Open API guides

SingleID Open API Guides

Samsung Cloud Platform SingleID Open API를 사용하려면 먼저 해당 시스템이 Applications 로 등록이 되어 있어야 합니다. 등록된 시스템 정보로 JWT Token을 발급받아 Samsung Cloud Platform SingleID Open API 호출시 JWT Token 정보를 HTTP 헤더에 포함하여 전송해야 합니다.

API 호출 방법

  1. HTTP 헤더에 토큰 (JWT Token) 값을 포함하여 호출
  2. 접근 Token 헤더명은 Authorization 으로 설정하고, 접근 Token 타입 값은 Bearer 으로 지정 - Bearer 문자열 다음에 JWT Token 값을 설정합니다.
  3. Test 위한 환경 정보
    • domain :
      • 내부: stg-scloud.iam.samsung.net
      • 외부: stg2-cloud.singleid.samsung.net
    • tenant-name : test-tenant
  4. Test Swagger UI URL

API List

ModuleAPIURIMethodDescription
Portal Commonget MFA Tokenhttps://{domain}/{tenant-name}/common-api/open/v1.1/asis/{tenant-name}/user/mfa/token/authenticationGETMFA 토큰 발급
Portal CommonOTP Sendhttps://{domain}/{tenant-name}/common-api/open/v1.1/asis/otp/sendPOST인증 타입(email, sms, msg)에 따라 OTP 생성
Portal CommonOTP Validationhttps://{domain}/{tenant-name}/common-api/open/v1.1/asis/otp/validatePOSTOTP 검증
Portal CommonMFA Consumer Requesthttps://{domain}/{tenant-name}/common-api/open/v1.1/mfa/requestGETMFA 요청
Portal CommonMFA Consumer Requesthttps://{domain}/{tenant-name}/common-api/open/v1.1/mfa/requestPOSTMFA 요청
Tenant Admin PortalSend Email about Anomaly Detectionhttps://{domain}/{tenant-name}/admin-api/open/v1.1/emails/anomalyDetectionPOST인증 이상 행위 탐지 시 사용자에게 메일 발송
Tenant Admin PortalSend Email about New Sign-in Environmenthttps://{domain}/{tenant-name}/admin-api/open/v1.1/emails/newSignInEnvironmentPOST신규 환경 로그인 시 사용자 확인 메일 발신
User PortalGet Userhttps://{domain}/{tenant-name}/user-api/open/v1.1/users/{username}GET사용자 이름, 이메일, 선호 언어, 타임존 조회
User PortalGet User Profile Imagehttps://{domain}/{tenant-name}/user-api/open/v1.1/users/image/{username}GET사용자 프로필 이미지 조회
User PortalCreate account assignment listhttps://{domain}/{tenant-name}/user-api/1.0/scp-auth/createPOST사용자 SCP 권한 생성
User PortalDelete account assignment listhttps://{domain}/{tenant-name}/user-api/1.0/scp-auth/deletePOST사용자 SCP 권한 삭제
User PortalGet account assignment listhttps://{domain}/{tenant-name}/user-api/1.0/scp-auth/listGET사용자 SCP 권한 조회
User PortalSearch Userhttps://{domain}/{tenant-name}/user-api/1.0/scp-user/listGETSCP 대상 사용자 검색
Portal CommonMFA Consumer Requesthttps://{domain}/{tenant-name}/common-api/open/v1.1/mfa/request/mfaPOSTMFA 요청 (장비 포함)
Portal CommonMFA Consumer Verificationhttps://{domain}/{tenant-name}/common-api/open/v1.1/mfa/verification/mfaPOSTMFA 검증 (장비 포함)
표. API list

API Specification - get MFA Token(Portal Common)

ModuleAPIURIMethodDescription
Portal Commonget MFA Tokenhttps://{domain}/{tenant-name}/common-api/open/v1.1/asis/{tenant-name}/user/mfa/token/authenticationGETMFA Token 발급
표. get MFA Token(Portal Common)

Request Parameters

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
테넌트 이름tenant-nameYPathStringtest-tenant
사용자명userNameYqueryStringmkdir.kim
프로토콜protocolYqueryStringuma-uaf
sessionDataKeysessionDataKeyNqueryStringsessionDataKey1
redirectUrlredirectUrlNqueryStringredirectUrl1
errorRedirectUrlerrorRedirectUrlNqueryStringerrorRedirectUrl1
paramsparamsNqueryStringparams1
languagelanguageNqueryStringko
표. Request Parameters

Response Parameters

Properties (결과)AttributeData TypeSample DataNote
결과resultStringSUCCESS
결과값valueObject{
"token": "eyJpc3MiOiJodHRwczov...",
"serviceUri": "/ua/MPHTOCHW5I/de6f67d0-8bec-46ac-bf53-16ef00eb2066/dgauth/mfa"
}
표. Response Parameters

