name> integration requires enablement to perform this action."] |
POST /api/authentication-objects/id/test/
Returns a status for credentials stored for an existing authentication object:
- True – if credentials are correct
- False – if there was authentication error
Permissions
Requires authentication and authentication_objects.edit permission.
Request example
Headers
Request Method: POST
Content-Type: application/json
Authorization: JWT access_tokenBody
For provider specific credentials, see #POST /api/authentication-objects/
json
{
"name": "Authentication object",
"description": "Description",
"provider": "autologyx",
"credentials": {
"username": "some_username@example.test",
"password": "password"
}
}Response
json
{
"status": true
}Errors
| Error | Response code | Message |
|---|---|---|
| Provider integration is inactive | 400 Bad Request | "details": ["<provider_name> integration requires activation to perform this action."] |
Personal Authentication - PAO
Personal Authentication Objects are user-specific credentials that allow individual users to authenticate and access external systems. Unlike system-wide Authentication Objects, they are created and managed by Users without requiring special permissions.
Each Personal Authentication Object is private to the User who created it, ensuring that only they can view or modify it. However, Super Admin Users are an exception; they have the ability to edit them but cannot use them to authenticate in external systems.
PAO related to any Integration are excluded.
POST /api/authentication-objects/personal/
Permissions
Requires authentication only.
Request example
Headers
Request Method: POST
Content-Type: application/json
Authorization: JWT access_tokenBody
| Key | Type | Notes |
|---|---|---|
| name | string | |
| description | string | |
| provider | enum | Values: imanage, docusign, api_key, autologyx, microsoft_client_credentials, box_client_credentials, adobe_client_credentials, salesforce_client_credentials, oauth_client_credentials |
| credentials | object | Each provider has different set of credentials |
For provider specific credentials, see #POST /api/authentication-objects/
Response
- Successful status
201 Created - Response body:
json
{
"id": 5,
"name": "My iManage credentials",
"description": "The credentials to iManage provider"
"provider": "imanage",
"created_at": "2021-05-18T06:39:17.688341Z",
"created_by": {
"id ": 256,
"first_name": "John",
"last_name": "Smith",
"username": "j.smith@autologyx.com",
"company_name": "Autologyx",
"is_deleted": false
},
"modified_at": "2021-05-18T06:39:17.688394Z"
"modified_by": {
"id ": 256,
"first_name": "John",
"last_name": "Smith",
"username": "j.smith@autologyx.com",
"company_name": "Autologyx",
"is_deleted": false
},
"_meta": {
"permissions":{
"list": true,
"view": true,
"create": true,
"edit": true,
"delete": true
}
}
}Restrictions
- Each User may have only 1 Personal Authentication Object created for each provider.
Errors
Generally, the same errors as for #POST /api/authentication-objects/ are handled.
Additional errors are listed below.
| Error | Response code | Message |
|---|---|---|
| Limit of PAOs per provider exceeded | 400 Bad Request | "type": [ "Personal Authentication Object for this provider has already been created." ] |
| "method": "send_in_query_string" is passed in credentials of api_key provider | 400 Bad Request | "method": [ '"send_in_query_string" is not a valid choice.' ] |
GET /api/authentication-objects/personal/
Returns list of Personal Authentication Objects.
Permissions
Requires authentication and the User must be a Super Admin.
Request example
Headers
Request Method: GET
Content-Type: application/json
Authorization: JWT access_tokenResponse
| Key | Type | Notes |
|---|---|---|
| limit | int | |
| offset | int | |
| total_count | int | Total number of forms visible to the user (based on permissions). |
| filtered_count | int | Number of forms visible to the user (based on permissions) with filters applied. |
| next | URL / null | Next page URL (null if there is no next page) |
| previous | URL / null | Previous page URL (null if there is no previous page) |
| results | Array | Described in the next table. |
Response results array
| Key | Type | Notes |
|---|---|---|
| id | int | |
| name | string | |
| description | string | |
| provider | enum | Values: imanage, docusign, api_key, autologyx, microsoft_client_credentials, box_client_credentials, adobe_client_credentials, salesforce_client_credentials, oauth_client_credentials |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| _meta.permissions | Object | Dict describing permissions. |
Response example
- Status
200 OK - Body
json
{
"limit": 100,
"offset": 0,
"filtered_count": 1,
"total_count": 20,
"next": null,
"previous": null,
"results": [
{
"id": 5,
"name": "My iManage credentials",
"description": "The credentials to iManage provider"
"provider": "imanage",
"created_at": "2021-08-12T11:21:51.877690+02:00",
"created_by": <user>,
"modified_at": "2021-09-14T11:11:31.127734+02:00",
"modified_by": <user>,
"_meta": {
"permissions": {
"list": true,
"view": true,
"edit": true,
"create": true,
"delete": true,
}
}
}
]
}Sorting
| Parameter | Example | Notes |
|---|---|---|
| id | {build}/api/object-class-forms/?ordering=id | Ascending |
