User Creation

API: Internal/Beta

Users form the basis of all authentication in UCloud.

Rationale

Users in UCloud are authenticated in one of two ways:

  1. WAYF: The user is created on first login by using their login credentials from WAYF (Where Are You From) which is a identity federation allowing the reuse of logins from most danish and north atlantic research and education centers on external sites.

  2. PASSWORD: The users is created by an ADMIN of the system. This is mainly used to give access to people outside WAYF. When a user is a PASSWORD user then there is also a requirement of 2FA. The 2FA is setup after first login.

Each user can have one of seven roles defining their privileges on the UCloud system. See Role for more details.


⚠️ WARNING: The API listed on this page will likely change to conform with our API conventions. Be careful when building integrations. The following changes are expected:

  • RPC names will change to conform with the conventions

  • RPC request and response types will change to conform with the conventions

  • RPCs which return a page will be collapsed into a single browse endpoint

  • Some property names will change to be consistent with Resources


Table of Contents

1. Remote Procedure Calls
Name Description
getUserInfo No description
lookupEmail No description
lookupUID No description
lookupUserWithEmail No description
lookupUsers No description
retrievePrincipal No description
changePassword No description
changePasswordWithReset No description
closeIterator No description
createNewUser No description
fetchNextIterator No description
openUserIterator No description
updateUserInfo No description
2. Data Models
Name Description
AuthenticationTokens No description
Person No description
Person.ByPassword No description
Person.ByWAYF No description
Principal No description
ProviderPrincipal No description
ServicePrincipal No description
UserLookup No description
ChangePasswordRequest No description
ChangePasswordWithResetRequest No description
CreateSingleUserRequest No description
GetPrincipalRequest No description
LookupEmailRequest No description
LookupUIDRequest No description
LookupUserWithEmailRequest No description
LookupUsersRequest No description
UpdateUserInfoRequest No description
GetUserInfoResponse No description
LookupEmailResponse No description
LookupUIDResponse No description
LookupUserWithEmailResponse No description
LookupUsersResponse No description

Remote Procedure Calls

getUserInfo

API: Internal/Beta Auth: Users

Request Response Error
Unit GetUserInfoResponse CommonErrorMessage

lookupEmail

API: Internal/Beta Auth: Services

Request Response Error
LookupEmailRequest LookupEmailResponse CommonErrorMessage

lookupUID

API: Internal/Beta Auth: Services

Request Response Error
LookupUIDRequest LookupUIDResponse CommonErrorMessage

lookupUserWithEmail

API: Internal/Beta Auth: Services

Request Response Error
LookupUserWithEmailRequest LookupUserWithEmailResponse CommonErrorMessage

lookupUsers

API: Internal/Beta Auth: Services

Request Response Error
LookupUsersRequest LookupUsersResponse CommonErrorMessage

retrievePrincipal

API: Internal/Beta Auth: Services

Request Response Error
GetPrincipalRequest Principal CommonErrorMessage

changePassword

API: Internal/Beta Auth: Users

Request Response Error
ChangePasswordRequest Unit CommonErrorMessage

changePasswordWithReset

API: Internal/Beta Auth: Services

Request Response Error
ChangePasswordWithResetRequest Unit CommonErrorMessage

closeIterator

API: Internal/Beta Auth: Services

Request Response Error
FindByStringId Unit CommonErrorMessage

createNewUser

API: Internal/Beta Auth: Services

Request Response Error
List<CreateSingleUserRequest> List<AuthenticationTokens> CommonErrorMessage

fetchNextIterator

API: Internal/Beta Auth: Services

Request Response Error
FindByStringId List<Principal> CommonErrorMessage

openUserIterator

API: Internal/Beta Auth: Services

Request Response Error
Unit FindByStringId CommonErrorMessage

updateUserInfo

API: Internal/Beta Auth: Users

Request Response Error
UpdateUserInfoRequest Unit CommonErrorMessage

Data Models

AuthenticationTokens

API: Internal/Beta

data class AuthenticationTokens(
    val accessToken: String,
    val refreshToken: String,
    val csrfToken: String,
)
Properties
accessToken: String
refreshToken: String
csrfToken: String

Person

API: Internal/Beta

sealed class Person {
    abstract val displayName: String
    abstract val email: String?
    abstract val firstNames: String
    abstract val lastName: String
    abstract val orcId: String?
    abstract val phoneNumber: String?
    abstract val serviceLicenseAgreement: Int
    abstract val title: String?
    abstract val twoFactorAuthentication: Boolean
    abstract val id: String
    abstract val role: Role
    abstract val uid: Long

    class ByPassword : Person()
    class ByWAYF : Person()
}
Properties
displayName: String
email: String?
firstNames: String
lastName: String
orcId: String?
phoneNumber: String?
serviceLicenseAgreement: Int
title: String?
twoFactorAuthentication: Boolean
id: String
role: Role
uid: Long

Deprecated: Yes


Person.ByPassword

API: Internal/Beta

data class ByPassword(
    val id: String,
    val role: Role,
    val title: String?,
    val firstNames: String,
    val lastName: String,
    val phoneNumber: String?,
    val orcId: String?,
    val email: String?,
    val uid: Long?,
    val twoFactorAuthentication: Boolean,
    val serviceLicenseAgreement: Int,
    val organizationId: String?,
    val password: List<Byte>?,
    val salt: List<Byte>?,
    val displayName: String,
    val type: String /* "password" */,
)
Properties
id: String
role: Role
title: String?
firstNames: String
lastName: String
phoneNumber: String?
orcId: String?
email: String?
uid: Long?

