User Creation

API: Internal/Beta

Users form the basis of all authentication in UCloud.

Rationale

Users in UCloud are authenticated in one of several:

  1. WAYF: The user is created on first login by using their login credentials from WAYF (Where Are You From) which is a identity federation allowing the reuse of logins from most danish and north atlantic research and education centers on external sites.

  2. PASSWORD: The users is created by an ADMIN of the system. This is mainly used to give access to people outside WAYF. When a user is a PASSWORD user then there is also a requirement of 2FA. The 2FA is setup after first login.

  3. Alternatively, users can also be authenticated using one of the configured OpenIdConnect providers. None are currently configured for the production system.

Each user has a role defining their privileges on the UCloud system. See Role for more details.

⚠️ WARNING: The API listed on this page will likely change to conform with our API conventions. Be careful when building integrations. The following changes are expected:

  • RPC names will change to conform with the conventions

  • RPC request and response types will change to conform with the conventions

  • RPCs which return a page will be collapsed into a single browse endpoint

  • Some property names will change to be consistent with Resources

Table of Contents

1. Remote Procedure Calls
Name Description
getUserInfo Request information about the current user.
lookupEmail Request the email of a user.
lookupUserWithEmail No description
lookupUsers No description
retrieveOptionalUserInfo No description
verifyUserInfo Verifies a change in user info (typically accessed through an email)
changePassword Request change of the password of the current user (if [`PASSWORD`](/docs/reference/dk.sdu.cloud.auth.api.PASSWORD.md) user).
changePasswordWithReset Request reset of password of a [`PASSWORD`](/docs/reference/dk.sdu.cloud.auth.api.PASSWORD.md) user.
createNewUser Request creation of a new [`PASSWORD`](/docs/reference/dk.sdu.cloud.auth.api.PASSWORD.md) user.
updateOptionalUserInfo No description
updateUserInfo Request update of information about the current user.
2. Data Models
Name Description
AuthenticationTokens No description
OptionalUserInformation No description
UserLookup No description
ChangePasswordRequest No description
ChangePasswordWithResetRequest No description
CreateSingleUserRequest No description
LookupEmailRequest No description
LookupUserWithEmailRequest No description
LookupUsersRequest No description
UpdateUserInfoRequest No description
GetUserInfoResponse No description
LookupEmailResponse No description
LookupUserWithEmailResponse No description
LookupUsersResponse No description

Remote Procedure Calls

getUserInfo

API: Internal/Beta Auth: Users

Request information about the current user.

Request Response Error
Unit GetUserInfoResponse CommonErrorMessage

lookupEmail

API: Internal/Beta Auth: Services

Request the email of a user.

Request Response Error
LookupEmailRequest LookupEmailResponse CommonErrorMessage

lookupUserWithEmail

API: Internal/Beta Auth: Services

Request Response Error
LookupUserWithEmailRequest LookupUserWithEmailResponse CommonErrorMessage

lookupUsers

API: Internal/Beta Auth: Services

Request Response Error
LookupUsersRequest LookupUsersResponse CommonErrorMessage

retrieveOptionalUserInfo

API: Internal/Beta Auth: Users

Request Response Error
Unit OptionalUserInformation CommonErrorMessage

verifyUserInfo

API: Internal/Beta Auth: Public

Verifies a change in user info (typically accessed through an email)

Request Response Error
FindByStringId Unit CommonErrorMessage

changePassword

API: Internal/Beta Auth: Users

Request change of the password of the current user (if PASSWORD user).

Request Response Error
ChangePasswordRequest Unit CommonErrorMessage

changePasswordWithReset

API: Internal/Beta Auth: Services

Request reset of password of a PASSWORD user.

Request Response Error
ChangePasswordWithResetRequest Unit CommonErrorMessage

This request can only be called by other services, and is used by the PasswordResetService to reset a user’s password in case they are unable to log in. Read more in Password Reset.

createNewUser

API: Internal/Beta Auth: Services

Request creation of a new PASSWORD user.

Request Response Error
List<CreateSingleUserRequest> List<AuthenticationTokens> CommonErrorMessage

updateOptionalUserInfo

API: Internal/Beta Auth: Users

Request Response Error
OptionalUserInformation Unit CommonErrorMessage

updateUserInfo

API: Internal/Beta Auth: Users

Request update of information about the current user.

Request Response Error
UpdateUserInfoRequest Unit CommonErrorMessage

Data Models

AuthenticationTokens

API: Internal/Beta

data class AuthenticationTokens(
    val accessToken: String,
    val refreshToken: String,
    val csrfToken: String,
)
Properties
accessToken: String
refreshToken: String
csrfToken: String

OptionalUserInformation

API: Internal/Beta

data class OptionalUserInformation(
    val organizationFullName: String?,
    val department: String?,
    val researchField: String?,
    val position: String?,
)
Properties
organizationFullName: String?
department: String?
researchField: String?
position: String?

UserLookup

API: Internal/Beta

data class UserLookup(
    val subject: String,
    val role: Role,
)
Properties
subject: String
role: Role

ChangePasswordRequest

API: Internal/Beta

data class ChangePasswordRequest(
    val currentPassword: String,
    val newPassword: String,
)
Properties
currentPassword: String
newPassword: String

ChangePasswordWithResetRequest

API: Internal/Beta

data class ChangePasswordWithResetRequest(
    val userId: String,
    val newPassword: String,
)
Properties
userId: String
newPassword: String

CreateSingleUserRequest

API: Internal/Beta

data class CreateSingleUserRequest(
    val username: String,
    val password: String?,
    val email: String?,
    val role: Role?,
    val firstnames: String?,
    val lastname: String?,
    val orgId: String?,
)
Properties
username: String
password: String?
email: String?
role: Role?
firstnames: String?
lastname: String?
orgId: String?

LookupEmailRequest

API: Internal/Beta

data class LookupEmailRequest(
    val userId: String,
)
Properties
userId: String

LookupUserWithEmailRequest

API: Internal/Beta

data class LookupUserWithEmailRequest(
    val email: String,
)
Properties
email: String

LookupUsersRequest

API: Internal/Beta

data class LookupUsersRequest(
    val users: List<String>,
)
Properties
users: List<String>

UpdateUserInfoRequest

API: Internal/Beta

data class UpdateUserInfoRequest(
    val email: String?,
    val firstNames: String?,
    val lastName: String?,
)
Properties
email: String?
firstNames: String?
lastName: String?

GetUserInfoResponse

API: Internal/Beta

data class GetUserInfoResponse(
    val email: String?,
    val firstNames: String?,
    val lastName: String?,
    val organization: String?,
)
Properties
email: String?
firstNames: String?
lastName: String?
organization: String?

LookupEmailResponse

API: Internal/Beta

data class LookupEmailResponse(
    val email: String,
)
Properties
email: String

LookupUserWithEmailResponse

API: Internal/Beta

data class LookupUserWithEmailResponse(
    val userId: String,
    val firstNames: String,
    val lastName: String,
)
Properties
userId: String
firstNames: String
lastName: String

LookupUsersResponse

API: Internal/Beta

data class LookupUsersResponse(
    val results: JsonObject,
)
Properties
results: JsonObject