Documentation

Mistake on this page? Email us

Account Management API

API to manage account access, authorization, communication and branding. See Troubleshooting the APIs for information on status and error codes.
Version: v3
Host: https://api.us-east-1.mbedcloud.com

Endpoints

AccountAPIKeys

post /v3/api-keys/{apikey_id}/groups
Add API key to a list of groups. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id}/groups/add/

Add API key to groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id}/groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
apikey_id (required)
Path Parameter — The ID of the API key to add to the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body string (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group or API key with that ID does not exist. ErrorResponse
409 The API key is a member of the group already. ErrorResponse
post /v3/api-keys/{apikey_id}/groups/add
Add API key to a list of groups. Show more Show less

Add API key to groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id}/groups/add \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
apikey_id (required)
Path Parameter — The ID of the API key to add to the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupIdList (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group or API key with that ID does not exist. ErrorResponse
409 The API key is a member of the group already. ErrorResponse
post /v3/api-keys/me/groups
Add API key to a list of groups. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups/add/

Add API key to groups.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body string (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. Adding API key to the 'Administrators' group is restricted to administrators. ErrorResponse
409 The API key is a member of the group already. ErrorResponse
post /v3/api-keys/me/groups/add
Add API key to a list of groups. Show more Show less

Add API key to groups.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups/add/ \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupIdList (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. Adding API key to the 'Administrators' group is restricted to administrators. ErrorResponse
409 The API key is a member of the group already. ErrorResponse
post /v3/api-keys
Create a new API key. Show more Show less

Create a new API key.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys -d '{"name": "MyKey1"}' \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json'
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body ApiKeyInfoReq (required)
Body Parameter — The details of the API key to create.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. ApiKeyInfoResp
400 Error in input data, for example, missing API key name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
delete /v3/api-keys/{apikey_id}
Delete API key. Show more Show less

Delete the API key.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
apikey_id (required)
Path Parameter — The ID of the API key to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. Only the owner of the API key or an administrator can delete an API key. ErrorResponse
404 The API key with the specified ID does not exist. ErrorResponse
get /v3/api-keys
Get all API keys. Show more Show less

Retrieve an array of API keys, optionally filtered by the owner.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/api-keys \
-H 'Authorization: Bearer <api_key>'
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
key__eq (optional)
Query Parameter — API key filter. Do not include the private portion of the API key (the last 32 characters).
owner__eq (optional)
Query Parameter — Owner name filter. Note: This parameter is restricted to administrators.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "owner" : "01619571e2e89242ac12000600000000",
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "created_at" : "2018-02-13T09:35:20Z",
    "groups" : [ "aeiou" ],
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "name" : "API key gorgon",
    "etag" : "1",
    "id" : "01619571f7020242ac12000600000000",
    "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
    "object" : "api-key",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
get /v3/api-keys/{apikey_id}

Retrieve details of an API key.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
apikey_id (required)
Path Parameter — The ID of the API key to retrieve.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 API key with the specified ID does not exist. ErrorResponse
get /v3/api-keys/{apikey_id}/groups
Get policy groups of an API key. Show more Show less

Retrieve an array of policy groups associated with an API key. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id}/groups \
-H 'Authorization: Bearer <api_key>'
Path parameters
apikey_id (required)
Path Parameter — The ID of the API key.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "apikey_count" : 0,
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "user_count" : 1,
    "name" : "Administrators",
    "created_at" : "2018-02-13T09:35:20Z",
    "etag" : "1",
    "id" : "01619571dec00242ac12000600000000",
    "object" : "group"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummaryList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An API key with the given ID does not exist. ErrorResponse
get /v3/api-keys/me/groups
Get policy groups of the current API key. Show more Show less

Retrieve an array of policy groups associated with the current API key.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups \
-H 'Authorization: Bearer <api_key>'
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "apikey_count" : 0,
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "user_count" : 1,
    "name" : "Administrators",
    "created_at" : "2018-02-13T09:35:20Z",
    "etag" : "1",
    "id" : "01619571dec00242ac12000600000000",
    "object" : "group"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummaryList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
get /v3/api-keys/me
Get current API key. Show more Show less

Retrieve details of current API key.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/api-keys/me \
-H 'Authorization: Bearer <api_key>'
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
delete /v3/api-keys/{apikey_id}/groups
Remove API key from groups. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id}/groups/remove/

Remove API key from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id}/groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
apikey_id (required)
Path Parameter — The ID of the API key to remove from the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body string (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An API key with that ID does not exist. ErrorResponse
post /v3/api-keys/{apikey_id}/groups/remove
Remove API key from groups. Show more Show less

Remove API key from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id}/groups/remove \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
apikey_id (required)
Path Parameter — The ID of the API key to remove from the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupIdList (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An API key with that ID does not exist. ErrorResponse
post /v3/api-keys/me/groups/remove
Remove API key from groups. Show more Show less

Remove API key from groups.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups/remove \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupIdList (required)
Body Parameter — A list of IDs of groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
delete /v3/api-keys/me/groups
Remove API key from groups. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups/remove/

Remove API key from groups.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/api-keys/me/groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupIdList (required)
Body Parameter — A list of IDs of groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
post /v3/api-keys/{apikey_id}/reset-secret
Reset the secret key. Show more Show less

Reset the secret key of the API key.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id}/reset-secret \
-H 'Authorization: Bearer <api_key>'
Path parameters
apikey_id (required)
Path Parameter — The ID of the API key to reset.
Request body
body ApiKeyUpdateReq (optional)
Body Parameter — New API key attributes to be stored.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data, for example, invalid API key name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. Only the owner of the API key or an administrator can reset an API key. ErrorResponse
404 An API key with the specified ID does not exist. ErrorResponse
put /v3/api-keys/{apikey_id}
Update API key details. Show more Show less

Update API key details.

Example: `curl -X PUT https://api.us-east-1.mbedcloud.com/v3/api-keys/{apikey_id}
-H 'Authorization: Bearer <api_key>'
-H 'content-type: application/json'
-d '{"name": "TestApiKey25"}'

Path parameters
apikey_id (required)
Path Parameter — The ID of the API key to update.
Request body
body ApiKeyUpdateReq (required)
Body Parameter — New API key attributes to store.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data, for example, invalid API key name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. Only the owner of the API key or an administrator can update an API key. ErrorResponse
404 The API key with the specified ID does not exist. ErrorResponse
put /v3/api-keys/me
Update API key details. Show more Show less

Update API key details.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/api-keys/me \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"name": "TestApiKey25"}'
Request body
body ApiKeyUpdateReq (required)
Body Parameter — New API key attributes to store.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data, for example, invalid API key name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse

AccountEmailNotificationLogs

get /v3/accounts/me/notifications
Get logs of email notifications. Show more Show less
Retrieve an array of email notification logs.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "error_msg" : "Connection error.",
    "receiver" : "example@email-receiver.test",
    "subject" : "Account locked.",
    "success" : true,
    "created_at" : "2018-02-13T09:35:20Z",
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "message" : "User limit has been reached.",
    "type" : "email",
    "object" : "notification-entry"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. NotificationEntryList
400 Error in input data, or missing or invalid parameters. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden ErrorResponse
get /v3/accounts/me/notifications/{notification_id}
Get an email notification. Show more Show less
Retrieve an email notification log entry.
Path parameters
notification_id (required)
Path Parameter — The ID of the log entry to be retrieved.
Return type
Example data
Content-Type: application/json
{
  "account_id" : "01619571e2e90242ac12000600000000",
  "error_msg" : "Connection error.",
  "receiver" : "example@email-receiver.test",
  "subject" : "Account locked.",
  "success" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "message" : "User limit has been reached.",
  "type" : "email",
  "object" : "notification-entry"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 successful operation NotificationEntry
400 Error in input data, missing or invalid parameters. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden ErrorResponse
404 No entry found for the given ID. ErrorResponse

AccountEntitlementLimitations

get /v3/limitations/{limitation_id}
Get an entitlement limitation. Show more Show less
Retrieve an entitlement limitation.
Path parameters
limitation_id (required)
Path Parameter — The ID of the limitation to be fetched.
Return type
Example data
Content-Type: application/json
{
  "billing_period" : 1,
  "description" : "aeiou",
  "created_at" : "2018-02-13T09:35:20Z",
  "inherited_from" : "aeiou",
  "updated_at" : "2018-02-14T15:24:14Z",
  "inherited" : true,
  "quota" : 0,
  "name" : "aeiou",
  "limit" : 6,
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "inherited_type" : "aeiou",
  "object" : "user"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 successful operation AccountLimitation
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Limitation with the given ID not found. ErrorResponse
get /v3/limitations
Get entitlement limitations. Show more Show less
Retrieve an array of entitlement limitations.
Query parameters
inherited__eq (optional)
Query Parameter — Filter for finding account limitations by inheritance. True returns also inherited limitations. False returns only non-inherited ones.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "billing_period" : 1,
    "description" : "aeiou",
    "created_at" : "2018-02-13T09:35:20Z",
    "inherited_from" : "aeiou",
    "updated_at" : "2018-02-14T15:24:14Z",
    "inherited" : true,
    "quota" : 0,
    "name" : "aeiou",
    "limit" : 6,
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "inherited_type" : "aeiou",
    "object" : "user"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 successful operation AccountLimitationList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse

AccountIdentityProviders

post /v3/identity-providers
Create a new identity provider. Show more Show less
Create a new identity provider. Note: This endpoint is restricted to administrators.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
Body Parameter — Details of the identity provider to create.
Query parameters
discovery (optional)
Query Parameter — Indicates that the OpenID Connect endpoints and keys should be set using the OpenID Connect Discovery mechanism. The following parameters are set automatically: * authorization_endpoint * token_endpoint * userinfo_endpoint * revocation_endpoint * jwks_uri * keys
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. IdentityProviderInfo
400 Error in input data, for example, name is too long. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
delete /v3/identity-providers/{identity_provider_id}
Delete an identity provider by ID. Show more Show less
Delete an identity provider by ID. Note: This endpoint is restricted to administrators.
Path parameters
identity_provider_id (required)
Path Parameter — The ID of the identity provider to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden, or identity provider is in use. ErrorResponse
404 Identity provider not found. ErrorResponse
post /v3/identity-providers/{identity_provider_id}/delete-sp-certificate
Delete the service provider certificate. Show more Show less
Delete a service provider certificate. Note: This endpoint is restricted to administrators.
Path parameters
identity_provider_id (required)
Path Parameter — The ID of the identity provider.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderInfo
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Identity provider not found. ErrorResponse
post /v3/identity-providers/{identity_provider_id}/generate-sp-certificate
Generate a new service provider certificate. Show more Show less
Generate a new service provider certificate. Note: This endpoint is restricted to administrators.
Path parameters
identity_provider_id (required)
Path Parameter — The ID of the identity provider to generate a certificate for.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body CertificateGenerationReq (optional)
Body Parameter — Details of the service provider certificate to generate.
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderInfo
400 Error in input data, for example, invalid certificate validity value. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Identity provider not found. ErrorResponse
get /v3/identity-providers
Get all identity providers. Show more Show less
Retrieve an array of identity providers. Note: This endpoint is restricted to administrators.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "created_at" : "2018-02-13T09:35:20Z",
    "description" : "aeiou",
    "type" : "NATIVE",
    "saml2_attributes" : {
      "idp_entity_id" : "aeiou",
      "assertion_endpoint" : "aeiou",
      "slo_endpoint" : "aeiou",
      "sso_endpoint" : "aeiou",
      "sp_x509_cert" : "aeiou",
      "sp_entity_id" : "aeiou",
      "idp_x509_certs" : [ "aeiou" ]
    },
    "is_default" : true,
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "oidc_attributes" : {
      "keys" : [ {
        "kid" : "aeiou",
        "key" : "aeiou"
      } ],
      "claim_mapping" : {
        "sub" : "aeiou",
        "email_verified" : "aeiou",
        "updated_at" : "aeiou",
        "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
        "name" : "aeiou",
        "phone_number" : "aeiou",
        "given_name" : "aeiou",
        "family_name" : "aeiou",
        "email" : "email_address"
      },
      "end_session_endpoint" : "aeiou",
      "revocation_endpoint" : "aeiou",
      "issuer" : "aeiou",
      "client_id" : "aeiou",
      "authorization_endpoint" : "aeiou",
      "userinfo_endpoint" : "aeiou",
      "jwks_uri" : "aeiou",
      "token_request_mode" : "POST",
      "client_secret" : "aeiou",
      "redirect_uri" : "aeiou",
      "auto_enrollment" : true,
      "token_response_path" : "oidc.data",
      "scopes" : "openid email",
      "token_endpoint" : "aeiou"
    },
    "name" : "aeiou",
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "object" : "identity-provider",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
get /v3/identity-providers/{identity_provider_id}
Get identity provider. Show more Show less
Retrieve an identity provider. Note: This endpoint is restricted to administrators.
Path parameters
identity_provider_id (required)
Path Parameter — The ID of the identity provider to retrieve.
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderInfo
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Identity provider not found. ErrorResponse
post /v3/identity-providers/{identity_provider_id}/refresh-jwks
Refreshes the OIDC signing keys. Show more Show less
Refreshes an OIDC IdP's signing keys. Note: This endpoint is restricted to administrators.
Path parameters
identity_provider_id (required)
Path Parameter — The ID of the identity provider for which to refresh the signing keys.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderInfo
400 Not an OIDC IdP or JWKS URI is unspecified. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Identity provider not found. ErrorResponse
put /v3/identity-providers/{identity_provider_id}
Update an existing identity provider. Show more Show less
Update an existing identity provider. Note: This endpoint is restricted to administrators.
Path parameters
identity_provider_id (required)
Path Parameter — The ID of the identity provider to update.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
Body Parameter — Details of the identity provider to update.
Query parameters
discovery (optional)
Query Parameter — Indicates that the OpenID Connect endpoints and keys should be set using the OpenID Connect Discovery mechanism. The following parameters are set automatically: * authorization_endpoint * token_endpoint * userinfo_endpoint * revocation_endpoint * jwks_uri * keys
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderInfo
400 Error in input data, for example, missing name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Identity provider not found. ErrorResponse

AccountPolicyGroups

post /v3/policy-groups/{group_id}/api-keys
Add API keys to the group. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated, use POST https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/api-keys/add/

Add API keys to the group.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/api-keys \
-H 'Authorization: Bearer <api_key>'
Path parameters
group_id (required)
Path Parameter — The ID of the group.
Request body
body SubjectList (required)
Body Parameter — A list of API keys to add to the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the group Id does not exist. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. Adding an API key to the 'Administrators' group is restricted to administrators. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
409 The API key is a member of the group already. ErrorResponse
post /v3/policy-groups/{group_id}/api-keys/add
Add API Keys to the group. Show more Show less

Add API keys to the group.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/api-keys \
-H 'Authorization: Bearer <api_key>'
Path parameters
group_id (required)
Path Parameter — The ID of the group.
Request body
body SubjectList (required)
Body Parameter — A list of API keys to add to the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the group Id does not exist. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. Adding an API key to the 'Administrators' group is restricted to administrators. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
409 The API key is a member of the group already. ErrorResponse
post /v3/policy-groups/{group_id}/users/add
Add users to the group. Show more Show less

Add users to the group. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/users/add \
-H 'Authorization: Bearer <api_key>'
Path parameters
group_id (required)
Path Parameter — The ID of the group.
Request body
body SubjectList (required)
Body Parameter — A list of API keys to add to the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the group Id does not exist. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
409 The user is a member of the group already. ErrorResponse
post /v3/policy-groups/{group_id}
Add members to a group. Show more Show less

Add users and API keys to a group. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id} \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"users": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}'
Path parameters
group_id (required)
Path Parameter — The ID of the group to update.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body SubjectList (required)
Body Parameter — A list of users and API keys to add to the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the user or API key does not exist. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
409 The user of this API key is a member of the group already. ErrorResponse
post /v3/policy-groups/{group_id}/users
Add users to the group. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated, POST https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/users/add/

Add users to the group. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/users \
-H 'Authorization: Bearer <api_key>'
Path parameters
group_id (required)
Path Parameter — The ID of the group.
Request body
body SubjectList (required)
Body Parameter — A list of API keys to add to the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the group Id does not exist. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
409 The user is a member of the group already. ErrorResponse
post /v3/policy-groups
Create a new group. Show more Show less

Create a new group. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/policy-groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' -d '{"name": "MyGroup1"}'
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupCreationInfo (required)
Body Parameter — Details of the group to create.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. GroupSummary
400 Error in input data, for example, invalid group name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
409 A group with that name already exists. ErrorResponse
delete /v3/policy-groups/{group_id}
Delete a group. Show more Show less

Delete a group. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
group_id (required)
Path Parameter — The ID of the group to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden, or Administrators group cannot be removed. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
get /v3/policy-groups
Get policy groups. Show more Show less

Retrieve an array of policy groups.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/policy-groups \
-H 'Authorization: Bearer <api_key>'
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
name__eq (optional)
Query Parameter — Filter for group name.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "apikey_count" : 0,
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "user_count" : 1,
    "name" : "Administrators",
    "created_at" : "2018-02-13T09:35:20Z",
    "etag" : "1",
    "id" : "01619571dec00242ac12000600000000",
    "object" : "group"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummaryList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
get /v3/policy-groups/{group_id}/api-keys
Get the API keys of a policy group. Show more Show less

Retrieve an array of API keys associated with a policy group.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/api-keys \
-H 'Authorization: Bearer <api_key>'
Path parameters
group_id (required)
Path Parameter — The ID of the group.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "owner" : "01619571e2e89242ac12000600000000",
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "created_at" : "2018-02-13T09:35:20Z",
    "groups" : [ "aeiou" ],
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "name" : "API key gorgon",
    "etag" : "1",
    "id" : "01619571f7020242ac12000600000000",
    "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
    "object" : "api-key",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
get /v3/policy-groups/{group_id}
Get a policy group. Show more Show less

Retrieve a policy group.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
group_id (required)
Path Parameter — The ID of the policy group to retrieve.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
get /v3/policy-groups/{group_id}/users
Get users of a policy group. Show more Show less

Retrieve an array of users associated with a policy group. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/users \
-H 'Authorization: Bearer <api_key>'
Path parameters
group_id (required)
Path Parameter — The ID of the group.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
status__eq (optional)
Query Parameter — An optional filter to retrieve users by status.
status__in (optional)
Query Parameter — An optional filter to retrieve users with a specified set of statuses.
status__nin (optional)
Query Parameter — An optional filter to exclude users with a specified set of statuses.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "password_changed_time" : 1518630727688,
    "is_marketing_accepted" : true,
    "created_at" : "2018-02-13T09:35:20Z",
    "is_gtc_accepted" : true,
    "is_totp_enabled" : true,
    "password" : "PZf9eEUH43DAPE9ULINFeuj",
    "updated_at" : "2018-02-14T15:24:14Z",
    "login_history" : [ {
      "date" : "2018-02-14T17:52:07Z",
      "success" : true,
      "ip_address" : "127.0.0.1",
      "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
    } ],
    "totp_scratch_codes" : [ "aeiou" ],
    "id" : "01619571e2e89242ac12000600000000",
    "active_sessions" : [ {
      "account_id" : "01619571e2e90242ac12000600000000",
      "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
      "login_time" : "2018-02-14T17:52:07Z",
      "created_at" : "2018-02-13T09:35:20Z",
      "ip_address" : "127.0.0.1",
      "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
      "object" : "user-session"
    } ],
    "email" : "user@arm.com",
    "login_profiles" : [ {
      "foreign_id" : "aeiou",
      "name" : "aeiou",
      "id" : "aeiou",
      "type" : "NATIVE"
    } ],
    "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
    "email_verified" : true,
    "custom_fields" : {
      "key" : "aeiou"
    },
    "groups" : [ "aeiou" ],
    "full_name" : "User Doe",
    "account_id" : "01619571e2e90242ac12000600000000",
    "etag" : "1",
    "phone_number" : "+44 (1223) 400 400",
    "object" : "user",
    "status" : "ACTIVE",
    "username" : "admin"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
delete /v3/policy-groups/{group_id}/api-keys
Remove API keys from a group. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/api-keys/remove/

Remove API keys from groups.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/api-keys \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
group_id (required)
Path Parameter — The ID of the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body SubjectList (required)
Body Parameter — A list of API keys to remove from the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the array of API keys is missing. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
post /v3/policy-groups/{group_id}/api-keys/remove
Remove API keys from a group. Show more Show less

Remove API keys from groups.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/api-keys/remove \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
group_id (required)
Path Parameter — The ID of the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body SubjectList (required)
Body Parameter — A list of API keys to remove from the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the array of API keys is missing. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
post /v3/policy-groups/{group_id}/users/remove
Remove users from a group. Show more Show less

