Security Token Service API (2.13)

Download OpenAPI specification:Download

Security Token Service Concepts

The Security Token Service (STS) provides brokered authentication services to clients (client applications) and web services. The STS is trusted by both the clients and web services. A client obtains a security token by presenting a username and password to the security service. The client attaches a security token to every web service method invocation. A web service requires a token to be attached to every method invocation and uses that token to verify a client's credentials.

Security Token

A security token is obtained from the security service by presenting a valid username and password. A security token contains the following information:

Environment
Username
Expiration Date
Permissions

Token Validation

A security token is signed by the security service, using a private key. For this reason, a token cannot be modified after it has been issued without it being invalidated. A security token must be attached to the header of every web service method invocation. A web service validates a security token by checking that the security token has not been modified (by using a security service public key), and that it has not expired.

AppliesTo

In order for the security service to validate that the security token was issued for the current web service, the AppliesTo value must be set to http://idibilling.com/webservices. Prior to the web service accepting a security token, it will first evaluate the AppliesTo value associated with the token. If the AppliesTo value is not set to a value that the web service accepts, it will reject the request immediately.

Note: The security token service can provide security tokens for multiple audiences. Failure to provide a correct AppliesTo value may result in a valid security token that may not be usable by the intended web service.

Client Token Caching

Security tokens are designed to be cached by a client for performance reasons. The same security token can and should be reused for multiple web service calls, as long as the user or environment have not changed and as long as the token has not expired. It is a good idea to renew a token before it expires. For that reason, client applications should be designed to renew the token after 75% of its lifetime has passed. For example, if a token is valid for 8 hours, your application should renew the token after 6 hours. Failure to do this could lead to web method invocation faults when not expected.

Sequence of Authentication

The client presents a valid username and password to the security service.
The security service returns a security token to the client.
The client caches the security token.
The client invokes a web service method, having attached the token to the header of the invocation.
The web service receives the method invocation and validates the token before executing the request.
The web service returns the response to the client.

About

Resources related to how the system is setup.

Version

Use to get the CostGuard bundle version and list of applications and their versions. [Rev 1.14]

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"applications": [{"name": "SecurityAdmin",
"softwareType": "WebApplication",
"version": "1.14.00.156"
}
],
"costGuardBundle": "CG 17.1"
}

Application

View information about applications in the system.

Search Applications

Search for details for an application within the security system.

Permissions

View Companies permission is required to view company-specific applications outside the requesting user's company.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.count": 623,
"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#Application",
"value": [{"ApplicationCode": "My Application Code",
"ApplicationID": 1,
"AppTrayLinkBehavior": "Default, New Tab",
"AppTrayLinkBehaviorID": "0, 1",
"Company": "My Company Name",
"CompanyID": 1,
"DefaultRelyingPartyURI": "http://mysite.com",
"DefaultStaticURL": "https://mysite.com/application/",
"Description": "Application Description",
"Name": "My Application Name",
"RequiresSecurityAccess": true
}
],
"odata.nextLink": "Application?$inlinecount=allpages&$skiptoken=2,18774"
}

Retrieve Application

Provides the ability to retrieve details for an application within the security system.

Permissions

View Companies permission is required to view company-specific applications outside the requesting user's company.

Authorizations:

SWT

path Parameters

ApplicationID

required

number

Example: 1

Unique identifier for the application to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"ApplicationCode": "My Application Code",
"ApplicationID": 1,
"AppTrayLinkBehavior": "Default, New Tab",
"AppTrayLinkBehaviorID": "0, 1",
"Company": "My Company Name",
"CompanyID": 1,
"DefaultRelyingPartyURI": "http://mysite.com",
"DefaultStaticURL": "https://mysite.com/application/",
"Description": "Application Description",
"Name": "My Application Name",
"RequiresSecurityAccess": true
}

Application Instance

Create, modify and view application instances.

Search Application Instances

Search for application instances.Search for an instance of an application being made available in the specified environment and authenticated using the specified relying party URI within the allowed user domains.

Permissions

View Companies permission is required to view application instances whose environments are outside the requesting user's company.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#ApplicationInstance",
"odata.count": 623,
"value": [{"Application": "My Application Name",
"ApplicationCode": "My Application Code",
"ApplicationCompany": "My Application Company Name",
"ApplicationCompanyID": 4,
"ApplicationID": 3,
"ApplicationInstanceID": 11,
"Company": "My Company Name",
"CompanyID": 1,
"Description": "My Application Instance Description",
"Environment": "My Environment Name",
"EnvironmentID": 99,
"IsVisible": false,
"Name": "My Application Instance Name",
"RelyingPartyURI": "http://mysite.com",
"StaticURL": "https://mysite.com/application/"
}
],
"odata.nextLink": "ApplicationInstance?$inlinecount=allpages&$skiptoken=2,18774"
}

Create Application Instance

Provides the ability to create a new application instance which makes an application available in a specified environment with authentication using a specified relying party URI in allowed user domains.

Permissions

Manage Companies permission is required.

Note

When creating a new application instance the combination of ApplicationID, EnvironmentID, and RelyingPartyURI must be unique.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/CreateApplicationInstance

Request Body schema: application/xml

	object (CreateApplicationInstanceReq)
	object (Requestor)

Responses

Retrieve Application Instance

Retrieve an instance of an application being made available in the specified environment and authenticated using the specified relying party URI within the allowed user domains.

Permissions

View Companies permission is required to view application instances whose environments are outside the requesting user's company.

Authorizations:

SWT

path Parameters

ApplicationInstanceID

required

number

Example: 1

Unique identifier for the application instance to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"Application": "My Application Name",
"ApplicationCode": "My Application Code",
"ApplicationCompany": "My Application Company Name",
"ApplicationCompanyID": 4,
"ApplicationID": 3,
"ApplicationInstanceID": 11,
"Company": "My Company Name",
"CompanyID": 1,
"Description": "My Application Instance Description",
"Environment": "My Environment Name",
"EnvironmentID": 99,
"IsVisible": false,
"Name": "My Application Instance Name",
"RelyingPartyURI": "http://mysite.com",
"StaticURL": "https://mysite.com/application/"
}

Update Application Instance

Provides the ability to modify existing application instances. An application instance makes an application available in a specified environment with authentication using a specified relying party URI in allowed user domains.

Permissions

Manage companies permission is required to make this call, unless only making modifications to the visibility of the application, which requires only manage application permission.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyApplicationInstance

Request Body schema: application/soap+xml

	object (ModifyApplicationInstanceReq)
	object (Requestor)

Responses

Delete Application Instance

Provides the ability to remove existing application instances. An application instance makes an application available in a specified environment with authentication using a specified relying party URI in allowed user domains.

