User management

OneSpan Cloud Authentication supports the API-based administration of user management tasks. You can administrate users through the user-management interface of the OneSpan Trusted Identity platform APIClosed Provides the endpoints that are required for the successful completion of the operations..

User management tasks

The user-management interface validates and returns the status of each operation upon completion. The interface handles the administration tasks with the relevant request endpoints and methods.

Supported user management requests
Operation Description Request endpoint
Create user  

PUT /users/{userID@domain}

View user View a specific user.

GET /users/{userID@domain}

Update user Update user details (e.g. email address, mobile phone number, MDCClosed Service that accepts one-time password (OTP) notifications and other messages from the authentication component. MDC interfaces with SMS, email, or push notification gateways to relay those messages to a user’s mobile device or email address. profile).

PATCH /users/{userID@domain}

Delete user Delete a user.

DELETE /users/{userID@domain}

Set user password Set the password for a user.

PATCH /users/{userID@domain}

Reset user password Reset the password for a user.

POST /users/{userID@domain}/reset-password

Unlock user Unlock a user.

POST /users/{userID@domain}/unlock

Query users Retrieve all users that match certain query criteria (e.g. user, domain, locked status).

GET /users

Enable/disable user Enable and disable a user.

PATCH /users/{userID@domain}

Set Virtual Mobile Authenticator delivery method Set user-specific Virtual Mobile AuthenticatorClosed A mechanism where an OTP is generated and sent to the user's mobile phone or email account. In this case, a physical authenticator is not needed. delivery method (the delivery method for Virtual Mobile Authenticator messages).

PATCH /users/{userID@domain}

Set Message Delivery Component (MDC) profile Set a user-specific Message Delivery Component (MDC)Closed Service that accepts one-time password (OTP) notifications and other messages from the authentication component. MDC interfaces with SMS, email, or push notification gateways to relay those messages to a user’s mobile device or email address. profile (i.e. the MDC profile to be used for Push NotificationClosed Message that is pushed from a server to a user and is displayed on an end-user device, e.g. a mobile device. Push notifications are received by a particular app. This must be registered on the corresponding server to receive notifications. Notifications can be sent at any time, the users do not have to be actively using the app at that time. messages).

PATCH /users/{userID@domain}

User import

You can import users with a user import file. This task is not API-based but is done via the Administration Web Interface of the Authentication component.