Sample

RequestResponse
curl -X POST "https://stg-scloud.singleid.samsung.net:443/stg4/user-api/1.0/scp-auth/delete" -H "accept: application/json"-H "apiKey: {apiKey}" INPUT JSON{     "instanceId": "instnace-01",     "permissionSetId":   "PERMISSION-SET-Ablxc5__qEaIYmWGyMeqlf",     "principalId": "singleid.test001",     "principalType": "USER",     "targetId": "PROJECT-ka2tfhLHsweVwm4BrR1rae",     "targetType": "PROJECT"   }{   "instanceId": "instnace-01",   "permissionSetId": "PERMISSION-SET-Ablxc5__qEaIYmWGyMeqlf",   "principalId": "singleid.test001",   "principalType": "USER",   "targetId": "PROJECT-ka2tfhLHsweVwm4BrR1rae",   "targetType": "PROJECT"   "status": "SUCCESS",   "createdDate": "2024-04-03T01:58:46.538Z",   "failureReason": "" }
표. Sample

Error Code

HTTP Response CodeError CodeError MessageAction Required
400N/AN/AuserName 확인 필요
표. Error Code

API Specification - OTP Send(Portal Common)

ModuleAPIURIMethodDescription
Portal CommonOTP Sendhttps://{domain}/{tenant-name}/common-api/open/v1.1/asis/otp/sendPOST인증타입에 따라(email, sms, msg) OTP 생성
표. OTP Send(Portal Common)

Request Parameters

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
localelocaleYbodyStringko
인증타입typeYbodyStringemail, sms, msg
userNameuserNameYbodyStringgildong.hong
표. Request Parameters

Response Parameters

PropertiesAttributeData TypeSample DataNote
otpStringotpStringString0000000c5bb286c166530ac928d0bdf1f0894ed3a6d891eb3ab7ec89fc9faef7817b9f2f02f8c89ae91558cdc9afec94d6bede93a91d9825f4fe14dc2a282f6456d09f823d194570bc91b353830826e69d5f818172c12dbdb7b524
표. Response Parameters

Sample

RequestResponse
ccurl -X POST "https://localhost:7443/open/v1.1/asis/otp/send"   -H "accept: */*" -H "Content-Type: application/json" -d   "{\"locale\":\"ko\",\"type\":\"email\",\"userName\":\"gildong.hong\"}"{   "otpString": 0000000c5bb286c166530ac928d0bdf1f0894ed3a6d891eb3ab7ec89fc9faef7817b9f2f02f8c89ae91558cdc9afec94d6bede93a91d9825f4fe14dc2a282f6456d09f823d194570bc91b353830826e69d5f818172c12dbdb7b524}
표. Sample

Error Code

Http Response CodeError CodeError Message조치 방안
404N/AN/A유저가 존재하지 않을 때
429N/AN/A60초 이내 중복 호출
500N/AN/A서버 에러, 에러메시지 확인 및 관리자 문의
표. Error Code

API Specification - OTP Validation(Portal Common)

ModuleAPIURIMethodDescription
Portal CommonOTP Validationhttps://{domain}/{tenant-name}/common-api/open/v1.1/asis/otp/validatePOSTotp를 검증합니다.
표. OTP Validation(Portal Common)

Request Parameter

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
userNameuserNameYBodyStringgildong.hong
otp(6자리)otpYBodyString121215
checkValuecheckValueYBodyString0000000c5bb286c166530ac928d0bdf1f0894ed3a6d891eb3ab7ec89fc9faef7817b9f2f02f8c89ae91558cdc9afec94d6bede93a91d9825f4fe14dc2a282f6456d09f823d194570bc91b353830826e69d5f818172c12dbdb7b524sendOtp에서 response로 받은 otpString 값
인증타입typeYBodyStringemailemail, sms, msg
표. Request Parameters

Response Parameter

PropertiesAttributeData TypeSample DataNote
결과resultStringSUCCESS
표. Response Parameters

Sample

RequestResponse
curl -X POST "https://localhost:7443/open/v1.1/asis/otp/validate" -H "accept: */*" -H "Content-Type: application/json" -d "{\"checkValue\":\"0000000c5bb286c166530ac928d0bdf1f0894ed3a6d891eb3ab7ec89fc9faef7817b9f2f02f8c89ae91558cdc9afec94d6bede93a91d9825f4fe14dc2a282f6456d09f823d194570bc91b353830826e69d5f818172c12dbdb7b524\",\"otp\":\"791462\",\"type\":\"email\",\"userName\":\"gildong.hong\"}"{ "result": "success" }
표. Sample

Error Code

Http Response CodeError CodeError Message조치 방안
400N/AN/AOTP를 잘못 입력했을 때
404N/AN/A유저가 존재하지 않을 때
410N/AN/AOTP가 만료되었을 때
429N/AN/AAPI 실패 호출 10회 초과시
500N/AN/A서버 에러, 에러메시지 확인 및 관리자 문의
표. Error Code

API Specification - MFA Consumer Reques(Portal Common)

ModuleAPIURIMethodDescription
Portal CommonMFA Consumer Requesthttps://{domain}/{tenant-name}/common-api/open/v1.1/mfa/requestGETMFA를 요청합니다.
표. MFA Consumer Reques(Portal Common)

