Learning Center/General education/For Software Vendors
Modeling a REST User Management API
Thomas Pedersen
posted this on December 13, 2010 08:58 pm
Several cloud application vendors have asked us how they should model a user management API, so we decided to publish a simple template to get you started. We recommend implementing a REST API because it is very simple to understand it is getting a lot of traction in the industry.
The REST API needs the following basic operations:
| Operation | HTTP method | URI | Body |
| Lookup user | GET | /users/{id}.xml | |
| List users | GET | /users.xml | |
| Create user | POST | /users.xml | <email>joe@acme.org</email>... |
| Update user | PUT | /users/{id}.xml | |
| Suspend user | PUT | /users/{id}.xml | <active>false</active> |
| Reactivate user | PUT | /users/{id}.xml | <active>true</active> |
| Delete user | DELETE | /users/{id}.xml |
The User Object
At a minimum, the user object should have the following attributes.
- ID
- First name
- Last name
- User name (typically an email address)
- Active flag
The user may also have a unique ID that can be referenced instead of a user name or an email address. The API methods below all assume that each user has a unique ID.
Show user
Returns a single user.
<user>
<active>true</active>
<email>hanna@onelogin.com</email>
<firstname>Hanna</firstname>
<id>15568</id>
<lastname>Banana</lastname>
</user>
List users
Returns all users in one list. The body of each user is the same as for show user.
<users type="array">
<user>
...
</user>
<user>
...
</user>
</users>
Create user
Creates a new user.
<user>
<active>true</active>
<email>hanna@onelogin.com</email>
<firstname>Hanna</firstname>
<id>15568</id>
<lastname>Banana</lastname>
</user>
Update user
Updates one or more of a user's attributes. This is also the method used to suspend and reactive a user, for example using an <active> tag.
<user>
<active>false</active>
<firstname>Hannah</firstname>
</user>
This example sets the user's first name to Hannah.
Delete user
Deletes a user.
Status: 200