Identity & Access API Reference
Typical Implementation Workflow
- User Authentication: Call the Auth endpoints to generate and validate tokens.
- Organization Setup: Use Organization Management endpoints to structure your system hierarchy.
- User Assignment: Assign users to organizations and define their roles via User & Membership endpoints.
- M2M Integration: Configure OAuth2 Client Credentials for service-to-service communication.
- Access Control: Leverage user roles and organization scopes to enforce permissions across your application.
1. Authentication (Auth)
Feature: Manages secure access tokens and user session validation.
- Create Auth Token
POST /api/v1/auth/tokens
2. Organization Management
Feature: Manages the organizational structure, supporting hierarchical queries and node lifecycle.
Lifecycle Operations
- Create Organization
POST /api/v1/orgs - Update Organization
PUT /api/v1/orgs/{orgId} - Delete Organization
DELETE /api/v1/orgs/{orgId}
Hierarchical & Scoped Queries
To navigate the organizational tree, use the following specialized query endpoints:
| Feature | API Endpoint | Use Case |
|---|---|---|
| List Organizations | GET /api/v1/orgs | Retrieve a flat list of all accessible organizations. |
| Get Org Details | GET /api/v1/orgs/{orgId} | Fetch metadata for a specific organization ID. |
| Get Sub-Hierarchy | GET /api/v1/orgs/{orgId}/children | Search downward for child nodes (supports depth levels). |
| Trace Lineage | GET /api/v1/orgs/{orgId}/parents | Search upward for parent nodes (ideal for Breadcrumbs). |
3. User & Membership Management
Feature: Handles user profiles and their specific roles/memberships within different organizations.
Organization-Scoped Users
- List Org Users
GET /api/v1/orgs/{orgId}/users - Add User to Org
POST /api/v1/orgs/{orgId}/users - Get Org User Details
GET /api/v1/orgs/{orgId}/users/{userId} - Update Org User Profile
PATCH /api/v1/orgs/{orgId}/users/{userId} - Remove User from Org
DELETE /api/v1/orgs/{orgId}/users/{userId}
Global User Queries
- List All Users
GET /api/v1/users - Get Global User Profile
GET /api/v1/users/{userId} - List User Memberships
GET /api/v1/users/{userId}/orgs
4. Client Credential Management
Feature: Provisioning and management of Machine-to-Machine (M2M) service credentials.
- Create Client Credential
POST /api/v1/oauth2/client-credentials - List Client Credentials
GET /api/v1/oauth2/client-credentials - Delete Client Credential
DELETE /api/v1/oauth2/client-credentials/{clientCredentialId}
Last updated on Mar-31, 2026 | Version 1.0.0