Request Parameter

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
JWT TokenjwtTokenRequestYqueryStringeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1aWQiOiJqaW5vbmUua2ltIiwiZGlzcGxheVVpZCI6Imppbm9uZS5raW1Ac2Ftc3VuZy5jb20iLCJlbWFpbCI6ImxUL3p4WngxNk81REo2SU91Z2VnRW9wVGk2eDh5bkxXY3NHLzRaWFE2TVlDSzNQV05oTS9hQUFnQmpkSEJMN1hkcFA2Y25jNCIsIm1vYmlsZSI6InlkVU54ZVl6YkNOY0xEYnFqN01rL2ZCdFcvaHZoRE1Bbm9lNzhRVTRvQTAzZUlwN2NsOVFpSGFoIiwicnRuIjoiaHR0cHM6Ly9zdGcxLWNsb3VkLnNpbmdsZWlkLnNhbXN1bmcubmV0L21vY2svcW1zL21mYS1jb25zdW1lci9yZXN1bHQiLCJyZXEiOiI3NjFlZmQ1Mi05N2QwLTQ1MWYtOWNmOS1jZjg2NzQwZTdjYTMiLCJzeXMiOiI4MDE0ODYyMS04MjZmLTQ5YmUtOGM5ZS0zMTE1ZTUzMDFlMWIiLCJuYmYiOjE3MTIwMjkxNDIsImV4cCI6MTcxNDYyMTE0MiwiaWF0IjoxNzEyMDI5MTQyfQ.-FWTK4IJsu8AonfJTTq7_OA1qAh-9FU89iC1JZcRg_c토큰 원본 데이터 샘플
{ "sys":"test-system", "req":"761efd52-97d0-451f-9cf9-cf86740e7ca3", "uid":"gildong.hong", "rtn":"https://test.com/mfa/response","email":"gildong.hong@samsung.com","mobile":"+82-1012345678", "nbf": 1698232068, "exp": 1698239268, "iat": 1698232068, "displayUid": "gildong.hong@samsung.com" }
표. Request Parameters

Response

MFA 인증 페이지로 Redirect 된다. 기본적으로는 response token을 post 방식으로 전달하나, get 방식(query)로 전달하려면 request token에 다음 파라미터를 추가해줍니다.

  • returnMethod: get

Sample

RequestResponse
curl -X GET "https://stg2-cloud.singleid.samsung.net/test-tenant/common-api/open/v1.1/mfa/request?jwtTokenRequest=eyJhbGciOiJIUzI1NiJ9.eyJzeXMiOiJ0ZXN0LXN5c3RlbSIsInJlcSI6Ijc2MWVmZDUyLTk3ZDAtNDUxZi05Y2Y5LWNmODY3NDBlN2NhMyIsInVpZCI6Imppbm9uZS5raW0iLCJydG4iOiJodHRwczovL3Rlc3QuY29tL21mYS9yZXNwb25zZSIsIm5iZiI6MTY5ODIzMjA2OCwiZXhwIjoxNjk4MjM5MjY4LCJpYXQiOjE2OTgyMzIwNjh9.cDgKMHIINaHhBiyAd_OIlVvQwmUs0QaXH_RfJ8B_KdY"페이지 이동
표. Sample

Error Code

Http Response CodeError CodeError Message조치 방안
400N/AN/A토큰 데이터를 확인합니다.
표. Error Code

API Specification - MFA Consumer Reques(Portal Common)

ModuleAPIURIMethodDescription
Portal CommonMFA Consumer Requesthttps://{domain}/{tenant-name}/common-api/open/v1.1/mfa/requestPOSTMFA를 요청합니다.
표. MFA Consumer Reques(Portal Common)

Request Parameter

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
JWT TokenjwtTokenRequestYqueryStringeyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1aWQiOiJqaW5vbmUua2ltIiwiZGlzcGxheVVpZCI6Imppbm9uZS5raW1Ac2Ftc3VuZy5jb20iLCJlbWFpbCI6ImxUL3p4WngxNk81REo2SU91Z2VnRW9wVGk2eDh5bkxXY3NHLzRaWFE2TVlDSzNQV05oTS9hQUFnQmpkSEJMN1hkcFA2Y25jNCIsIm1vYmlsZSI6InlkVU54ZVl6YkNOY0xEYnFqN01rL2ZCdFcvaHZoRE1Bbm9lNzhRVTRvQTAzZUlwN2NsOVFpSGFoIiwicnRuIjoiaHR0cHM6Ly9zdGcxLWNsb3VkLnNpbmdsZWlkLnNhbXN1bmcubmV0L21vY2svcW1zL21mYS1jb25zdW1lci9yZXN1bHQiLCJyZXEiOiI3NjFlZmQ1Mi05N2QwLTQ1MWYtOWNmOS1jZjg2NzQwZTdjYTMiLCJzeXMiOiI4MDE0ODYyMS04MjZmLTQ5YmUtOGM5ZS0zMTE1ZTUzMDFlMWIiLCJuYmYiOjE3MTIwMjkxNDIsImV4cCI6MTcxNDYyMTE0MiwiaWF0IjoxNzEyMDI5MTQyfQ.-FWTK4IJsu8AonfJTTq7_OA1qAh-9FU89iC1JZcRg_c토큰 원본 데이터 샘플
{ "sys":"test-system", "req":"761efd52-97d0-451f-9cf9-cf86740e7ca3", "uid":"gildong.hong", "rtn":"https://test.com/mfa/response","email":"gildong.hong@samsung.com","mobile":"+82-1012345678", "nbf": 1698232068, "exp": 1698239268, "iat": 1698232068, "displayUid": "gildong.hong@samsung.com" }
MFA Consumer Home 이동 여부registerFlagYqueryBooleantrueMFA Consumer Home으로 이동할지 여부를 결정합니다. true일 경우 MFA Consumer Home으로 이동합니다.
표. Request Parameters

Response

  • registerFlag = true 일 때 : MFA Consumer Home으로 Redirect 된다.
  • registerFlag = false 일 때 : MFA 인증 페이지로 Redirect 된다.