Remove users from a policy group. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/users/remove \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
group_id (required)
Path Parameter — The ID of the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body SubjectList (required)
Body Parameter — A list of users to remove from the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the user removing themselves from the Administrators group. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
delete /v3/policy-groups/{group_id}/users
Remove users from a group. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated, POST https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/users/remove/

Manage policy groups. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id}/users \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
group_id (required)
Path Parameter — The ID of the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body SubjectList (required)
Body Parameter — A list of users to remove from the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the user removing themselves from the Administrators group. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse
put /v3/policy-groups/{group_id}
Update the group name. Show more Show less

Update a group name. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/policy-groups/{group_id} \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"name": "TestGroup2"}'
Path parameters
group_id (required)
Path Parameter — The ID of the group to update.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupUpdateInfo (required)
Body Parameter — Details of the group to create.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the group name is too long. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse

AccountProfile

get /v3/accounts/me
Get account information. Show more Show less

Retrieve information about the account.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/me?include=policies \
-H 'Authorization: Bearer <api_key>'
Query parameters
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: limits, policies, sub_accounts.
properties (optional)
Query Parameter — Property name to return from account-specific properties.
Return type
Example data
Content-Type: application/json
{
  "country" : "United Kingdom",
  "reason" : "Subscription paid.",
  "aliases" : [ "aeiou" ],
  "city" : "Cambridge",
  "customer_number" : "1NC25_0001",
  "policies" : [ {
    "allow" : true,
    "inherited_from" : "016ada3ec2d46665bf66e32e00000000",
    "feature" : "update-campaigns",
    "resource" : "/v3/update-campaign",
    "inherited" : false,
    "action" : "GET",
    "inherited_type" : "account"
  } ],
  "sales_contact" : "sales@arm.com",
  "created_at" : "2018-02-13T09:35:20Z",
  "expiration_warning_threshold" : 180,
  "updated_at" : "2018-02-14T15:24:14Z",
  "address_line2" : " ",
  "tier" : "1",
  "address_line1" : "110 Fulbourn Rd",
  "contract_number" : "1NX25_0001",
  "contact" : "J. Doe",
  "reference_note" : "ARM-INT-0001",
  "company" : "ARM Holdings Plc",
  "id" : "01619571e2e90242ac12000600000000",
  "state" : " ",
  "idle_timeout" : 30,
  "email" : "info@arm.com",
  "limits" : {
    "key" : "aeiou"
  },
  "upgraded_at" : "2018-02-14T15:24:14Z",
  "limitations" : [ {
    "billing_period" : 1,
    "description" : "aeiou",
    "created_at" : "2018-02-13T09:35:20Z",
    "inherited_from" : "aeiou",
    "updated_at" : "2018-02-14T15:24:14Z",
    "inherited" : true,
    "quota" : 0,
    "name" : "aeiou",
    "limit" : 6,
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "inherited_type" : "aeiou",
    "object" : "user"
  } ],
  "custom_fields" : {
    "key" : "aeiou"
  },
  "business_model_history" : [ {
    "updated_at" : "2018-02-14T15:24:14Z",
    "business_model" : ""
  } ],
  "display_name" : "ARM",
  "notification_emails" : [ "aeiou" ],
  "password_recovery_expiration" : 27,
  "parent_account" : {
    "id" : "01619571dad80242ac12000600000000",
    "admin_name" : "J. Doe",
    "admin_email" : "info@arm.com"
  },
  "mfa_status" : "enforced",
  "password_policy" : {
    "minimum_length" : 8
  },
  "end_market" : "IT",
  "parent_id" : "01619571dad80242ac12000600000000",
  "sub_accounts" : [ "" ],
  "tier_history" : [ {
    "tier" : "1",
    "updatedAt" : "2018-02-14T15:24:14Z"
  } ],
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "template_id" : "01619571e7160242ac12000600000000",
  "expiration" : "2000-01-23T04:56:07.000+00:00",
  "postal_code" : "CB1 9NJ",
  "business_model" : "\"api_calls_1_business_model\"",
  "object" : "account",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. AccountInfo
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
put /v3/accounts/me
Updates attributes of the account. Show more Show less

Update the account. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/me \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"phone_number": "12345678"}'
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body AccountUpdateReq (required)
Body Parameter — Details of the account to update.
Return type
Example data
Content-Type: application/json
{
  "country" : "United Kingdom",
  "reason" : "Subscription paid.",
  "aliases" : [ "aeiou" ],
  "city" : "Cambridge",
  "customer_number" : "1NC25_0001",
  "policies" : [ {
    "allow" : true,
    "inherited_from" : "016ada3ec2d46665bf66e32e00000000",
    "feature" : "update-campaigns",
    "resource" : "/v3/update-campaign",
    "inherited" : false,
    "action" : "GET",
    "inherited_type" : "account"
  } ],
  "sales_contact" : "sales@arm.com",
  "created_at" : "2018-02-13T09:35:20Z",
  "expiration_warning_threshold" : 180,
  "updated_at" : "2018-02-14T15:24:14Z",
  "address_line2" : " ",
  "tier" : "1",
  "address_line1" : "110 Fulbourn Rd",
  "contract_number" : "1NX25_0001",
  "contact" : "J. Doe",
  "reference_note" : "ARM-INT-0001",
  "company" : "ARM Holdings Plc",
  "id" : "01619571e2e90242ac12000600000000",
  "state" : " ",
  "idle_timeout" : 30,
  "email" : "info@arm.com",
  "limits" : {
    "key" : "aeiou"
  },
  "upgraded_at" : "2018-02-14T15:24:14Z",
  "limitations" : [ {
    "billing_period" : 1,
    "description" : "aeiou",
    "created_at" : "2018-02-13T09:35:20Z",
    "inherited_from" : "aeiou",
    "updated_at" : "2018-02-14T15:24:14Z",
    "inherited" : true,
    "quota" : 0,
    "name" : "aeiou",
    "limit" : 6,
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "inherited_type" : "aeiou",
    "object" : "user"
  } ],
  "custom_fields" : {
    "key" : "aeiou"
  },
  "business_model_history" : [ {
    "updated_at" : "2018-02-14T15:24:14Z",
    "business_model" : ""
  } ],
  "display_name" : "ARM",
  "notification_emails" : [ "aeiou" ],
  "password_recovery_expiration" : 27,
  "parent_account" : {
    "id" : "01619571dad80242ac12000600000000",
    "admin_name" : "J. Doe",
    "admin_email" : "info@arm.com"
  },
  "mfa_status" : "enforced",
  "password_policy" : {
    "minimum_length" : 8
  },
  "end_market" : "IT",
  "parent_id" : "01619571dad80242ac12000600000000",
  "sub_accounts" : [ "" ],
  "tier_history" : [ {
    "tier" : "1",
    "updatedAt" : "2018-02-14T15:24:14Z"
  } ],
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "template_id" : "01619571e7160242ac12000600000000",
  "expiration" : "2000-01-23T04:56:07.000+00:00",
  "postal_code" : "CB1 9NJ",
  "business_model" : "\"api_calls_1_business_model\"",
  "object" : "account",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. AccountInfo
400 Error in input data format. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse

AccountUserInvitations

post /v3/user-invitations
Create a user invitation. Show more Show less

Invite a new or existing user. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/user-invitations \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d {"email": "myemail@company.com"}
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body UserInvitationReq (required)
Body Parameter — A user invitation object with attributes.
Return type
Example data
Content-Type: application/json
{
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_id" : "01619571e2e90242ac12000600000000",
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "etag" : "1",
  "expiration" : "2018-02-14T15:24:14Z",
  "id" : "01619571e2e89242ac12000600000000",
  "email" : "friend@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "object" : "user-invitation"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. UserInvitationResp
400 Error in input data, for example, an invalid email address. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
delete /v3/user-invitations/{invitation_id}
Delete a user invitation. Show more Show less

Delete an active user invitation sent to a new or existing user. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/user-invitations/{invitation_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
invitation_id (required)
Path Parameter — The ID of the invitation to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An invitation with the specified ID does not exist. ErrorResponse
get /v3/user-invitations
Get user invitations. Show more Show less

Retrieve an array of active user invitations sent by email. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/user-invitations \
-H 'Authorization: Bearer <api_key>'
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
login_profiles__eq (optional)
Query Parameter — Filter to retrieve user invitations by a specified login profile.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "user_id" : "01619571e2e90242ac12000600000000",
    "created_at" : "2018-02-13T09:35:20Z",
    "groups" : [ "aeiou" ],
    "etag" : "1",
    "expiration" : "2018-02-14T15:24:14Z",
    "id" : "01619571e2e89242ac12000600000000",
    "email" : "friend@arm.com",
    "login_profiles" : [ {
      "foreign_id" : "aeiou",
      "name" : "aeiou",
      "id" : "aeiou",
      "type" : "NATIVE"
    } ],
    "object" : "user-invitation"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInvitationRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
get /v3/user-invitations/{invitation_id}
Details of a user invitation. Show more Show less

Retrieve the details of an active user invitation. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/user-invitations/{invitation_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
invitation_id (required)
Path Parameter — The ID of the invitation to retrieve.
Return type
Example data
Content-Type: application/json
{
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_id" : "01619571e2e90242ac12000600000000",
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "etag" : "1",
  "expiration" : "2018-02-14T15:24:14Z",
  "id" : "01619571e2e89242ac12000600000000",
  "email" : "friend@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "object" : "user-invitation"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInvitationResp
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An invitation with the specified ID does not exist. ErrorResponse

AccountUsers

post /v3/users/{user_id}/groups
Add user to a list of groups. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated, use POST https://api.us-east-1.mbedcloud.com/v3/users/{user_id}/groups/add/

Add user to groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/users/{user_id}/groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
user_id (required)
Path Parameter — The ID of the user to add to the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body string (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A user or group with that ID does not exist. ErrorResponse
409 The user is a member of the group already. ErrorResponse
post /v3/users/{user_id}/groups/add
Add user to a list of groups. Show more Show less

Add user to groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/users/{user_id}/groups/add \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
user_id (required)
Path Parameter — The ID of the user to add to the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupIdList (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A user or group with that ID does not exist. ErrorResponse
409 The user is a member of the group already. ErrorResponse
post /v3/users
Create a new user. Show more Show less

Create or invite a new user to the account. The invited user has to accept the invitation by clicking the link in the invitation email. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/users?action=invite \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d {"email": "myemail@company.com"}
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body UserInfoReq (required)
Body Parameter — A user object with attributes.
Query parameters
action (optional)
Query Parameter — Action, either create or invite. default: create
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. UserInfoResp
400 Error in input data, for example, an invalid email address. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
409 A user with the given username or email already exists. ErrorResponse
delete /v3/users/{user_id}

Delete a user. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/users/{user_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
user_id (required)
Path Parameter — The ID of the user to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
400 Bad request, for example, trying to delete active user. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A user with the specified ID does not exist. ErrorResponse
get /v3/users

Retrieve an array of users. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/users \
-H 'Authorization: Bearer <api_key>'
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
email__eq (optional)
Query Parameter — Filter for email address
status__eq (optional)
Query Parameter — Filter for status, for example, active or reset.
status__in (optional)
Query Parameter — An optional filter to retrieve users with a specified set of statuses.
status__nin (optional)
Query Parameter — An optional filter to exclude users with a specified set of statuses.
login_profiles__eq (optional)
Query Parameter — An optional filter to retrieve users with a specified login profile.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "password_changed_time" : 1518630727688,
    "is_marketing_accepted" : true,
    "created_at" : "2018-02-13T09:35:20Z",
    "is_gtc_accepted" : true,
    "is_totp_enabled" : true,
    "password" : "PZf9eEUH43DAPE9ULINFeuj",
    "updated_at" : "2018-02-14T15:24:14Z",
    "login_history" : [ {
      "date" : "2018-02-14T17:52:07Z",
      "success" : true,
      "ip_address" : "127.0.0.1",
      "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
    } ],
    "totp_scratch_codes" : [ "aeiou" ],
    "id" : "01619571e2e89242ac12000600000000",
    "active_sessions" : [ {
      "account_id" : "01619571e2e90242ac12000600000000",
      "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
      "login_time" : "2018-02-14T17:52:07Z",
      "created_at" : "2018-02-13T09:35:20Z",
      "ip_address" : "127.0.0.1",
      "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
      "object" : "user-session"
    } ],
    "email" : "user@arm.com",
    "login_profiles" : [ {
      "foreign_id" : "aeiou",
      "name" : "aeiou",
      "id" : "aeiou",
      "type" : "NATIVE"
    } ],
    "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
    "email_verified" : true,
    "custom_fields" : {
      "key" : "aeiou"
    },
    "groups" : [ "aeiou" ],
    "full_name" : "User Doe",
    "account_id" : "01619571e2e90242ac12000600000000",
    "etag" : "1",
    "phone_number" : "+44 (1223) 400 400",
    "object" : "user",
    "status" : "ACTIVE",
    "username" : "admin"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
get /v3/users/{user_id}/groups
Get policy groups for a user. Show more Show less

Retrieve an array of policy groups associated with a user. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/users/{user_id}/groups \
-H 'Authorization: Bearer <api_key>'
Path parameters
user_id (required)
Path Parameter — The ID of the user.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "apikey_count" : 0,
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "user_count" : 1,
    "name" : "Administrators",
    "created_at" : "2018-02-13T09:35:20Z",
    "etag" : "1",
    "id" : "01619571dec00242ac12000600000000",
    "object" : "group"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummaryList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A user with the given ID does not exist. ErrorResponse
get /v3/users/{user_id}
Details of a user. Show more Show less

Retrieve the details of a user. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/users/{user_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
user_id (required)
Path Parameter — The ID of the user.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A user with the specified ID does not exist. ErrorResponse
delete /v3/users/{user_id}/groups
Remove user from groups. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated, use POST https://api.us-east-1.mbedcloud.com/v3/users/{user_id}/groups/remove/

Remove user from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/users/{user_id}/groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
user_id (required)
Path Parameter — The ID of the user to remove from the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body string (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A user with that ID does not exist. ErrorResponse
post /v3/users/{user_id}/groups/remove
Remove user from groups. Show more Show less

Remove user from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/users/{user_id}/groups/remove \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
user_id (required)
Path Parameter — The ID of the user to remove from the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupIdList (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A user with that ID does not exist. ErrorResponse
put /v3/users/{user_id}
Update user details. Show more Show less

Update user details. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/users/{user_id} \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"username": "myusername"}'
Path parameters
user_id (required)
Path Parameter — The ID of the user.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body UserUpdateReq (required)
Body Parameter — A user object with attributes.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
400 Error in input data, for example, an invalid email address. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A user with the given ID does not exist. ErrorResponse
409 A user with the given username or email already exists. ErrorResponse

SecurityAndIdentityCertificates

post /v3/trusted-certificates
Upload a new trusted certificate. Show more Show less

Upload new trusted certificates. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/trusted-certificates \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d {"name": "myCert1", "description": "very important cert", "certificate": "certificate_data", "service": "lwm2m"}
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body TrustedCertificateReq (required)
Body Parameter — A trusted certificate object with attributes.
Return type
Example data
Content-Type: application/json
{
  "enrollment_mode" : false,
  "owner_id" : "01619571dad80242ac12000600000000",
  "subject" : "CN=subject",
  "certificate" : "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----",
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "Certificate created by me.",
  "device_execution_mode" : 1,
  "certificate_fingerprint" : "a10fb2c8ba90e6de927bd0ae391dcc38f6115685de2d7024712af37ead0608f1",
  "issuer" : "CN=issuer",
  "valid" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "service" : "lwm2m",
  "name" : "My certificate",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "validity" : "2038-02-14T15:24:14Z",
  "object" : "trusted-cert",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. TrustedCertificateResp
400 Invalid certificate data, or missing or invalid parameters. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden, only available for admins of commercial accounts. ErrorResponse
409 Certificate with the given name or subject already exists. ErrorResponse
delete /v3/trusted-certificates/{cert_id}
Delete a trusted certificate by ID. Show more Show less

Delete a trusted certificate.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/trusted-certificates/{cert_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
cert_id (required)
Path Parameter — The ID of the trusted certificate to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Certificate not found. ErrorResponse
get /v3/trusted-certificates
Get all trusted certificates. Show more Show less

Retrieve an array of trusted certificates.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/trusted-certificates \
-H 'Authorization: Bearer <api_key>'
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
name__eq (optional)
Query Parameter — Filter for certificate name.
service__eq (optional)
Query Parameter — Service filter, either LwM2M or bootstrap.
expire__eq (optional)
Query Parameter — Expire filter in days.
format: int32
device_execution_mode__eq (optional)
Query Parameter — Device execution mode: 1 for developer certificates or another natural integer value.
format: int32
device_execution_mode__neq (optional)
Query Parameter — Device execution mode not_equals filter.
format: int32
owner__eq (optional)
Query Parameter — Owner name filter.
enrollment_mode__eq (optional)
Query Parameter — Enrollment mode filter.
status__eq (optional)
Query Parameter — Filter for certificate status.
issuer__like (optional)
Query Parameter — Issuer filter. Finds all matches where the filter value is a case-insensitive substring of the result. Example: issuer__like=cn=iss matches CN=issuer.
subject__like (optional)
Query Parameter — Subject filter. Finds all matches where the filter value is a case-insensitive substring of the result. Example: subject__like=cn=su matches CN=subject.
valid__eq (optional)
Query Parameter — Filter for finding certificates by validity. True returns certificates which are not yet expired. False returns certificates which have expired.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "enrollment_mode" : false,
    "owner_id" : "01619571dad80242ac12000600000000",
    "subject" : "CN=subject",
    "certificate" : "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----",
    "created_at" : "2018-02-13T09:35:20Z",
    "description" : "Certificate created by me.",
    "device_execution_mode" : 1,
    "certificate_fingerprint" : "a10fb2c8ba90e6de927bd0ae391dcc38f6115685de2d7024712af37ead0608f1",
    "issuer" : "CN=issuer",
    "valid" : true,
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "service" : "lwm2m",
    "name" : "My certificate",
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "validity" : "2038-02-14T15:24:14Z",
    "object" : "trusted-cert",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. TrustedCertificateRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
get /v3/trusted-certificates/{cert_id}
Get a trusted certificate. Show more Show less

Retrieve a trusted certificate.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/trusted-certificates/{cert_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
cert_id (required)
Path Parameter — The ID of the trusted certificate to retrieve.
Return type
Example data
Content-Type: application/json
{
  "enrollment_mode" : false,
  "owner_id" : "01619571dad80242ac12000600000000",
  "subject" : "CN=subject",
  "certificate" : "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----",
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "Certificate created by me.",
  "device_execution_mode" : 1,
  "certificate_fingerprint" : "a10fb2c8ba90e6de927bd0ae391dcc38f6115685de2d7024712af37ead0608f1",
  "issuer" : "CN=issuer",
  "valid" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "service" : "lwm2m",
  "name" : "My certificate",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "validity" : "2038-02-14T15:24:14Z",
  "object" : "trusted-cert",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. TrustedCertificateResp
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Certificate not found. ErrorResponse
put /v3/trusted-certificates/{cert_id}
Update trusted certificate. Show more Show less

Update existing trusted certificates.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/trusted-certificates/{cert_id} \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d {"description": "very important cert"}
Path parameters
cert_id (required)
Path Parameter — The ID of the trusted certificate to update.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
Body Parameter — A trusted certificate object with attributes.
Return type
Example data
Content-Type: application/json
{
  "enrollment_mode" : false,
  "owner_id" : "01619571dad80242ac12000600000000",
  "subject" : "CN=subject",
  "certificate" : "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----",
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "Certificate created by me.",
  "device_execution_mode" : 1,
  "certificate_fingerprint" : "a10fb2c8ba90e6de927bd0ae391dcc38f6115685de2d7024712af37ead0608f1",
  "issuer" : "CN=issuer",
  "valid" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "service" : "lwm2m",
  "name" : "My certificate",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "validity" : "2038-02-14T15:24:14Z",
  "object" : "trusted-cert",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. TrustedCertificateResp
400 Invalid certificate data, or missing or invalid parameters. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Certificate not found. ErrorResponse
409 Certificate with the given name or subject already exists. ErrorResponse

TenantAccountsAPIKeys

post /v3/accounts/{account_id}/api-keys/{apikey_id}/groups
Add API key to a list of groups. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/add/

