Endpoints¶

Create User¶

POST /users¶

Creates a new user in the database.

Example:

http

POST /users HTTP/1.1
Authorization: Basic YWRtaW46YWRtaW4=
Content-Type: application/json

{
  "email" : {
    "address" : "sampleuser@sanctionco.com"
  },
  "password" : "12345",
  "myCustomProperty" : "Hello World"
}

curl

curl -i -X POST http://nohost/users -H "Content-Type: application/json" --data-raw '{"email": {"address": "sampleuser@sanctionco.com"}, "myCustomProperty": "Hello World", "password": "12345"}' --user admin:admin

wget

wget -S -O- http://nohost/users --header="Content-Type: application/json" --post-data='{"email": {"address": "sampleuser@sanctionco.com"}, "myCustomProperty": "Hello World", "password": "12345"}' --auth-no-challenge --user=admin --password=admin

httpie

echo '{
  "email": {
    "address": "sampleuser@sanctionco.com"
  },
  "myCustomProperty": "Hello World",
  "password": "12345"
}' | http POST http://nohost/users Content-Type:application/json -a admin:admin

response

HTTP/1.1 201 CREATED
Content-Type: application/json

{
  "email" : {
    "address" : "sampleuser@sanctionco.com",
    "verified" : false,
    "verificationToken" : null
  },
  "password" : "12345",
  "creationTime" : 1617152816,
  "lastUpdateTime" : 1617152816,
  "myCustomProperty" : "Hello World"
}

Request Headers:

Authorization – basic authentication application name and secret

Status Codes:

201 Created – user was successfully created
400 Bad Request – the create request was malformed
409 Conflict – the user already exists in the database
500 Internal Server Error – the database rejected the request for an unknown reason
503 Service Unavailable – the database is currently unavailable

Update User¶

PUT /users¶

Updates an existing user in the database.

Example:

http

PUT /users?email=sampleuser%40sanctionco.com HTTP/1.1
Authorization: Basic YWRtaW46YWRtaW4=
Content-Type: application/json
password: YWRtaW46YWRtaW4=

{
  "email" : {
    "address" : "newsampleuser@sanctionco.com",
    "verified" : false,
    "verificationToken" : null
  },
  "password" : "12345",
  "myCustomProperty" : "My properties have changed"
}

curl

curl -i -X PUT 'http://nohost/users?email=sampleuser%40sanctionco.com' -H "Content-Type: application/json" -H "Password: YWRtaW46YWRtaW4=" --data-raw '{"email": {"address": "newsampleuser@sanctionco.com", "verificationToken": null, "verified": false}, "myCustomProperty": "My properties have changed", "password": "12345"}' --user admin:admin

wget

wget -S -O- --method=PUT 'http://nohost/users?email=sampleuser%40sanctionco.com' --header="Content-Type: application/json" --header="Password: YWRtaW46YWRtaW4=" --body-data='{"email": {"address": "newsampleuser@sanctionco.com", "verificationToken": null, "verified": false}, "myCustomProperty": "My properties have changed", "password": "12345"}' --auth-no-challenge --user=admin --password=admin

httpie

echo '{
  "email": {
    "address": "newsampleuser@sanctionco.com",
    "verificationToken": null,
    "verified": false
  },
  "myCustomProperty": "My properties have changed",
  "password": "12345"
}' | http PUT 'http://nohost/users?email=sampleuser%40sanctionco.com' Content-Type:application/json Password:YWRtaW46YWRtaW4= -a admin:admin

response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "email" : {
    "address" : "newsampleuser@sanctionco.com",
    "verified" : false,
    "verificationToken" : null
  },
  "password" : "12345",
  "creationTime" : 1617152816,
  "lastUpdateTime" : 1617152850,
  "myCustomProperty" : "My properties have changed"
}

Query Parameters:

email – the existing email address of the user to update. This is optional, and only required if the email is to be changed.

Request Headers:

Authorization – basic authentication application name and secret
password – the (hashed) password of the user to update

Status Codes:

200 OK – user was successfully updated
400 Bad Request – the update request was malformed
401 Unauthorized – the request was unauthorized
404 Not Found – the existing user to update was not found in the database
409 Conflict – a user with the new email already exists in the database
500 Internal Server Error – the database rejected the request for an unknown reason
503 Service Unavailable – the database is currently unavailable

Get User¶

GET /users¶

Retrieves a user from the database.

