Information Technology Reference
In-Depth Information
IAM REST Service Interface at a Glance
This is an indicative example. You can design your interface differently, or with more specialised services.
Function
B2C Users
42
Internal (B2E) Users
B2B Users
Response codes
Create a new user, letting IAM generate the User UUID
43
(User data in request body)
POST
/b2eusers/
POST
/b2busers/
POST
/b2cusers/
201 Created
202 Accepted
44
400 Bad request
Create a new user using User UUID provided by service
consumer (User data in request body)
PUT
/b2eusers/{UUID}
PUT
/b2busers/{UUID}
PUT
/b2cusers/{UUID}
201 Created
202 Accepted,
400 Bad request
Retrieve a user's details
GET
/b2eusers/{UUID}
GET
/b2busers/{UUID}
GET
/b2cusers/{UUID}
200 OK
404 Not found
Retrieve a list or subset of users, with an optional
qualifier
GET
/b2eusers/?qualification=...
GET
/b2busers/?qualification=...
GET
/b2cusers/?qualification=...
200 OK
404 Not found
Update a user's attributes (Changed attributes in request
body)
PUT
(ideally
PATCH
)
/b2eusers/{UUID}
PUT
(ideally
PATCH
)
/b2eusers/{UUID}
PUT
(ideally
PATCH
)
/b2eusers/{UUID}
200 OK
404 Not found
409 Conflict
45
Delete, deactivate or mark a user record for archival
DELETE
/b2eusers/{UUID}
DELETE
/b2busers/{UUID}
DELETE
/b2cusers/{UUID}
200 OK
404 Not found
410 Gone
46
Table 2: REST service interface
42
B2B2C users may be supported either through separate URIs, or by reusing the B2C URIs if their treatment is likely to be the same.
43
On success, the response includes the HTTP header “Location: /{usertype}/{UUID}”
44
“201 Created” is a synchronous response. “202 Accepted” is an asynchronous acknowledgement, i.e., the request has been successfully received but will be acted on later.
45
A “409 Conflict” response is used when an attempted update would put the resource into an inconsistent state. “500 Internal service error” is also a possibility in all cases.