Add API key to groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
account_id (required)
Path Parameter — Account ID.
apikey_id (required)
Path Parameter — The ID of the API key to add to the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body string (required)
Body Parameter — A list of IDs of groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or API key with the specified ID does not exist. ErrorResponse
409 The API key is a member of the group already. ErrorResponse
post /v3/accounts/{account_id}/api-keys/{apikey_id}/groups/add
Add API key to a list of groups. Show more Show less

Add an API key to groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/add \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
account_id (required)
Path Parameter — The ID of the Account.
apikey_id (required)
Path Parameter — The ID of the API key to add to the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupIdList (required)
Body Parameter — A list of IDs of groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or API key with the specified ID does not exist. ErrorResponse
409 The API key is a member of the group already. ErrorResponse
post /v3/accounts/{account_id}/api-keys
Create a new API key. Show more Show less

Create a new API key. There is no default value for the owner ID, and it must be from the same account where the new API key is created. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"name": "MyKey1"}'
Path parameters
account_id (required)
Path Parameter — Account ID.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body ApiKeyInfoReq (required)
Body Parameter — Details of the API key to create.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. ApiKeyInfoResp
400 Error in input data, for example, missing API key name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account with the given ID does not exist. ErrorResponse
delete /v3/accounts/{account_id}/api-keys/{apikey_id}
Delete the API key. Show more Show less

Delete an API key. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
apikey_id (required)
Path Parameter — The ID of the API key to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or API key with the specified ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/api-keys/{apikey_id}
Get API key details. Show more Show less

Retrieve details of an API key. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id} \
 -H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
apikey_id (required)
Path Parameter — The ID of the API key to retrieve.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or API key with the specified ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/api-keys
Get all API keys. Show more Show less

Retrieve an array of API keys, optionally filtered by the owner. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
key__eq (optional)
Query Parameter — API key filter. Do not include the private portion of the API key (the last 32 characters).
owner__eq (optional)
Query Parameter — Owner name filter.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "owner" : "01619571e2e89242ac12000600000000",
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "created_at" : "2018-02-13T09:35:20Z",
    "groups" : [ "aeiou" ],
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "name" : "API key gorgon",
    "etag" : "1",
    "id" : "01619571f7020242ac12000600000000",
    "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
    "object" : "api-key",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account with the given ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/api-keys/{apikey_id}/groups
Get policy groups of an API key. Show more Show less

Retrieve an array of policy groups associated with an API key. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
apikey_id (required)
Path Parameter — The ID of the API key.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "apikey_count" : 0,
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "user_count" : 1,
    "name" : "Administrators",
    "created_at" : "2018-02-13T09:35:20Z",
    "etag" : "1",
    "id" : "01619571dec00242ac12000600000000",
    "object" : "group"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummaryList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or API key with the specified ID does not exist. ErrorResponse
delete /v3/accounts/{account_id}/api-keys/{apikey_id}/groups
Remove API key from groups. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/remove/

Remove API key from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
account_id (required)
Path Parameter — Account ID.
apikey_id (required)
Path Parameter — The ID of the API key to remove from the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body string (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or API key with the specified ID does not exist. ErrorResponse
post /v3/accounts/{account_id}/api-keys/{apikey_id}/groups/remove
Remove API key from groups. Show more Show less

Remove an API key from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/groups/remove \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
apikey_id (required)
Path Parameter — The ID of the API key to remove from the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupIdList (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or API key with the specified ID does not exist. ErrorResponse
post /v3/accounts/{account_id}/api-keys/{apikey_id}/reset-secret
Reset the secret key. Show more Show less

Reset the secret key of the API key. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id}/reset-secret \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
apikey_id (required)
Path Parameter — The ID of the API key to reset.
Request body
body ApiKeyUpdateReq (optional)
Body Parameter — New API key attributes to be stored.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data, for example, invalid API key name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or API key with the specified ID does not exist. ErrorResponse
put /v3/accounts/{account_id}/api-keys/{apikey_id}
Update API key details. Show more Show less

Update API key details. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/api-keys/{apikey_id} \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"name": "TestApiKey25"}'
Path parameters
account_id (required)
Path Parameter — Account ID.
apikey_id (required)
Path Parameter — The ID of the API key to update.
Request body
body ApiKeyUpdateReq (required)
Body Parameter — New API key attributes to be stored.
Return type
Example data
Content-Type: application/json
{
  "owner" : "01619571e2e89242ac12000600000000",
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "name" : "API key gorgon",
  "etag" : "1",
  "id" : "01619571f7020242ac12000600000000",
  "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
  "object" : "api-key",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoResp
400 Error in input data, for example, invalid API key name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account ID or API key with the specified ID does not exist. ErrorResponse

TenantAccountsAccounts

post /v3/accounts
Create a new account. Show more Show less

Create a new account. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"display_name": "MyAccount1", "aliases": [ "my-account" ], "admin_name": "accountAdmin1", "email": "example_admin@myaccount.info", "country": "United Kingdom", "end_market": "Smart City", "address_line1": "110 Fulbourn Rd", "city": "Cambridge", "contact": "J. Doe", "company": "Arm"}'
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body AccountCreationReq (required)
Body Parameter — Details of the account to create.
Query parameters
action (optional)
Query Parameter

Action, either create or enroll.

  • `create` creates the account where its admin user has ACTIVE status if `admin_password` was defined in the request, or RESET status if no `admin_password` was defined. If the user already exists, its status is not modified.
  • `enroll` creates the account where its admin user has ENROLLING status. If the user already exists, its status is not modified. Email to finish enrollment or notify the existing user about the new account is sent to the `admin_email` defined in the request.
default: create
Return type
Example data
Content-Type: application/json
{
  "country" : "United Kingdom",
  "reason" : "Subscription paid.",
  "aliases" : [ "aeiou" ],
  "admin_email" : "admin@arm.com",
  "contact" : "J. Doe",
  "id" : "01619571e2e90242ac12000600000000",
  "state" : " ",
  "idle_timeout" : 30,
  "upgraded_at" : "2018-02-14T15:24:14Z",
  "limitations" : [ "" ],
  "custom_fields" : {
    "key" : "aeiou"
  },
  "business_model_history" : [ "" ],
  "display_name" : "ARM",
  "admin_password" : "PZf9eEUH43DAPE9ULINFeuj",
  "password_recovery_expiration" : 25,
  "mfa_status" : "enforced",
  "admin_full_name" : "Admin Doe",
  "parent_id" : "01619571dad80242ac12000600000000",
  "admin_id" : "01619571e2e89242ac12000600000000",
  "tier_history" : [ "" ],
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "expiration" : "2000-01-23T04:56:07.000+00:00",
  "business_model" : "",
  "admin_key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000B40IkJADMANmAscAj0Ot0n2yeQnyt9tT",
  "object" : "account",
  "status" : "ACTIVE",
  "city" : "Cambridge",
  "customer_number" : "1NC25_0001",
  "policies" : [ {
    "allow" : true,
    "inherited_from" : "016ada3ec2d46665bf66e32e00000000",
    "feature" : "update-campaigns",
    "resource" : "/v3/update-campaign",
    "inherited" : false,
    "action" : "GET",
    "inherited_type" : "account"
  } ],
  "sales_contact" : "sales@arm.com",
  "created_at" : "2018-02-13T09:35:20Z",
  "expiration_warning_threshold" : 180,
  "updated_at" : "2018-02-14T15:24:14Z",
  "address_line2" : " ",
  "tier" : "1",
  "address_line1" : "110 Fulbourn Rd",
  "contract_number" : "1NX25_0001",
  "reference_note" : "ARM-INT-0001",
  "company" : "ARM Holdings Plc",
  "email" : "info@arm.com",
  "limits" : {
    "key" : "aeiou"
  },
  "notification_emails" : [ "aeiou" ],
  "parent_account" : "",
  "password_policy" : "",
  "end_market" : "IT",
  "sub_accounts" : [ {
    "country" : "United Kingdom",
    "reason" : "Subscription paid.",
    "aliases" : [ "aeiou" ],
    "city" : "Cambridge",
    "customer_number" : "1NC25_0001",
    "policies" : [ "" ],
    "sales_contact" : "sales@arm.com",
    "created_at" : "2018-02-13T09:35:20Z",
    "expiration_warning_threshold" : 180,
    "updated_at" : "2018-02-14T15:24:14Z",
    "address_line2" : " ",
    "tier" : "1",
    "address_line1" : "110 Fulbourn Rd",
    "contract_number" : "1NX25_0001",
    "contact" : "J. Doe",
    "reference_note" : "ARM-INT-0001",
    "company" : "ARM Holdings Plc",
    "id" : "01619571e2e90242ac12000600000000",
    "state" : " ",
    "idle_timeout" : 30,
    "email" : "info@arm.com",
    "limits" : {
      "key" : "aeiou"
    },
    "upgraded_at" : "2018-02-14T15:24:14Z",
    "limitations" : [ {
      "billing_period" : 1,
      "description" : "aeiou",
      "created_at" : "2018-02-13T09:35:20Z",
      "inherited_from" : "aeiou",
      "updated_at" : "2018-02-14T15:24:14Z",
      "inherited" : true,
      "quota" : 0,
      "name" : "aeiou",
      "limit" : 6,
      "etag" : "1",
      "id" : "01619571d01d0242ac12000600000000",
      "inherited_type" : "aeiou",
      "object" : "user"
    } ],
    "custom_fields" : {
      "key" : "aeiou"
    },
    "business_model_history" : [ {
      "updated_at" : "2018-02-14T15:24:14Z",
      "business_model" : ""
    } ],
    "display_name" : "ARM",
    "notification_emails" : [ "aeiou" ],
    "password_recovery_expiration" : 27,
    "parent_account" : {
      "id" : "01619571dad80242ac12000600000000",
      "admin_name" : "J. Doe",
      "admin_email" : "info@arm.com"
    },
    "mfa_status" : "enforced",
    "password_policy" : {
      "minimum_length" : 8
    },
    "end_market" : "IT",
    "parent_id" : "01619571dad80242ac12000600000000",
    "sub_accounts" : [ "" ],
    "tier_history" : [ {
      "tier" : "1",
      "updatedAt" : "2018-02-14T15:24:14Z"
    } ],
    "etag" : "1",
    "phone_number" : "+44 (1223) 400 400",
    "template_id" : "01619571e7160242ac12000600000000",
    "expiration" : "2000-01-23T04:56:07.000+00:00",
    "postal_code" : "CB1 9NJ",
    "business_model" : "\"api_calls_1_business_model\"",
    "object" : "account",
    "status" : "ACTIVE"
  } ],
  "template_id" : "01619571e7160242ac12000600000000",
  "admin_name" : "admin",
  "postal_code" : "CB1 9NJ"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 Successful operation. AccountCreationResp
400 Error in input data, for example, invalid username. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
409 Account with the specified alias exists already. ErrorResponse
get /v3/accounts/{account_id}
Get account information. Show more Show less

Retrieve detailed information about an account. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account to fetch.
Query parameters
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: limits, policies, sub_accounts, history.
properties (optional)
Query Parameter — Property name to return from account-specific properties.
Return type
Example data
Content-Type: application/json
{
  "country" : "United Kingdom",
  "reason" : "Subscription paid.",
  "aliases" : [ "aeiou" ],
  "city" : "Cambridge",
  "customer_number" : "1NC25_0001",
  "policies" : [ {
    "allow" : true,
    "inherited_from" : "016ada3ec2d46665bf66e32e00000000",
    "feature" : "update-campaigns",
    "resource" : "/v3/update-campaign",
    "inherited" : false,
    "action" : "GET",
    "inherited_type" : "account"
  } ],
  "sales_contact" : "sales@arm.com",
  "created_at" : "2018-02-13T09:35:20Z",
  "expiration_warning_threshold" : 180,
  "updated_at" : "2018-02-14T15:24:14Z",
  "address_line2" : " ",
  "tier" : "1",
  "address_line1" : "110 Fulbourn Rd",
  "contract_number" : "1NX25_0001",
  "contact" : "J. Doe",
  "reference_note" : "ARM-INT-0001",
  "company" : "ARM Holdings Plc",
  "id" : "01619571e2e90242ac12000600000000",
  "state" : " ",
  "idle_timeout" : 30,
  "email" : "info@arm.com",
  "limits" : {
    "key" : "aeiou"
  },
  "upgraded_at" : "2018-02-14T15:24:14Z",
  "limitations" : [ {
    "billing_period" : 1,
    "description" : "aeiou",
    "created_at" : "2018-02-13T09:35:20Z",
    "inherited_from" : "aeiou",
    "updated_at" : "2018-02-14T15:24:14Z",
    "inherited" : true,
    "quota" : 0,
    "name" : "aeiou",
    "limit" : 6,
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "inherited_type" : "aeiou",
    "object" : "user"
  } ],
  "custom_fields" : {
    "key" : "aeiou"
  },
  "business_model_history" : [ {
    "updated_at" : "2018-02-14T15:24:14Z",
    "business_model" : ""
  } ],
  "display_name" : "ARM",
  "notification_emails" : [ "aeiou" ],
  "password_recovery_expiration" : 27,
  "parent_account" : {
    "id" : "01619571dad80242ac12000600000000",
    "admin_name" : "J. Doe",
    "admin_email" : "info@arm.com"
  },
  "mfa_status" : "enforced",
  "password_policy" : {
    "minimum_length" : 8
  },
  "end_market" : "IT",
  "parent_id" : "01619571dad80242ac12000600000000",
  "sub_accounts" : [ "" ],
  "tier_history" : [ {
    "tier" : "1",
    "updatedAt" : "2018-02-14T15:24:14Z"
  } ],
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "template_id" : "01619571e7160242ac12000600000000",
  "expiration" : "2000-01-23T04:56:07.000+00:00",
  "postal_code" : "CB1 9NJ",
  "business_model" : "\"api_calls_1_business_model\"",
  "object" : "account",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. AccountInfo
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account with the given ID not found. ErrorResponse
get /v3/accounts
Get all accounts. Show more Show less

Retrieve an array of tenant accounts, optionally filtered by status and tier level. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts \
-H 'Authorization: Bearer <api_key>'
Query parameters
status__eq (optional)
Query Parameter — An optional filter for account status, ENROLLING, ACTIVE, RESTRICTED, or SUSPENDED.
status__in (optional)
Query Parameter — An optional filter to retrieve accounts with a specified set of statuses.
status__nin (optional)
Query Parameter — An optional filter to exclude accounts with a specified set of statuses.
tier__eq (optional)
Query Parameter — An optional filter for tier level. Must be 0, 1, 2, 98, 99, or omitted.
parent__eq (optional)
Query Parameter — An optional filter for parent account ID.
end_market__eq (optional)
Query Parameter — An optional filter for account end market.
country__like (optional)
Query Parameter — An optional filter for account country. Finds all matches where the filter value is a case-insensitive substring of the result. Example: country__like=LAND matches Ireland.
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 1000. default: 1000
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: limits, policies, sub_accounts, history.
format (optional)
Query Parameter — Format information for the query response. Supported: format=breakdown.
properties (optional)
Query Parameter — Property name returned from account-specific properties.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "country" : "United Kingdom",
    "reason" : "Subscription paid.",
    "aliases" : [ "aeiou" ],
    "city" : "Cambridge",
    "customer_number" : "1NC25_0001",
    "policies" : [ {
      "allow" : true,
      "inherited_from" : "016ada3ec2d46665bf66e32e00000000",
      "feature" : "update-campaigns",
      "resource" : "/v3/update-campaign",
      "inherited" : false,
      "action" : "GET",
      "inherited_type" : "account"
    } ],
    "sales_contact" : "sales@arm.com",
    "created_at" : "2018-02-13T09:35:20Z",
    "expiration_warning_threshold" : 180,
    "updated_at" : "2018-02-14T15:24:14Z",
    "address_line2" : " ",
    "tier" : "1",
    "address_line1" : "110 Fulbourn Rd",
    "contract_number" : "1NX25_0001",
    "contact" : "J. Doe",
    "reference_note" : "ARM-INT-0001",
    "company" : "ARM Holdings Plc",
    "id" : "01619571e2e90242ac12000600000000",
    "state" : " ",
    "idle_timeout" : 30,
    "email" : "info@arm.com",
    "limits" : {
      "key" : "aeiou"
    },
    "upgraded_at" : "2018-02-14T15:24:14Z",
    "limitations" : [ {
      "billing_period" : 1,
      "description" : "aeiou",
      "created_at" : "2018-02-13T09:35:20Z",
      "inherited_from" : "aeiou",
      "updated_at" : "2018-02-14T15:24:14Z",
      "inherited" : true,
      "quota" : 0,
      "name" : "aeiou",
      "limit" : 6,
      "etag" : "1",
      "id" : "01619571d01d0242ac12000600000000",
      "inherited_type" : "aeiou",
      "object" : "user"
    } ],
    "custom_fields" : {
      "key" : "aeiou"
    },
    "business_model_history" : [ {
      "updated_at" : "2018-02-14T15:24:14Z",
      "business_model" : ""
    } ],
    "display_name" : "ARM",
    "notification_emails" : [ "aeiou" ],
    "password_recovery_expiration" : 27,
    "parent_account" : {
      "id" : "01619571dad80242ac12000600000000",
      "admin_name" : "J. Doe",
      "admin_email" : "info@arm.com"
    },
    "mfa_status" : "enforced",
    "password_policy" : {
      "minimum_length" : 8
    },
    "end_market" : "IT",
    "parent_id" : "01619571dad80242ac12000600000000",
    "sub_accounts" : [ "" ],
    "tier_history" : [ {
      "tier" : "1",
      "updatedAt" : "2018-02-14T15:24:14Z"
    } ],
    "etag" : "1",
    "phone_number" : "+44 (1223) 400 400",
    "template_id" : "01619571e7160242ac12000600000000",
    "expiration" : "2000-01-23T04:56:07.000+00:00",
    "postal_code" : "CB1 9NJ",
    "business_model" : "\"api_calls_1_business_model\"",
    "object" : "account",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. AccountInfoList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
put /v3/accounts/{account_id}
Update attributes of an existing account. Show more Show less

Update an account. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id} \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"phone_number": "12345678"}'
Path parameters
account_id (required)
Path Parameter — The ID of the account to update.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body AccountUpdateRootReq (required)
Body Parameter — Details of the account to update.
Return type
Example data
Content-Type: application/json
{
  "country" : "United Kingdom",
  "reason" : "Subscription paid.",
  "aliases" : [ "aeiou" ],
  "city" : "Cambridge",
  "customer_number" : "1NC25_0001",
  "policies" : [ {
    "allow" : true,
    "inherited_from" : "016ada3ec2d46665bf66e32e00000000",
    "feature" : "update-campaigns",
    "resource" : "/v3/update-campaign",
    "inherited" : false,
    "action" : "GET",
    "inherited_type" : "account"
  } ],
  "sales_contact" : "sales@arm.com",
  "created_at" : "2018-02-13T09:35:20Z",
  "expiration_warning_threshold" : 180,
  "updated_at" : "2018-02-14T15:24:14Z",
  "address_line2" : " ",
  "tier" : "1",
  "address_line1" : "110 Fulbourn Rd",
  "contract_number" : "1NX25_0001",
  "contact" : "J. Doe",
  "reference_note" : "ARM-INT-0001",
  "company" : "ARM Holdings Plc",
  "id" : "01619571e2e90242ac12000600000000",
  "state" : " ",
  "idle_timeout" : 30,
  "email" : "info@arm.com",
  "limits" : {
    "key" : "aeiou"
  },
  "upgraded_at" : "2018-02-14T15:24:14Z",
  "limitations" : [ {
    "billing_period" : 1,
    "description" : "aeiou",
    "created_at" : "2018-02-13T09:35:20Z",
    "inherited_from" : "aeiou",
    "updated_at" : "2018-02-14T15:24:14Z",
    "inherited" : true,
    "quota" : 0,
    "name" : "aeiou",
    "limit" : 6,
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "inherited_type" : "aeiou",
    "object" : "user"
  } ],
  "custom_fields" : {
    "key" : "aeiou"
  },
  "business_model_history" : [ {
    "updated_at" : "2018-02-14T15:24:14Z",
    "business_model" : ""
  } ],
  "display_name" : "ARM",
  "notification_emails" : [ "aeiou" ],
  "password_recovery_expiration" : 27,
  "parent_account" : {
    "id" : "01619571dad80242ac12000600000000",
    "admin_name" : "J. Doe",
    "admin_email" : "info@arm.com"
  },
  "mfa_status" : "enforced",
  "password_policy" : {
    "minimum_length" : 8
  },
  "end_market" : "IT",
  "parent_id" : "01619571dad80242ac12000600000000",
  "sub_accounts" : [ "" ],
  "tier_history" : [ {
    "tier" : "1",
    "updatedAt" : "2018-02-14T15:24:14Z"
  } ],
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "template_id" : "01619571e7160242ac12000600000000",
  "expiration" : "2000-01-23T04:56:07.000+00:00",
  "postal_code" : "CB1 9NJ",
  "business_model" : "\"api_calls_1_business_model\"",
  "object" : "account",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. AccountInfo
400 Error in input data format. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account with the given ID not found. ErrorResponse
409 Account with the specified new alias exists already. ErrorResponse