| id | {build}/api/object-class-forms/?ordering=-id | Descending (-) |
| name | {build}/api/object-class-forms/?ordering=name | Ascending |
| name | {build}/api/object-class-forms/?ordering=-name | Descending (-) |
| created_at | {build}/api/object-class-forms/?ordering=created_at | Ascending |
| created_at | {build}/api/object-class-forms/?ordering=-created_at | Descending (-) |
| modified_at | {build}/api/object-class-forms/?ordering=modified_at | Ascending |
| modified_at | {build}/api/object-class-forms/?ordering=-modified_at | Descending (-) |
Filtering
| Parameter | Predicates | Example |
|---|---|---|
| id | = | {build}/api/object-class-forms/?id=9 |
| name | standard string | {build}/api/object-class-forms/?name__icontains=foobar |
| provider | standard enum | {build}/api/object-class-forms/?provider_in=provider |
| created_at | standard datetime | {build}/api/object-class-forms/?created_at__gte=2022-01-01 |
| created_by | standard set | {build}/api/object-class-forms/?created_by__in=123,234,345 |
| modified_at | standard datetime | {build}/api/object-class-forms/?modified_at__range=2022-01-01,2022-01-31 |
| modified_by | standard set | {build}/api/object-class-forms/?modified_by=123 |
Errors
| Error | Response code | Message |
|---|---|---|
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
GET /api/authentication-objects/personal/me/
Returns a list of the caller's Personal Authentication Objects.
Permissions
Requires authentication only.
Request example
Headers
Request Method: GET
Content-Type: application/json
Authorization: JWT access_tokenResponse
The same errors as for #GET /api/authentication-objects/personal/.
Sorting
The same errors as for #GET /api/authentication-objects/personal/.
Filtering
| Parameter | Predicates | Example |
|---|---|---|
| id | = | {build}/api/object-class-forms/?id=9 |
| name | standard string | {build}/api/object-class-forms/?name__icontains=foobar |
| provider | standard enum | {build}/api/object-class-forms/?provider_in=provider |
| created_at | standard datetime | {build}/api/object-class-forms/?created_at__gte=2022-01-01 |
| modified_at | standard datetime | {build}/api/object-class-forms/?modified_at__range=2022-01-01,2022-01-31 |
Errors
| Error | Response code | Message |
|---|---|---|
| Requesting user is not authenticated | 401 Unauthorized | "detail": "Authentication credentials were not provided." |
GET /api/personal-authentication-objects/id/
Returns details of the Personal Authentication Object.
Permissions
Requires authentication and the User must be either the creator of the Personal Authentication Object or a Super Admin.
Request example
Headers
Request Method: GET
Content-Type: application/json
Authorization: JWT access_tokenResponse example
- Status
200 OK - Body
json
{
"id": 5,
"name": "My iManage credentials",
"description": "The credentials to iManage provider"
"provider": "imanage",
"created_at": "2021-08-12T11:21:51.877690+02:00",
"created_by": <user>,
"modified_at": "2021-09-14T11:11:31.127734+02:00",
"modified_by": <user>,
"_meta": {
"permissions": {
"list": true,
"view": true,
"edit": true,
"create": true,
"delete": true,
}
}
}For provider specific credentials, see #GET /api/authentication-objects/id/
Errors
| Error | Response code | Message |
|---|---|---|
| PAO with "id" does not exist | 404 Not Found | "detail": "Not found." |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
PATCH /api/authentication-objects/personal/id/
Updates the Personal Authentication Object.
Permissions
Requires authentication and the User must be either the creator of the Personal Authentication Object or a Super Admin.
Request example
Headers
Request Method: PATCH
Content-Type: application/json
Authorization: JWT access_tokenBody
json
{
"name": "My updated iManage credentials",
"description": "The updated credentials to iManage provider",
"credentials": {
...
}
}For provider specific credentials, see #GET /api/authentication-objects/id/
Response
| Key | Type | Notes |
|---|---|---|
| id | int | |
| name | string | |
| description | string | |
| provider | enum | Values: imanage, docusign, api_key, autologyx, microsoft_client_credentials, box_client_credentials, adobe_client_credentials, salesforce_client_credentials, oauth_client_credentials |
| created_at | datetime | |
| created_by | user | |
| modified_at | datetime | |
| modified_by | user | |
| _meta.permissions | Object | Dict describing permissions. |
Response example
- Status
200 OK - Body
json
{
"id": 5,
"name": "My updated iManage credentials",
"description": "The updated credentials to iManage provider"
"provider": "imanage",
"created_at": "2021-08-12T11:21:51.877690+02:00",
"created_by": <user>,
"modified_at": "2021-09-14T11:11:31.127734+02:00",
"modified_by": <user>,
"_meta": {
"permissions": {
"list": true,
"view": true,
"edit": true,
"create": true,
"delete": true,
}
}
}Errors
The same errors as for #PATCH /api/authentication-objects/id/ are handled.
| Error | Response code | Message |
|---|---|---|
| "method": "send_in_query_string" is passed in credentials of api_key provider | 400 Bad Request | "method": [ '"send_in_query_string" is not a valid choice.' ] |
DELETE /api/authentication-objects/personal/id/
Deletes the Personal Authentication object.