Permissions

Manage companies permission is required to make this call.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyApplicationInstance

Request Body schema: application/soap+xml

	object (DeleteApplicationInstanceReq)
	object (Requestor)

Responses

List Allowed Domains

Search for a domains that are allowed to use an application instance.

Permissions

View Companies permission is required to view allowed domains where either the application instance's environment or the domain itself is outside the requesting user's company.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#AllowedDomain",
"odata.count": 623,
"value": [{"ApplicationInstance": "Application Instance Name",
"ApplicationInstanceID": 1,
"Company": "My Environment Company",
"CompanyID": 1,
"Description": "My Domain Description",
"DomainCompany": "My Domain Company Name",
"DomainCompanyID": 1,
"DomainID": 1,
"Environment": "My Environment Name",
"EnvironmentID": 1,
"Name": "My Domain Name"
}
],
"odata.nextLink": "AllowedDomain?$inlinecount=allpages&$skiptoken=2,18774"
}

Authorization Provider

Create, modify and view authorization providers.

Search Authorization Providers

Search for authorization providers. [Rev 1.08]

Note

Client secret is not returned as part of this resource. In order to get the client secret the Authorization Provider Lookup resource must be used.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#AuthorizationProvider",
"odata.count": 623,
"value": [{"AuthorizationProviderID": 1,
"AuthorizationURI": "https://site.com/oauth2/authorize?",
"ClientID": "client",
"Company": "IDI Billing Solutions",
"CompanyID": 1,
"CSSClass": "fa-gloabe",
"CSSColor": "#da3b01",
"Description": "An authorization provider",
"Identifier": "office",
"Name": "Office 365",
"ProfileIdentifier": "user_id",
"ProfileName": "user_email",
"ProfileParameters": "scope",
"ProfileURI": "https://site.com/api/v2/users/me.json",
"Scope": "read",
"TokenParameters": "resource=https://graph.windows.net/",
"TokenURI": "https://site.com/oauth/tokens?",
"UseHeaderAuthorization": true,
"OpenIDAuthorityURI": "https://site.com/.well-known/openid-configuration",
"OpenIDCustomerAccountClaim": "customer_account",
"ForceSingleSignout": false
}
],
"odata.nextLink": "AuthorizationProvider?$inlinecount=allpages&$skiptoken=2,18774"
}

Create Authorization Provider

Provides the ability to create new authorization providers which define additional forms of authorization that the system will allow.. [Rev 1.08]

Permissions

Manage companies permission is required to make this call.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; charset=utf-8; action="https://webservices.idibilling.com/SecurityService1/CreateAuthorizationProvider

Request Body schema: application/soap+xml

	object (CreateAuthorizationProviderReq)
	object (Requestor)

Responses

Retrieve Authorization Provider

Provides the ability to retrieve the authorization provider configuration. [Rev 1.08]

Authorizations:

SWT

path Parameters

AuthorizationProviderID

required

number

Example: 1

Unique identifier for the authorization provider to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"AuthorizationProviderID": 1,
"AuthorizationURI": "https://site.com/oauth2/authorize?",
"ClientID": "client",
"Company": "IDI Billing Solutions",
"CompanyID": 1,
"CSSClass": "fa-gloabe",
"CSSColor": "#da3b01",
"Description": "An authorization provider",
"Identifier": "office",
"Name": "Office 365",
"ProfileIdentifier": "user_id",
"ProfileName": "user_email",
"ProfileParameters": "scope",
"ProfileURI": "https://site.com/api/v2/users/me.json",
"Scope": "read",
"TokenParameters": "resource=https://graph.windows.net/",
"TokenURI": "https://site.com/oauth/tokens?",
"UseHeaderAuthorization": true,
"OpenIDAuthorityURI": "https://site.com/.well-known/openid-configuration",
"OpenIDCustomerAccountClaim": "customer_account",
"ForceSingleSignout": false
}

Authorization Provider Lookup

Provides the ability to look up an existing authorization provider which additionally provides the client secret information for the authorization provider. [Rev 1.09]

Permissions

Manage companies permission is required to make this call.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; charset=utf-8; action="https://webservices.idibilling.com/SecurityService1/AuthorizationProviderLookup

Request Body schema: application/soap+xml

	object (AuthorizationProviderLookupReq)
	object (Requestor)

Responses

Update Authorization Provider

Provides the ability to modify existing authorization providers which define additional forms of authorization that the system will allow. [Rev 1.08]

Permissions

Manage companies permission is required to make this call.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyAuthorizationProvider

Request Body schema: application/json

	object (ModifyAuthorizationProviderReq)
	object (Requestor)

Responses

Request samples

Payload

Content type

application/json

{"Request": {"AuthorizationProviderID": 1,
"AuthorizationURI": "https://site.com/oauth2/authorize?",
"ClientID": "client",
"ClientSecret": "client-secret",
"CompanyID": 1,
"CSSClass": "fa-gloabe",
"CSSColor": "#da3b01",
"Description": "An authorization provider",
"Identifier": "office",
"Name": "Office 365",
"ProfileIdentifier": "user_id",
"ProfileName": "user_email",
"ProfileParameters": "scope",
"ProfileURI": "https://site.com/api/v2/users/me.json",
"Scope": "read",
"TokenParameters": "resource=https://graph.windows.net/",
"TokenURI": "https://site.com/oauth/tokens?",
"UseHeaderAuthorization": true,
"OpenIDAuthorityURI": "https://site.com/.well-known/openid-configuration",
"OpenIDCustomerAccountClaim": "customer_account",
"ForceSingleSignout": true
},
"Requestor": {"AuthorizationToken": "string",
"CultureName": "string",
"RegisterID": 0
}
}

Response samples

200

Content type

application/json

{"Messages": [{"ItemID": 1,
"ItemIndex": 1,
"ItemType": "ApplicationInstance",
"LoggingNumber": 500002,
"Message": "Example error message",
"Type": {"Error": "string",
"Warning": "string"
}
}
],
"Result": {"AuthorizationProvider": {"AuthorizationProviderID": 1,
"AuthorizationURI": "https://site.com/oauth2/authorize?",
"ClientID": "client",
"ClientSecret": "client-secret",
"CompanyID": 1,
"CSSClass": "fa-gloabe",
"CSSColor": "#da3b01",
"Description": "An authorization provider",
"Identifier": "office",
"Name": "Office 365",
"ProfileIdentifier": "user_id",
"ProfileName": "user_email",
"ProfileParameters": "scope",
"ProfileURI": "https://site.com/api/v2/users/me.json",
"Scope": "read",
"TokenParameters": "resource=https://graph.windows.net/",
"TokenURI": "https://site.com/oauth/tokens?",
"UseHeaderAuthorization": true,
"OpenIDAuthorityURI": "https://site.com/.well-known/openid-configuration",
"OpenIDCustomerAccountClaim": "customer_account",
"ForceSingleSignout": true
}
}
}

Delete Authorization Provider

Provides the ability to remove existing authorization providers which define additional forms of authorization that the system will allow. [Rev 1.08]

Permissions

Manage companies permission is required to make this call.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyAuthorizationProvider

Request Body schema: application/soap+xml

	object (DeleteAuthorizationProviderReq)
	object (Requestor)

Responses

Company

Create, modify and view companies.