TenantAccountsEmailNotificationLogs

get /v3/accounts/{account_id}/notifications
Get email notifications. Show more Show less
Retrieve an array of email notification logs. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — Account ID.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "error_msg" : "Connection error.",
    "receiver" : "example@email-receiver.test",
    "subject" : "Account locked.",
    "success" : true,
    "created_at" : "2018-02-13T09:35:20Z",
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "message" : "User limit has been reached.",
    "type" : "email",
    "object" : "notification-entry"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. NotificationEntryList
400 Error in input data, or missing or invalid parameters. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden ErrorResponse
404 Account with the given ID not found. ErrorResponse
get /v3/accounts/{account_id}/notifications/{notification_id}
Get an email notification. Show more Show less
Retrieve an email notifications log entry. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — The ID of the account for which this notification should be retrieved.
notification_id (required)
Path Parameter — The ID of the notification entry to be retrieved.
Return type
Example data
Content-Type: application/json
{
  "account_id" : "01619571e2e90242ac12000600000000",
  "error_msg" : "Connection error.",
  "receiver" : "example@email-receiver.test",
  "subject" : "Account locked.",
  "success" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "message" : "User limit has been reached.",
  "type" : "email",
  "object" : "notification-entry"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 successful operation NotificationEntry
400 Error in input data, missing or invalid parameters. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden ErrorResponse
404 No entry found for the given ID. ErrorResponse

TenantAccountsEntitlementLimitations

get /v3/accounts/{account_id}/limitations/{limitation_id}
Get an entitlement limitation. Show more Show less
Retrieve an entitlement limitation. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — The ID of the account.
limitation_id (required)
Path Parameter — The ID of the limitation to be fetched.
Return type
Example data
Content-Type: application/json
{
  "billing_period" : 1,
  "description" : "aeiou",
  "created_at" : "2018-02-13T09:35:20Z",
  "inherited_from" : "aeiou",
  "updated_at" : "2018-02-14T15:24:14Z",
  "inherited" : true,
  "quota" : 0,
  "name" : "aeiou",
  "limit" : 6,
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "inherited_type" : "aeiou",
  "object" : "user"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 successful operation AccountLimitation
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Limitation or account with the given ID not found. ErrorResponse
get /v3/accounts/{account_id}/limitations
Get entitlement limitations. Show more Show less
Retrieve an array of entitlement limitations. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — The ID of the account.
Query parameters
inherited__eq (optional)
Query Parameter — Filter for finding account limitations by inheritance. True returns also inherited limitations. False returns only non-inherited ones.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "billing_period" : 1,
    "description" : "aeiou",
    "created_at" : "2018-02-13T09:35:20Z",
    "inherited_from" : "aeiou",
    "updated_at" : "2018-02-14T15:24:14Z",
    "inherited" : true,
    "quota" : 0,
    "name" : "aeiou",
    "limit" : 6,
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "inherited_type" : "aeiou",
    "object" : "user"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 successful operation AccountLimitationList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account with the given ID not found. ErrorResponse

TenantAccountsIdentityProviders

post /v3/accounts/{account_id}/identity-providers
Create a new identity provider. Show more Show less
Create a new identity provider. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — Account ID.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
Body Parameter — Details of the identity provider to create.
Query parameters
discovery (optional)
Query Parameter — Indicates that the OpenID Connect endpoints and keys should be set using the OpenID Connect Discovery mechanism. The following parameters are set automatically: * authorization_endpoint * token_endpoint * userinfo_endpoint * revocation_endpoint * jwks_uri * keys
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. IdentityProviderInfo
400 Error in input data, for example, too long name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account not found. ErrorResponse
delete /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
Delete an identity provider by ID. Show more Show less
Delete an identity provider by ID. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — Account ID.
identity_provider_id (required)
Path Parameter — The ID of the identity provider to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden, or identity provider is in use. ErrorResponse
404 Account or identity provider not found. ErrorResponse
post /v3/accounts/{account_id}/identity-providers/{identity_provider_id}/delete-sp-certificate
Delete the service provider certificate. Show more Show less
Delete a service provider certificate. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — Account ID.
identity_provider_id (required)
Path Parameter — The ID of the identity provider whose certificate should be deleted.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderInfo
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account or identity provider not found. ErrorResponse
post /v3/accounts/{account_id}/identity-providers/{identity_provider_id}/generate-sp-certificate
Generate a new service provider certificate. Show more Show less
Generate a new service provider certificate. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — Account ID.
identity_provider_id (required)
Path Parameter — The ID of the identity provider for which to generate a certificate.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body CertificateGenerationReq (required)
Body Parameter — Details of the service provider certificate to be generated.
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderInfo
400 Error in input data, for example, invalid certificate validity value. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account or identity provider not found. ErrorResponse
get /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
Get an identity provider. Show more Show less
Retrieve an identity provider. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — Account ID.
identity_provider_id (required)
Path Parameter — The ID of the identity provider to retrieve.
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderInfo
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account or identity provider not found. ErrorResponse
get /v3/accounts/{account_id}/identity-providers
Get all identity providers. Show more Show less
Retrieve an array of identity providers. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — The ID of the account.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "created_at" : "2018-02-13T09:35:20Z",
    "description" : "aeiou",
    "type" : "NATIVE",
    "saml2_attributes" : {
      "idp_entity_id" : "aeiou",
      "assertion_endpoint" : "aeiou",
      "slo_endpoint" : "aeiou",
      "sso_endpoint" : "aeiou",
      "sp_x509_cert" : "aeiou",
      "sp_entity_id" : "aeiou",
      "idp_x509_certs" : [ "aeiou" ]
    },
    "is_default" : true,
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "oidc_attributes" : {
      "keys" : [ {
        "kid" : "aeiou",
        "key" : "aeiou"
      } ],
      "claim_mapping" : {
        "sub" : "aeiou",
        "email_verified" : "aeiou",
        "updated_at" : "aeiou",
        "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
        "name" : "aeiou",
        "phone_number" : "aeiou",
        "given_name" : "aeiou",
        "family_name" : "aeiou",
        "email" : "email_address"
      },
      "end_session_endpoint" : "aeiou",
      "revocation_endpoint" : "aeiou",
      "issuer" : "aeiou",
      "client_id" : "aeiou",
      "authorization_endpoint" : "aeiou",
      "userinfo_endpoint" : "aeiou",
      "jwks_uri" : "aeiou",
      "token_request_mode" : "POST",
      "client_secret" : "aeiou",
      "redirect_uri" : "aeiou",
      "auto_enrollment" : true,
      "token_response_path" : "oidc.data",
      "scopes" : "openid email",
      "token_endpoint" : "aeiou"
    },
    "name" : "aeiou",
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "object" : "identity-provider",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account not found. ErrorResponse
post /v3/accounts/{account_id}/identity-providers/{identity_provider_id}/refresh-jwks
Refresh the OIDC signing keys. Show more Show less
Refresh an OIDC IdP's signing keys. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — The ID of the account to be managed.
identity_provider_id (required)
Path Parameter — The ID of the identity provider for which to refresh the signing keys.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderInfo
400 Not an OIDC IdP or JWKS URI is unspecified. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account or identity provider not found. ErrorResponse
put /v3/accounts/{account_id}/identity-providers/{identity_provider_id}
Update an existing identity provider. Show more Show less
Update an existing identity provider. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — Account ID.
identity_provider_id (required)
Path Parameter — The ID of the identity provider to update.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
Body Parameter — Details of the identity provider to update.
Query parameters
discovery (optional)
Query Parameter — Indicates that the OpenID Connect endpoints and keys should be set using the OpenID Connect Discovery mechanism. The following parameters are set automatically: * authorization_endpoint * token_endpoint * userinfo_endpoint * revocation_endpoint * jwks_uri * keys
Return type
Example data
Content-Type: application/json
{
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "aeiou",
  "type" : "NATIVE",
  "saml2_attributes" : {
    "idp_entity_id" : "aeiou",
    "assertion_endpoint" : "aeiou",
    "slo_endpoint" : "aeiou",
    "sso_endpoint" : "aeiou",
    "sp_x509_cert" : "aeiou",
    "sp_entity_id" : "aeiou",
    "idp_x509_certs" : [ "aeiou" ]
  },
  "is_default" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "oidc_attributes" : {
    "keys" : [ {
      "kid" : "aeiou",
      "key" : "aeiou"
    } ],
    "claim_mapping" : {
      "sub" : "aeiou",
      "email_verified" : "aeiou",
      "updated_at" : "aeiou",
      "updated_at_pattern" : "yyyy-MM-dd'T'HH:mm:ssXXX",
      "name" : "aeiou",
      "phone_number" : "aeiou",
      "given_name" : "aeiou",
      "family_name" : "aeiou",
      "email" : "email_address"
    },
    "end_session_endpoint" : "aeiou",
    "revocation_endpoint" : "aeiou",
    "issuer" : "aeiou",
    "client_id" : "aeiou",
    "authorization_endpoint" : "aeiou",
    "userinfo_endpoint" : "aeiou",
    "jwks_uri" : "aeiou",
    "token_request_mode" : "POST",
    "client_secret" : "aeiou",
    "redirect_uri" : "aeiou",
    "auto_enrollment" : true,
    "token_response_path" : "oidc.data",
    "scopes" : "openid email",
    "token_endpoint" : "aeiou"
  },
  "name" : "aeiou",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "object" : "identity-provider",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. IdentityProviderInfo
400 Error in input data, for example, missing name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account or identity provider not found. ErrorResponse

TenantAccountsPolicyGroups

post /v3/accounts/{account_id}/policy-groups/{group_id}/api-keys
Add API keys to Account group. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/add/

Add API keys to account groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
group_id (required)
Path Parameter — The ID of the group to retrieve API keys for.
Request body
body SubjectList (required)
Body Parameter — A list of API keys to add to the group.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "owner" : "01619571e2e89242ac12000600000000",
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "created_at" : "2018-02-13T09:35:20Z",
    "groups" : [ "aeiou" ],
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "name" : "API key gorgon",
    "etag" : "1",
    "id" : "01619571f7020242ac12000600000000",
    "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
    "object" : "api-key",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoRespList
400 Successful operation. ApiKeyInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
409 The API Key is a member of the group or account already. ErrorResponse
post /v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/add
Add API keys to account group. Show more Show less

Add API keys to account groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/add \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
group_id (required)
Path Parameter — The ID of the group to retrieve API keys for.
Request body
body SubjectList (required)
Body Parameter — A list of API keys to add to the group.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "owner" : "01619571e2e89242ac12000600000000",
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "created_at" : "2018-02-13T09:35:20Z",
    "groups" : [ "aeiou" ],
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "name" : "API key gorgon",
    "etag" : "1",
    "id" : "01619571f7020242ac12000600000000",
    "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
    "object" : "api-key",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoRespList
400 Successful operation. ApiKeyInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
409 The API key is a member of the account group already. ErrorResponse
post /v3/accounts/{account_id}/policy-groups/{group_id}/users/add
Add users to account group. Show more Show less

Add users to account group. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users/add \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
group_id (required)
Path Parameter — The ID of the group to retrieve API keys for.
Request body
body SubjectList (required)
Body Parameter — A list of API keys to add to the group.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "owner" : "01619571e2e89242ac12000600000000",
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "created_at" : "2018-02-13T09:35:20Z",
    "groups" : [ "aeiou" ],
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "name" : "API key gorgon",
    "etag" : "1",
    "id" : "01619571f7020242ac12000600000000",
    "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
    "object" : "api-key",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoRespList
400 Successful operation. ApiKeyInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
409 The user is a member of the account group already. ErrorResponse
post /v3/accounts/{account_id}/policy-groups/{group_id}
Add members to a group. Show more Show less

Add users and API keys to groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id} \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"users": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}'
Path parameters
account_id (required)
Path Parameter — Account ID.
group_id (required)
Path Parameter — The ID of the group to update.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body SubjectList (required)
Body Parameter — A list of users and API keys to add to the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the user or API key does not exist. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
409 The user of this API key is a member of the group already. ErrorResponse
post /v3/accounts/{account_id}/policy-groups/{group_id}/users
Add users to account group. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users/add/

Add users to account group. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
group_id (required)
Path Parameter — The ID of the group to retrieve API keys for.
Request body
body SubjectList (required)
Body Parameter — A list of API keys to add to the group.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "owner" : "01619571e2e89242ac12000600000000",
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "created_at" : "2018-02-13T09:35:20Z",
    "groups" : [ "aeiou" ],
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "name" : "API key gorgon",
    "etag" : "1",
    "id" : "01619571f7020242ac12000600000000",
    "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
    "object" : "api-key",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoRespList
400 Successful operation. ApiKeyInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
409 The user is a member of the account group already. ErrorResponse
post /v3/accounts/{account_id}/policy-groups
Create a new group. Show more Show less

Create a new group. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"name": "MyGroup1"}'
Path parameters
account_id (required)
Path Parameter — Account ID.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupCreationInfo (required)
Body Parameter — Details of the group to create.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. GroupSummary
400 Error in input data, for example, invalid group name. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account with the specified ID does not exist. ErrorResponse
409 A group with that name already exists. ErrorResponse
delete /v3/accounts/{account_id}/policy-groups/{group_id}
Delete a group. Show more Show less

Delete a group. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
group_id (required)
Path Parameter — The ID of the group to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden, or Administrators group cannot be removed. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/policy-groups/{group_id}
Get policy group. Show more Show less

Retrieve policy group details. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
group_id (required)
Path Parameter — The ID of the group to retrieve.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/policy-groups
Get policy groups. Show more Show less

Retrieve an array of policy groups. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
name__eq (optional)
Query Parameter — Filter for group name.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "apikey_count" : 0,
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "user_count" : 1,
    "name" : "Administrators",
    "created_at" : "2018-02-13T09:35:20Z",
    "etag" : "1",
    "id" : "01619571dec00242ac12000600000000",
    "object" : "group"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummaryList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account with the specified ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/policy-groups/{group_id}/api-keys
Get API keys in a group. Show more Show less

Retrieve an array of API keys associated with a policy group. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
group_id (required)
Path Parameter — The ID of the group to retrieve API keys for.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "owner" : "01619571e2e89242ac12000600000000",
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "created_at" : "2018-02-13T09:35:20Z",
    "groups" : [ "aeiou" ],
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "name" : "API key gorgon",
    "etag" : "1",
    "id" : "01619571f7020242ac12000600000000",
    "key" : "ak_1MDE2MTk1NzFmNmU4MDI0MmFjMTIwMDA2MDAwMDAwMDA01619571f7020242ac12000600000000",
    "object" : "api-key",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. ApiKeyInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/policy-groups/{group_id}/users
Get users in a policy group. Show more Show less

Retrieve an array of users associated with a policy group. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
group_id (required)
Path Parameter — The ID of the group to retrieve users for.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
status__eq (optional)
Query Parameter — An optional filter to retrieve users by status.
status__in (optional)
Query Parameter — An optional filter to retrieve users with a specified set of statuses.
status__nin (optional)
Query Parameter — An optional filter to exclude users with a specified set of statuses.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "password_changed_time" : 1518630727688,
    "is_marketing_accepted" : true,
    "created_at" : "2018-02-13T09:35:20Z",
    "is_gtc_accepted" : true,
    "is_totp_enabled" : true,
    "password" : "PZf9eEUH43DAPE9ULINFeuj",
    "updated_at" : "2018-02-14T15:24:14Z",
    "login_history" : [ {
      "date" : "2018-02-14T17:52:07Z",
      "success" : true,
      "ip_address" : "127.0.0.1",
      "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
    } ],
    "totp_scratch_codes" : [ "aeiou" ],
    "id" : "01619571e2e89242ac12000600000000",
    "active_sessions" : [ {
      "account_id" : "01619571e2e90242ac12000600000000",
      "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
      "login_time" : "2018-02-14T17:52:07Z",
      "created_at" : "2018-02-13T09:35:20Z",
      "ip_address" : "127.0.0.1",
      "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
      "object" : "user-session"
    } ],
    "email" : "user@arm.com",
    "login_profiles" : [ {
      "foreign_id" : "aeiou",
      "name" : "aeiou",
      "id" : "aeiou",
      "type" : "NATIVE"
    } ],
    "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
    "email_verified" : true,
    "custom_fields" : {
      "key" : "aeiou"
    },
    "groups" : [ "aeiou" ],
    "full_name" : "User Doe",
    "account_id" : "01619571e2e90242ac12000600000000",
    "etag" : "1",
    "phone_number" : "+44 (1223) 400 400",
    "object" : "user",
    "status" : "ACTIVE",
    "username" : "admin"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
delete /v3/accounts/{account_id}/policy-groups/{group_id}/api-keys
Remove API keys from a group. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/remove

Remove API keys from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"apikeys": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}'
Path parameters
account_id (required)
Path Parameter — Account ID.
group_id (required)
Path Parameter — The ID of the group to remove API keys from.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body SubjectList (required)
Body Parameter — A list of API keys to remove from the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the array of API keys is missing. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
post /v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/remove
Remove API keys from a group. Show more Show less

Remove API keys from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/api-keys/remove \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"apikeys": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
group_id (required)
Path Parameter — The ID of the group to remove API keys from.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body SubjectList (required)
Body Parameter — A list of API keys to remove from the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the array of API keys is missing. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
post /v3/accounts/{account_id}/policy-groups/{group_id}/users/remove
Remove users from a group. Show more Show less

Remove users from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users \
-H 'Authorization: Bearer <api_key>' \
 -H 'content-type: application/json' \
-d '{"users": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
group_id (required)
Path Parameter — The ID of the group to remove users from.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body SubjectList (required)
Body Parameter — A list of users to remove from the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the last user to remove from Administrators group. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
delete /v3/accounts/{account_id}/policy-groups/{group_id}/users
Remove users from a group. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users/remove/

Remove users from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/users \
-H 'Authorization: Bearer <api_key>' \
 -H 'content-type: application/json' \
-d '{"users": ["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]}'
Path parameters
account_id (required)
Path Parameter — Account ID.
group_id (required)
Path Parameter — The ID of the group to remove users from.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body SubjectList (required)
Body Parameter — A list of users to remove from the group.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the last user to remove from Administrators group. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or group with that ID does not exist. ErrorResponse
put /v3/accounts/{account_id}/policy-groups/{group_id}
Update the group name. Show more Show less

Update a group name. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/policy-groups/{group_id}/ \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"name": "TestGroup2"}'
Path parameters
account_id (required)
Path Parameter — Account ID.
group_id (required)
Path Parameter — The ID of the group to update.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupUpdateInfo (required)
Body Parameter — Details of the group to create.
Return type
Example data
Content-Type: application/json
{
  "apikey_count" : 0,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_count" : 1,
  "name" : "Administrators",
  "created_at" : "2018-02-13T09:35:20Z",
  "etag" : "1",
  "id" : "01619571dec00242ac12000600000000",
  "object" : "group"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummary
400 Error in input data, for example, the group name is too long. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 A group with that ID does not exist. ErrorResponse

TenantAccountsUserInvitations

post /v3/accounts/{account_id}/user-invitations
Create a user invitation. Show more Show less

Invite a new or existing user. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accouns/{account_id}/user-invitations \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d {"email": "myemail@company.com"}
Path parameters
account_id (required)
Path Parameter — Account ID.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body UserInvitationReq (required)
Body Parameter — A user invitation object with attributes.
Return type
Example data
Content-Type: application/json
{
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_id" : "01619571e2e90242ac12000600000000",
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "etag" : "1",
  "expiration" : "2018-02-14T15:24:14Z",
  "id" : "01619571e2e89242ac12000600000000",
  "email" : "friend@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "object" : "user-invitation"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. UserInvitationResp
400 Error in input data, for example, invalid email address. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
delete /v3/accounts/{account_id}/user-invitations/{invitation_id}
Delete a user invitation. Show more Show less

Delete an active user invitation sent to a new or existing user. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/user-invitations/{invitation_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
invitation_id (required)
Path Parameter — The ID of the invitation to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or invitation with the specified ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/user-invitations/{invitation_id}
Details of a user invitation. Show more Show less