Example:

http

GET /users?email=sampleuser%40sanctionco.com HTTP/1.1
Authorization: Basic YWRtaW46YWRtaW4=
Content-Type: application/json
password: YWRtaW46YWRtaW4=

curl

curl -i -X GET 'http://nohost/users?email=sampleuser%40sanctionco.com' -H "Content-Type: application/json" -H "Password: YWRtaW46YWRtaW4=" --user admin:admin

wget

wget -S -O- 'http://nohost/users?email=sampleuser%40sanctionco.com' --header="Content-Type: application/json" --header="Password: YWRtaW46YWRtaW4=" --auth-no-challenge --user=admin --password=admin

httpie

http 'http://nohost/users?email=sampleuser%40sanctionco.com' Content-Type:application/json Password:YWRtaW46YWRtaW4= -a admin:admin

response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "email" : {
    "address" : "sampleuser@sanctionco.com",
    "verified" : false,
    "verificationToken" : null
  },
  "password" : "12345",
  "creationTime" : 1617152816,
  "lastUpdateTime" : 1617152850,
  "myCustomProperty" : "Hello World"
}

Query Parameters:

email – the email address of the user

Request Headers:

Authorization – basic authentication application name and secret
password – the (hashed) password of the user

Status Codes:

200 OK – the operation was successful
400 Bad Request – the get request was malformed
401 Unauthorized – the request was unauthorized
404 Not Found – the user was not found in the database
503 Service Unavailable – the database is currently unavailable

Delete User¶

DELETE /users¶

Deletes a user from the database.

Example:

http

DELETE /users?email=sampleuser%40sanctionco.com HTTP/1.1
Authorization: Basic YWRtaW46YWRtaW4=
Content-Type: application/json
password: YWRtaW46YWRtaW4=

curl

curl -i -X DELETE 'http://nohost/users?email=sampleuser%40sanctionco.com' -H "Content-Type: application/json" -H "Password: YWRtaW46YWRtaW4=" --user admin:admin

wget

wget -S -O- --method=DELETE 'http://nohost/users?email=sampleuser%40sanctionco.com' --header="Content-Type: application/json" --header="Password: YWRtaW46YWRtaW4=" --auth-no-challenge --user=admin --password=admin

httpie

http DELETE 'http://nohost/users?email=sampleuser%40sanctionco.com' Content-Type:application/json Password:YWRtaW46YWRtaW4= -a admin:admin

response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "email" : {
    "address" : "sampleuser@sanctionco.com",
    "verified" : false,
    "verificationToken" : null
  },
  "password" : "12345",
  "creationTime" : 1617152816,
  "lastUpdateTime" : 1617152850,
  "myCustomProperty" : "Hello World"
}

Query Parameters:

email – the email address of the user

Request Headers:

Authorization – basic authentication application name and secret
password – the (hashed) password of the user

Status Codes:

200 OK – the operation was successful
400 Bad Request – the delete request was malformed
401 Unauthorized – the request was unauthorized
404 Not Found – the user was not found in the database
503 Service Unavailable – the database is currently unavailable

Send Verification Email¶

POST /verify¶

Initiates the user verification process by sending a verification email to the email address provided as a query parameter. The user in the database will be updated to include a unique verification token that is sent along with the email.

Example:

http

POST /verify?email=sampleuser%40sanctionco.com HTTP/1.1
Authorization: Basic YWRtaW46YWRtaW4=
Content-Type: application/json
password: YWRtaW46YWRtaW4=

curl

curl -i -X POST 'http://nohost/verify?email=sampleuser%40sanctionco.com' -H "Content-Type: application/json" -H "Password: YWRtaW46YWRtaW4=" --user admin:admin

wget

wget -S -O- 'http://nohost/verify?email=sampleuser%40sanctionco.com' --header="Content-Type: application/json" --header="Password: YWRtaW46YWRtaW4=" --auth-no-challenge --user=admin --password=admin

httpie

http POST 'http://nohost/verify?email=sampleuser%40sanctionco.com' Content-Type:application/json Password:YWRtaW46YWRtaW4= -a admin:admin

response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "email" : {
    "address" : "sampleuser@sanctionco.com",
    "verified" : false,
    "verificationToken" : "0a4b81f3-0756-468e-8d98-7199eaab2ab8"
  },
  "password" : "12345",
  "creationTime" : 1617152816,
  "lastUpdateTime" : 1617152850,
  "myCustomProperty" : "Hello World"
}

Query Parameters:

email – the email address of the user

Request Headers:

Authorization – basic authentication application name and secret
password – the (hashed) password of the user

Status Codes:

200 OK – the operation was successful
400 Bad Request – the send email request was malformed
401 Unauthorized – the request was unauthorized
404 Not Found – the user to email was not found in the database
500 Internal Server Error – the database rejected the request for an unknown reason
503 Service Unavailable – the database is currently unavailable

Verify User¶

GET /verify¶

Used to verify a user email. Typically, the user will click on this link in their email to verify their account. Upon verification, the user object in the database will be updated to indicate that the email address is verified.