Sample

RequestResponse
curl -X POST "https://stg2-cloud.singleid.samsung.net/test-tenant/common-api/open/v1.1/mfa/request?jwtTokenRequest=eyJhbGciOiJIUzI1NiJ9.eyJzeXMiOiJ0ZXN0LXN5c3RlbSIsInJlcSI6Ijc2MWVmZDUyLTk3ZDAtNDUxZi05Y2Y5LWNmODY3NDBlN2NhMyIsInVpZCI6Imppbm9uZS5raW0iLCJydG4iOiJodHRwczovL3Rlc3QuY29tL21mYS9yZXNwb25zZSIsIm5iZiI6MTY5ODIzMjA2OCwiZXhwIjoxNjk4MjM5MjY4LCJpYXQiOjE2OTgyMzIwNjh9.cDgKMHIINaHhBiyAd_OIlVvQwmUs0QaXH_RfJ8B_KdY&registerFlag=true"페이지 이동
표. Sample

Error Code

Http Response CodeError CodeError Message조치 방안
400N/AN/A토큰 데이터를 확인합니다.
표. Error Code

API Specification - Send Email about Anomaly Detection(Tenant Admin Portal)

ModuleAPIURIMethodDescription
Tenant Admin PortalSend Email about Anomaly Detectionhttps://{domain}/{tenant-name}/admin-api/open/v1.1/emails/anomalyDetectionPOST사용자가 인증 이상 행위에 탐지 되었을 경우 메일을 발송합니다.
표. Send Email about Anomaly Detection(Tenant Admin Portal)

Request Parameter

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
사용자 IPaccessIPYBodyString10.0.0.0
등록 시간detectionTimeYBodyString2023-09-10 23:01:01
이메일emailYBodyStringgildong.hong@samsung.com
사용자 환경environmentYBodyStringPC / Window / Chrome
언어languageYBodyStringko
네트워크 환경(내/외부)locationYBodyStringInternal
탐지 룰 번호ruleYBodyStringP001
사용자 계정usernameYBodyStringgildong.hong
인증 고유 값envGuidYBodyStringd8b09752-405a-4d52-8605-bff9aa3f4741
표. Request Parameters

Response Parameter

PropertiesData TypeSample DataNote
결과booleantrue메일 발송 성공 시 true / 실패 시 false
표. Response Parameters

Sample

RequestResponse
curl -X POST "https://stg1-cloud.singleid.samsung.net:443/test-tenant/admin-api/open/v1.1/emails/anomalyDetection" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"accessIP\":\"10.0.0.0\",\"detectionTime\":\"2023-09-10 23:01:01\",\"email\":\"gildong.hong@samsung.com\",\"environment\":\"PC / Window / Chrome\",\"language\":\"ko\",\"location\":\"Internal\",\"rule\":\"P001\",\"username\":\"gildong.hong\",\"envGuid\":\"d8b09752-405a-4d52-8605-bff9aa3f4741\"}"true
표. Sample

Error code

Http Response CodeError CodeError Message조치 방안
400N/AN/ABad Request
403N/AN/AForbidden
500N/AN/AInternal Server Error
표. Error Code

API Specification - Send Email about New Sign-in Environment(Tenant Admin Portal)

ModuleAPIURIMethodDescription
Tenant Admin PortalSend Email about New Sign-in Environmenthttps://{domain}/{tenant-name}/admin-api/open/v1.1/emails/newSignInEnvironmentPOST사용자가 신규 환경에서 로그인했을 경우 사용자에게 통보하고 환경 등록 여부를 확인하는 메일을 발신합니다.
표. Send Email about New Sign-in Environment(Tenant Admin Portal)

Request Parameter

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
사용자 IPaccessIPYBodyString10.0.0.0
등록 시간detectionTimeYBodyString2023-09-10 23:01:01
이메일emailYBodyStringgildong.hong@samsung.com
사용자 환경environmentYBodyStringPC / Window / Chrome
언어languageYBodyStringko
네트워크 환경(내/외부)locationYBodyStringInternal
탐지 룰 번호ruleYBodyStringP001
사용자 계정usernameYBodyStringgildong.hong
인증 고유 값envGuidYBodyStringd8b09752-405a-4d52-8605-bff9aa3f4741
표. Request Parameters

Response Parameter

PropertiesData TypeSample DataNote
결과booleantrue메일 발송 성공 시 true / 실패 시 false
표. Response Parameters

