Kenesto Authentication
with External authenticator
1. CreateCompanyUsingExternalAuthentication
Description:
Create new company that using with an external authentication
Request:
https://app.kenesto.com/Kenesto.Web.API/Access.svc/CreateCompanyUsingExternalAuthentication
Http Method: POST
Content-Type: application/json
Parameters:
| Name | Type | Required | Description |
| token | string | yes | A valid session token |
| companyName | string | yes | Company name |
| companyDomains | JSON Object | yes | An array of company domains |
| authenticationEndpoint | string | yes | Authentication endpoint URL (see more details below) |
| validationEndpoint | string | yes | Validation endpoint URL (see more details below) |
| publicKey | string | yes | A public key to encrypt the user’s data (see more details below) |
| userData | string | no | User Data – free text. |
Response
Response:
Type: Json Formatted String
CompanyId – Company Id
ResponseStatus – OK or FAILED
URL Examples
URL Examples
https://app.kenesto.com/Kenesto.Web.API/Access.svc/CreateCompanyUsingExternalAuthentication
{
token: “iBqpURc3g5VYT/1BTgMt68JQNsD0Sx+4NKZWJNVy66tbv76Itf6eLd/Th/elOX5Jx2lwC2CMNgG/ygQfK4orudXXkKUdyRYEwpr30Iy/IxfUzHugmzCoOVizaEBU+8f7jczR”,
companyName: “Company #1”,
companyDomains: [“comp1.com”],
agentAccessUrl: “https://oem.com/kenesto_auth.srv/authenticate“,
serverAccessUrl: “https://oem.com/kenesto_auth.srv/validate“,
publicKey: “<RSAKeyValue><Modulus>3V+rPbx2ojXfp9cFRrfaW402oOMfcR6cUZmenMK3RYQJSmt40McF/xUhVPsL/GubnaNHz4k45EgRWYzUHV/22lQgBl/vWyGK6w9xBPg2w==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>“
}
Response Example
Response
{
“CompanyId“: 1001,
“ResponseStatus”: “OK”,
“UserData”: null
}
2. UpdateCompanyUsingExternalAuthentication
Description:
Update existing company that using with an external authentication
Request:
https://app.kenesto.com/Kenesto.Web.API/Access.svc/UpdateCompanyUsingExternalAuthentication
Http Method: POST
Content-Type: application/json
Parameters:
|
Name |
Type |
Required |
Description |
|
token |
string |
yes |
A valid session token |
|
companyId |
string |
yes |
A company name |
|
companyName |
string |
no |
A company name |
|
companyDomains |
JSON Object |
no |
An array of company domains |
|
authenticationEndpoint |
string |
yes |
Authentication endpoint URL |
|
validationEndpoint |
string |
yes |
Validation endpoint URL |
|
publicKey |
string |
no |
A public key to encrypt the user’s data |
|
userData |
string |
no |
User Data – free text. |
Response
Response:
Type: Json Formatted String
ResponseStatus – OK or FAILED
URL Examples
URL Examples
https://app.kenesto.com/Kenesto.Web.API/Access.svc/UpdateCompanyUsingExternalAuthentication
{
token: “iBqpURc3g5VYT/1BTgMt68JQNsD0Sx+4NKZWJNVy66tbv76Itf6eLd/Th/elOX5Jx2lwC2CMNgG/ygQfK4orudXXkKUdyRYEwpr30Iy/IxfUzHugmzCoOVizaEBU+8f7jczR”,
companyId: “1001”,
companyName: “Company #1 dev”,
companyDomains: [“comp1.com”,”comp2.com],
agentAccessUrl: “https://oem.com/kenesto_auth.srv_dev/authenticate“,
serverAccessUrl: “https://oem.com/kenesto_auth.srv_dev/validate“,
publicKey: “<RSAKeyValue><Modulus>43V+rPbx2ojXfp9cFRrfaW402oOMfcR6cdsdsdsdsdJSmt40McF/xUhVPsL/GubnaNHz4k45EgRWQSiamwftvqataMmZXYzUHV/22lQgB==</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>“
}
Response Example
Response
{
“ResponseStatus”: “OK”,
“UserData”: null
}
3. AddUserToCompanyUsingExternalAuthentication
Description:
Add new user to a company that using with an external authentication
Request:
https://app.kenesto.com/Kenesto.Web.API/Access.svc/AddUserToCompanyUsingExternalAuthentication
Http Method: POST
Content-Type: application/json
Parameters:
|
Name |
Type |
Required |
Description |
|
token |
string |
yes |
A valid session token |
|
companyId |
string |
yes |
A company Id |
|
firstName |
string |
yes |
First Name |
|
lastName |
string |
yes |
Last Name |
|
emailAddress |
string |
yes |
Email Address |
|
userData |
string |
no |
User Data – free text. |
Response
Response:
Type: Json Formatted String
ResponseStatus – OK or FAILED
URL Examples
URL Examples
https://app.kenesto.com/Kenesto.Web.API/Access.svc/AddUserToCompanyUsingExternalAuthentication
{
token: “iBqpURc3g5VYT/1BTgMt68JQNsD0Sx+4NKZWJNVy66tbv76Itf6eLd/Th/elOX5Jx2lwC2CMNgG/ygQfK4orudXXkKUdyRYEwpr30Iy/IxfUzHugmzCoOVizaEBU+8f7jczR”,
companyId: “1001”,
firstName: “Joe”,
lastName: “ Rogan”,
emailAddress: “joe_rogan@gmail.com“
}
Response Example
Response
{
“ResponseStatus”: “OK”,
“UserData”: null
}
4. LoginUsingExternalAuthentication
Description:
Login to Kenesto using with an external authentication server.