Deprecated: Yes

twoFactorAuthentication: Boolean
serviceLicenseAgreement: Int
organizationId: String?
password: List<Byte>?
salt: List<Byte>?
displayName: String
type: String /* "password" */ The type discriminator

API: Stable


Person.ByWAYF

API: Internal/Beta

data class ByWAYF(
    val id: String,
    val role: Role,
    val title: String?,
    val firstNames: String,
    val lastName: String,
    val phoneNumber: String?,
    val orcId: String?,
    val email: String?,
    val uid: Long?,
    val serviceLicenseAgreement: Int,
    val organizationId: String,
    val wayfId: String,
    val displayName: String,
    val twoFactorAuthentication: Boolean,
    val type: String /* "wayf" */,
)
Properties
id: String
role: Role
title: String?
firstNames: String
lastName: String
phoneNumber: String?
orcId: String?
email: String?
uid: Long?

Deprecated: Yes

serviceLicenseAgreement: Int
organizationId: String
wayfId: String
displayName: String
twoFactorAuthentication: Boolean
type: String /* "wayf" */ The type discriminator

API: Stable


Principal

API: Internal/Beta

sealed class Principal {
    abstract val id: String
    abstract val role: Role
    abstract val uid: Long

    class Person : Principal()
    class ProviderPrincipal : Principal()
    class ServicePrincipal : Principal()
}
Properties
id: String
role: Role
uid: Long

Deprecated: Yes


ProviderPrincipal

API: Internal/Beta

data class ProviderPrincipal(
    val id: String,
    val role: Role,
    val uid: Long,
    val type: String /* "provider" */,
)
Properties
id: String
role: Role
uid: Long
type: String /* "provider" */ The type discriminator

API: Stable


ServicePrincipal

API: Internal/Beta

data class ServicePrincipal(
    val id: String,
    val role: Role,
    val uid: Long,
    val type: String /* "service" */,
)
Properties
id: String
role: Role
uid: Long
type: String /* "service" */ The type discriminator

API: Stable


UserLookup

API: Internal/Beta

data class UserLookup(
    val subject: String,
    val uid: Long,
    val role: Role,
)
Properties
subject: String
uid: Long
role: Role

ChangePasswordRequest

API: Internal/Beta

data class ChangePasswordRequest(
    val currentPassword: String,
    val newPassword: String,
)
Properties
currentPassword: String
newPassword: String

ChangePasswordWithResetRequest

API: Internal/Beta

data class ChangePasswordWithResetRequest(
    val userId: String,
    val newPassword: String,
)
Properties
userId: String
newPassword: String

CreateSingleUserRequest

API: Internal/Beta

data class CreateSingleUserRequest(
    val username: String,
    val password: String?,
    val email: String?,
    val role: Role?,
    val firstnames: String?,
    val lastname: String?,
    val orgId: String?,
)
Properties
username: String
password: String?
email: String?
role: Role?
firstnames: String?
lastname: String?
orgId: String?

GetPrincipalRequest

API: Internal/Beta

data class GetPrincipalRequest(
    val username: String,
)
Properties
username: String

LookupEmailRequest

API: Internal/Beta

data class LookupEmailRequest(
    val userId: String,
)
Properties
userId: String

LookupUIDRequest

API: Internal/Beta

data class LookupUIDRequest(
    val uids: List<Long>,
)
Properties
uids: List<Long>

LookupUserWithEmailRequest

API: Internal/Beta

data class LookupUserWithEmailRequest(
    val email: String,
)
Properties
email: String

LookupUsersRequest

API: Internal/Beta

data class LookupUsersRequest(
    val users: List<String>,
)
Properties
users: List<String>

UpdateUserInfoRequest

API: Internal/Beta

data class UpdateUserInfoRequest(
    val email: String?,
    val firstNames: String?,
    val lastName: String?,
)
Properties
email: String?
firstNames: String?
lastName: String?

GetUserInfoResponse

API: Internal/Beta

data class GetUserInfoResponse(
    val email: String?,
    val firstNames: String?,
    val lastName: String?,
)
Properties
email: String?
firstNames: String?
lastName: String?

LookupEmailResponse

API: Internal/Beta

data class LookupEmailResponse(
    val email: String,
)
Properties
email: String

LookupUIDResponse

API: Internal/Beta

data class LookupUIDResponse(
    val users: JsonObject,
)
Properties
users: JsonObject

LookupUserWithEmailResponse

API: Internal/Beta

data class LookupUserWithEmailResponse(
    val userId: String,
    val firstNames: String,
    val lastName: String,
)
Properties
userId: String
firstNames: String
lastName: String

LookupUsersResponse

API: Internal/Beta

data class LookupUsersResponse(
    val results: JsonObject,
)
Properties
results: JsonObject