Skip to end of metadata
Go to start of metadata

This document applies to COmanage Registry version 4.x and earlier.

Authentication

Authentication is via a proxy or delegated model, where the REST client is treated as an administrative user by the Registry. The client, where appropriate, indicates which target subject it wishes to act on behalf of.

The REST client is authenticated via a simple user/password pair transmitted over HTTPS as part of a basic auth transaction. More sophisticated authentication mechanisms, such as delegated SAML assertions, may be supported in the future.

Note: POST may work for edit due to default CakePHP functionality but is not supported.

Adding a New API User

All API Users currently have full access to all Registry data across all COs. (CO-91)

Platform Administrators may add and manage API Users via Platform >> API Users.

Note that the API User Name must not conflict with any login identifier for any valid user on the platform. This will be enforced when an API User Name is added or edited, but not currently at any other point. (ie: It is possible for a subsequently added person to have a login identifier that conflicts with an API User Name.) (CO-104)

It may make sense to, by policy, only allow login identifiers in eppn format (with an @) and to only allow API User Names not in that format (without an @).

Object Formats

The REST API supports different formats for representing data object passed. Each format may convey the following special variables:

  • Object Type: The type of object represented in the request, as defined for each data type.
  • Object Version: The version of the object represented in the request, as defined for each data type.

URL

For methods such as GET that pass arguments as part of the URL, arguments are positional as defined for each data type.

JSON

This format is supported for requests and responses.

XML

This format is supported for requests and responses.

The XML format is deprecated as of Registry v3.1.0, and will be removed in Registry v4.0.0 (CO-1555).

VOOT

This format is experimental. See VOOT API for more information.

Request and Response Formats

Changelog

In addition to the attributes defined in the Response formats for each Model, Models enabled for Changelog Behavior will return Changelog metadata as well (deleted, revision, parent ID, etc).

Note that a request for a deleted, changelog enabled object will return a record (ie: a 200 response, not a 404 response). Examine the deleted attribute to verify the status of the object. This behavior is subject to change in a future release (CO-1557).

Attribute Enumerations

If Attribute Enumerations are defined for an attribute, permitted values for that attribute are constrained to the enumerated values. Permitted values may be determined and set via the AttributeEnumeration API.

Timezones

All times processed (inbound and outbound) via the REST API are in UTC. For more information on timezones, see Understanding Registry Timezones.

API Reference

APIVersionAvailable Since

Address

1.0v0.1
AttributeEnumeration1.0v2.0.0
CO1.0v0.1
COU1.0v0.2
CoDepartment1.0v3.1.0
CoEmailList1.0v3.1.0
CoEnrollmentAttribute1.0v0.6
CoExtendedAttribute1.0v0.2
CoExtendedType1.0v0.6
CoGroup1.0v0.1
CoGroupMember1.0v0.1
CoInvite1.0v0.1
CoNavigationLink1.0v0.8.3
CoNsfDemographics1.0v0.4
CoOrgIdentityLink1.0v0.2
CoPerson1.0v0.1
CoPersonRole1.0v0.2
CoPetition1.0
CoProvisioningTarget1.0
CoService1.0v3.1.0
CoTAndCAgreement1.0v2.0.0
CoTermsAndConditions1.0v2.0.0
EmailAddress1.0v0.1
HistoryRecord1.0v0.7
Identifier1.0v0.1
Name1.0v0.8.3
NavigationLink1.0v0.8.3
Organization1.0v0.1
OrgIdentity1.0v0.2
TelephoneNumber1.0v0.1
Url1.0v3.1.0

Sample Clients

See REST API Examples.

  • No labels