Search Companies

Search for companies within the security system

Permissions

View Companies permission is required to view companies outside the requesting user's company.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#Company",
"odata.count": 623,
"value": [{"Code": "MyCompanyCode",
"CompanyID": 1,
"Description": "My Company Description",
"Name": "My Company Name"
}
],
"odata.nextLink": "Company?$inlinecount=allpages&$skiptoken=2,18774"
}

Create Company

Provides the ability create a new company in the security system. [Rev 1.02]

Permissions

Manage Companies permission is required.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/CreateCompany

Request Body schema: application/soap+xml

	object (CreateCompanyReq)
	object (Requestor)

Responses

Retrieve Company

Provides the ability to retrieve a company

Permissions

View Companies permission is required to view companies outside the requesting user's company.

Authorizations:

SWT

path Parameters

CompanyID

required

number

Example: 1

Unique identifier for the company to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"Code": "MyCompanyCode",
"CompanyID": 1,
"Description": "My Company Description",
"Name": "My Company Name"
}

Update Company

Provides the ability to modify an existing company in the security system. [Rev 1.02]

Permissions

Manage Companies permission is required.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyCompany

Request Body schema: application/soap+xml

	object (ModifyCompanyReq)
	object (Requestor)

Responses

Domain

Create, modify and view domains.

Search Domains

Search for domains.

Permissions

View Companies permission is required to view domains outside the requesting user's company.
View Domains permission is required to view domains outside the requesting user's domain.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#Domain",
"odata.count": 623,
"value": [{"Company": "My Company Name",
"CompanyID": 1,
"Description": "My Domain Description",
"DomainID": 1,
"EnableIPAllowList": true,
"EnforceStrong": true,
"ExpirationDays": 1,
"ExpirationWarningDays": 10,
"FailedLogOnsAllowed": 2,
"MinimumChangeDays": 3,
"MinimumLength": 3,
"Name": "My Domain Name",
"NumberOfSecurityQuestions": 2,
"PasswordSetting": "Password Setting Name",
"PasswordSettingID": 1,
"RememberLastNumber": 2,
"ResetLockoutMinutes": 15,
"ResetRetryMinutes": 20,
"Strength": "Strength Requirement Description",
"StrengthRegex": "^.*(?=.{'8',})(?=.*\\S).*$"
}
],
"odata.nextLink": "Domain?$inlinecount=allpages&$skiptoken=2,18774"
}

Create Domain

Provides the ability to create a new domain for a company in the security system. [Rev 1.02]

Permissions

Manage Domains permission is required.
Manage Companies is required to manage domains outside the requesting user's company.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/CreateDomain

Request Body schema: application/soap+xml

	object (CreateDomainReq)
	object (Requestor)

Responses

Retrieve Domain

Provides the ability to retrieve a domain

Authorizations:

SWT

path Parameters

DomainID

required

number

Example: 1

Unique identifier for the domain to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"Company": "My Company Name",
"CompanyID": 1,
"Description": "My Domain Description",
"DomainID": 1,
"EnableIPAllowList": true,
"EnforceStrong": true,
"ExpirationDays": 1,
"ExpirationWarningDays": 10,
"FailedLogOnsAllowed": 2,
"MinimumChangeDays": 3,
"MinimumLength": 3,
"Name": "My Domain Name",
"NumberOfSecurityQuestions": 2,
"PasswordSetting": "Password Setting Name",
"PasswordSettingID": 1,
"RememberLastNumber": 2,
"ResetLockoutMinutes": 15,
"ResetRetryMinutes": 20,
"Strength": "Strength Requirement Description",
"StrengthRegex": "^.*(?=.{'8',})(?=.*\\S).*$"
}

Retrieve Password Setting

Provides the ability to retrieve a PasswordSetting configuration for a domain within the security system.

Permissions

View Companies permission is required to view PasswordSettings outside the requesting user's company.

Authorizations:

SWT

path Parameters

PasswordSettingID

required

number

Example: 1

Unique identifier for the password setting configuration to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"Company": "My Company Name",
"CompanyID": 1,
"Description": "My Configuration Description",
"DomainID": 55,
"EnforceStrong": false,
"ExpirationDays": 90,
"ExpirationWarningDays": 7,
"FailedLogOnsAllowed": 3,
"MinimumChangeDays": 2,
"MinimumLength": 8,
"Name": "My Configuration Name",
"NumberOfSecurityQuestions": 3,
"PasswordSettingID": 22,
"RememberLastNumber": 10,
"ResetLockoutMinutes": 30,
"ResetRetryMinutes": 10,
"Strength": "Minimum 7 characters including at least one upper case, one lower case, and one digit",
"StrengthRegex": "^.*(?=.{7,})(?=.*\\d)(?=.*[a-z])(?=.*[A-Z]).*"
}

Update Domain

Provides the ability to modify an existing domain for a company in the security system. [Rev 1.02]

Permissions

Manage Domains permission is required to make this call. Manage Companies permission is required to manage domains outside the requesting user's company.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyDomain

Request Body schema: application/soap+xml

	object (ModifyDomainReq)
	object (Requestor)

Responses

Delete Domain

Provides the ability to remove an existing domain from the security system. [Rev 1.05]

Permissions

Manage Domains permission is required to make this call. Manage Companies permission is required to manage domains outside the requesting user's company.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyDomain

Request Body schema: application/json

	object (DeleteDomainReq)
	object (Requestor)

Responses

Request samples

Payload

Content type

application/json

{"Request": {"DomainID": 1,
"Remove": true
},
"Requestor": {"AuthorizationToken": "string",
"CultureName": "string",
"RegisterID": 0
}
}

Response samples

200

Content type

application/json

{"Messages": [{"ItemID": 1,
"ItemIndex": 1,
"ItemType": "ApplicationInstance",
"LoggingNumber": 500002,
"Message": "Example error message",
"Type": {"Error": "string",
"Warning": "string"
}
}
],
"Result": {"Domain": {"AllowedAuthorizationProviders": [{"AuthorizationProvider": "Auth Provider Name",
"AuthorizationProviderID": 1,
"Remove": false,
"ShowOnLogOn": true
}
],
"Company": "My Company",
"CompanyID": 1,
"Description": "Descriptive Info",
"DomainApplications": [{"ApplicationInstance": "My Application Instance Name",
"ApplicationInstanceID": 1,
"Remove": false
}
],
"DomainID": 1,
"EnableIPAllowList": true,
"Name": "My Domain",
"PasswordSetting": {"ExpirationDays": 14,
"ExpirationWarningDays": 7,
"FailedLogOnsAllowed": 3,
"MinimumChangeDays": 1,
"MinimumLength": 10,
"NumberOfSecurityQuestions": 4,
"RememberLastNumber": 6,
"ResetLockoutMinutes": 10,
"ResetRetryMinutes": 15
}
},
"RemoveSuccessful": false
}
}