Retrieve details of an active user invitation sent for a new or existing user. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/user-invitations/{invitation_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
invitation_id (required)
Path Parameter — The ID of the invitation to retrieve.
Return type
Example data
Content-Type: application/json
{
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "user_id" : "01619571e2e90242ac12000600000000",
  "created_at" : "2018-02-13T09:35:20Z",
  "groups" : [ "aeiou" ],
  "etag" : "1",
  "expiration" : "2018-02-14T15:24:14Z",
  "id" : "01619571e2e89242ac12000600000000",
  "email" : "friend@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "object" : "user-invitation"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInvitationResp
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or invitation with the specified ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/user-invitations
Get user invitations. Show more Show less

Retrieve an array of active user invitations. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/user-invitations \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
login_profiles__eq (optional)
Query Parameter — Filter to retrieve user invitations by a specified login profile.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "user_id" : "01619571e2e90242ac12000600000000",
    "created_at" : "2018-02-13T09:35:20Z",
    "groups" : [ "aeiou" ],
    "etag" : "1",
    "expiration" : "2018-02-14T15:24:14Z",
    "id" : "01619571e2e89242ac12000600000000",
    "email" : "friend@arm.com",
    "login_profiles" : [ {
      "foreign_id" : "aeiou",
      "name" : "aeiou",
      "id" : "aeiou",
      "type" : "NATIVE"
    } ],
    "object" : "user-invitation"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInvitationRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account with the specified ID does not exist. ErrorResponse

TenantAccountsUsers

post /v3/accounts/{account_id}/users/{user_id}/groups
Add user to a list of groups. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/add/

Add user to groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
account_id (required)
Path Parameter — Account ID.
user_id (required)
Path Parameter — The ID of the user to add to the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body string (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account, user, or group with that ID does not exist. ErrorResponse
409 The user is a member of the group already. ErrorResponse
post /v3/accounts/{account_id}/users/{user_id}/groups/add
Add user to a list of groups. Show more Show less

Add a user to groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/add \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
user_id (required)
Path Parameter — The ID of the user to add to the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupIdList (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account, user, or group with that ID does not exist. ErrorResponse
409 The user is a member of the group already. ErrorResponse
post /v3/accounts/{account_id}/users
Create a new user. Show more Show less

Create or invite a new user to the account. Only email address is used; other attributes are set in the second step. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d {"email": "myemail@company.com"}
Path parameters
account_id (required)
Path Parameter — Account ID.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body UserInfoReq (required)
Body Parameter — A user object with attributes.
Query parameters
action (optional)
Query Parameter — Create or invite user. default: create
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. UserInfoResp
400 Error in input data, for example, an invalid email address. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account with the specified ID does not exist. ErrorResponse
409 A user with the given username or email already exists. ErrorResponse
delete /v3/accounts/{account_id}/users/{user_id}

Delete a user. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
user_id (required)
Path Parameter — The ID of the user to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
400 Bad request, for example, trying to delete an active user. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or user with the specified ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/users/{user_id}
Details of the user. Show more Show less

Retrieve user details. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
user_id (required)
Path Parameter — The ID of the user to retrieve.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or user with the specified ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/users

Retrieve an array of users. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
email__eq (optional)
Query Parameter — Filter for email address.
status__eq (optional)
Query Parameter — Filter for status.
status__in (optional)
Query Parameter — An optional filter to retrieve users with a specified set of statuses.
status__nin (optional)
Query Parameter — An optional filter to exclude users with a specified set of statuses.
login_profiles__eq (optional)
Query Parameter — An optional filter to retrieve users with a specified login profile.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "creation_time" : 1518630727683,
    "last_login_time" : 1518630727688,
    "password_changed_time" : 1518630727688,
    "is_marketing_accepted" : true,
    "created_at" : "2018-02-13T09:35:20Z",
    "is_gtc_accepted" : true,
    "is_totp_enabled" : true,
    "password" : "PZf9eEUH43DAPE9ULINFeuj",
    "updated_at" : "2018-02-14T15:24:14Z",
    "login_history" : [ {
      "date" : "2018-02-14T17:52:07Z",
      "success" : true,
      "ip_address" : "127.0.0.1",
      "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
    } ],
    "totp_scratch_codes" : [ "aeiou" ],
    "id" : "01619571e2e89242ac12000600000000",
    "active_sessions" : [ {
      "account_id" : "01619571e2e90242ac12000600000000",
      "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
      "login_time" : "2018-02-14T17:52:07Z",
      "created_at" : "2018-02-13T09:35:20Z",
      "ip_address" : "127.0.0.1",
      "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
      "object" : "user-session"
    } ],
    "email" : "user@arm.com",
    "login_profiles" : [ {
      "foreign_id" : "aeiou",
      "name" : "aeiou",
      "id" : "aeiou",
      "type" : "NATIVE"
    } ],
    "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
    "email_verified" : true,
    "custom_fields" : {
      "key" : "aeiou"
    },
    "groups" : [ "aeiou" ],
    "full_name" : "User Doe",
    "account_id" : "01619571e2e90242ac12000600000000",
    "etag" : "1",
    "phone_number" : "+44 (1223) 400 400",
    "object" : "user",
    "status" : "ACTIVE",
    "username" : "admin"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoRespList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account with the given ID does not exist. ErrorResponse
get /v3/accounts/{account_id}/users/{user_id}/groups
Get policy groups for a user. Show more Show less

Retrieve an array of policy groups associated with a user. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
user_id (required)
Path Parameter — The ID of the user.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "apikey_count" : 0,
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "user_count" : 1,
    "name" : "Administrators",
    "created_at" : "2018-02-13T09:35:20Z",
    "etag" : "1",
    "id" : "01619571dec00242ac12000600000000",
    "object" : "group"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. GroupSummaryList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or user with the specified ID does not exist. ErrorResponse
delete /v3/accounts/{account_id}/users/{user_id}/groups
Remove user from groups. Show more Show less
Deprecation Date:
Expected End of Life:
This endpoint is deprecated. Use POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/remove/

Remove user from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
account_id (required)
Path Parameter — Account ID.
user_id (required)
Path Parameter — The ID of the user to remove from the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body string (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account, user, or group with that ID does not exist. ErrorResponse
post /v3/accounts/{account_id}/users/{user_id}/groups/remove
Remove user from groups. Show more Show less

Remove a user from groups. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/groups/remove \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '["0162056a9a1586f30242590700000000","0117056a9a1586f30242590700000000"]'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
user_id (required)
Path Parameter — The ID of the user to remove from the group.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body GroupIdList (required)
Body Parameter — A list of IDs of the groups to update.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
400 Error in input data. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account, user, or group with that ID does not exist. ErrorResponse
put /v3/accounts/{account_id}/users/{user_id}
Update user details. Show more Show less

Update user details. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id} \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{"username": "myusername"}'
Path parameters
account_id (required)
Path Parameter — Account ID.
user_id (required)
Path Parameter — The ID of the user to update.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body UserUpdateReq (required)
Body Parameter — A user object with attributes.
Return type
Example data
Content-Type: application/json
{
  "creation_time" : 1518630727683,
  "last_login_time" : 1518630727688,
  "password_changed_time" : 1518630727688,
  "is_marketing_accepted" : true,
  "created_at" : "2018-02-13T09:35:20Z",
  "is_gtc_accepted" : true,
  "is_totp_enabled" : true,
  "password" : "PZf9eEUH43DAPE9ULINFeuj",
  "updated_at" : "2018-02-14T15:24:14Z",
  "login_history" : [ {
    "date" : "2018-02-14T17:52:07Z",
    "success" : true,
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36"
  } ],
  "totp_scratch_codes" : [ "aeiou" ],
  "id" : "01619571e2e89242ac12000600000000",
  "active_sessions" : [ {
    "account_id" : "01619571e2e90242ac12000600000000",
    "reference_token" : "rt_CI6+5hS8p9DrCmkRyS6u4doUdiXr71dX7MqD+g0327hYQthEkYTxMMnCwHyf1rDdk",
    "login_time" : "2018-02-14T17:52:07Z",
    "created_at" : "2018-02-13T09:35:20Z",
    "ip_address" : "127.0.0.1",
    "user_agent" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36",
    "object" : "user-session"
  } ],
  "email" : "user@arm.com",
  "login_profiles" : [ {
    "foreign_id" : "aeiou",
    "name" : "aeiou",
    "id" : "aeiou",
    "type" : "NATIVE"
  } ],
  "address" : "110 Fulbourn Rd, Cambridge, United Kingdom",
  "email_verified" : true,
  "custom_fields" : {
    "key" : "aeiou"
  },
  "groups" : [ "aeiou" ],
  "full_name" : "User Doe",
  "account_id" : "01619571e2e90242ac12000600000000",
  "etag" : "1",
  "phone_number" : "+44 (1223) 400 400",
  "object" : "user",
  "status" : "ACTIVE",
  "username" : "admin"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. UserInfoResp
400 Error in input data, for example, an invalid email address. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or user with the given ID does not exist. ErrorResponse
409 A user with the given username or email already exists. ErrorResponse
post /v3/accounts/{account_id}/users/{user_id}/validate-email
Validate the user email. Show more Show less

Validate user email. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/users/{user_id}/validate-email \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
user_id (required)
Path Parameter — The ID of the user.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Email validation successfully requested.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 An account or user with the specified ID does not exist. ErrorResponse

TenantSecurityAndIdentityCertificates

post /v3/accounts/{account_id}/trusted-certificates
Upload new trusted certificate. Show more Show less

Upload new trusted certificate. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d {"name": "myCert1", "description": "very important cert", "certificate": "certificate_data", "service": "lwm2m"}
Path parameters
account_id (required)
Path Parameter — Account ID.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body TrustedCertificateReq (required)
Body Parameter — A trusted certificate object with attributes. Signature is optional.
Return type
Example data
Content-Type: application/json
{
  "enrollment_mode" : false,
  "owner_id" : "01619571dad80242ac12000600000000",
  "subject" : "CN=subject",
  "certificate" : "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----",
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "Certificate created by me.",
  "device_execution_mode" : 1,
  "certificate_fingerprint" : "a10fb2c8ba90e6de927bd0ae391dcc38f6115685de2d7024712af37ead0608f1",
  "issuer" : "CN=issuer",
  "valid" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "service" : "lwm2m",
  "name" : "My certificate",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "validity" : "2038-02-14T15:24:14Z",
  "object" : "trusted-cert",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 New entity created. TrustedCertificateResp
400 Invalid certificate data, certificate validation failed, certificate already expired or certificate uses unsupported, or weak cipher. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden, only available for admins of commercial accounts. ErrorResponse
404 An account with the given ID does not exist. ErrorResponse
delete /v3/accounts/{account_id}/trusted-certificates/{cert_id}
Delete a trusted certificate by ID. Show more Show less

Delete a trusted certificate. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates/{cert_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
cert_id (required)
Path Parameter — The ID of the trusted certificate to delete.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden, only available for admins of commercial accounts. ErrorResponse
404 Account or certificate with the given ID not found. ErrorResponse
get /v3/accounts/{account_id}/trusted-certificates/{cert_id}
Get a trusted certificate. Show more Show less

Retrieve a trusted certificate. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates/{cert_id} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
cert_id (required)
Path Parameter — The ID of the trusted certificate to retrieve.
Return type
Example data
Content-Type: application/json
{
  "enrollment_mode" : false,
  "owner_id" : "01619571dad80242ac12000600000000",
  "subject" : "CN=subject",
  "certificate" : "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----",
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "Certificate created by me.",
  "device_execution_mode" : 1,
  "certificate_fingerprint" : "a10fb2c8ba90e6de927bd0ae391dcc38f6115685de2d7024712af37ead0608f1",
  "issuer" : "CN=issuer",
  "valid" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "service" : "lwm2m",
  "name" : "My certificate",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "validity" : "2038-02-14T15:24:14Z",
  "object" : "trusted-cert",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. TrustedCertificateResp
401 Authentication failure. ErrorResponse
403 Forbidden, only available for admins of commercial accounts. ErrorResponse
404 Account or certificate with the given ID not found. ErrorResponse
get /v3/accounts/{account_id}/trusted-certificates
Get trusted certificates. Show more Show less

Retrieve an array of trusted certificates. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — Account ID.
Query parameters
limit (optional)
Query Parameter — The number of results to return (2-1000). Default 50. default: 50
format: int32
after (optional)
Query Parameter — The entity ID to fetch after the given one.
order (optional)
Query Parameter — Record order based on creation time. Acceptable values: ASC, DESC. Default: ASC. default: ASC
include (optional)
Query Parameter — Comma-separated additional data to return. Currently supported: total_count.
name__eq (optional)
Query Parameter — Filter for certificate name.
service__eq (optional)
Query Parameter — Filter for service.
expire__eq (optional)
Query Parameter — Filter for expire.
format: int32
device_execution_mode__eq (optional)
Query Parameter — Filter for developer certificates.
format: int32
device_execution_mode__neq (optional)
Query Parameter — Filter for not developer certificates.
format: int32
owner__eq (optional)
Query Parameter — Owner name filter.
enrollment_mode__eq (optional)
Query Parameter — Enrollment mode filter.
status__eq (optional)
Query Parameter — Filter for certificate status.
issuer__like (optional)
Query Parameter — Filter for issuer. Finds all matches where the filter value is a case-insensitive substring of the result. Example: issuer__like=cn=iss matches CN=issuer.
subject__like (optional)
Query Parameter — Filter for subject. Finds all matches where the filter value is a case-insensitive substring of the result. Example: subject__like=cn=su matches CN=subject.
valid__eq (optional)
Query Parameter — Filter for finding certificates by validity. True returns certificates which are not yet expired. False returns certificates which have expired.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "enrollment_mode" : false,
    "owner_id" : "01619571dad80242ac12000600000000",
    "subject" : "CN=subject",
    "certificate" : "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----",
    "created_at" : "2018-02-13T09:35:20Z",
    "description" : "Certificate created by me.",
    "device_execution_mode" : 1,
    "certificate_fingerprint" : "a10fb2c8ba90e6de927bd0ae391dcc38f6115685de2d7024712af37ead0608f1",
    "issuer" : "CN=issuer",
    "valid" : true,
    "account_id" : "01619571e2e90242ac12000600000000",
    "updated_at" : "2018-02-14T15:24:14Z",
    "service" : "lwm2m",
    "name" : "My certificate",
    "etag" : "1",
    "id" : "01619571d01d0242ac12000600000000",
    "validity" : "2038-02-14T15:24:14Z",
    "object" : "trusted-cert",
    "status" : "ACTIVE"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. TrustedCertificateRespList
401 Authentication failure. ErrorResponse
403 Forbidden, only available for admins of commercial accounts. ErrorResponse
404 An account with the given ID does not exist. ErrorResponse
put /v3/accounts/{account_id}/trusted-certificates/{cert_id}
Update trusted certificate. Show more Show less

Update a trusted certificate. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/trusted-certificates/{cert_id} \
 -H 'Authorization: Bearer <api_key>' \
 -H 'content-type: application/json' \
 -d {"description": "very important cert"}
Path parameters
account_id (required)
Path Parameter — Account ID.
cert_id (required)
Path Parameter — The ID of the trusted certificate to update.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
Body Parameter — A trusted certificate object with attributes.
Return type
Example data
Content-Type: application/json
{
  "enrollment_mode" : false,
  "owner_id" : "01619571dad80242ac12000600000000",
  "subject" : "CN=subject",
  "certificate" : "-----BEGIN CERTIFICATE----- ... -----END CERTIFICATE-----",
  "created_at" : "2018-02-13T09:35:20Z",
  "description" : "Certificate created by me.",
  "device_execution_mode" : 1,
  "certificate_fingerprint" : "a10fb2c8ba90e6de927bd0ae391dcc38f6115685de2d7024712af37ead0608f1",
  "issuer" : "CN=issuer",
  "valid" : true,
  "account_id" : "01619571e2e90242ac12000600000000",
  "updated_at" : "2018-02-14T15:24:14Z",
  "service" : "lwm2m",
  "name" : "My certificate",
  "etag" : "1",
  "id" : "01619571d01d0242ac12000600000000",
  "validity" : "2038-02-14T15:24:14Z",
  "object" : "trusted-cert",
  "status" : "ACTIVE"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. TrustedCertificateResp
400 Invalid certificate data, certificate validation failed, certificate already expired or certificate uses unsupported, or weak cipher. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden, only available for admins of commercial accounts. ErrorResponse
404 An account or certificate with the given ID does not exist. ErrorResponse

TenantUserInterfaceConfigurationColors

put /v3/accounts/{account_id}/branding-colors/dark
Updates an array of dark theme branding colors. Show more Show less

Update an array of dark theme branding colors. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/dark \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
'[{ "reference": "primary",
   "color": "#f3f93e" }]'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body BrandingColorUpdate (required)
Body Parameter — List of branding colors.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Colors have been set successfully.
400 Error in input data format. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account not found. ErrorResponse
put /v3/accounts/{account_id}/branding-colors/light
Updates an array of light theme branding colors. Show more Show less

Update an array of light theme branding colors. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/light \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
'[{ "reference": "primary",
   "color": "purple" }]'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body BrandingColorUpdate (required)
Body Parameter — List of branding colors.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Colors have been set successfully.
400 Error in input data format. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account not found. ErrorResponse
delete /v3/accounts/{account_id}/branding-colors
Delete all colors. Show more Show less

Delete account branding colors for all themes. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors -H 'Authorization: Bearer API_KEY'

Path parameters
account_id (required)
Path Parameter — The ID of the account.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Colors have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account or branding colors not found. ErrorResponse
delete /v3/accounts/{account_id}/branding-colors/dark
Delete colors in the dark theme. Show more Show less

Delete account dark theme branding colors. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark -H 'Authorization: Bearer API_KEY'

Path parameters
account_id (required)
Path Parameter — The ID of the account.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Colors have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account or branding colors not found. ErrorResponse
delete /v3/accounts/{account_id}/branding-colors/light
Delete colors in the light theme. Show more Show less

Delete account light theme branding colors. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light -H 'Authorization: Bearer API_KEY'

Path parameters
account_id (required)
Path Parameter — The ID of the account.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Colors have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account or branding colors not found. ErrorResponse
get /v3/accounts/{account_id}/branding-colors/dark/{reference}
Get dark theme branding color. Show more Show less

Retrieve the requested dark theme branding color. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark/{reference} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — The name of the branding color.
Return type
Example data
Content-Type: application/json
{
  "reference" : "error_color",
  "color" : "#f3f93e",
  "updated_at" : "2018-02-14T15:24:14Z",
  "object" : "branding_color"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingColor
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color or account not found. ErrorResponse
get /v3/accounts/{account_id}/branding-colors/dark
Get dark theme branding colors. Show more Show less

Retrieve dark theme branding colors for an account. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "reference" : "error_color",
    "color" : "#f3f93e",
    "updated_at" : "2018-02-14T15:24:14Z",
    "object" : "branding_color"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingColorList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account not found. ErrorResponse
get /v3/accounts/{account_id}/branding-colors/light/{reference}
Get light theme branding color. Show more Show less

Retrieve the requested light theme branding color. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light/{reference}
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — The name of the branding color.
Return type
Example data
Content-Type: application/json
{
  "reference" : "error_color",
  "color" : "#f3f93e",
  "updated_at" : "2018-02-14T15:24:14Z",
  "object" : "branding_color"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingColor
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color or account not found. ErrorResponse
get /v3/accounts/{account_id}/branding-colors/light
Get light theme branding colors. Show more Show less

Retrieve light theme branding colors for an account. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "reference" : "error_color",
    "color" : "#f3f93e",
    "updated_at" : "2018-02-14T15:24:14Z",
    "object" : "branding_color"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingColorList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account not found. ErrorResponse
delete /v3/accounts/{account_id}/branding-colors/dark/{reference}
Reset branding color to default. Show more Show less

Resets the branding color to its dark theme default. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/dark/{reference} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — The name of the branding color.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color or account not found. ErrorResponse
delete /v3/accounts/{account_id}/branding-colors/light/{reference}
Reset branding color to default. Show more Show less

Resets the branding color to its light theme default. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-colors/light/{reference} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — The name of the branding color.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color or account not found. ErrorResponse
put /v3/accounts/{account_id}/branding-colors/dark/{reference}
Updates a dark theme branding color. Show more Show less

Update a dark theme branding color. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/dark/primary \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{ "color": "#f3f93e" }'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — The name of the branding color.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body BrandingColor (required)
Body Parameter — The branding color.
Return type
Example data
Content-Type: application/json
{
  "reference" : "error_color",
  "color" : "#f3f93e",
  "updated_at" : "2018-02-14T15:24:14Z",
  "object" : "branding_color"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Color has been set successfully. BrandingColor
400 Error in input data format. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color or account not found. ErrorResponse
put /v3/accounts/{account_id}/branding-colors/light/{reference}
Updates light theme branding color. Show more Show less

Update a light theme branding color. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id)/branding-colors/light/primary \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{ "color": "purple" }'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — The name of the branding color.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body BrandingColor (required)
Body Parameter — The branding color.
Return type
Example data
Content-Type: application/json
{
  "reference" : "error_color",
  "color" : "#f3f93e",
  "updated_at" : "2018-02-14T15:24:14Z",
  "object" : "branding_color"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Color set successfully. BrandingColor
400 Error in input data format. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color or account not found. ErrorResponse

TenantUserInterfaceConfigurationImages

post /v3/accounts/{account_id}/branding-images/dark/{reference}/clear
Revert an image to dark theme default. Show more Show less

Revert an account branding image to dark theme default. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark/{reference}/clear \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Image reverted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference, or account not found. ErrorResponse
post /v3/accounts/{account_id}/branding-images/light/{reference}/clear
Revert an image to light theme default. Show more Show less

Revert an account branding image to light theme default. Note: This endpoint is restricted to administrators.

