About the Account and Credential Management API

This API is used to manage account and credential information. Some or all portions may be implemented by any of a number of identity components, including an Account Management System, a Person Registry, and a Credential Store.

Activation Key Interface

Activation Keys may be used set up an initial password, verify an email address, reset a password, or otherwise leverage a single use token to bootstrap or manage an identity.

Request (Create) Activation Key

Generate, store, and return a single-use Activation Key. The calling client is responsible for providing the Activation Key to the Subject.

POST /v1/activationKeys
{
  "identifier":{
    "identifier":"pl53",
    "type":"network"
  }
}

200 OK
{
  "activationKey":"HJQPyw4pxf7M8D9YQPbVaNwvZCWABBmS",
  "validThrough":"2014-02-06T08:46:23Z"
}

(warning) The format of the Activation Key is not specified. It could be short, long, numeric, alphanumeric, etc.

Any previously issued Activation Key for the subject should be invalidated.

POST /v1/activationKeys
{
  "identifier":{
    "identifier":"U87654331",
    "type":"enterprise"
  }
}

POST /v1/activationKeys
{
  "emailAddress":{
    "address":"plee@gmail.com",
    "type":"personal"
  }
}

The requestor may specify a validity window, though the service may refuse to honor it.

POST /v1/activationKeys
{
  "identifier":{
    "identifier":"pl53",
    "type":"network"
  },
  "validThrough":"2014-02-28T23:59:59Z"
}

200 OK
{
  "activationKey":"HJQPyw4pxf7M8D9YQPbVaNwvZCWABBmS",
  "validThrough":"2014-02-06T08:46:23Z"
}

Send (Create) Activation Key

Send an Activation Key to an address of record, directly from the implementing component.

Validate Activation Key

DELETE /v1/activationKeys/HJQPyw4pxf7M8D9YQPbVaNwvZCWABBmS

200 OK

DELETE /v1/activationKeys/HJQPyw4pxf7M8D9YQPbVaNwvZCWABBmS

404 Not Found

View Activation Key

The attributes for an Activation Key may be viewed without invalidating the key. Support for this operation is optional.

GET /v1/activationKeys/HJQPyw4pxf7M8D9YQPbVaNwvZCWABBmS

200 OK
{
  "identifier":{
    "identifier":"U87654331",
    "type":"enterprise"
  },
  "validThrough":"2014-02-06T08:46:23Z"
}

An Activation Key that has already been invalidated will return 404 Not Found.

  • No labels

1 Comment

  1. Scott Koranda

    Should the notion of the activation key include whether or not it is a nonce? For example:

    GET /v1/activationKeys/generate/network/pl53

200 OK

{  
  activationKey:"HJQPyw4pxf7M8D9YQPbVaNwvZCWABBmS",  
  validThrough:"2014-02-06T08:46:23Z",
  nonce: false
}

    GET /v1/activationKeys/generate/network/pl53?nonce=true

200 OK

{  
  activationKey:"HJQPyw4pxf7M8D9YQPbVaNwvZCWABBmS",  
  validThrough:"2014-02-06T08:46:23Z",
  nonce: true
}

    GET /v1/activationKeys/generate/network/pl53?nonce=true

501 Not Implemented

"This service does not issue nonces."