List Allowed Authorization Providers

Search for domains that are allowed to use an authorization provider. [Rev 1.09]

Permissions

View Companies permission is required to view allowed authorization providers where the domain is outside the requesting user's company.
View Domains permission is required to view allowed authorization providers where the domain is outside the requesting user's domain.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#AllowedAuthorizationProvider",
"odata.count": 623,
"value": [{"AuthorizationProviderID": 1,
"AuthorizationURI": "https://site.com/oauth2/authorize?",
"ClientID": "client",
"Company": "IDI Billing Solutions",
"CompanyID": 1,
"CSSClass": "fa-gloabe",
"CSSColor": "#da3b01",
"Description": "An authorization provider",
"Domain": "Domain Name",
"DomainCompany": "Domain Company",
"DomainCompanyID": 3,
"DomainID": 4,
"Identifier": "office",
"Name": "Office 365",
"ProfileIdentifier": "user_id",
"ProfileName": "user_email",
"ProfileParameters": "scope",
"ProfileURI": "https://site.com/api/v2/users/me.json",
"Scope": "read",
"ShowOnLogOn": true,
"TokenParameters": "resource=https://graph.windows.net/",
"TokenURI": "https://site.com/oauth/tokens?",
"UseHeaderAuthorization": true,
"OpenIDAuthorityURI": "https://site.com/.well-known/openid-configuration",
"OpenIDCustomerAccountClaim": "customer_account",
"ForceSingleSignout": true
}
],
"odata.nextLink": "AllowedAuthorizationProvider?$inlinecount=allpages&$skiptoken=2,18774"
}

Environment

Create, modify and view environments.

Search Environments

Search for details of an environment within the security system.

Permissions

View Companies permission is required view environments outside the requesting user's company.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#Environment",
"odata.count": 623,
"value": [{"Company": "My Company Name",
"CompanyID": 4,
"Description": "My Environment Description",
"EnvironmentID": 1,
"Name": "My Environment Name"
}
],
"odata.nextLink": "Environment?$inlinecount=allpages&$skiptoken=2,18774"
}

Create Environment

Provides the ability to create a new environment for a company in the security system.

Permissions

Manage Companies is required to manage domains outside the requesting user's company.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/CreateEnvironment

Request Body schema: application/soap+xml

	object (CreateEnvironmentReq)
	object (Requestor)

Responses

Retrieve Environment

Provides the ability to retrieve an environment within the security system.

Permissions

View Companies permission is required view environments outside the requesting user's company.

Authorizations:

SWT

path Parameters

EnvironmentID

required

number

Example: 1

Unique identifier for the environment to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"Company": "My Company Name",
"CompanyID": 4,
"Description": "My Environment Description",
"EnvironmentID": 1,
"Name": "My Environment Name"
}

Update Environment

Provides the ability to modify an existing environment for a company in the security system.

Permissions

Manage Companies permission is required to make this call.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyEnvironment

Request Body schema: application/json

	object (ModifyEnvironmentReq)
	object (Requestor)

Responses

Request samples

Payload

Content type

application/json

{"Request": {"Description": "My Environment Description",
"EnvironmentID": 1
},
"Requestor": {"AuthorizationToken": "string",
"CultureName": "string",
"RegisterID": 0
}
}

Response samples

200

Content type

application/json

{"Messages": [{"ItemID": 1,
"ItemIndex": 1,
"ItemType": "ApplicationInstance",
"LoggingNumber": 500002,
"Message": "Example error message",
"Type": {"Error": "string",
"Warning": "string"
}
}
],
"Result": {"Environment": {"Company": "My Company Name",
"CompanyID": 1,
"Description": "Descriptive Info",
"EnvironmentID": 1,
"Name": "My Environment Name"
},
"RemoveSuccessful": false
}
}

DeleteEnvironment

Provides the ability to remove an existing environment from a company in the security system.

Permissions

Manage Companies permission is required to make this call.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyEnvironment

Request Body schema: application/json

	object (DeleteEnvironmentReq)
	object (Requestor)

Responses

Request samples

Payload

Content type

application/json

{"Request": {"EnvironmentID": 1,
"Remove": true
},
"Requestor": {"AuthorizationToken": "string",
"CultureName": "string",
"RegisterID": 0
}
}

Response samples

200

Content type

application/json

{"Messages": [{"ItemID": 1,
"ItemIndex": 1,
"ItemType": "ApplicationInstance",
"LoggingNumber": 500002,
"Message": "Example error message",
"Type": {"Error": "string",
"Warning": "string"
}
}
],
"Result": {"Environment": {"Company": "My Company Name",
"CompanyID": 1,
"Description": "Descriptive Info",
"EnvironmentID": 1,
"Name": "My Environment Name"
},
"RemoveSuccessful": false
}
}

Permission

View information about permissions.

Search Permissions

Search for details of a permission within the security system.

Permissions

View Companies permission is required to view company-specific permissions outside the requesting user's company.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#Permission",
"odata.count": 623,
"value": [{"AllowBulk": false,
"Company": "My Company Name",
"CompanyID": 42,
"Description": "My Permission Description",
"Name": "My Permission Name",
"Path": "/Security/SaaS Management",
"PermissionID": 12
}
],
"odata.nextLink": "Permission?$inlinecount=allpages&$skiptoken=2,18774"
}

Retrieve Permission

Provides the ability to retrieve details of a permission within the security system.

Permissions

View Companies permission is required to view company-specific permissions outside the requesting user's company.

Authorizations:

SWT

path Parameters

PermissionID

required

number

Example: 1

Unique identifier for the permission to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"AllowBulk": false,
"Company": "My Company Name",
"CompanyID": 42,
"Description": "My Permission Description",
"Name": "My Permission Name",
"Path": "/Security/SaaS Management",
"PermissionID": 12
}

Role

Create, modify and view roles.

Search Roles

Search for details of a role within the security system.

Permissions

View Companies permission is required to view company-specific roles outside the requesting user's company.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#Role",
"odata.count": 623,
"value": [{"Company": "My Company Name",
"CompanyID": 3,
"Description": "My Company Description",
"Name": "My Role Name",
"RoleID": 1
}
],
"odata.nextLink": "Role?$inlinecount=allpages&$skiptoken=2,18774"
}

Create Role

Provides the ability to create a new role that can be assigned to users in the security system.

