--- swagger: "2.0" info: description: "DualInventive's common authentication API" version: "1.0.1" title: "Authentication API" termsOfService: "http://swagger.io/terms/" contact: name: "bartekbeza@dualinventive.com" license: name: "Apache 2.0" url: "http://www.apache.org/licenses/LICENSE-2.0.html" host: "api.mtinfo3000.com" basePath: "/auth/v1" schemes: - "https" securityDefinitions: TokenAuth: type: apiKey in: header name: Authorization paths: /login: post: tags: - "Authentication" summary: "" description: "Authenticate user and retrieve security token" operationId: "" consumes: - "application/json" produces: - "application/json" parameters: - in: "body" name: "body" description: "User's credentials" required: true schema: $ref: "#/definitions/Credentials" x-exportParamName: "Body" responses: 200: description: "successful operation" schema: $ref: "#/definitions/SecurityToken" 401: description: "Authentication failed" schema: $ref: "#/definitions/ErrResponse" 500: description: "Internal Server Error" schema: $ref: "#/definitions/ErrResponse" /logout: post: tags: - "Authentication" description: "Logout user and remove security token" consumes: - "application/json" produces: - "application/json" security: - TokenAuth: [] operationId: logout responses: 204: description: "Logout successful" 401: description: "Authentication failed" schema: $ref: "#/definitions/ErrResponse" 500: description: "Internal Server Error" schema: $ref: "#/definitions/ErrResponse" /verify: post: tags: - "Authentication" description: "Verify the given token" consumes: - "application/json" produces: - "application/json" security: - TokenAuth: [] operationId: Verify parameters: - in: "body" name: "body" description: "Rights" schema: $ref: "#/definitions/Rights" x-exportParamName: "Body" responses: 200: description: "OK" schema: type: boolean 500: description: "Internal Server Error" schema: $ref: "#/definitions/ErrResponse" /me: get: tags: - "Authentication" description: "Request user information based on a given token" consumes: - "application/json" produces: - "application/json" security: - TokenAuth: [] operationId: "" responses: 200: description: "Success" schema: $ref: "#/definitions/User" 401: description: "Authentication failed" schema: $ref: "#/definitions/ErrResponse" 500: description: "Internal Server Error" schema: $ref: "#/definitions/ErrResponse" /password-reset/request: post: tags: - "Authentication" summary: "" description: "Create user-bound reset code" operationId: "" consumes: - "application/json" produces: - "application/json" parameters: - in: "body" name: "body" description: "Username" required: true schema: $ref: "#/definitions/PasswordForget" x-exportParamName: "Body" responses: 201: description: "successful operation" 400: description: "bad request" schema: $ref: "#/definitions/ErrResponse" 500: description: "Internal Server Error" schema: $ref: "#/definitions/ErrResponse" /password-reset/redeem: post: tags: - "Authentication" summary: "" description: "Redeem user-bound reset code, changes the users password" operationId: "" consumes: - "application/json" produces: - "application/json" parameters: - in: "body" name: "body" description: "New password" required: true schema: $ref: "#/definitions/PasswordForgetRedeem" x-exportParamName: "Body" responses: 201: description: "successful operation" 400: description: "bad request" schema: $ref: "#/definitions/ErrResponse" 500: description: "Internal Server Error" schema: $ref: "#/definitions/ErrResponse" /tokens: get: tags: - "Authentication" summary: "Endpoint to retrieve an opaque overview of active tokens for the logged in user" description: "Endpoint to retrieve an opaque overview of the active tokens for the logged in user, received id's can not be used as actual tokens." consumes: - "application/json" produces: - "application/json" security: - TokenAuth: [] operationId: "ListTokens" responses: 200: description: "successful operation" schema: $ref: "#/definitions/TokenList" 401: description: "Authentication failed" schema: $ref: "#/definitions/ErrResponse" 500: description: "Internal Server Error" schema: $ref: "#/definitions/ErrResponse" /tokens/{opaqueTokenId}: delete: tags: - "Authentication" summary: "Endpoint to remove a token by the given opaqueTokenId" description: "Endpoint to remove a token by the given opaqueTokenId" consumes: - "application/json" produces: - "application/json" security: - TokenAuth: [] operationId: "DeleteToken" parameters: - name: opaqueTokenId in: path required: true type: string description: Opaque Token Id responses: 200: description: "successful operation" 401: description: "Authentication failed" schema: $ref: "#/definitions/ErrResponse" 500: description: "internal server error" schema: $ref: "#/definitions/ErrResponse" definitions: Credentials: properties: user: type: "string" companyCode: type: "string" password: type: "string" PasswordForget: properties: user: type: "string" PasswordForgetRedeem: properties: user: type: "string" resetCode: type: "string" password: type: "string" passwordVerify: type: "string" SecurityToken: properties: token: type: "string" User: properties: userId: type: "integer" userName: type: "string" roles: type: "array" items: type: "object" properties: name: type: "string" rights: type: "array" items: type: "string" company: type: "object" properties: id: type: "integer" name: type: "string" code: type: "string" TokenList: properties: tokens: type: "array" items: $ref: '#/definitions/OpaqueToken' OpaqueToken: properties: opaqueId: type: "string" userAgent: type: "string" Rights: properties: rights: type: "array" items: type: "string" ErrResponse: properties: errMsg: type: "string" body: properties: token: type: "string"