User API

User API provides an interface for user access administration. Back-end for this API is an OIDC provider (either Auth0 for cloud deployment or FusionAuth for on-prem solutions).

Get User Info

This API endpoint accepts a “Bearer” access token of a user. It returns claims related to the user.

POST /user/info

Example request:

{}
Response JSON Object:
 
  • id (str) – unique OIDC ID of the user.
  • email (str) – user’s e-mail.
  • name (str) – user’s full name.
  • accounting (str) – name of user’s accounting.
  • permissions (list) – list of permissions the user is granted. See permission mechanics for more information.

Example response:

{
    "id": "auth0|mGochhH3Pz5SiCWo8m44",
    "email": "john-smith@example.com",
    "name": "John Smith",
    "accounting": "development",
    "permissions": [
        "imagery.availability",
        "imagery.scene-info"
    ]
}

OIDC Management

This endpoint is currently supported only for Auth0 OIDC provider.

API endpoint returns a JWT token which can be used for access to Auth0 Management API. The token is granted the following scopes: read:users, update:users, delete:users, create:users, read:users_app_metadata, update:users_app_metadata, delete:users_app_metadata, create:users_app_metadata.

Needed Permissions: admin.users.manage

POST /user/manage

Example request:

{}
Response JSON Object:
 

Example response:

{
    "token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczovL0FVVEgwX0RPTUFJTi8iLCJzdWIiOiJVU0VSX0lEIiwiYXVkIjoiaHR0cHM6Ly9BVVRIMF9ET01BSU4vYXBpL3YyLyIsImlhdCI6MTUzMzk3ODM0MSwiZXhwIjoxNTMzOTgwMTQxLCJhenAiOiJDTElFTlRfSUQiLCJzY29wZSI6InJlYWQ6dXNlcnMgdXBkYXRlOnVzZXJzIGRlbGV0ZTp1c2VycyBjcmVhdGU6dXNlcnMgcmVhZDp1c2Vyc19hcHBfbWV0YWRhdGEgdXBkYXRlOnVzZXJzX2FwcF9tZXRhZGF0YSBkZWxldGU6dXNlcnNfYXBwX21ldGFkYXRhIGNyZWF0ZTp1c2Vyc19hcHBfbWV0YWRhdGEiLCJndHkiOiJjbGllbnQtY3JlZGVudGlhbHMifQ.NnVuJ1IZ5KyWPokQO9p5C5-u5DzV02ry9g8mAaBX9q0"
}