Permissions

Manage Roles' permission is required.
Manage Companies is required to manage domains outside the requesting user's company.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/CreateRole

Request Body schema: application/soap+xml

	object (CreateRoleReq)
	object (Requestor)

Responses

Retrieve Role

Provides the ability to retrieve a role within the security system.

Permissions

View Companies permission is required to view company-specific roles outside the requesting user's company.

Authorizations:

SWT

path Parameters

RoleID

required

number

Example: 1

Unique identifier for the role to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"Company": "My Company Name",
"CompanyID": 3,
"Description": "My Company Description",
"Name": "My Role Name",
"RoleID": 1
}

Update Role

Provides the ability to modify an existing role that can be assigned to users in the security system.

Permissions

Manage Roles permission is required.
Manage Companies is required to manage roles that are either not company-specific or outside the requesting user's company.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyRole

Request Body schema: application/soap+xml

	object (ModifyRoleReq)
	object (Requestor)

Responses

Delete Role

Provides the ability to remove an existing environment from a company in the security system.

Permissions

Manage Roles permission is required.
Manage Companies is required to manage roles that are either not company-specific or outside the requesting user's company.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyRole

Request Body schema: application/soap+xml

	object (DeleteRoleReq)
	object (Requestor)

Responses

List Role Permissions

Search for permission details for a role within the security system.

Permissions

Filtering based on the Role associated with each RolePermission:
View Companies permission is required to view company-specific roles outside the requesting user's company.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#RolePermission",
"odata.count": 623,
"value": [{"AllowBulk": false,
"Company": "My Company Name",
"CompanyID": 12,
"Description": "My Permission Description",
"Name": "My Permission Name",
"Path": "/Customer Care",
"PermissionID": 5,
"Role": "My Role Name",
"RoleID": 1
}
],
"odata.nextLink": "RolePermission?$inlinecount=allpages&$skiptoken=2,18774"
}

Security Key

Resources for storing and validating keys for specific purposes. This is useful for generating a one time authentication key for later validation.

Generate

Generates a new security key for the given value and purpose. [Rev 1.18]

Note

If the same value and purpose are used in a subsequent request the first key is invalidated.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/json

Request Body schema: application/json

lifeSpan required	number Number of seconds the security key is valid for. Default Value : 3600
purpose required	string Reason for generating the security key.
value required	string Value to securely store.

Responses

Request samples

Payload

Content type

application/json

{"lifeSpan": 3600,
"purpose": "Forgot Password",
"value": "Account 123"
}

Response samples

200

Content type

application/json

{"expirationDate": "9/9/2017 5:35:09 PM",
"keyCode": "ae8848a05ffd495f8eee125df0299d31",
"keyHash": "sLUvQFBZGIKQc...",
"purpose": "Forgot Password"
}

Validate

Validates a previously generated security key. [Rev 1.18] ### Note Once a security key is used in an attempt to validate it will no longer be valid for future validation regardless to the success or failure of this call.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/json

Request Body schema: application/json

keyCode required	string Unique identifier for the security key to validate.
keyHash required	string Hash value for this security key.
purpose required	string Reason why this security key was originally generated.

Responses

Request samples

Payload

Content type

application/json

{"keyCode": "ae8848a05ffd495f8eee125df0299d31",
"keyHash": "sLUvQFBZGIKQc...",
"purpose": "Forgot Password"
}

Response samples

200

Content type

application/json

{"value": "Account 123"
}

Security Question

View information about security questions.

Search Security Questions

Search for details of a security question.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#SecurityQuestion",
"odata.count": 623,
"value": [{"Question": "My Security Question Text",
"SecurityQuestionID": 1
}
],
"odata.nextLink": "SecurityQuestion?$inlinecount=allpages&$skiptoken=2,18774"
}

Retrieve Security Question

Provides the ability to retrieve details of a security question.

Authorizations:

SWT

path Parameters

SecurityQuestionID

required

number

Example: 1

Unique identifier for the security question to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"SecurityQuestionID": 1,
"Question": "My Security Question Text"
}

Security Answer

View information regarding security answers.

Verify Security Answer

Provides the ability to verify the response to a security question for a given user in the security system.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/VerifySecurityAnswers

Request Body schema: application/soap+xml

	object (VerifySecurityAnswersReq)
	object (Requestor)

Responses

System Logs

Various logging information collected by the system about a users activity.

Search Audit Log

Search for details by user of changes made to objects within the security system. [Rev 1.02]

Permissions

View Domains permission is required to authorize access to any AuditLog information.
View Companies permission is required to view AuditLog data outside the requesting user's company.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#AuditLog",
"odata.count": 623,
"value": [{"ApplicationName": "My Application Name",
"AuditEntryAction": "Update",
"AuditLogID": 1,
"Company": "My Company",
"CompanyID": 1,
"DisplyName": "Method Display Name",
"EntryDate": "9/9/2016 5:35:09 PM",
"Environment": "My Environment Name",
"EnvironmentID": 1,
"LogData": "<LogData><Identity><Key/><Name/></Identity><ObjectDifferences/></LogData>",
"LogTreeID": "23005604-EB1B-11DE-85BA-806D6172696F",
"ObjectID": 1,
"ObjectType": "User",
"TreeNodeID": "0:1",
"Username": "My User Name"
}
],
"odata.nextLink": "AuditLog?$inlinecount=allpages&$skiptoken=2,18774"
}

Retrieve Audit Log

Provides the ability to retrieve details by user of changes made to objects within the security system. [Rev 1.02]

Permissions

View Domains permission is required to authorize access to any AuditLog information.
View Companies permission is required to view AuditLog data outside the requesting user's company.

Authorizations:

SWT

path Parameters

AuditLogID

required

number

Example: 1

Unique identifier for the audit log to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"ApplicationName": "My Application Name",
"AuditEntryAction": "Update",
"AuditLogID": 1,
"Company": "My Company",
"CompanyID": 1,
"DisplyName": "Method Display Name",
"EntryDate": "9/9/2016 5:35:09 PM",
"Environment": "My Environment Name",
"EnvironmentID": 1,
"LogData": "<LogData><Identity><Key/><Name/></Identity><ObjectDifferences/></LogData>",
"LogTreeID": "23005604-EB1B-11DE-85BA-806D6172696F",
"ObjectID": 1,
"ObjectType": "User",
"TreeNodeID": "0:1",
"Username": "My User Name"
}

Search Audit Action Summaries

Search for summaries of user changes, by LogTreeID, made to objects within the security system. [Rev 1.05]

Permissions

View Domains permission is required to authorize access to any AuditLog information.
View Companies permission is required to view AuditLog data outside the requesting user's company.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#AuditLogActionSummary",
"odata.count": 623,
"value": [{"ApplicationName": "My Application Name",
"AuditEntryCount": 1,
"Company": "Company Name",
"CompanyID": 1,
"DisplyName": "Method Display Name",
"EntryDate": "9/9/2016 5:35:09 PM",
"Environment": "My Environment Name",
"EnvironmentID": 1,
"LogTreeID": "23005604-EB1B-11DE-85BA-806D6172696F",
"RootObjectID": 1,
"RootObjectName": "User",
"RootObjectType": "User",
"Username": "MyUserName"
}
],
"odata.nextLink": "AuditLogActionSummary?$inlinecount=allpages&$skiptoken=2,18774"
}

Retrieve Audit Log Action Summary

Provides the ability to retrieve a summary of user changes, by LogTreeID, made to objects within the security system. [Rev 1.05]

Permissions

View Domains permission is required to authorize access to any AuditLog information.
View Companies permission is required to view AuditLog data outside the requesting user's company.

