Users
Users in Contendo Server are explicitly defined and play a crucial role in authentication and access control. Every operation in Contendo Server must be performed by an authenticated user with the appropriate groups assigned.
User access and permissions are controlled through Access Control Lists (ACL). Read and/or write access for a user can be assigned directly to an object or via Groups.
While users may have direct ACL assignments, it is recommended that their permissions are derived from their group memberships. This approach ensures flexible and scalable access management, as modifying group memberships automatically adjusts user permissions across multiple objects.
Authentication
Users in Contendo Server can currently authenticate using Basic Authentication or an API key. Other authentication mechanisms will be available in the future.
Basic Authentication
Basic Authentication requires providing the username and password in the request headers using the standard HTTP
Authorization header with the Basic scheme.
Example Request:
curl -X 'GET' -k
'{REPOSITORY_URL}/root/Animals/Dogs/Rex?cmisselector=object' \
-H 'Authorization: Basic {BASE64_ENCODED_CREDENTIALS}'
Replace {BASE64_ENCODED_CREDENTIALS} with the base64-encoded username:password string.
API Key Authentication
API key authentication is primarily for demo purposes. An API key can be obtained here.
Example Request:
curl -X 'GET' -k
'{REPOSITORY_URL}/root/Animals/Dogs/Rex?cmisselector=object' \
-H 'X-API-KEY: {API_KEY}'
User Management Operations
| Name | Description |
|---|---|
| Create User | Creates a new user in the domain. |
| Retrieve All Users | Retrieves the list of all users in the domain. |
| Disable User | Disables a user, preventing them from performing any operations. |
| Enable User | Enables a previously disabled user. |
| Update Password | Updates the password for a user. |
Create User
Creates a new user in the domain.
Request Format
- Operation:
createUser - HTTP method:
POST - Content-Type:
application/json,multipart/form-data
Parameters
| Name | Required | Description |
|---|---|---|
username |
Yes | Username of the new user |
password |
Yes | Password for the user |
confirmedPassword |
Yes | Must match the provided password |
Example Request:
curl -X 'POST'
'{DOMAIN_URL}' \
-H 'Content-Type: application/json' \
-d '{
"operation": "createUser",
"username": "john_doe",
"password": "secure_password",
"confirmedPassword": "secure_password"
}'
Response Format
- No response body.
Retrieve All Users
Retrieves the list of all users in the domain.
Request Format
- Operation:
users - HTTP method:
GET
Example Request:
curl -X 'GET'
'{DOMAIN_URL}?operation=users'
Response Format
- Content-Type:
application/json - Response body: Array of user objects. Each user object has these fields:
| Name | Type | Description |
|---|---|---|
username |
string | The username of the user |
enabled |
boolean | Whether the user is enabled |
createdOn |
datetime | Timestamp of user creation (ms) |
Example Response:
[
{
"username": "john_doe",
"enabled": true,
"createdOn": 1742285736000
}
]
Disable User
Disables a user - a disabled user can't perform any operations.
Request Format
- Operation:
disableUser - HTTP method:
POST - Content-Type:
application/json
Parameters
| Name | Required | Description |
|---|---|---|
username |
Yes | Username of the user to disable |
Example Request:
curl -X 'POST'
'{DOMAIN_URL}' \
-H 'Content-Type: application/json' \
-d '{
"operation": "disableUser",
"username": "john_doe"
}'
Response Format
- No response body.
Enable User
Enables a previously disabled user.
Request Format
- Operation:
enableUser - HTTP method:
POST - Content-Type:
application/json
Parameters
| Name | Required | Description |
|---|---|---|
username |
Yes | Username to enable |
Example Request:
curl -X 'POST'
'{DOMAIN_URL}' \
-H 'Content-Type: application/json' \
-d '{
"operation": "enableUser",
"username": "john_doe"
}'
Response Format
- No response body.
Update Password
Updates the password for a user.
Request Format
- Operation:
updatePassword - HTTP method:
POST - Content-Type:
application/json
Parameters
| Name | Required | Description |
|---|---|---|
username |
No | Username of the user whose password should be updated (if empty, updates the authenticated user's password) |
password |
Yes | New password for the user |
confirmedPassword |
Yes | Must match the new password |
Example Request:
curl -X 'POST'
'{DOMAIN_URL}' \
-H 'Content-Type: application/json' \
-d '{
"operation": "updatePassword",
"username": "john_doe",
"password": "new_secure_password",
"confirmedPassword": "new_secure_password"
}'
Response Format
- No response body.