Sample

RequestResponse
curl -X POST "https://stg1-cloud.singleid.samsung.net:443/test-tenant/admin-api/open/v1.1/emails/anomalyDetection" -H "accept: application/json" -H "Content-Type: application/json" -d "{\"accessIP\":\"10.0.0.0\",\"detectionTime\":\"2023-09-10 23:01:01\",\"email\":\"gildong.hong@samsung.com\",\"environment\":\"PC / Window / Chrome\",\"language\":\"ko\",\"location\":\"Internal\",\"rule\":\"P001\",\"username\":\"gildong.hong\",\"envGuid\":\"d8b09752-405a-4d52-8605-bff9aa3f4741\"}"true
표. Sample

Error Code

Http Response CodeError CodeError Message조치 방안
400N/AN/ABad Request
403N/AN/AForbidden
500N/AN/AInternal Server Error
표. Error Code

API Specification - Get User(User Portal)

ModuleAPIURIMethodDescription
User PortalGet Userhttps://{domain}/{tenant-name}/user-api/open/v1.1/users/{username}GET사용자의 이름, 이메일, 선호 언어, 타임존 데이터를 조회합니다.
표. Get User(User Portal)

Request Parameter

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
사용자 IDusernameYPathStringgildong.hong
표. Request Parameters

Response Parameter

PropertiesAttributeData TypeSample DataNote
User IDusernameStringgildong.hong
EmailemailStringgildong.hong@stage.samsung.com
성명formattedNameString김동호
이름givenNameString동호
familyNameString
영어 Full NameenFormattedNameStringDongho Kim
영어 이름enGivenNameStringDongho
영어 성enFamilyNameStringKim
선호 언어preferredLanguageStringko1) en : 영어 2) ko : 한글
타임존timeZoneStringAsia/Seoul
표. Response Parameters

Sample

RequestResponse
curl -X GET "https://stg2-cloud.singleid.samsung.net/test-tenant/user-api/open/v1.1/users/gildong.hong" -H "accept: application/json" -H "Authorization: Bearer {JWT_TOKEN}"{ "username": "gildong.hong", "email": "gildong.hong@stage.samsung.com", "formattedName": "김동호", "givenName": "동호", "familyName": "김", "enFormattedName": "Dongho Kim", "enGivenName": "Dongho", "enFamilyName": "Kim", "preferredLanguage": "ko", "timeZone": "Asia/Seoul" }
표. Sample

Error Code

Http Response CodeError CodeError Message조치 방안
401N/AN/AJWT Token 이 유효한지 확인이 필요합니다.
표. Error Code

API Specification - Get User Profile Image(User Portal)

ModuleAPIURIMethodDescription
User PortalGet User Profile Imagehttps://{domain}/{tenant-name}/user-api/open/v1.1/users/image/{username}GET사용자의 프로필 이미지 데이터를 조회합니다.
표. Get User Profile Image(User Portal)

Request Parameter

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
사용자 IDusernameYPathStringgildong. hong
표. Request Parameters

Response Parameter

PropertiesAttributeData TypeSample DataNote
usernameusernameStringnull
표. Response Parameters

Sample

RequestResponse
curl -X GET "https://stg2-cloud.singleid.samsung.net:443/test-tenant/user-api/open/v1.1/users/image/gildong.hong" -H "accept: application/json" -H "Authorization: Bearer {JWT_TOKEN}"파일 데이터 { "username": null, "image": "![default-profile.png](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABACAMAAACdt4HsAAAAM1BMVEUyMjIxMTEyMjIrKysyMjIwMDANDQ1HcEAAAABJRU5ErkJggg==)" } 파일 URL { "username": "gildong.hong", "image": "![image](https://stgbox.singleid.samsung.net/files/img/google.png)" }
표. Sample

Error Code

Http Response CodeError CodeError Message조치 방안
401N/AN/AJWT Token 이 유효한지 확인이 필요합니다.
표. Error Code

API Specification - Create account assignment list(User Portal)

ModuleAPIURIMethodDescription
User PortalCreate account assignment listhttps://{domain}/{tenant-name}/user-api/1.0/scp-auth/createPOST사용자에 대한 SCP 권한을 생성합니다.
표. Create account assignment list(User Portal)

Request Parameter

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
instance idinstanceIdYJSONStringSCP 제공
permission set idpermissionSetIdYJSONString“PERMISSION-SET-Ablxc5__qEaIYmWGyMeqlf”SCP 제공
principal idprincipalIdYJSONString“gildong.hong”사용자의 username
principal typeprincipalTypeYJSONString“USER”현재 USER만 가능
target idtargetIdYJSONString“PROJECT-ka2tfhLHsweVwm4BrR1rae”PROJECT ID, SCP 제공
target typetargetTypeYJSONString“PROJECT”현재 PROJECT만 기능
표. Request Parameters

Response Parameter

PropertiesAttributeData TypeSample DataNote
instance idinstanceIdJSON저장된 값 리턴
permission set idpermissionSetIdJSON“PERMISSION-SET-Ablxc5__qEaIYmWGyMeqlf”저장된 값
principal idprincipalIdJSON“gildong.hong”저장된 값
principal typeprincipalTypeJSON“USER”저장된 값 리턴
target idtargetIdJSON“PROJECT-ka2tfhLHsweVwm4BrR1rae”저장된 값 리턴
target typetargetTypeJSON“PROJECT”저장된 값 리턴
statusstatusJSON“SUCCESS”성공 또는 실패
failure reasonfailureReasonJSON실패 사유
created datecreatedDateJSON생성 일시
표. Response Parameters