Authorizations:

SWT

path Parameters

LogTreeID

required

number

Example: 1

Unique identifier used to correlate multiple audit records which were made as part of the same request.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"ApplicationName": "My Application Name",
"AuditEntryCount": 1,
"Company": "Company Name",
"CompanyID": 1,
"DisplyName": "Method Display Name",
"EntryDate": "9/9/2016 5:35:09 PM",
"Environment": "My Environment Name",
"EnvironmentID": 1,
"LogTreeID": "23005604-EB1B-11DE-85BA-806D6172696F",
"RootObjectID": 1,
"RootObjectName": "User",
"RootObjectType": "User",
"Username": "MyUserName"
}

Search Sessions

Search for details about a user's session while logged in to an application instance.

Permissions

View Companies permission is required to view sessions for any users outside the requesting user's company.
View Domains permission is required to view sessions for any users outside the requesting user's domain.
View Users [Rev 1.02] or Manage Users permission is required to view sessions for any users other than the requesting user's UserID.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#Session",
"odata.count": 623,
"value": [{"ApplicationInstance": "Application Instance Name",
"ApplicationInstanceID": 3,
"ClientIPAddress": "mysite.com",
"ClosedDate": "9/9/2017 5:35:09 PM",
"Company": "My Company Name",
"CompanyID": 1,
"Domain": "MyDomainName",
"DomainID": 4,
"EndDate": "9/9/2017 5:35:09 PM",
"LastRefreshDate": "9/9/2017 5:25:09 PM",
"ParentSessionID": 19,
"RefreshCount": 5,
"SessionID": 10,
"StartDate": "9/9/2017 5:10:09 PM",
"UserID": 8,
"UserName": "MyUserName"
}
],
"odata.nextLink": "Session?$inlinecount=allpages&$skiptoken=2,18774"
}

Retrieve Session

Provides the ability to retrieve details for a user's session while logged in to an application instance.

Permissions

View Companies permission is required to view sessions for any users outside the requesting user's company.
View Domains permission is required to view sessions for any users outside the requesting user's domain.
View Users [Rev 1.02] or Manage Users permission is required to view sessions for any users other than the requesting user's UserID.

Authorizations:

SWT

path Parameters

SessionID

required

number

Example: 1

Unique identifier for the session to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"ApplicationInstance": "Application Instance Name",
"ApplicationInstanceID": 3,
"ClientIPAddress": "mysite.com",
"ClosedDate": "9/9/2017 5:35:09 PM",
"Company": "My Company Name",
"CompanyID": 1,
"Domain": "MyDomainName",
"DomainID": 4,
"EndDate": "9/9/2017 5:35:09 PM",
"LastRefreshDate": "9/9/2017 5:25:09 PM",
"ParentSessionID": 19,
"RefreshCount": 5,
"SessionID": 10,
"StartDate": "9/9/2017 5:10:09 PM",
"UserID": 8,
"UserName": "MyUserName"
}

User

Create, modify and view users.

Search Users

Search for user details for a company and domain within the security system.

Permissions

View Companies permission is required to view any users outside the requesting user's company.
View Domains permission is required to view any users outside the requesting user's domain.
View Users [Rev 1.02] or Manage Users permission is required to view application users other than the requesting user's UserID.
Manage Webservice Users permission is required to view web service users.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#User",
"odata.count": 623,
"value": [{"AccountStatus": "Active",
"ActivationDate": "9/9/2017 3:10:09 PM",
"BypassIPAllowList": true,
"CanChangePassword": true,
"Company": "My Company Name",
"CompanyID": 1,
"CreateDate": "7/8/2017 3:08:09 PM",
"CreateUserName": "admin_user",
"Description": "My User Description",
"Domain": "MyDomainName",
"DomainID": 10,
"Email": "auser@here.com",
"ExpirationDate": "9/8/2020 3:08:09 PM",
"FirstName": "Fred",
"IsAvailable": false,
"IsDisabled": false,
"IsLockedOut": false,
"LastFailedLogOn": "8/8/2017 3:08:09 PM",
"LastLockoutDate": "8/8/2017 3:08:09 PM",
"LastLogOn": "8/7/2017 3:08:09 PM",
"LastModifiedDate": "8/1/2017 3:08:09 PM",
"LastModifiedUser": "myusername",
"LastName": "ALastName",
"LastPasswordChangeDate": "8/1/2017 3:08:09 PM",
"MustChangePasswordAtLogOn": false,
"PasswordDoesNotExpire": false,
"UserID": 5,
"UserName": "jsmith",
"UserType": "Webservice User",
"UserTypeID": 1
}
],
"odata.nextLink": "User?$inlinecount=allpages&$skiptoken=2,18774"
}

Create User

Provides the ability to create a new user for a company domain in the security system.

Permissions

The user management permission appropriate for the type of user being created is required.
Manage Companies is required to manage users outside the requesting user's company.
Manage Domains is required to manage users outside the requesting user's domain.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/CreateUser

Request Body schema: application/soap+xml

	object (CreateUserReq)
	object (Requestor)

Responses

Retrieve User

Provides the ability to retrieve user details for a company and domain within the security system.

Permissions

View Companies permission is required to view any users outside the requesting user's company.
View Domains permission is required to view any users outside the requesting user's domain.
View Users [Rev 1.02] or Manage Users permission is required to view application users other than the requesting user's UserID.
Manage Webservice Users permission is required to view web service users.

