Forums/API

Introduction

Thomas Pedersen
posted this on Feb 16 00:03

Authentication

Authentication is done via Basic HTTP Authentication. Use the API key as the username and x as the password as shown below. The key must be passed in every request to the API. All API activity will be logged in the audit trail as the user 'API'.

curl -u {api_key}:x https://app.onelogin.com/api/v1/users.xml
You can find the The API key in the admin interface under Security / Session settings.

REST operations

REST stands for REpresentational State Transfer and is a very simple and elegant way of interacting with applications using standard HTTP operations. If you are interested in reading more about REST, check out this Wikipedia article.

OneLogin's API supports five basic operations for each entity: read, list, create, update and delete. The easiest way to illustate how they work is using cURL. Note that some of the operations expect the 'application/xml' content type and will not work without it.

Return codes

An operation must return one of the following codes.

  • 200 OK
  • 201 Created
  • 404 Not found
  • 422 Unprocessable entity - see <errors></errors> in the response document for details.

Read

curl -u {api_key}:x https://app.onelogin.com/api/v1/users/{id}.xml

List

curl -u {api_key}:x https://app.onelogin.com/api/v1/users.xml

Create

curl -u {api_key}:x -H "Content-type: application/xml" \
-d "<user><email>joe@acme.com</email><role-id>824</role-id></user>" \
-X POST http://app.onelogin.com/api/v1/users.xml

Update

curl -u {api_key}:x -H "Content-type: application/xml" \
-d "<user><firstname>Joseph</firstname></user>" \
-X PUT https://app.onelogin.com/api/v1/users/{id}.xml

Delete

curl -u {api_key}:x -X DELETE https://app.onelogin.com/api/v1/users/{id}.xml

API version

Note that all resources have are prefixed with /api/v1. This is to ensure that we can release new versions of the API without breaking any existing integrations.

 
Add a comment