Example:

-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Image reverted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference, or account not found. ErrorResponse
delete /v3/accounts/{account_id}/branding-images/dark
Delete images in the dark theme. Show more Show less

Delete account dark theme branding images. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark -H 'Authorization: Bearer API_KEY'

Path parameters
account_id (required)
Path Parameter — The ID of the account.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Images have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account or branding images not found. ErrorResponse
delete /v3/accounts/{account_id}/branding-images
Delete all images. Show more Show less

Delete account branding images for all themes. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images -H 'Authorization: Bearer API_KEY'

Path parameters
account_id (required)
Path Parameter — The ID of the account.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Images have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account or branding images not found. ErrorResponse
delete /v3/accounts/{account_id}/branding-images/light
Delete images in the light theme. Show more Show less

Delete account light theme branding images. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light -H 'Authorization: Bearer API_KEY'

Path parameters
account_id (required)
Path Parameter — The ID of the account.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Images have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account or branding images not found. ErrorResponse
get /v3/accounts/{account_id}/branding-images/dark/{reference}
Get metadata of a dark theme image. Show more Show less

Retrieve metadata of one account dark theme branding image. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark/{reference} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingImage
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference, or account not found. ErrorResponse
get /v3/accounts/{account_id}/branding-images/light/{reference}
Get metadata of a light theme image. Show more Show less

Retrieve metadata for one account light theme branding image. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light/{reference} \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingImage
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference, or account not found. ErrorResponse
get /v3/accounts/{account_id}/branding-images/dark
Get metadata of all dark theme images. Show more Show less

Retrieve the metadata of all dark theme branding images. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "reference" : "brand_logo_portrait",
    "updated_at" : "2018-02-14T15:24:14Z",
    "static_uri" : "https://static.mbed.com/123456789.jpg",
    "object" : "branding_image"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingImageList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account not found. ErrorResponse
get /v3/accounts/{account_id}/branding-images/light
Get metadata of all light theme images. Show more Show less

Retrieve the metadata of all light theme branding images. Note: This endpoint is restricted to administrators.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light \
-H 'Authorization: Bearer <api_key>'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "reference" : "brand_logo_portrait",
    "updated_at" : "2018-02-14T15:24:14Z",
    "static_uri" : "https://static.mbed.com/123456789.jpg",
    "object" : "branding_image"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingImageList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account not found. ErrorResponse
post /v3/accounts/{account_id}/branding-images/dark/{reference}/upload
Upload a dark theme image. Show more Show less

Upload a new account dark theme branding image in PNG or JPEG format. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/dark/{reference}/upload \
-H 'Authorization: Bearer <api_key>'
-H 'content-type: image/png'  --data-binary '@myimage.png'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Consumes
This API call consumes the following media types via the Content-Type request header:
  • image/png
  • image/jpeg
Request body
body Image (required)
Body Parameter — The image in PNG or JPEG format.
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 Image uploaded successfully. BrandingImage
400 Error in input data format, for example, image is too large. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference, or account not found. ErrorResponse
post /v3/accounts/{account_id}/branding-images/dark/{reference}/upload-multipart
Upload a dark theme image. Show more Show less
Upload a new account dark theme branding image as form data in PNG or JPEG format. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Consumes
This API call consumes the following media types via the Content-Type request header:
  • multipart/form-data
Form parameters
image (required)
Form Parameter — The image in PNG or JPEG format as multipart form data.
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 Image uploaded successfully. BrandingImage
400 Error in input data format, for example, image is too large. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference. ErrorResponse
post /v3/accounts/{account_id}/branding-images/light/{reference}/upload
Upload a light theme image. Show more Show less

Upload a new account light theme branding image in PNG or JPEG format. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/accounts/{account_id}/branding-images/light/{reference}/upload \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: image/png' --data-binary '@myimage.png'
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Consumes
This API call consumes the following media types via the Content-Type request header:
  • image/png
  • image/jpeg
Request body
body Image (required)
Body Parameter — The image in PNG or JPEG format.
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 Image uploaded successfully. BrandingImage
400 Error in input data format, for example, image is too large. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference, or account not found. ErrorResponse
post /v3/accounts/{account_id}/branding-images/light/{reference}/upload-multipart
Upload a light theme image. Show more Show less
Upload a new account branding image as form data in PNG or JPEG format. Note: This endpoint is restricted to administrators.
Path parameters
account_id (required)
Path Parameter — The ID of the account.
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Consumes
This API call consumes the following media types via the Content-Type request header:
  • multipart/form-data
Form parameters
image (required)
Form Parameter — The image in PNG or JPEG format as multipart form data.
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 Image uploaded successfully. BrandingImage
400 Error in input data format, for example, image is too large. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference. ErrorResponse

UserInterfaceConfigurationColors

put /v3/branding-colors/dark
Updates an array of dark theme branding colors. Show more Show less

Update an array of dark theme branding colors. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/branding-colors/dark \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
'[{ "reference": "primary",
   "color": "#f3f93e" }]'
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body BrandingColorUpdate (required)
Body Parameter — List of branding colors.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Colors have been set successfully.
400 Error in input data format. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
put /v3/branding-colors/light
Updates an array of light theme branding colors. Show more Show less

Update an array of light theme branding colors. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/branding-colors/light \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
'[{ "reference": "primary",
   "color": "purple" }]'
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body BrandingColorUpdate (required)
Body Parameter — List of branding colors.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Colors have been set successfully.
400 Error in input data format. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
delete /v3/branding-colors
Delete all colors. Show more Show less

Delete account branding colors for all themes. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/branding-colors -H 'Authorization: Bearer API_KEY'

Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Colors have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account branding colors not found. ErrorResponse
delete /v3/branding-colors/dark
Delete colors in the dark theme. Show more Show less

Delete account dark theme branding colors. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/branding-colors/dark -H 'Authorization: Bearer API_KEY'

Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Colors have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account branding colors not found. ErrorResponse
delete /v3/branding-colors/light
Delete colors in the light theme. Show more Show less

Delete account light theme branding colors. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/branding-colors/light -H 'Authorization: Bearer API_KEY'

Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Colors have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account branding colors not found. ErrorResponse
get /v3/branding-colors/dark/{reference}
Get dark theme branding color. Show more Show less

Retrieve the requested dark theme branding color.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/branding-colors/dark/{reference} \
-H 'Authorization: Bearer <api_key>'
Path parameters
reference (required)
Path Parameter — The name of the branding color.
Return type
Example data
Content-Type: application/json
{
  "reference" : "error_color",
  "color" : "#f3f93e",
  "updated_at" : "2018-02-14T15:24:14Z",
  "object" : "branding_color"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingColor
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color not found. ErrorResponse
get /v3/branding-colors/dark
Get dark theme branding colors. Show more Show less

Retrieve the dark theme branding colors.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/branding-colors/dark \
-H 'Authorization: Bearer <api_key>'
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "reference" : "error_color",
    "color" : "#f3f93e",
    "updated_at" : "2018-02-14T15:24:14Z",
    "object" : "branding_color"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingColorList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
get /v3/branding-colors/light/{reference}
Get light theme branding color. Show more Show less

Retrieve the requested light theme branding color.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/branding-colors/light/{reference} \
-H 'Authorization: Bearer <api_key>'
Path parameters
reference (required)
Path Parameter — The name of the branding color.
Return type
Example data
Content-Type: application/json
{
  "reference" : "error_color",
  "color" : "#f3f93e",
  "updated_at" : "2018-02-14T15:24:14Z",
  "object" : "branding_color"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingColor
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color not found. ErrorResponse
get /v3/branding-colors/light
Get light theme branding colors. Show more Show less

Retrieve the light theme branding colors.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/branding-colors/light \
-H 'Authorization: Bearer <api_key>'
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "reference" : "error_color",
    "color" : "#f3f93e",
    "updated_at" : "2018-02-14T15:24:14Z",
    "object" : "branding_color"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingColorList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
delete /v3/branding-colors/dark/{reference}
Reset branding color to default. Show more Show less

Resets the branding color to its dark theme default. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/branding-colors/light/{reference} \
-H 'Authorization: Bearer <api_key>'
Path parameters
reference (required)
Path Parameter — The name of the branding color.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color not found. ErrorResponse
delete /v3/branding-colors/light/{reference}
Reset branding color to default. Show more Show less

Resets the branding color to its light theme default. Note: This endpoint is restricted to administrators.

Example:

curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/branding-colors/light/{reference} \
-H 'Authorization: Bearer <api_key>'
Path parameters
reference (required)
Path Parameter — The name of the branding color.
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color not found. ErrorResponse
put /v3/branding-colors/dark/{reference}
Updates a dark theme branding color. Show more Show less

Update a dark theme branding color. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/branding-colors/dark/primary \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{ "color": "#f3f93e" }'
Path parameters
reference (required)
Path Parameter — The name of the branding color.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body BrandingColor (required)
Body Parameter — The branding color.
Return type
Example data
Content-Type: application/json
{
  "reference" : "error_color",
  "color" : "#f3f93e",
  "updated_at" : "2018-02-14T15:24:14Z",
  "object" : "branding_color"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Color has been set successfully. BrandingColor
400 Error in input data format. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color not found. ErrorResponse
put /v3/branding-colors/light/{reference}
Updates light theme branding color. Show more Show less

Update light theme branding color. Note: This endpoint is restricted to administrators.

Example:

curl -X PUT https://api.us-east-1.mbedcloud.com/v3/branding-colors/light/primary \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: application/json' \
-d '{ "color": "purple" }'
Path parameters
reference (required)
Path Parameter — The name of the branding color.
Consumes
This API call consumes the following media types via the Content-Type request header:
  • application/json
Request body
body BrandingColor (required)
Body Parameter — The branding color.
Return type
Example data
Content-Type: application/json
{
  "reference" : "error_color",
  "color" : "#f3f93e",
  "updated_at" : "2018-02-14T15:24:14Z",
  "object" : "branding_color"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Color has been set successfully. BrandingColor
400 Error in input data format. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Color not found. ErrorResponse

UserInterfaceConfigurationImages

post /v3/branding-images/dark/{reference}/clear
Revert an image to dark theme default. Show more Show less

Revert an account branding image to dark theme default. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/branding-images/dark/{reference}/clear \
-H 'Authorization: Bearer <api_key>'
Path parameters
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Image reverted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference. ErrorResponse
post /v3/branding-images/light/{reference}/clear
Revert an image to light theme default. Show more Show less

Revert an account branding image to light theme default. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/branding-images/light/{reference}/clear \
-H 'Authorization: Bearer <api_key>'
Path parameters
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Image reverted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference. ErrorResponse
delete /v3/branding-images/dark
Delete images in the dark theme. Show more Show less

Delete account dark theme branding images. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/branding-images/dark -H 'Authorization: Bearer API_KEY'

Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Images have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account branding images not found. ErrorResponse
delete /v3/branding-images
Delete all images. Show more Show less

Delete account branding images for all themes. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/branding-images -H 'Authorization: Bearer API_KEY'

Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Images have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account branding images not found. ErrorResponse
delete /v3/branding-images/light
Delete images in the light theme. Show more Show less

Delete account light theme branding images. Note: This endpoint is restricted to administrators.

Example usage: curl -X DELETE https://api.us-east-1.mbedcloud.com/v3/branding-images/light -H 'Authorization: Bearer API_KEY'

Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
204 Images have been deleted successfully.
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Account branding images not found. ErrorResponse
get /v3/branding-images/dark
Get metadata of all dark theme images. Show more Show less

Retrieve metadata for all dark theme branding images.

Example: `curl -X GET https://api.us-east-1.mbedcloud.com/v3/branding-images/dark
-H 'Authorization: Bearer <api_key>'

Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "reference" : "brand_logo_portrait",
    "updated_at" : "2018-02-14T15:24:14Z",
    "static_uri" : "https://static.mbed.com/123456789.jpg",
    "object" : "branding_image"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingImageList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
get /v3/branding-images/light
Get metadata of all light theme images. Show more Show less

Retrieve the metadata of all light theme branding images.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/branding-images/light \
-H 'Authorization: Bearer <api_key>'
Return type
Example data
Content-Type: application/json
{
  "data" : [ {
    "reference" : "brand_logo_portrait",
    "updated_at" : "2018-02-14T15:24:14Z",
    "static_uri" : "https://static.mbed.com/123456789.jpg",
    "object" : "branding_image"
  } ],
  "total_count" : 20,
  "limit" : 50,
  "after" : "01619571f3c00242ac12000600000000",
  "has_more" : false,
  "object" : "list",
  "order" : "ASC"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingImageList
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
get /v3/branding-images/dark/{reference}
Get metadata of a dark theme image. Show more Show less

Retrieve metadata for one account dark theme branding image.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/branding-images/dark/{reference} \
-H 'Authorization: Bearer <api_key>'
Path parameters
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingImage
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference. ErrorResponse
get /v3/branding-images/light/{reference}
Get metadata of a light theme image. Show more Show less

Retrieve metadata for one account light theme branding image.

Example:

curl -X GET https://api.us-east-1.mbedcloud.com/v3/branding-images/light/{reference} \
-H 'Authorization: Bearer <api_key>'
Path parameters
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
200 Successful operation. BrandingImage
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference. ErrorResponse
post /v3/branding-images/dark/{reference}/upload
Upload a dark theme image. Show more Show less

Upload a new account branding image in the dark theme in PNG or JPEG format. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/branding-images/dark/{reference}/upload \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: image/png'  --data-binary '@myimage.png'
Path parameters
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Consumes
This API call consumes the following media types via the Content-Type request header:
  • image/png
  • image/jpeg
Request body
body Image (required)
Body Parameter — The image in PNG or JPEG format.
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 Image uploaded successfully. BrandingImage
400 Error in input data format, for example, image is too large. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference. ErrorResponse
post /v3/branding-images/dark/{reference}/upload-multipart
Upload a dark theme image. Show more Show less
Upload a new account branding image as form data in the dark theme in PNG or JPEG format. Note: This endpoint is restricted to administrators.
Path parameters
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Consumes
This API call consumes the following media types via the Content-Type request header:
  • multipart/form-data
Form parameters
image (required)
Form Parameter — The image in PNG or JPEG format as multipart form data.
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 Image uploaded successfully. BrandingImage
400 Error in input data format, for example, image is too large. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference. ErrorResponse
post /v3/branding-images/light/{reference}/upload
Upload a light theme image. Show more Show less

Upload a new account light theme branding image in PNG or JPEG format. Note: This endpoint is restricted to administrators.

Example:

curl -X POST https://api.us-east-1.mbedcloud.com/v3/branding-images/light/{reference}/upload \
-H 'Authorization: Bearer <api_key>' \
-H 'content-type: image/png' --data-binary '@myimage.png'
Path parameters
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Consumes
This API call consumes the following media types via the Content-Type request header:
  • image/png
  • image/jpeg
Request body
body Image (required)
Body Parameter — The image in PNG or JPEG format.
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 Image uploaded successfully. BrandingImage
400 Error in input data format, for example, image is too large. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference. ErrorResponse
post /v3/branding-images/light/{reference}/upload-multipart
Upload a light theme image. Show more Show less
Upload a new account branding image as form data in the light theme in PNG or JPEG format. Note: This endpoint is restricted to administrators.
Path parameters
reference (required)
Path Parameter — Name of the branding images (icon or picture).
Consumes
This API call consumes the following media types via the Content-Type request header:
  • multipart/form-data
Form parameters
image (required)
Form Parameter — The image in PNG or JPEG format as multipart form data.
Return type
Example data
Content-Type: application/json
{
  "reference" : "brand_logo_portrait",
  "updated_at" : "2018-02-14T15:24:14Z",
  "static_uri" : "https://static.mbed.com/123456789.jpg",
  "object" : "branding_image"
}
Produces
This API call produces the following media types according to the Accept request header; the media type will be conveyed by the Content-Type response header.
  • application/json
Responses
status description schema
201 Image uploaded successfully. BrandingImage
400 Error in input data format, for example, image is too large. ErrorResponse
401 Authentication failure. ErrorResponse
403 Forbidden. ErrorResponse
404 Unknown image reference. ErrorResponse

Models

AccountCreationReq

Represents an account creation request.
display_name (optional)
String

maxLength: 100

The display name for the tenant account.

company (optional)
String

maxLength: 100

The name of the company used in billing. Required for commercial accounts only.

country (optional)
String

maxLength: 100

The country part of the postal address. Required for commercial accounts only.

address_line1 (optional)
String

maxLength: 100

Postal address line 1. Required for commercial accounts only.

address_line2 (optional)
String

maxLength: 100

Postal address line 2.

city (optional)
String

maxLength: 100

The city part of the postal address. Required for commercial accounts only.

state (optional)
String

maxLength: 100

The state part of the postal address.

postal_code (optional)
String

maxLength: 100

The postal code part of the postal address.

contact (optional)
String

maxLength: 100

The name of the contact person for this account. Required for commercial accounts only.

email (optional)
String

The company email address for this account. Required for commercial accounts only.

pattern: /^(?=.{3,254}$).+@.+/

phone_number (optional)
String

maxLength: 100

The phone number of a representative of the company.

aliases (optional)
array[String]

An array of aliases for the tenant account ID. The aliases must be globally unique.

end_market
String

The end market of the account to create.

admin_name (optional)
String

The username of the admin user to create.

pattern: /[\w-,._@+=]{4,30}/

admin_password (optional)
String

The password when creating a new user. Generated when not present in the request.

admin_email (optional)
String

The email address of the account admin

pattern: /^(?=.{3,254}$).+@.+/

admin_full_name (optional)
String

maxLength: 100

The full name of the admin user to create.

contract_number (optional)
String

maxLength: 100

Contract number of the customer.

customer_number (optional)
String

maxLength: 100

Customer number of the customer.

business_model (optional)

AccountCreationResp

Represents an account in requests and responses.
object (optional)
String

Entity name: always account.

Enum:
account
id (optional)
String

Account ID.

pattern: /[a-f0-9]{32}/

etag (optional)
String

API resource entity version.

created_at (optional)
Date ($date-time)

Creation UTC time RFC3339.

updated_at (optional)
Date ($date-time)

Last update UTC time RFC3339.

parent_id (optional)
String

The ID of the parent account, if any.

pattern: /[a-f0-9]{32}/

display_name (optional)
String

maxLength: 100

The display name for the tenant account.

company (optional)
String

maxLength: 100

The name of the company used in billing.

country (optional)
String

maxLength: 100

The country part of the postal address.

address_line1 (optional)
String

maxLength: 100

Postal address line 1.

address_line2 (optional)
String

maxLength: 100

Postal address line 2.

city (optional)
String

maxLength: 100

The city part of the postal address.

state (optional)
String

maxLength: 100

The state part of the postal address.

postal_code (optional)
String

maxLength: 100

The postal code part of the postal address.

contact (optional)
String

maxLength: 100

The name of the contact person for this account.

email (optional)
String

The company email address for this account.

pattern: /^(?=.{3,254}$).+@.+/

phone_number (optional)
String

maxLength: 100

The phone number of a company representative.

aliases (optional)
array[String]

An array of aliases for the tenant account ID. The aliases must be globally unique.

tier (optional)
String

The tier level of the account; 0: free tier, 1: commercial account, 2: partner tier. Other values are reserved for the future.

status (optional)
String

The status of the account.