Sample

RequestResponse
curl -X POST "https://stg-scloud.singleid.samsung.net:443/stg4/user-api/1.0/scp-auth/create" -H "accept: application/json"-H "apiKey: {apiKey}" INPUT JSON{     "instanceId": "instnace-01",     "permissionSetId":   "PERMISSION-SET-Ablxc5__qEaIYmWGyMeqlf",     "principalId": "singleid.test001",     "principalType": "USER",     "targetId": "PROJECT-ka2tfhLHsweVwm4BrR1rae",     "targetType": "PROJECT"   }{   "instanceId": "instnace-01",   "permissionSetId": "PERMISSION-SET-Ablxc5__qEaIYmWGyMeqlf",   "principalId": "singleid.test001",   "principalType": "USER",   "targetId": "PROJECT-ka2tfhLHsweVwm4BrR1rae",   "targetType": "PROJECT"   "status": "SUCCESS",   "createdDate": "2024-04-03T01:58:46.538Z",   "failureReason": "" }
표. Sample

API Specification - Delete account assignment list(User Portal)

ModuleAPIURIMethodDescription
User PortalDelete account assignment listhttps://{domain}/{tenant-name}/user-api/1.0/scp-auth/create](https://{domain}/{tenant-name}/user-api/1.0/scp-auth/deletePOST사용자에 대한 SCP 권한을 삭제합니다.
표. Delete account assignment list(User Portal)

Request Parameter

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
instance idinstanceIdYJSONStringSCP 제공
permission set idpermissionSetIdYJSONString“PERMISSION-SET-Ablxc5__qEaIYmWGyMeqlf”SCP 제공
principal idprincipalIdYJSONString“gildong.hong”사용자의 username
principal typeprincipalTypeYJSONString“USER”현재 USER만 가능
target idtargetIdYJSONString“PROJECT-ka2tfhLHsweVwm4BrR1rae”PROJECT ID, SCP 제공
target typetargetTypeYJSONString“PROJECT”현재 PROJECT만 기능
표. Request Parameters

Response Parameter

PropertiesAttributeData TypeSample DataNote
instance idinstanceIdJSON삭제된 값 리턴
permission set idpermissionSetIdJSON“PERMISSION-SET-Ablxc5__qEaIYmWGyMeqlf”삭제된 값 리턴
principal idprincipalIdJSON“gildong.hong”삭제된 값 리턴
principal typeprincipalTypeJSON“USER”삭제된 값 리턴
target idtargetIdJSON“PROJECT-ka2tfhLHsweVwm4BrR1rae”삭제된 값 리턴
target typetargetTypeJSON“PROJECT”삭제된 값 리턴
statusstatusJSON“SUCCESS”성공 또는 실패
failure reasonfailureReasonJSON실패 사유
created datecreatedDateJSON삭제 일시
표. Response Parameters

Sample

RequestResponse
curl -X GET "https://stg1-cloud.singleid.samsung.net/test-tenant/common-api/open/v1.1/asis/test-tenant/user/mfa/token/authentication?userName=mkdir.kim&protocol=uma-uaf&sessionDataKey=sessionDataKey111&redirectUrl=redirectUrl1111&errorRedirectUrl=errorRedirectUrl1111&params=params111&language=ko"{    "result": "SUCCESS",    "value": {        "token": "eyJpc3MiOiJodHRwczovL3N0ZzItY2xvdWQuaWFtLnNhbXN1bmcubmV0Iiwic3ViIjoibWtkaXIua2ltIiwiYXVkIjoiaHR0cHM6Ly9zdGcyLWNsb3VkLmlhbS5zYW1zdW5nLm5ldCIsImV4cCI6MTY5ODEyOTM2OSwiaWF0IjoxNjk4MTI5MTg5LCJqdGkiOiJkNWZmZGE5Ny1mMzZkLTRjZDktYWJmZi1mMzY4ZTkxYWVkNTUiLCJhbXIiOltdLCJ6b25laW5mbyI6IkFzaWEvU2VvdWwiLCJsb2NhbGUiOiJlbl9VUyIsInByb3RvY29sIjoidW1hLXVhZiIsInJlZGlyZWN0X3VybCI6InJlZGlyZWN0VXJsMSIsImVycm9yX3JlZGlyZWN0X3VybCI6ImVycm9yUmVkaXJlY3RVcmwxIiwicGFyYW1zIjoicGFyYW1zMSIsInVzZXJJZCI6Im1rZGlyLmtpbSJ9:MEUCIHqWV_UcgKHsMlDI7Ks31fw1QPpCYnKorMpnr2L653LwAiEAz30ShMmACEi6H-IuF1YMV2bKT1WIFmAdJ6OCsmEzscA",        "serviceUri": "/ua/MPHTOCHW5I/de6f67d0-8bec-46ac-bf53-16ef00eb2066/dgauth/mfa",        "appId": null    },    "message": "succeeded to get nexsign token.",    "statusCode": null,    "statusCodeValue": "0",    "data": null}
표. Sample