Permissions
Requires authentication and the User must be either the creator of the Personal Authentication Object or a Super Admin.
Request example
- Headers
Request Method: DELETE
Location: /api/authentication-objects/personal/9/
Authorization: JWT access_tokenResponse example
- Status
204 No Content - Body
Errors
| Error | Response code | Message |
|---|---|---|
| Requesting user is not authenticated | 401 Unauthorized | "detail": "Authentication credentials were not provided." |
| PAO with "id" does not exist | 404 Not Found | "detail": "Not found." |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
GET /api/authentication-objects/personal/id/authentication-headers/
This endpoint provides the authentication data of a specified Personal Authentication Object (PAO) in a format to be directly used in request’s headers to external system.
Permissions
Requires authentication and the User must be the creator of the Personal Authentication Object.
Request example
Headers
Request Method: GET
Content-Type: application/json
Authorization: JWT access_tokenResponse
Response contains the authentication headers for the Personal Authentication Object of different providers.
- Generally
access_tokenis obtained from the Personal Authentication Object and used in the authentication header with the "Bearer" prefix to authorize subsequent requests to the server. - A Personal Authentication Object with
client_credentialsprovider is used to obtain theaccess_tokenandtoken_typewhich are used in the header. - Every time
access_tokenis used, it is checked for expiry. If it is expired, a newaccess_tokenis obtained using therefresh_tokenand the newaccess_tokenis used in the header. - Header key might be different for different providers. For example, for
imanageprovider, the key isX-Auth-Tokenand its value isBearer <access_token>. token_typeis used to specify the type of token used in the header it might be different for different providers. For example, forclient_credentialsprovider, thetoken_typeisBearer.- For
api_keyprovider, theapi_keyand its saved value is used in the header. Personal Authentication Object is used to store the API key and its value.
Response example
- Status
200 OK - Body
Provider
iManage
json
{
"X-Auth-Token": "<token_type> <access_token>"
}Autologyx
json
{
"Authorization": "<token_type> <access_token>"
}Api Key
json
{
"Some-api-key": "api key"
}Docu Sign
json
{
"Authorization": "<token_type> <access_token>"
}Adobe
json
{
"Authorization": "<token_type> <access_token>"
}Box
json
{
"Authorization": "<token_type> <access_token>"
}Generic Client Credentials
json
{
"Authorization": "<token_type> <access_token>"
}Microsoft
json
{
"Authorization": "<token_type> <access_token>"
}Salesforce
json
{
"Authorization": "<token_type> <access_token>"
}Errors
| Error | Response code | Message |
|---|---|---|
| Requesting user is not authenticated | 401 Unauthorized | "detail": "Authentication credentials were not provided." |
| PAO with "id" does not exist | 404 Not Found | "detail": "Not found." |
| Insufficient permissions | 403 Forbidden | "detail": "You do not have permission to perform this action." |
| Authentication failed | 200 OK | "detail": "Unable to authenticate your credentials.", "error_code": "ERR_INVALID_CREDENTIALS" |
POST /api/authentication-objects/personal/test/
Returns a status for given credentials:
- True – if credentials are correct
- False – if there was authentication error
Permissions
Requires authentication only.
Request example
Headers
Request Method: POST
Content-Type: application/json
Authorization: JWT access_tokenBody
For provider specific credentials, see #POST /api/authentication-objects/personal/
json
{
"name": "Authentication object",
"description": "Description",
"provider": "autologyx",
"credentials": {
"username": "some_username@example.test",
"password": "password"
}
}Response
json
{
"status": true
}POST /api/authentication-objects/personal/id/test/
Returns a status for credentials stored for an existing authentication object:
- True – if credentials are correct
- False – if there was authentication error
Permissions
Requires authentication and the User must be either the creator of the Personal Authentication Object or a Super Admin.
Request example
Headers
Request Method: POST
Content-Type: application/json
Authorization: JWT access_tokenBody
For provider specific credentials, see #POST /api/authentication-objects/personal/
json
{
"name": "Authentication object",
"description": "Description",
"provider": "autologyx",
"credentials": {
"username": "some_username@example.test",
"password": "password"
}
}Response
json
{
"status": true
}