Enum:
ENROLLING
ACTIVE
RESTRICTED
SUSPENDED
upgraded_at (optional)
Date ($date-time)

Time when upgraded to commercial account in UTC format RFC3339.

limits (optional)
map[String, String]

DEPRECATED: Replaced by the limitations parameter.

policies (optional)
array[FeaturePolicy]

List of policies if requested.

template_id (optional)
String

Account template ID.

pattern: /[a-f0-9]{32}/

reason (optional)
String

A note with the reason for account status update.

sub_accounts (optional)
array[AccountInfo]

List of sub accounts. Not available for developer users.

end_market (optional)
String

Account end market.

idle_timeout (optional)
Integer

The reference token expiration time, in minutes, for this account.

password_policy (optional)
PasswordPolicy

The password policy for this account.

reference_note (optional)
String

A reference note for updating the status of the account.

custom_fields (optional)
map[String, String]

Account's custom properties as key-value pairs.

mfa_status (optional)
String

The enforcement status of multi-factor authentication, either enforced or optional.

Enum:
enforced
optional
notification_emails (optional)
array[String]

A list of notification email addresses.

sales_contact (optional)
String

Email address of the sales contact.

pattern: /^(?=.{3,254}$).+@.+/

expiration_warning_threshold (optional)
Integer

Indicates how many days (1-180) before account expiration a notification email is sent.

contract_number (optional)
String

Contract number of the customer.

customer_number (optional)
String

Customer number of the customer.

parent_account (optional)
ParentAccountInfo

Contact details of the parent account.

expiration (optional)
Date ($date-time)

Expiration time of the account, as UTC time RFC3339.

admin_id (optional)
String

The ID of the admin user created for this account. Present only in the response for the account creation.

pattern: /[a-f0-9]{32}/

admin_name (optional)
String

maxLength: 100

The username of the admin user created for this account. Present only in the response for account creation.

admin_email (optional)
String

The email address of the admin user created for this account. Present only in the response for account creation.

pattern: /^(?=.{3,254}$).+@.+/

admin_key (optional)
String

The admin API key created for this account. Present only in the response for account creation.

admin_password (optional)
String

The password of the admin user created for this account. Present only in the response for account creation.

admin_full_name (optional)
String

maxLength: 100

The full name of the admin user created for this account. Present only in the response for account creation.

limitations (optional)
array[AccountLimitation]

List of account limitation objects.

password_recovery_expiration (optional)
Integer ($int32)

Indicates for how many minutes a password recovery email is valid.

business_model (optional)
business_model_history (optional)
array[BusinessModelHistory]

Business model history for this account.

tier_history (optional)
array[TierHistory]

Tier history for this account.

AccountInfo

Represents an account in requests and responses.
object
String

Entity name: always account.

Enum:
account
id
String

Account ID.

pattern: /[a-f0-9]{32}/

etag
String

API resource entity version.

created_at (optional)
Date ($date-time)

Creation UTC time RFC3339.

updated_at (optional)
Date ($date-time)

Last update UTC time RFC3339.

parent_id (optional)
String

The ID of the parent account, if any.

pattern: /[a-f0-9]{32}/

display_name (optional)
String

maxLength: 100

The display name for the tenant account.

company (optional)
String

maxLength: 100

The name of the company used in billing.

country (optional)
String

maxLength: 100

The country part of the postal address.

address_line1 (optional)
String

maxLength: 100

Postal address line 1.

address_line2 (optional)
String

maxLength: 100

Postal address line 2.

city (optional)
String

maxLength: 100

The city part of the postal address.

state (optional)
String

maxLength: 100

The state part of the postal address.

postal_code (optional)
String

maxLength: 100

The postal code part of the postal address.

contact (optional)
String

maxLength: 100

The name of the contact person for this account.

email (optional)
String

The company email address for this account.

pattern: /^(?=.{3,254}$).+@.+/

phone_number (optional)
String

maxLength: 100

The phone number of a company representative.

aliases (optional)
array[String]

An array of aliases for the tenant account ID. The aliases must be globally unique.

tier
String

The tier level of the account; 0: free tier, 1: commercial account, 2: partner tier. Other values are reserved for the future.

status
String

The status of the account.

Enum:
ENROLLING
ACTIVE
RESTRICTED
SUSPENDED
upgraded_at (optional)
Date ($date-time)

Time when upgraded to commercial account in UTC format RFC3339.

limits (optional)
map[String, String]

DEPRECATED: Replaced by the limitations parameter.

policies (optional)
array[FeaturePolicy]

List of policies if requested.

template_id (optional)
String

Account template ID.

pattern: /[a-f0-9]{32}/

reason (optional)
String

A note with the reason for account status update.

sub_accounts (optional)
array[AccountInfo]

List of sub accounts. Not available for developer users.

end_market
String

Account end market.

idle_timeout (optional)
Integer

The reference token expiration time, in minutes, for this account.

password_policy (optional)
PasswordPolicy

The password policy for this account.

reference_note (optional)
String

A reference note for updating the status of the account.

custom_fields (optional)
map[String, String]

Account's custom properties as key-value pairs.

mfa_status (optional)
String

The enforcement status of multi-factor authentication, either enforced or optional.

Enum:
enforced
optional
notification_emails (optional)
array[String]

A list of notification email addresses.

sales_contact (optional)
String

Email address of the sales contact.

pattern: /^(?=.{3,254}$).+@.+/

expiration_warning_threshold (optional)
Integer

Indicates how many days (1-180) before account expiration a notification email is sent.

contract_number (optional)
String

Contract number of the customer.

customer_number (optional)
String

Customer number of the customer.

parent_account (optional)
ParentAccountInfo

Contact details of the parent account.

expiration (optional)
Date ($date-time)

Expiration time of the account, as UTC time RFC3339.

limitations (optional)
array[AccountLimitation]

List of account limitation objects.

password_recovery_expiration (optional)
Integer ($int32)

Indicates for how many minutes a password recovery email is valid.

business_model (optional)
business_model_history (optional)
array[BusinessModelHistory]

Business model history for this account.

tier_history (optional)
array[TierHistory]

Tier history for this account.

AccountInfoList

object
String

Entity name: always list.

Enum:
list
limit
Integer ($int32)

The number of results to return (2-1000), or equal to total_count.

after (optional)
String

The entity ID to fetch after the given one.

pattern: /[a-f0-9]{32}/

order (optional)
String

The order of the records to return based on creation time. Available values: ASC, DESC; by default ASC.

Enum:
ASC
DESC
total_count
Integer ($int32)

The total number of records, if requested.

has_more
Boolean

Flag indicating whether there are more results.

data
array[AccountInfo]

A list of entities.

AccountLimitation

This object represents an account limitation.
name (optional)
String

Name of the account limitation.

description (optional)
String

Description of the account limitation.

quota (optional)
Integer ($int32)

Quota of the account limitation.

limit (optional)
Integer ($int32)

The value of the limit.

billing_period (optional)
Integer ($int32)

Billing period of the account limitation.

inherited (optional)
Boolean

Flag indicating whether this limitation is inherited.

inherited_from (optional)
String

Indicates where this limit is inherited from.

inherited_type (optional)
String

Indicates the type of the entity where the limitation is inherited from.

object (optional)
String

Entity name: always 'limitation'

Enum:
user
api-key
group
account
account_template
trusted_cert
list
error
agreement
signed_agreement
policy
limitation
identity_provider
user_session
user_invitation
notification_entry
branding_color
branding_image
id (optional)
String

Entity ID.

etag (optional)
String

API resource entity version.

created_at (optional)
Date ($date-time)

Creation UTC time RFC3339.

updated_at (optional)
Date ($date-time)

Last update UTC time RFC3339.

AccountLimitationList

object
String

Entity name: always 'list'

Enum:
list
limit
Integer ($int32)

The number of results to return, (range: 2-1000), or equals to total_count

after (optional)
String

The entity ID to fetch after the given one.

order (optional)
String

The order of the records to return based on creation time. Available values: ASC, DESC; by default ASC.

Enum:
ASC
DESC
total_count
Integer ($int32)

The total number or records, if requested. It might be returned also for small lists.

has_more
Boolean

Flag indicating whether there is more results.

data
array[AccountLimitation]

A list of entities.

AccountUpdateReq

Represents an account creation request.
display_name (optional)
String

maxLength: 100

The display name for the tenant account.

company (optional)
String

maxLength: 100

The name of the company used in billing. Required for commercial accounts only.

country (optional)
String

maxLength: 100

The country part of the postal address. Required for commercial accounts only.

address_line1 (optional)
String

maxLength: 100

Postal address line 1. Required for commercial accounts only.

address_line2 (optional)
String

maxLength: 100

Postal address line 2.

city (optional)
String

maxLength: 100

The city part of the postal address. Required for commercial accounts only.

state (optional)
String

maxLength: 100

The state part of the postal address.

postal_code (optional)
String

maxLength: 100

The postal code part of the postal address.

contact (optional)
String

maxLength: 100

The name of the contact person for this account. Required for commercial accounts only.

email (optional)
String

The company email address for this account. Required for commercial accounts only.

pattern: /^(?=.{3,254}$).+@.+/

phone_number (optional)
String

maxLength: 100

The phone number of a representative of the company.

aliases (optional)
array[String]

An array of aliases for the tenant account ID. The aliases must be globally unique.

end_market (optional)
String

maxLength: 100

The end market for this account.

idle_timeout (optional)
Integer

Reference token expiration time in minutes.

password_policy (optional)
PasswordPolicy

Password policy for this account.

custom_fields (optional)
map[String, String]

Account's custom properties as key-value pairs.

mfa_status (optional)
String

The enforcement status of multi-factor authentication, either enforced or optional.

Enum:
enforced
optional
notification_emails (optional)
array[String]

A list of notification email addresses.

expiration_warning_threshold (optional)
Integer

Indicates how many days before account expiration a notification email is sent.

password_recovery_expiration (optional)
Integer ($int32)

Indicates for how many minutes a password recovery email is valid.

AccountUpdateRootReq

Represents an account update request.
display_name (optional)
String

maxLength: 100

The display name for the tenant account.

company (optional)
String

maxLength: 100

The name of the company used in billing. Required for commercial accounts only.

country (optional)
String

maxLength: 100

The country part of the postal address. Required for commercial accounts only.

address_line1 (optional)
String

maxLength: 100

Postal address line 1. Required for commercial accounts only.

address_line2 (optional)
String

maxLength: 100

Postal address line 2.

city (optional)
String

maxLength: 100

The city part of the postal address. Required for commercial accounts only.

state (optional)
String

maxLength: 100

The state part of the postal address.

postal_code (optional)
String

maxLength: 100

The postal code part of the postal address.

contact (optional)
String

maxLength: 100

The name of the contact person for this account. Required for commercial accounts only.

email (optional)
String

The company email address for this account. Required for commercial accounts only.

pattern: /^(?=.{3,254}$).+@.+/

phone_number (optional)
String

maxLength: 100

The phone number of a representative of the company.

aliases (optional)
array[String]

An array of aliases for the tenant account ID. The aliases must be globally unique.

end_market (optional)
String

maxLength: 100

The end market for this account.

idle_timeout (optional)
Integer

The reference token expiration time in minutes for this account. Between 1 and 120 minutes.

password_policy (optional)
PasswordPolicy

Password policy for this account.

custom_fields (optional)
map[String, String]

Account's custom properties as key-value pairs.

mfa_status (optional)
String

The enforcement status of setting up the multi-factor authentication. 'Enforced' means that setting up the MFA is required after login. 'Optional' means that the MFA is not required.

Enum:
enforced
optional
notification_emails (optional)
array[String]

A list of notification email addresses.

sales_contact (optional)
String

Email address of the sales contact.

pattern: /^(?=.{3,254}$).+@.+/

expiration_warning_threshold (optional)
Integer

Indicates how many days before account expiration a notification email is sent.

contract_number (optional)
String

Contract number of the customer. An administrator can set this property on tenant accounts only.

customer_number (optional)
String

Customer number of the customer. An administrator can set this property on tenant accounts only.

password_recovery_expiration (optional)
Integer ($int32)

Indicates for how many minutes a password recovery email is valid.

business_model (optional)

ActiveSession

Represents an active user session.
account_id
String

The UUID of the account.

pattern: /[a-f0-9]{32}/

object
String

Entity name: always 'user-session'

Enum:
user-session
ip_address
String

IP address of the client.

login_time
Date ($date-time)

The login time of the user.

user_agent
String

User Agent header from the login request.

reference_token
String

The reference token.

created_at (optional)
Date ($date-time)

Creation UTC time RFC3339.

ApiKeyInfoReq

Represents an API key in requests towards Device Management.
name
String

maxLength: 100

The display name for the API key.

owner (optional)
String

The owner of this API key. Only an administrator can set the owner of an API key.

groups (optional)
array[String]

A list of group IDs this API key belongs to. Adding an API key to the 'Administrators' group is restricted to administrators.

status (optional)
String

The status of the API key. Only an administrator can set the status of an API key.

Enum:
ACTIVE
INACTIVE

ApiKeyInfoResp

Represents an API key in Device Management.
object
String

Entity name: always 'api-key'

Enum:
api-key
id
String

The ID of the API key.

pattern: /[a-f0-9]{32}/

etag
String

API resource entity version.

created_at (optional)
Date ($date-time)

Creation UTC time RFC3339.

updated_at (optional)
Date ($date-time)

Last update UTC time RFC3339.

key
String

The API key.

name
String

maxLength: 100

The display name for the API key.

groups (optional)
array[String]

A list of group IDs this API key belongs to.

owner (optional)
String

The owner of this API key, who is the creator by default.

pattern: /[a-f0-9]{32}/

status (optional)
String

The status of the API key.

Enum:
ACTIVE
INACTIVE
creation_time (optional)
Long ($int64)

The timestamp of the API key creation in the storage, in milliseconds.

last_login_time (optional)
Long ($int64)

The timestamp of the latest API key usage, in milliseconds.

account_id (optional)
String

The ID of the account.

pattern: /[a-f0-9]{32}/

ApiKeyInfoRespList

object
String

Entity name: always list.

Enum:
list
limit
Integer ($int32)

The number of results to return, or equal to total_count.

after (optional)
String

The entity ID to fetch after the given one.

pattern: /[a-f0-9]{32}/

order (optional)
String

The order of the records to return based on creation time. Available values: ASC, DESC; by default ASC.

Enum:
ASC
DESC
total_count
Integer ($int32)

The total number of records, if requested.

has_more
Boolean

Flag indicating whether there are more results.

data
array[ApiKeyInfoResp]

A list of entities.

ApiKeyUpdateReq

Represents an API key in requests towards Device Management.
name (optional)
String

maxLength: 100

The display name for the API key.

owner (optional)
String

The owner of this API key. Only an administrator can update the owner of an API key.

groups (optional)
array[String]

A list of group IDs this API key belongs to. Only an administrator can update the group membership of an API key.

status (optional)
String

The status of the API key. Only the owner of the API key or an administrator can update the status of an API key.

Enum:
ACTIVE
INACTIVE

BrandingColor

color (optional)
String

The color given as name (purple) or as a hex code.

object (optional)
String

Entity name: always 'branding_color'

Enum:
branding_color
reference (optional)
String

Color name.

Enum:
error_color
primary
secondary
success_color
warning_color
canvas_background
canvas_background_font_color
workspace_background
workspace_background_font_color
info_color
info_font_color
primary_font_color
secondary_font_color
error_font_color
success_font_color
warning_font_color
updated_at (optional)
Date ($date-time)

Last update time in UTC.

BrandingColorList

object
String

Entity name: always list.

Enum:
list
limit
Integer ($int32)

The number of results to return, or equal to total_count.

after (optional)
String

The entity ID to fetch after the given one.

pattern: /[a-f0-9]{32}/

order (optional)
String

The order of the records to return based on creation time. Available values: ASC, DESC; by default ASC.

Enum:
ASC
DESC
total_count
Integer ($int32)

The total number of records, if requested.

has_more
Boolean

Flag indicating whether there are more results.

data
array[BrandingColor]

A list of entities.

BrandingColorUpdate

color (optional)
String

The color given as name (purple) or as a hex code.

reference
String

Color name.

Enum:
error_color
primary
secondary
success_color
warning_color
canvas_background
canvas_background_font_color
workspace_background
workspace_background_font_color
info_color
info_font_color
primary_font_color
secondary_font_color
error_font_color
success_font_color
warning_font_color

BrandingImage

static_uri (optional)
String ($uri)

The static link to the image.

object (optional)
String

Entity name: always 'branding_image'

Enum:
branding_image
reference (optional)
String

Name of the image.

Enum:
brand_logo_portrait
brand_logo_square
brand_logo_landscape
brand_logo_email
desktop_background_landscape
desktop_background_square
desktop_background_portrait
carousel_image_portrait_0
carousel_image_portrait_1
carousel_image_portrait_2
carousel_image_portrait_3
carousel_image_portrait_4
carousel_image_portrait_5
carousel_image_portrait_6
carousel_image_portrait_7
carousel_image_portrait_8
carousel_image_portrait_9
carousel_image_square_0
carousel_image_square_1
carousel_image_square_2
carousel_image_square_3
carousel_image_square_4
carousel_image_square_5
carousel_image_square_6
carousel_image_square_7
carousel_image_square_8
carousel_image_square_9
carousel_image_landscape_0
carousel_image_landscape_1
carousel_image_landscape_2
carousel_image_landscape_3
carousel_image_landscape_4
carousel_image_landscape_5
carousel_image_landscape_6
carousel_image_landscape_7
carousel_image_landscape_8
carousel_image_landscape_9
updated_at (optional)
Date ($date-time)

Last update time in UTC.

BrandingImageList

object
String

Entity name: always list.

Enum:
list
limit
Integer ($int32)

The number of results to return, or equal to total_count.

after (optional)
String

The entity ID to fetch after the given one.

pattern: /[a-f0-9]{32}/

order (optional)
String

The order of the records to return based on creation time. Available values: ASC, DESC; by default ASC.

Enum:
ASC
DESC
total_count
Integer ($int32)

The total number of records, if requested.

has_more
Boolean

Flag indicating whether there are more results.

data
array[BrandingImage]

A list of entities.

BusinessModel

Business model for this account. Manageable by the root admin only.

BusinessModelHistory

business_model (optional)
updated_at (optional)
Date ($date-time)

Last update UTC time RFC3339.

CertificateGenerationReq

Generate a new service provider certificate.
algorithm (optional)
String

The algorithm and its key size used for generating the certificate. Defaults to RSA2048.

Enum:
RSA2048
RSA3072
EC224
EC256
EC384
EC521
ECDSA224
ECDSA256
ECDSA384
ECDSA521
validity (optional)
Integer ($int32)

Validity for the certificate in days.

ErrorResponse

Represents an error message.
object
String

Entity name, always 'error'.

Enum:
error
code
Integer ($int32)

Response code.

type
String

Error type.

Enum:
success
created
accepted
permanently_deleted
validation_error
invalid_token
invalid_apikey
reauth_required
access_denied
account_limit_exceeded
not_found
method_not_supported
not_acceptable
duplicate
precondition_failed
unsupported_media_type
rate_limit_exceeded
internal_server_error
system_unavailable
message
String

A human readable message with detailed info.

request_id
String

Request ID.

pattern: /[a-f0-9]{32}/

fields (optional)
array[Field]

Failed input fields during request object validation.

FeaturePolicy

Represents a feature policy. Either the feature or the resource must be specified.
resource (optional)
String

Resource that is protected by this policy.

action (optional)
String

Comma-separated list of actions, empty string represents all actions.

allow (optional)
Boolean

True or false controlling whether an action is allowed or not.

feature (optional)
String

Feature name corresponding to this policy.

inherited (optional)
Boolean

Flag indicating whether this feature is inherited or overwritten specifically.

inherited_from (optional)
String

An ID indicating where this policy is inherited from.

pattern: /[a-f0-9]{32}/

inherited_type (optional)
String

Indicates the type of entity this policy is inherited from.

Enum:
account
template
tier_template

Field

name
String

Name of the erroneous field.

message
String

Message describing the erroneous situation.

GroupCreationInfo

This object is used when creating new groups.
name
String

maxLength: 100

The group name.

members (optional)
SubjectList

The members of the group as arrays of user and API key IDs.

GroupIdList

GroupSummary

This object contains basic information about groups.
object
String

Entity name: always group.

Enum:
group
id
String

The ID of the group.

pattern: /[a-f0-9]{32}/

etag
String

API resource entity version.

created_at (optional)
Date ($date-time)

Creation UTC time RFC3339.

updated_at (optional)
Date ($date-time)

Last update UTC time RFC3339.

account_id
String

The ID of the account this group belongs to.

pattern: /[a-f0-9]{32}/

name
String

maxLength: 100

The name of the group.

user_count
Integer ($int32)

The number of users in this group.

apikey_count
Integer ($int32)

The number of API keys in this group.

GroupSummaryList

object
String

Entity name: always list.