Example:

http

GET /verify?email=sampleuser%40sanctionco.com&token=0a4b81f3-0756-468e-8d98-7199eaab2ab8&response_type=json HTTP/1.1
Content-Type: application/json

curl

curl -i -X GET 'http://nohost/verify?email=sampleuser%40sanctionco.com&token=0a4b81f3-0756-468e-8d98-7199eaab2ab8&response_type=json' -H "Content-Type: application/json"

wget

wget -S -O- 'http://nohost/verify?email=sampleuser%40sanctionco.com&token=0a4b81f3-0756-468e-8d98-7199eaab2ab8&response_type=json' --header="Content-Type: application/json"

httpie

http 'http://nohost/verify?email=sampleuser%40sanctionco.com&token=0a4b81f3-0756-468e-8d98-7199eaab2ab8&response_type=json' Content-Type:application/json

response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "email" : {
    "address" : "sampleuser@sanctionco.com",
    "verified" : true,
    "verificationToken" : "0a4b81f3-0756-468e-8d98-7199eaab2ab8"
  },
  "password" : "12345",
  "creationTime" : 1617152816,
  "lastUpdateTime" : 1617152850,
  "myCustomProperty" : "Hello World"
}

Query Parameters:

email – the email address of the user
token – the verification token from the email that was associated with the user
response_type – the optional response type, either HTML or JSON. If HTML is specified, the URL will redirect to /verify/success. The default response_type is JSON.

Status Codes:

200 OK – the operation was successful and JSON was returned
303 See Other – the request is redirecting to /verify/success
400 Bad Request – the verify request was malformed
404 Not Found – the user to verify was not found in the database
500 Internal Server Error – the request failed for a potentially unknown reason
503 Service Unavailable – the database is currently unavailable

Reset Verification Status¶

POST /verify/reset¶

Resets the verification status of the user’s email to false.

Example:

http

POST /verify/reset?email=sampleuser%40sanctionco.com HTTP/1.1
Authorization: Basic YWRtaW46YWRtaW4=
Content-Type: application/json
password: YWRtaW46YWRtaW4=

curl

curl -i -X POST 'http://nohost/verify/reset?email=sampleuser%40sanctionco.com' -H "Content-Type: application/json" -H "Password: YWRtaW46YWRtaW4=" --user admin:admin

wget

wget -S -O- 'http://nohost/verify/reset?email=sampleuser%40sanctionco.com' --header="Content-Type: application/json" --header="Password: YWRtaW46YWRtaW4=" --auth-no-challenge --user=admin --password=admin

httpie

http POST 'http://nohost/verify/reset?email=sampleuser%40sanctionco.com' Content-Type:application/json Password:YWRtaW46YWRtaW4= -a admin:admin

response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "email" : {
    "address" : "sampleuser@sanctionco.com",
    "verified" : false,
    "verificationToken" : null
  },
  "password" : "12345",
  "creationTime" : 1617152816,
  "lastUpdateTime" : 1617152850,
  "myCustomProperty" : "Hello World"
}

Query Parameters:

email – the email address of the user

Request Headers:

Authorization – basic authentication application name and secret
password – the (hashed) password of the user

Status Codes:

200 OK – the operation was successful
400 Bad Request – the reset request was malformed
401 Unauthorized – the request was unauthorized
404 Not Found – the user to reset was not found in the database
500 Internal Server Error – the database rejected the request for an unknown reason
503 Service Unavailable – the database is currently unavailable

Get Verification Success Page¶

GET /verify/success¶

Returns an HTML success page that is shown after a user successfully verifies their account. GET /verify will redirect to this URL if the response_type query parameter is set to html.

Example:

http

GET /verify/success HTTP/1.1
Content-Type: text/html

curl

curl -i -X GET http://nohost/verify/success -H "Content-Type: text/html"

wget

wget -S -O- http://nohost/verify/success --header="Content-Type: text/html"

httpie

http http://nohost/verify/success Content-Type:text/html

response

HTTP/1.1 200 OK
Content-Type: text/html

<!DOCTYPE html>
<html>
  <div class="alert alert-success">
    <div align="center"><strong>Success!</strong><br>Your account has been verified.</div>
  </div>
  <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" />
</html>

Status Codes:

200 OK – the operation was successful

Endpoints¶

Create User¶

Update User¶

Get User¶

Delete User¶

Send Verification Email¶

Verify User¶

Reset Verification Status¶

Get Verification Success Page¶

Thunder

Navigation

Related Topics