Error Code

Http Response CodeError CodeError Message조치 방안
400N/AN/AuserName을 확인해야 합니다.
표. Error Code

API Specification - Get account assignment list(User Portal)

ModuleAPIURIMethodDescription
User PortalGet account assignment listhttps://{domain}/{tenant-name}/user-api/1.0/scp-auth/listPOST사용자에 대한 SCP 권한을 조회합니다.
표. Get account assignment list(User Portal)

Request Parameter

No.PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
1principal typeprincipalTypeYqueryString“USER”현재 USER만 가능
2principal idprincipalIdYqueryString“gildong.hong”조회할 사용자의 username
표. Request Parameters

Response Parameter

PropertiesAttributeData TypeSample DataNote
instance idinstanceIdJSON
permission set idpermissionSetIdJSON“PERMISSION-SET-Ablxc5__qEaIYmWGyMeqlf”
principal idprincipalIdJSON“gildong.hong”
principal typeprincipalTypeJSON“USER”
target idtargetIdJSON“PROJECT-ka2tfhLHsweVwm4BrR1rae”
target typetargetTypeJSON“PROJECT”
표. Response Parameters

Sample

RequestResponse
curl -X GET "https://stg-scloud.singleid.samsung.net:443/stg4/user-api/1.0/scp-auth/list?principalType=USER&principalId=singleid.test001" -H "accept: application/json" -H "apiKey: {apiKey}"[ { "instanceId": "instnace-01", "permissionSetId": "PERMISSION-SET-Ablxc5__qEaIYmWGyMeqlf", "principalId": "singleid.test001", "principalType": "USER", "targetId": "PROJECT-ka2tfhLHsweVwm4BrR1rae", "targetType": "PROJECT" }, { "instanceId": "instnace-01", "permissionSetId": "PERMISSION-SET-Ablxc5__qEaIYmWGyMe121", "principalId": "singleid.test001", "principalType": "USER", "targetId": "PROJECT-ka2tfhLHsweVwm4BrR1rae", "targetType": "PROJECT" } ]
표. Sample

Error Code

Http Response CodeError CodeError Message조치 방안
401N/AN/AAPI Key가 유효한지 확인이 필요합니다.
표. Error Code

API Specification - Search User(User Portal)

ModuleAPIURIMethodDescription
User PortalSearch Userhttps://{domain}/{tenant-name}/user-api/1.0/scp-user/listPOSTSCP 대상 사용자를 검색합니다.
표. Search User(User Portal)

Request Parameter

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
pagepageNqueryInteger0가져올 페이지
sizesizeNqueryInteger10페이지의 크기
usernameusernameNqueryString“gildong.hong”조회할 사용자 ID
group namegroupNameNqueryString“ADGroup”조회할 그룹
create Date(from)creationDateGeNqueryDateTime“2024-04-03T07:49:23.845Z”
create Date(to)creationDateLeNqueryDateTime“2024-04-03T07:49:23.845Z”
last change date(from)lastChangeDateGeNqueryDateTime“2024-04-03T07:49:23.845Z”
last change date(to)lastChangeDateLeNqueryDateTime“2024-04-03T07:49:23.845Z”
표. Request Parameters

Response Parameter

PropertiesAttributeData TypeSample DataNote
keykeyString“01890501-74fa-7785-91e0-67bd71217a2e”
usernameusernameString“gildong.hong”
administratoradministratorBooleanfalse
formatted nameformattedNameString“길동 홍”
formatted Name(en)enFormattedNameString“gildong hong”
emailemailStringgildong.hong@samsung.com
mobilemobileString“+02-01011112222”
preferred languagepreferredLanguageString“ko”
time zonetimeZoneString“Asia/Seoul”
managed bymanagedByString“SINGLEID”
creatorcreatorString“admin001”
creation datecreationDateDateTime“2024-04-03T07:49:23.845Z”
last modifierlastModifierString“admin001”
last change datelastChangeDateDateTime“2024-04-03T07:49:23.845Z”
표. Response Parameters

Sample

RequestResponse
curl -X POST "https://stg-scloud.singleid.samsung.net:443/stg4/user-api/1.0/scp-user/list" -H "accept: application/json" -H "apiKey: {apiKey}"[ { "key": "01890501-74fa-7785-91e0-67bd71217a2e", "administrator": false, "username": "gildong.hong", "enFormattedName": "gildong hong", "formattedName": "길동 홍", "email": "gildong.hong@samsung.com", "mobile": "+02-01011112222", "preferredLanguage": "ko", "timeZone": "Asia/Seoul", "managedBy": "SINGLEID", "creator": "admin001", "creationDate": "2024-04-03T07:49:23.845Z", "lastModifier": "admin001", "lastChangeDate": "2024-04-03T07:49:23.845Z" }, { "key": "01890501-74fa-7785-91e0-67bd71217a2e", "administrator": false, "username": "gildong.hong", "enFormattedName": "gildong hong", "formattedName": "길동 홍", "email": "gildong.hong@samsung.com", "mobile": "+02-01011112222", "preferredLanguage": "ko", "timeZone": "Asia/Seoul", "managedBy": "SINGLEID", "creator": "admin001", "creationDate": "2024-04-03T07:49:23.845Z", "lastModifier": "admin001", "lastChangeDate": "2024-04-03T07:49:23.845Z" } ]
표. Sample