Authorizations:

SWT

path Parameters

UserID

required

number

Example: 1

Unique identifier for the user to retrieve.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"AccountStatus": "Active",
"ActivationDate": "9/9/2017 3:10:09 PM",
"BypassIPAllowList": true,
"CanChangePassword": true,
"Company": "My Company Name",
"CompanyID": 1,
"CreateDate": "7/8/2017 3:08:09 PM",
"CreateUserName": "admin_user",
"Description": "My User Description",
"Domain": "MyDomainName",
"DomainID": 10,
"Email": "auser@here.com",
"ExpirationDate": "9/8/2020 3:08:09 PM",
"FirstName": "Fred",
"IsAvailable": false,
"IsDisabled": false,
"IsLockedOut": false,
"LastFailedLogOn": "8/8/2017 3:08:09 PM",
"LastLockoutDate": "8/8/2017 3:08:09 PM",
"LastLogOn": "8/7/2017 3:08:09 PM",
"LastModifiedDate": "8/1/2017 3:08:09 PM",
"LastModifiedUser": "myusername",
"LastName": "ALastName",
"LastPasswordChangeDate": "8/1/2017 3:08:09 PM",
"MustChangePasswordAtLogOn": false,
"PasswordDoesNotExpire": false,
"UserID": 5,
"UserName": "jsmith",
"UserType": "Webservice User",
"UserTypeID": 1
}

Update User

Provides the ability to modify an existing user for a company domain in the security system.

Permissions

Except where noted, all changed values require the user management permission appropriate for the type of user being modified.
Manage Companies is required to manage users outside the requesting user's company.
Manage Domains is required to manage users outside the requesting user's domain.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyUser

Request Body schema: application/soap+xml

	object (ModifyUserReq)
	object (Requestor)

Responses

User Lookup

Provides the ability to look up an existing user within a company domain in the security system.

Permissions

Except where noted, all look ups require the user management permission appropriate for the type of user being queried.
Manage Companies is required to search for users outside the requesting user's company.
Manage Domains is required to search for users outside the requesting user's domain.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/UserLookup

Request Body schema: application/soap+xml

UserID required	number Unique identifier (ID) for a given user
IncludeSecurityQuestions	boolean Whether or not security questions are present / required for a given user

Responses

Delete User

Provides the ability to remove an existing user for a company domain from the security system.

Permissions

Except where noted, all changed values require the user management permission appropriate for the type of user being modified.
Manage Companies is required to manage users outside the requesting user's company.
Manage Domains is required to manage users outside the requesting user's domain.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/ModifyUser

Request Body schema: application/soap+xml

	object (DeleteUserReq)
	object (Requestor)

Responses

Create Authorization Code

Provides the ability to create authorization codes for a given user and and authorization provider. [Rev 1.08]

Permissions

Except where noted, all changed values require the user management permission appropriate for the type of user being modified.

Manage Companies is required to manage users outside the requesting user's company.
Manage Domains is required to manage users outside the requesting user's domain.

Authorizations:

SWT

header Parameters

Content-Type

required

string

Example: application/soap+xml; action="https://webservices.idibilling.com/SecurityService1/CreateAuthorizationCode

Request Body schema: application/json

	object (CreateAuthorizationCodeReq)
	object (Requestor)

Responses

Request samples

Payload

Content type

application/json

{"Request": {"Domain": 1,
"Lifespan": 6000,
"UserName": "jdoe"
},
"Requestor": {"AuthorizationToken": "string",
"CultureName": "string",
"RegisterID": 0
}
}

Response samples

200

Content type

application/json

{"Messages": [{"ItemID": 1,
"ItemIndex": 1,
"ItemType": "ApplicationInstance",
"LoggingNumber": 500002,
"Message": "Example error message",
"Type": {"Error": "string",
"Warning": "string"
}
}
],
"Result": {"AuthorizationCode": {"Code": 23445677,
"Domain": "Domain Name",
"ExpirationDate": "9/9/2016 5:35:09 PM",
"UserName": "jdoe"
}
}
}

List Effective Permissions

Search for details of a permission that a user either has or does not have for applications within environments. [Rev 1.02]

Permissions

View Companies permission is required to view effective permissions for any users outside the requesting user's company.
View Domains permission is required to view effective permissions for any users outside the requesting user's domain.
View Users or Manage Users permission is required to view effective permissions for any users other than the requesting user's UserID.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#EffectivePermission",
"odata.count": 623,
"value": [{"Application": "My Application Name",
"ApplicationID": 99,
"ApplicationInstance": "Application Instance Name",
"ApplicationInstanceID": 42,
"Company": "User Domain Company Name",
"CompanyID": 7,
"Domain": "User Domain Name",
"DomainID": 5,
"Environment": "My Environment Name",
"EnvironmentID": 12,
"HasPermission": false,
"Path": "/Security/SaaS Management",
"Permission": "View Companies",
"PermissionCompany": "My Company Name",
"PermissionCompanyID": 7,
"PermissionID": 22,
"RelyingPartyURI": "http://mysite.com",
"RolesTotal": 55,
"RolesHave": 4,
"UserID": 13,
"UserName": "MyUserName"
}
],
"odata.nextLink": "EffectivePermission?$inlinecount=allpages&$skiptoken=2,18774"
}

List Effective Roles

Search for details of a permission that a user either has or does not have due to having or not having each of the roles that are possible to assign to that user in an environment. [Rev 1.02]

Permissions

View Companies permission is required to view effective permissions for any users outside the requesting user's company.
View Domains permission is required to view effective permissions for any users outside the requesting user's domain.
View Users or Manage Users permission is required to view effective permissions for any users other than the requesting user's UserID.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#EffectiveRole",
"odata.count": 623,
"value": [{"Company": "My Company Name",
"CompanyID": 42,
"Domain": "My Domain Name",
"DomainID": 1,
"Environment": "My Environment Name",
"EnvironmentID": 1,
"HasPermissionInRole": true,
"Path": "/Security/SaaS Management",
"Permission": "My Permission Name",
"PermissionID": 11,
"Role": "My Role Name",
"RoleID": 25,
"UserID": 12,
"UserName": "MyUserName"
}
],
"odata.nextLink": "EffectiveRole?$inlinecount=allpages&$skiptoken=2,18774"
}

List User Applications

List user details of applications within each environment for which a user has all required permissions in the security system [Rev 1.03].

Permissions

View Companies permission is required to view applications for any users outside the requesting user's company.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#UserApplication",
"odata.count": 623,
"value": [{"Application": "Security",
"ApplicationCode": "SECURITY",
"ApplicationID": 3,
"ApplicationInstanceID": 123,
"Company": "My Company Name",
"CompanyID": 1,
"Domain": "MyDomainName",
"DomainID": 5,
"Email": "useraddress@here.com",
"Environment": "MyEnvironmentName",
"EnvironmentCompany": "My Company Name",
"EnvironmentCompanyID": 1,
"EnvironmentID": 2,
"FirstName": "Charlie",
"IsVisible": false,
"LastName": "Smith",
"RelyingPartyURI": "http://mysite.com",
"StaticURL": "https://mysite.com/application/",
"UserID": 42,
"UserName": "csmith"
}
],
"odata.nextLink": "UserApplication?$inlinecount=allpages&$skiptoken=2,18774"
}

List User Environments

Search for user details of environments for 'Webservice' type users in the security system.

