openapi: 3.0.1 info: title: Basic IDP API Specification description: This specification describes the endpoints of the basic idp service version: 0-SNAPSHOT servers: - url: http://localhost description: local development host tags: - name: User management description: Management functions for users - name: OAuth description: OAuth standard endpoints paths: /basic-idp/v1/token: post: tags: - OAuth summary: Issue token description: Issues a new basic idp for a user whom is identified by the given credentials operationId: issueToken responses: "200": description: OK content: text/plain: schema: type: string "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" "409": $ref: "#/components/responses/Conflict" deprecated: true security: - basic-auth: [] /basic-idp/v1/userinfo: get: tags: - OAuth summary: Read user information description: Reads the user information that is identified by the passed token operationId: userInfo responses: "200": description: OK content: application/json: schema: $ref: "#/components/schemas/SubjectV1" "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" deprecated: true security: - basicidp-token: [] /basic-idp/v1/users: post: tags: - User management summary: Register new user description: Creates a new end user with the given details and credentials operationId: createUser parameters: - $ref: "#/components/parameters/Captcha-Token" requestBody: content: application/json: schema: $ref: "#/components/schemas/SubjectInV1" required: true responses: "200": description: OK content: application/json: schema: $ref: "#/components/schemas/SubjectV1" "400": $ref: "#/components/responses/BadRequest" "409": $ref: "#/components/responses/Conflict" deprecated: true components: schemas: BasicIdpErrorCodeRegistryV1: type: object properties: createSubject: type: string enum: - INPUT_MALFORMED - AUTHORIZATION_INVALID_CAPTCHA - BASIC_IDP_USERNAME_RESERVED getUserInfo: type: string enum: - AUTHENTICATION_FAILED issueToken: type: string enum: - AUTHENTICATION_FAILED description: |- This entry describes possible error codes that may be returned by their respective operation. These can be used to apply logic upon receiving an error response. ErrorDetailV1: type: object properties: field: type: string description: A reference to a field or parameter which cannot be processed. value: type: string description: The value which could not be processed. message: type: string description: A human readable message of error. Intended for developers. description: 'Additional information about the error ' ErrorV1: required: - errorId - occurredAt type: object properties: errorId: type: string description: "An error identifier for the request, to be provided in troubleshooting." code: type: string description: |- An error code which describes this error. Documented per service and endpoint. See respective ErrorCodeRegistry DTO for possible error codes. message: type: string description: A human readable message of error. Intended for developers. details: type: array description: Additional information about the error which can be used in troubleshooting. items: $ref: "#/components/schemas/ErrorDetailV1" occurredAt: type: string description: The timestamp when the error occurred. This string is formatted according to RFC3339. format: date-time SubjectInV1: required: - email - password type: object properties: password: maxLength: 128 minLength: 8 type: string description: Password for the account email: maxLength: 256 minLength: 0 type: string description: Primary Email of the subject. This is also the username of the user phone: maxLength: 32 minLength: 0 type: string description: Phone number of the subject givenName: maxLength: 64 minLength: 0 type: string description: Name of the subject familyName: maxLength: 64 minLength: 0 type: string description: Last name of the subject avatarUrl: maxLength: 512 minLength: 0 type: string description: Link to public accessible avatar image of subject SubjectV1: required: - email - subjectId type: object properties: subjectId: type: string description: The subject's Id. Globally unique. email: maxLength: 256 minLength: 0 type: string description: Primary Email of the subject. This is also the username of the user phone: maxLength: 32 minLength: 0 type: string description: Phone number of the subject givenName: maxLength: 64 minLength: 0 type: string description: Name of the subject familyName: maxLength: 64 minLength: 0 type: string description: Last name of the subject avatarUrl: maxLength: 512 minLength: 0 type: string description: Link to public accessible avatar image of subject responses: BadRequest: description: "The request is malformed, see error data for additional information" content: application/json: schema: $ref: "#/components/schemas/ErrorV1" Unauthorized: description: The request did not have valid authentication credentials content: application/json: schema: $ref: "#/components/schemas/ErrorV1" Forbidden: description: The requester is not authorized to perform this action content: application/json: schema: $ref: "#/components/schemas/ErrorV1" Conflict: description: "The request could not be processed due to a conflict in state,\ \ see error data for additional information" content: application/json: schema: $ref: "#/components/schemas/ErrorV1" parameters: Captcha-Token: name: Captcha-Token in: header required: false schema: maxLength: 4096 type: string description: Captcha token to verify that the request is not made by a bot securitySchemes: basic-auth: type: http scheme: basic basicidp-token: type: http scheme: bearer bearerFormat: A basic idp opaque bearer token. It is prefixed with 'B-'