The token included in the response is to be used for all subsequent API calls.
Request:
https://app.kenesto.com/Kenesto.Web.API/Access.svc/LoginUsingExternalAuthentication
Http Method: POST
Content-Type: application/json
Parameters:
| Name | Type | Required | Description |
| accessToken | string | yes | Access token (received from the Authenticate API function). |
| organizationIdentifier | string | yes | Company id |
| validationCode | string | yes | Validation code (received from the external authorization server). |
| userData | string | no | User Data – free text. |
Downloadable Solution:
Response
Response:
Type: Json Formatted String
ResponseStatus – OK or FAILED
Token – A valid session token
URL Examples
URL Examples
https://app.kenesto.com/Kenesto.Web.API/Access.svc/LoginUsingExternalAuthentication
{
accessToken: “iBqpURc3g5VYT/1BTgMt68JQNsD0Sx+4NKZWJNVy66tbv76Itf6eLd/Th/elOX5Jx2lwC2CMNgG/ygQfK4orudXXkKUdyRYEwpr30Iy/IxfUzHugmzCoOVizaEBU+8f7jczR”,
organizationIdentifier: “1001”,
validationCode: “637083229228276296”
}
Response Example
Response
{
“LoginUsingExternalAuthenticationResult”: {
“ErrorMessage”: null,
“ResponseStatus”: “OK”,
“ID”: “53e0cc91-3d12-4873-9973-aaec126d864e”,
“LastMessageTimestamp”: 0,
“Organizations”: null,
“Token”: “AKJ7TYaL3eX2aUgIFlnCZf+IP6f/9Pg95e703Op4DpzhRrifUIMoQ8FVSN6SYFKi1WOtstisem84uBMbNu3o42zmT0WG1KXlKdaf3p7Sj/VNM/gzihq8IXZg=”,
“User”: {
“AuthenticationOption”: “NONE”,
“DefaultLanguage”: null,
“DynamicAccess”: [],
“EmailAddress”: “[email protected]“,
“FirstName”: “Joe”,
“IsApproved”: true,
“LastName”: “Lee”,
“LicenseType”: “PRO_LICENSE_TYPE”,
“Roles”: [],
“SelectedLanguage”: null,
“TenantID”: “1001”,
“ThumbnailPath”: “”,
“UserId”: “53e0cc91-3d12-4873-973-aaec126d864e”,
“maxVolumeSize”: 2,
“performFallbackToMail”: false,
“reloginOnDriveStart”: false
}
}
}
4. InvalidateUserSessions
Description:
Allows the external administrator to request user’s tokens invalidation.
This is useful in case a user changed his password on the external application.
Notifying Kenesto will force the user to re-login.
The token used for the call must belong to the organization administrator or to the parent organization administrator.
Request:
https://app.kenesto.com/Kenesto.Web.API/Access.svc/InvalidateUserSessions
Http Method: POST
Content-Type: application/json
Parameters:
| Name | Type | Required | Description |
| token | string | yes | Access session token (Organization Administrator). |
| username | string | yes | Username (email address) of the target user |
Example:
{
“token”:”MSm2dDAVJE0PyDFjo8HaCKP+I63lpJHjQDY00Xrx/6dtH2tfX2wv7qIlPMDA5dJLZIDwOei+Cqb4z1n13d+rIXCw7g6jBKohXwPDpo8QsCUoLxWIXrxK+XRdkMxEKZ7VhvDP8uMfdHZBTItoKM9L1skofzzlQz6ukziEwOUa6ZRvZwcQWTR+dkL=”,
“username”:”[email protected]”
}
Response
Response:
{
“InvalidateUserSessionsResult”: {
“ErrorMessage”: null,
“ResponseStatus”: “OK”
}
}
ResponseStatus – OK or FAILED