Permissions

View Companies permission is required to view environments for any users outside the requesting user's company.
View Domains permission is required to view environments for any users outside the requesting user's domain.
Manage Webservice Users permission is required to view environments for any users.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#UserEnvironment",
"odata.count": 623,
"value": [{"Company": "My Company Name",
"CompanyID": 22,
"Description": "My Environment Description",
"Domain": "MyDomainName",
"DomainID": 15,
"EnvironmentCompany": "My Company Name",
"EnvironmentCompanyID": 1,
"EnvironmentID": 3,
"Name": "My Environment Name",
"UserID": 73,
"UserName": "myusername"
}
],
"odata.nextLink": "UserEnvironment?$inlinecount=allpages&$skiptoken=2,18774"
}

List User Identities

Search for alternate identities provided for a user from third part authorization providers. [Rev 1.09]

Permissions

View Companies permission is required to view environments for any users outside the requesting user's company.
View Domains permission is required to view environments for any users outside the requesting user's domain.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#UserIdentity",
"odata.count": 623,
"value": [{"AuthorizationProvider": "My Autorization Provider Name",
"AuthorizationProviderID": 4,
"Company": "My Company Name",
"CompanyID": 5,
"Confirmed": false,
"Domain": "MyDomainName",
"DomainID": 7,
"Identity": "23005604-eb1b-11de-85ba-806d6172696f",
"Name": "myname@here.com",
"UserID": 8,
"UserIdentityID": 22,
"UserName": "myusername"
}
],
"odata.nextLink": "UserIdentity?$inlinecount=allpages&$skiptoken=2,18774"
}

List User Roles

Search for details of roles within each environment for 'Application' type users in the security system.

Permissions

View Companies permission is required to view roles for any users outside the requesting user's company.
View Domains permission is required to view roles for any users outside the requesting user's domain.
View Users [Rev 1.02] or 'Manage Users' permission is required to view roles for any users other than the requesting user's UserID.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#UserRole",
"odata.count": 623,
"value": [{"Company": "My Company Name",
"CompanyID": 2,
"Description": "My Role Description",
"Domain": "MyDomainName",
"DomainID": 9,
"Environment": "My Environment Name",
"EnvironmentCompany": "My Company Name",
"EnvironmentCompanyID": 12,
"EnvironmentID": 3,
"Name": "My Role Name",
"RoleID": 1,
"UserID": 51,
"UserName": "myusername"
}
],
"odata.nextLink": "UserRole?$inlinecount=allpages&$skiptoken=2,18774"
}

List User Role Summaries

Search for counts of roles within each environment for users in the security system.

Permissions

View Companies permission is required to view roles for any users outside the requesting user's company.
View Domains permission is required to view roles for any users outside the requesting user's domain.
View Users [Rev 1.02] or 'Manage Users' permission is required to view roles for any users other than the requesting user's UserID.

Authorizations:

SWT

query Parameters

$filter	string Example: $filter=Name eq 'Value' A structured search expression in standard OData syntax.
format	string ($format) Enum: "atom" "json" Example: format=json Format the search results should be returned in.
inlinecount	string ($inlinecount) Enum: "allpages" "none" Example: inlinecount=allpages Tells the server to include the total count of matching entities in the response.
$orderby	string Example: $orderby=Name A list of comma-separated expressions to sort the results by. Each expression can be followed by asc to indicate ascending, and desc to indicate descending. The default is ascending order.
$select	string Example: $select=Name A list of comma-separated fields to retrieve. If unspecified, all fields in the schema are included.
$skip	number Example: $skip=10 Number of search results to skip.
$skiptoken	number Example: $skiptoken=2 Indicator to the next set of results. This value is usually supplied on the response from a previous search.
$top	number Example: $top=1 Number of search results to retrieve. If you specify a value greater than 100 and there are more than 100 results, only the first 100 results will be returned.

header Parameters

Accept

string

Example: application/json

Responses

Response samples

200

Content type

application/json

{"odata.metadata": "https://api.idibilling.com/securitytoken/1xa/environment/securitydataservice/$metadata#UserRoleSummary",
"odata.count": 623,
"value": [{"Company": "My Company Name",
"CompanyID": 1,
"Domain": "MyDomainName",
"DomainID": 4,
"Environment": "My Environment Name",
"EnvironmentCompany": "My Company Name",
"EnvironmentCompanyID": 2,
"EnvironmentID": 10,
"RoleCount": 13,
"UserID": 99,
"UserName": "myusername"
}
],
"odata.nextLink": "UserRoleSummary?$inlinecount=allpages&$skiptoken=2,18774"
}

User Authentication

Various operations available surrounding the authentication of a user.

Issue

Based on the credential provided/proven in the request, a new token is issued, possibly with new proof information.

Authorizations:

SWT

Request Body schema: application/soap+xml

AppliesTo required	string Specifies the scope for which this security token can be used. Valid Values - http://infodir.com/webservices
RequestType required	string Is used to indicate (using a URI) the class of function that is being requested. Valid Values - http://schemas.xmlsoap.org/ws/2005/02/trust/Issue

Responses

Login

Generates a simple web token based on the credentials supplied.

Authorizations:

SWT

header Parameters

Accept

string

Example: application/json

Request Body schema: application/json

	object (LoginInformation)
environment required	string Name of the environment to log into.
required	object (LoginInformation)

Responses

Request samples

Payload

Content type

application/json

{"actAs": {"appliesTo": "http://idibilling.com/webservices",
"password": "MyPassword",
"username": "Domain\\User1"
},
"environment": "MyEnvironment",
"primary": {"appliesTo": "http://idibilling.com/webservices",
"password": "MyPassword",
"username": "Domain\\User1"
}
}

Response samples

200

Content type

text/plain

"Issuer=http.."

Renew

A previously issued token with expiration is presented (and possibly proven), and the same token is returned with new expiration semantics.

Authorizations:

SWT

Request Body schema: application/soap+xml

AppliesTo required	string Specifies the scope for which this security token can be used. Valid Values - http://infodir.com/webservices
RequestType required	string Is used to indicate (using a URI) the class of function that is being requested. Valid Values - http://schemas.xmlsoap.org/ws/2005/02/trust/Renew

Responses

Response samples

200

Content type

application/json

{"RequestSecurityTokenResponse": ""
}

Validate

The validity of the specified security token is evaluated and a result is returned.

Authorizations:

SWT

Request Body schema: application/soap+xml

AppliesTo required	string Specifies the scope for which this security token can be used. Valid Values - http://infodir.com/webservices
RequestType required	string Is used to indicate (using a URI) the class of function that is being requested. Valid Values - http://schemas.xmlsoap.org/ws/2005/02/trust/Validate

Responses

Response samples

200

Content type

application/json

{"RequestSecurityTokenResponse": ""
}

Release Notes