Provisioning API

You are (optionally) responsible for implementing a provisioning API to enable full identity sync. Once enabled, Replicated will make calls into this API when changes are detected in the directory service.

When implemented and defined in the Identity configuration, this API will receive the list of LDAP users (initially) and updates when users are added, edited, and removed.

/v1/ping

This call is used to advertise the API's readiness.

Response

HTTP status on success: 204
All other status codes will be interpreted as errors and sync will not be initiated.

/v1/user/create

This endpoint is called when a new user record is being added.

Request Payload

Name

Type

Description

uuid

String

(Required) This is the permanent unique user identifier. Note that username can change but still identify the same user.

user_id

String

(Optional) User ID if one is defined by the LDAP server.

username

String

(Optional) Username as defined by the ldap_username_field setting.

first_name

String

(Optional) First name

last_name

String

(Optional) Last name

full_name

String

(Optional) Full name

password_format

String

(Optional) Password (encryption/hashing) format

password

String

(Optional) Password. Note that this maybe clear text password. This will be indicated by the value in password_format

email

String

(Optional) Email

Response

HTTP status on success: 201
All other status codes will be interpreted as errors and sync will not continue.

/v1/user/modify

This endpoint is called when an existing user record is being update.

Request Payload

At this time the request payload is the same as for /v1/user/create

Response

HTTP status on success: 204
All other status codes will be interpreted as errors and sync will not continue.

/v1/user/:uuid

This endpoint is called when an existing user record is being deleted.

Request Payload

None

Response

HTTP status on success: 204
All other status codes will be interpreted as errors and sync will not continue.