Enum:
list
limit
Integer ($int32)

The number of results to return (2-1000), or equal to total_count.

after (optional)
String

The entity ID to fetch after the given one.

pattern: /[a-f0-9]{32}/

order (optional)
String

The order of the records to return based on creation time. Available values: ASC, DESC; by default ASC.

Enum:
ASC
DESC
total_count
Integer ($int32)

The total number of records, if requested.

has_more
Boolean

Flag indicating whether there are more results.

data
array[GroupSummary]

A list of entities.

GroupUpdateInfo

This object is used when Update groups.
name
String

maxLength: 100

The group name.

IdentityProviderCreationReq

This object is used for creating new federated identity provider module.
type
String

Identity provider type.

Enum:
SAML2
OIDC
name
String

maxLength: 100

Name of the identity provider.

description (optional)
String

maxLength: 500

Description for the identity provider.

status (optional)
String

Status of the identity provider.

Enum:
ACTIVE
SUSPENDED
saml2_attributes (optional)
SAML2Req

SAML2 specific attributes.

oidc_attributes (optional)
OIDCInfo

OIDC specific attributes.

IdentityProviderInfo

object
String

Entity name: always 'identity-provider'

Enum:
identity-provider
id
String

Entity ID.

pattern: /[a-f0-9]{32}/

etag
String

API resource entity version.

created_at (optional)
Date ($date-time)

Creation UTC time RFC3339.

updated_at (optional)
Date ($date-time)

Last update UTC time RFC3339.

type
String

Identity provider type.

Enum:
NATIVE
MBED
SAML2
OIDC
name
String

maxLength: 100

Name of the identity provider.

description (optional)
String

maxLength: 500

Description for the identity provider.

status (optional)
String

Status of the identity provider.

Enum:
ACTIVE
SUSPENDED
saml2_attributes (optional)
SAML2Info

SAML2 specific attributes.

oidc_attributes (optional)
OIDCInfo

OIDC specific attributes.

account_id (optional)
String

The ID of the account the identity provider belongs to.

pattern: /[a-f0-9]{32}/

is_default (optional)
Boolean

Flag indicating whether this is the global default identity provider.

IdentityProviderList

object
String

Entity name: always list.

Enum:
list
limit
Integer ($int32)

The number of results to return , or equal to total_count.

after (optional)
String

The entity ID to fetch after the given one.

pattern: /[a-f0-9]{32}/

order (optional)
String

The order of the records to return based on creation time. Available values: ASC, DESC; by default ASC.

Enum:
ASC
DESC
total_count
Integer ($int32)

The total number of records, if requested.

has_more
Boolean

Flag indicating whether there are more results.

data
array[IdentityProviderInfo]

A list of entities.

IdentityProviderUpdateReq

Update existing federated identity provider module.
type
String

Identity provider type.

Enum:
SAML2
OIDC
name
String

maxLength: 100

Name of the identity provider.

description (optional)
String

maxLength: 500

Description for the identity provider.

status (optional)
String

Status of the identity provider.

Enum:
ACTIVE
SUSPENDED
saml2_attributes (optional)
SAML2Req

SAML2 specific attributes.

oidc_attributes (optional)
OIDCInfo

OIDC specific attributes.

IdpPublicKey

Represents provider's public key and key ID used to sign ID tokens. PEM-encoded.
key (optional)
String

The public key.

kid (optional)
String

The public key ID.

Image

LoginHistory

Represents an entry in login history.
date
Date ($date-time)

UTC time RFC3339 for this login attempt.

success
Boolean

Flag indicating whether login attempt was successful or not.

ip_address
String

IP address of the client.

user_agent
String

User Agent header from the login request.

LoginProfile

Represents a user login profile in Device Management.
type (optional)
String

Identity provider type.

Enum:
NATIVE
MBED
SAML2
OIDC
id
String

ID of the identity provider.

name (optional)
String

Name of the identity provider.

foreign_id (optional)
String

The ID of the user in the identity provider's service.

NotificationEntry

Represents an account notification entry.
object
String

Entity name: always 'notification-entry'

Enum:
notification-entry
id
String

Entity ID.

pattern: /[a-f0-9]{32}/

etag
String

API resource entity version.

created_at (optional)
Date ($date-time)

Creation UTC time RFC3339.

account_id (optional)
String

The ID of the account.

pattern: /[a-f0-9]{32}/

message (optional)
String

The message contained in this account notification entry.

type (optional)
String

The type of this account notification entry.

subject (optional)
String

The subject of this account notification entry.

receiver (optional)
String

The receiver this account notification entry.

pattern: /^(?=.{3,254}$).+@.+/

success (optional)
Boolean

A flag indiciating whether the sending of this account notification entry was successful, true or false.

error_msg (optional)
String

The error message if there was an error while transmitting the account notification.

NotificationEntryList

object
String

Entity name: always list.

Enum:
list
limit
Integer ($int32)

The number of results to return, or equal to total_count.

after (optional)
String

The entity ID to fetch after the given one.

pattern: /[a-f0-9]{32}/

order (optional)
String

The order of the records to return based on creation time. Available values: ASC, DESC; by default ASC.

Enum:
ASC
DESC
total_count
Integer ($int32)

The total number of records, if requested.

has_more
Boolean

Flag indicating whether there are more results.

data
array[NotificationEntry]

A list of entities.

OIDCClaimMapping

Mapping for non-standard OIDC claim names.
sub (optional)
String

Custom claim name for 'sub'.

email (optional)
String

Custom claim name for 'email'.

email_verified (optional)
String

Custom claim name for 'email_verified'.

name (optional)
String

Custom claim name for 'name'.

given_name (optional)
String

Custom claim name for 'given_name'.

family_name (optional)
String

Custom claim name for 'family_name'.

phone_number (optional)
String

Custom claim name for 'phone_number'.

updated_at (optional)
String

Custom claim name for 'updated_at'.

updated_at_pattern (optional)
String

Custom pattern for claim 'updated_at' as defined by the Java SimpleDateFormat class.

OIDCInfo

Represents OIDC specific attributes.
issuer
String

Issuer of the identity provider.

client_id (optional)
String

Client ID needed to authenticate and gain access to identity provider's API.

client_secret (optional)
String

Client secret needed to authenticate and gain access to identity provider's API.

redirect_uri (optional)
String

The URI needed to authenticate and gain access to identity provider's API. Leave this empty to use the default redirect URI.

authorization_endpoint (optional)
String

URL of the OAuth 2.0 authorization endpoint.

token_endpoint (optional)
String

URL of the OAuth 2.0 authorization endpoint.

userinfo_endpoint (optional)
String

URL of the OAuth 2.0 UserInfo endpoint.

revocation_endpoint (optional)
String

URL of the provider's token revocation endpoint.

end_session_endpoint (optional)
String

URL of the provider's end session endpoint.

jwks_uri (optional)
String

URL of the provider's JSON web key set document.

auto_enrollment (optional)
Boolean

For future use.

keys (optional)
array[IdpPublicKey]

Provider's public keys and key IDs used to sign ID tokens. PEM-encoded.

claim_mapping (optional)
OIDCClaimMapping

Mapping table for supporting custom OIDC claims.

token_request_mode (optional)
String

One way to obtain the access token. Since the request results in the transmission of clear-text credentials, the client must use the POST mode.

Enum:
POST
GET
token_response_path (optional)
String

Path to the standard data in the token response. Levels in the JSON structure must be separated by '.' (dot) characters.

scopes (optional)
String

Space-separated list of scopes sent in the authentication request. When not configured otherwise, the default scopes are 'openid profile email'.

ParentAccountInfo

Represents parent account contact details in responses.
id (optional)
String

The ID of the parent account.

pattern: /[a-f0-9]{32}/

admin_name (optional)
String

maxLength: 100

The name of the admin user who is the contact person of the parent account.

admin_email (optional)
String

The email address of the admin user who is the contact person of the parent account.

pattern: /^(?=.{3,254}$).+@.+/

PasswordPolicy

minimum_length
Integer

Minimum length for the password.

SAML2Info

Represents SAML2 specific attributes in responses.
sso_endpoint (optional)
String

URL of the identity provider's SSO endpoint.

slo_endpoint (optional)
String

URL of the identity provider's SLO endpoint.

assertion_endpoint (optional)
String

URL of the service provider's assertion endpoint. Leave this empty to use the default assertion endpoint.

idp_entity_id (optional)
String

Entity ID of the identity provider.

sp_entity_id (optional)
String

Entity ID of the service provider.

idp_x509_certs (optional)
array[String]

List of public X509 certificates of the identity provider in PEM format.

sp_x509_cert (optional)
String

Public X509 certificate of the service provider in PEM format. This is a read-only attribute, see API documentation about how to generate a new one or how to delete it.

SAML2Req

sso_endpoint (optional)
String

URL of the identity provider's SSO endpoint.

slo_endpoint (optional)
String

URL of the identity provider's SLO endpoint.

idp_entity_id (optional)
String

Entity ID of the identity provider.

idp_x509_certs (optional)
array[String]

List of public X509 certificates of the identity provider. Certificates must be in PEM format.

entity_descriptor (optional)
byte[] ($byte)

maxLength: 65535

Contains an entity descriptor document for the identity provider. Can be used as an alternative method to provide the identity provider's attributes.

pattern: /^(?:[A-Za-z0-9+\/]{4})*(?:[A-Za-z0-9+\/]{2}==|[A-Za-z0-9+\/]{3}=)?$/

sp_entity_id (optional)
String

Entity ID of the service provider. We recommend that you leave it empty and let the system generate it.

SubjectList

Represents arrays of user and API key IDs.
users (optional)
array[String]

An array of user IDs.

apikeys (optional)
array[String]

An array of API key IDs.

TierHistory

tier (optional)
String

The tier level of the account; 0: free tier, 1: commercial account, 2: partner tier. Other values are reserved for the future.

updatedAt (optional)
Date ($date-time)

Last update UTC time RFC3339.

TrustedCertificateReq

Represents a trusted certificate in upload requests.
name
String

maxLength: 100

Certificate name.

description (optional)
String

maxLength: 500

Human readable description of this certificate.

certificate
String

A chain of X509.v3 trusted certificates in PEM format. The chain must contain all certificates from root to leaf. Otherwise, the signature parameter is required.

service
String

Service name where the certificate must be used.

Enum:
lwm2m
bootstrap
status (optional)
String

Status of the certificate.

Enum:
ACTIVE
INACTIVE
signature (optional)
String

DEPRECATED: Base64 encoded signature of the account ID signed by the certificate to upload. The signature must be hashed with SHA256.

enrollment_mode (optional)
Boolean

Certificate is used in enrollment mode. Default value is false.

TrustedCertificateResp

Represents a trusted certificate in responses.
object
String

Entity name: always 'trusted-cert'

Enum:
trusted-cert
id
String

Entity ID.

pattern: /[a-f0-9]{32}/

etag
String

API resource entity version.

created_at (optional)
Date ($date-time)

Creation UTC time RFC3339.

updated_at (optional)
Date ($date-time)

Last update UTC time RFC3339.

name
String

maxLength: 100

Certificate name.

description (optional)
String

maxLength: 500

Human readable description of this certificate.

account_id
String

The ID of the account.

pattern: /[a-f0-9]{32}/

owner_id (optional)
String

The ID of the owner.

pattern: /[a-f0-9]{32}/

certificate
String

X509.v3 trusted certificate in PEM format.

service
String

Service name where the certificate is used.

Enum:
lwm2m
bootstrap
issuer
String

Issuer of the certificate.

subject
String

Subject of the certificate.

validity
Date ($date-time)

Expiration time in UTC formatted as RFC3339.

status (optional)
String

Status of the certificate.

Enum:
ACTIVE
INACTIVE
device_execution_mode (optional)
Integer ($int32)

Device execution mode where 1 means a developer certificate.

enrollment_mode (optional)
Boolean

If true, signature is not required. Default value false.

certificate_fingerprint
String

A SHA-256 fingerprint of the certificate.

valid (optional)
Boolean

This read-only flag indicates whether the certificate is valid or not.

TrustedCertificateRespList

object
String

Entity name: always list.

Enum:
list
limit
Integer ($int32)

The number of results to return (2-1000), or equal to total_count.

after (optional)
String

The entity ID to fetch after the given one.

pattern: /[a-f0-9]{32}/

order (optional)
String

The order of the records to return based on creation time. Available values: ASC, DESC; by default ASC.

Enum:
ASC
DESC
total_count
Integer ($int32)

The total number of records, if requested.

has_more
Boolean

Flag indicating whether there are more results.

data

TrustedCertificateUpdateReq

Represents a trusted certificate in update requests.
name (optional)
String

maxLength: 100

Certificate name.

description (optional)
String

maxLength: 500

Human readable description of this certificate.

certificate (optional)
String

A chain of X509.v3 trusted certificates in PEM format. The chain must contain all certificates from root to leaf. Otherwise, the signature parameter is required.

service (optional)
String

Service name where the certificate must be used. Service cannot be updated for developer certificates.

Enum:
lwm2m
bootstrap
status (optional)
String

Status of the certificate.

Enum:
ACTIVE
INACTIVE
signature (optional)
String

DEPRECATED: Base64 encoded signature of the account ID signed by the certificate to be uploaded. The signature must be hashed with SHA256.

enrollment_mode (optional)
Boolean

Certificate is used in enrollment mode. Default value is false.

UserInfoReq

Represents a user in requests towards Device Management.
password (optional)
String

The password for a new user. Generated when not present in the request.

email
String

The email address.

pattern: /^(?=.{3,254}$).+@.+/

groups (optional)
array[String]

A list of IDs of the groups this user belongs to.

address (optional)
String

maxLength: 100

Address.

is_marketing_accepted (optional)
Boolean

A flag indicating that the user has consented to receive marketing information.

phone_number (optional)
String

maxLength: 100

Phone number.

full_name (optional)
String

maxLength: 100

The full name of the user.

is_gtc_accepted (optional)
Boolean

A flag indicating that the user has accepted General Terms and Conditions.

username (optional)
String

A username.

pattern: /[\w-,._@+=]{4,30}/

login_profiles (optional)
array[LoginProfile]

A list of login profiles for the user. Specified as the identity providers the user should be associated with. Only the ID attribute of the login profile should be set in the request object.

UserInfoResp

Represents a user in Device Management.
object
String

Entity name: always user.

Enum:
user
id
String

The ID of the user.

pattern: /[a-f0-9]{32}/

etag
String

API resource entity version.

created_at (optional)
Date ($date-time)

Creation UTC time RFC3339.

updated_at (optional)
Date ($date-time)

Last update UTC time RFC3339.

status
String

The status of the user. ENROLLING state indicates that the user is in the middle of the enrollment process. INVITED means that the user has not accepted the invitation request. RESET means that the password must be changed immediately. INACTIVE users are locked out and not permitted to use the system.

Enum:
ENROLLING
INVITED
ACTIVE
RESET
INACTIVE
username (optional)
String

A username.

pattern: /[\w-,._@+=]{4,30}/

password (optional)
String

The password when creating a new user. It will be generated when not present in the request.

full_name (optional)
String

maxLength: 100

The full name of the user.

email
String

The email address.

pattern: /^(?=.{3,254}$).+@.+/

address (optional)
String

Address.

phone_number (optional)
String

maxLength: 100

Phone number.

groups (optional)
array[String]

A list of IDs of the groups this user belongs to.

is_gtc_accepted (optional)
Boolean

A flag indicating that the user has accepted General Terms and Conditions.

is_marketing_accepted (optional)
Boolean

A flag indicating that the user has consented to receive marketing information.

email_verified (optional)
Boolean

A flag indicating whether the user's email address has been verified or not.

creation_time (optional)
Long ($int64)

A timestamp of the user creation in the storage, in milliseconds.

last_login_time (optional)
Long ($int64)

A timestamp of the latest login of the user, in milliseconds.

password_changed_time (optional)
Long ($int64)

A timestamp of the latest change of the user password, in milliseconds.

account_id
String

The ID of the account.

pattern: /[a-f0-9]{32}/

login_history (optional)
array[LoginHistory]

Timestamps, succeedings, IP addresses and user agent information of the last five logins of the user, with timestamps in RFC3339 format.

is_totp_enabled (optional)
Boolean

A flag indicating whether two-factor authentication (TOTP) has been enabled.

login_profiles (optional)
array[LoginProfile]

A list of login profiles for the user. Specified as the identity providers the user is associated with.

totp_scratch_codes (optional)
array[String]

A list of scratch codes for the two-factor authentication. Visible only when 2FA is requested to be enabled or the codes regenerated.

custom_fields (optional)
map[String, String]

User's account-specific custom properties. The value is a string.

active_sessions (optional)
array[ActiveSession]

List of active user sessions.

UserInfoRespList

object
String

Entity name: always list.

Enum:
list
limit
Integer ($int32)

The number of results to return (2-1000), or equal to total_count.

after (optional)
String

The entity ID to fetch after the given one.

pattern: /[a-f0-9]{32}/

order (optional)
String

The order of the records to return based on creation time. Available values: ASC, DESC; by default ASC.

Enum:
ASC
DESC
total_count
Integer ($int32)

The total number of records, if requested.

has_more
Boolean

Flag indicating whether there are more results.

data
array[UserInfoResp]

A list of entities.

UserInvitationReq

Represents a user invitation in requests towards Device Management.
email
String

The email address.

pattern: /^(?=.{3,254}$).+@.+/

login_profiles (optional)
array[LoginProfile]

A list of login profiles for the user. Specified as the identity providers the user should be associated with. Only the ID attribute of the login profile should be set in the request object.

valid_for_days (optional)
Integer ($int32)

Specifies how many days the invitation will be valid for.

groups (optional)
array[String]

A list of IDs of the groups this user has been invited to.

UserInvitationResp

Represents an user invitation in responses.
object
String

Entity name: always 'user-invitation'

Enum:
user-invitation
id
String

The ID of the invitation.

pattern: /[a-f0-9]{32}/

etag
String

API resource entity version.

created_at (optional)
Date ($date-time)

Creation UTC time RFC3339.

updated_at (optional)
Date ($date-time)

Last update UTC time RFC3339.

email
String

Email address of the invited user.

pattern: /^(?=.{3,254}$).+@.+/

user_id
String

The ID of the invited user.

pattern: /[a-f0-9]{32}/

account_id
String

The ID of the account the user is invited to.

pattern: /[a-f0-9]{32}/

groups (optional)
array[String]

A list of IDs of the groups the user is invited to.

expiration (optional)
Date ($date-time)

Invitation expiration as UTC time RFC3339.

login_profiles (optional)
array[LoginProfile]

A list of login profiles for the user. Specified as the identity providers the user is associated with.

UserInvitationRespList

object
String

Entity name: always list.

Enum:
list
limit
Integer ($int32)

The number of results to return (2-1000), or equal to total_count.

after (optional)
String

The entity ID to fetch after the given one.

pattern: /[a-f0-9]{32}/

order (optional)
String

The order of the records to return based on creation time. Available values: ASC, DESC; by default ASC.

Enum:
ASC
DESC
total_count
Integer ($int32)

The total number of records, if requested.

has_more
Boolean

Flag indicating whether there are more results.

data
array[UserInvitationResp]

A list of entities.

UserUpdateReq

Represents a user in requests towards Device Management.
email (optional)
String

The email address. Not allowed to update other user's email address.

pattern: /^(?=.{3,254}$).+@.+/

address (optional)
String

maxLength: 100

Address.

is_marketing_accepted (optional)
Boolean

A flag indicating that the user has consented to receive marketing information.

phone_number (optional)
String

maxLength: 100

Phone number.

full_name (optional)
String

maxLength: 100

The full name of the user.

is_gtc_accepted (optional)
Boolean

A flag indicating that the user has accepted General Terms and Conditions.

username (optional)
String

A username.

pattern: /[\w-,._@+=]{4,30}/

status (optional)
String

The status of the user. ENROLLING indicates that the user is in the middle of the enrollment process. INVITED means that the user has not accepted the invitation request. RESET means that the password must be changed immediately. INACTIVE users are locked out and not permitted to use the system. Can be changed by the Aggregator Admin only.

Enum:
ENROLLING
INVITED
ACTIVE
RESET
INACTIVE
is_totp_enabled (optional)
Boolean

A flag indicating whether two-factor authentication (TOTP) is enabled. An account administrator can disable it, but cannot enable it for other users.

groups (optional)
array[String]

A list of group IDs this user belongs to. Can be updated by the Account Admin only.

login_profiles (optional)
array[LoginProfile]

'A list of login profiles for the user, specified as identity providers associated with the user. Only the ID attribute of the login profile should be set in the request object. The list cannot be empty. Only an account admin may update login profiles.'