Error Code

Http Response CodeError CodeError Message조치 방안
401N/AN/AAPI Key가 유효한지 확인이 필요합니다.
표. Error Code

API Specification - MFA Consumer Request(Portal Common)

ModuleAPIURIMethodDescription
Portal CommonMFA Consumer Requesthttps://{domain}/{tenant-name}/common-api/open/v1.1/mfa/request/mfaPOSTMFA를 요청합니다.
표. MFA Consumer Request(Portal Common)

Request Parameter

No.PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
1usernameusernameYBodyStringmkdir.kim
2인증타입typeNBodyStringemailemail, sms, msg, uaApp, uaMOTP 중 1개. 미지정 시 기본 설정 또는 사용자 선호수단을 따름.
3serviceProviderIdserviceProviderIdYBodyStringd8b09752-405a-4d52-8605-bff9aa3f4741UUID. SingleID Admin Portal에서 등록 후 채번되는 장비별 ID.
표. Request Parameters

Response Parameter

PropertiesAttributeData TypeSample DataNote
requestIdrequestIdString01890501-74fa-7785-91e0-67bd71217a2eUUID. MFA 검증 시 요청 파라미터로 활용.
인증타입typeStringsmsemail, sms, msg, uaApp, uaMOTP 중 1개. MFA type에 따라 검증 로직이 달라질 수 있음.
otpotpString1234566자리 또는 8자리 숫자. type이 uaMOTP(6자리), uaApp(8자리)인 경우에만 발급.
표. Response Parameters

Sample

RequestResponse
curl -X POST "https://stg1-cloud.singleid.samsung.net:443/test/common-api/open/v1.1/mfa/request/mfa"   -H "accept: application/json" -H "Content-Type:   application/json" -d   "{\"username\":\"mkdir.kim\",\"type\":\"sms\",\"serviceProviderId\":\"dceef541-1f22-479d-96ac-c402ab0789e9\"}{ "otp": "123456", "requestId": "d8b09752-405a-4d52-8605-bff9aa3f4741", "serviceProviderId": "", "type": "sms", "username": "" }
표. Sample

Error Codes and Responses

Http Response CodeError CodeError MessageAction Plan
400N/Acommon.error.requiredValue필수값이 누락되었습니다. 확인해주세요
400N/Auser.error.notFound사용자를 찾을 수 없습니다. 사용자 아이디를 확인하세요
400N/AserviceProvider.error.notFound서비스 프로바이더를 찾을 수 없습니다. 관리자에게 문의하세요
400N/Aauthenticator.error.notFound인증수단을 찾을 수 없습니다. 관리자에게 문의하세요
400N/Acommon.error.disallowedValue잘못된 Type 입니다. 관리자에게 문의하세요
400N/Auser.error.locked + remain계정이 잠겨있습니다. {remain} 분 이후에 시도해 주세요.
400N/Aotp.error.tooManyAttempts보안경고 화면으로 이동(여러번의 인증실패로 인해 계정이 잠겼습니다)
표. Error Code

API Specification - MFA Consumer Verification(Portal Common)

ModuleAPIURIMethodDescription
Portal CommonMFA Consumer Verificationhttps://{domain}/{tenant-name}/common-api/open/v1.1/mfa/verification/mfaPOSTMFA를 검증합니다.
표. MFA Consumer Verification(Portal Common)

Request Parameter

PropertiesAttributeMandatoryParameter TypeData TypeSample DataNote
requestIdrequestIdYBodyStringd8b09752-405a-4d52-8605-bff9aa3f4741UUID
otpotpNBodyString1234566자리 숫자/uaApp, uaMOTP일경우엔 필요없음
표. Request Parameters

Response Parameter

Http Status Code상태
200인증 완료
202인증 대기 (type이 uaMOTP, uaApp인 경우에만 발생. 주기적으로 Polling하며 200으로 전달 때까지 결과 확인 필요)
그외에러
표. Response Parameters

Sample

RequestResponse
curl -X POST "https://stg1-cloud.singleid.samsung.net:443/test/common-api/open/v1.1/mfa/verification/mfa"   -H "accept: application/json" -H "Content-Type: application/json"   -d   "{\"otp\":\"000000\",\"requestId\":\"095db652-877f-42e5-b87f-e404fb07048b\"}"{   “statusCode”: “ACCEPTED”, }
표. Sample

Error Codes

Http Response CodeError CodeError Message조치 방안
400N/Acommon.error.requiredValue필수값이 누락되었습니다. 확인해주세요
400N/Acommon.error.invalidRequest찾을 수 없는 Request 입니다. 관리자에게 문의하세요
400N/Arequest.error.invalidStatusRequest의 상태가 잘못되었습니다. 관리자에게 문의하세요
400N/Aotp.error.notMatch잘못된 OTP입니다. OTP를 확인하세요
400N/Aotp.error.tooManyAttempts보안경고 화면으로 이동(여러번의 인증실패로 인해 계정이 잠겼습니다)
표. Error Code
Open Source Licence(ISO)
ADFS Adapter 가이드