API docs by Redocly

Thrill-ID API Documentation (0.1.26)

Download OpenAPI specification:

License: Proprietary

The API uses Bearer token security for its administrative endpoints which is retrieved from a successful call to /accounts/auth endpoint. This token is a JWT token and must be passed via the Authorization header.

Accounts

Authenticate an account and generate a JWT token which contains the accounts claims

If a trusted Service account is authenticated successfully, it will also receive the JWT secret in the response

Request Body schema: application/json
required
username
required
string
password
required
string

Responses

Request samples

Content type
application/json
{
  • "username": "string",
  • "password": "string"
}

Response samples

Content type
application/json
{
  • "token": "string",
  • "refresh_token": "string",
  • "secret": "string",
  • "access_to": {
    },
  • "properties": {
    },
  • "services": {
    }
}

Retrieve account details for the currently logged in account

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "username": "string",
  • "org_id": "string",
  • "unit_id": "string",
  • "permissions": [
    ],
  • "enabled": true,
  • "trusted": true,
  • "created_on": 0,
  • "last_logged_in": 0,
  • "pending_password_reset": true,
  • "access_to": {
    },
  • "oauth_provider_id": "string"
}

Change the password for the currently logged in account

Request Body schema: application/json
required
password
required
string
current
required
string

Responses

Request samples

Content type
application/json
{
  • "password": "string",
  • "current": "string"
}

Response samples

Content type
application/json
null

Start the forgot password flow for a specific account

If the account exists, a one-time-password (OTP) will be generated for the reset password request and an event is sent via pub sub. It is expected that this event will be used by another service to send an email

Request Body schema: application/json
required
username
required
string

Responses

Request samples

Content type
application/json
{
  • "username": "string"
}

Response samples

Content type
application/json
null

Completes a forgotten password flow by resetting the password if a valid OTP is provided

Request Body schema: application/json
required
username
required
string
otp
required
string
password
required
string

Responses

Request samples

Content type
application/json
{
  • "username": "string",
  • "otp": "string",
  • "password": "string"
}

Response samples

Content type
application/json
null

Refresh a valid JWT token

Request Body schema: application/json
required
token
required
string

Responses

Request samples

Content type
application/json
{
  • "token": "string"
}

Response samples

Content type
application/json
{
  • "token": "string",
  • "refresh_token": "string",
  • "secret": "string",
  • "access_to": {
    },
  • "properties": {
    },
  • "services": {
    }
}

Verify the valdity of a JWT token

Request Body schema: application/json
required
token
required
string

Responses

Request samples

Content type
application/json
{
  • "token": "string"
}

Response samples

Content type
application/json
null

Admin/Accounts

Get Account(s)

query Parameters
sort_field
required
string

Field to sort on

sort_direction
required
integer <int32>

Direction to sort in (1 = ASC, -1 = DESC)

page
required
integer <int32>

Page to retrieve

limit
required
integer <int32>

Number of items to retrieve

account_type
required
string

Type of account to filter on (User or Service)

account_ids
required
string

Comma separated list of accounts id's to filter for

org_id
required
string

Organisation ID to filter by

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Add an Account to the system

Request Body schema: application/json
required
account_type
required
string (AccountType)
Enum: "User" "SuperUser" "System" "Service" "Provider"
system_id
string or null
username
required
string
password
required
string
required
object (OrganisationUnit)
org_bound
boolean or null
required
Array of objects (Permission)
trusted
boolean or null
object or null

Responses

Request samples

Content type
application/json
{
  • "account_type": "User",
  • "system_id": "string",
  • "username": "string",
  • "password": "string",
  • "org_unit": {
    },
  • "org_bound": true,
  • "permissions": [
    ],
  • "trusted": true,
  • "contacts": {
    }
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "account_type": "User",
  • "system_id": "string",
  • "username": "string",
  • "password": "string",
  • "org_unit": {
    },
  • "org_bound": true,
  • "permissions": [
    ],
  • "enabled": true,
  • "trusted": true,
  • "created_on": 0,
  • "last_logged_in": 0,
  • "reset_password_otp": {
    },
  • "contacts": {
    },
  • "oauth_sub": "string",
  • "oauth_provider_id": "string"
}

Modify an Account in the system

Request Body schema: application/json
required
id
required
string
account_type
string or null
Enum: "User" "SuperUser" "System" "Service" "Provider"
username
string or null
password
string or null
object or null
Array of objects or null (Permission)
trusted
boolean or null
enabled
boolean or null
object or null
org_bound
boolean or null

Responses

Request samples

Content type
application/json
{
  • "id": "string",
  • "account_type": "User",
  • "username": "string",
  • "password": "string",
  • "org_unit": {
    },
  • "permissions": [
    ],
  • "trusted": true,
  • "enabled": true,
  • "contacts": {
    },
  • "org_bound": true
}

Response samples

Content type
application/json
null

Disable a specific account

path Parameters
account_id
required
string

The ID of the account to disable

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "account_type": "User",
  • "system_id": "string",
  • "username": "string",
  • "password": "string",
  • "org_unit": {
    },
  • "org_bound": true,
  • "permissions": [
    ],
  • "enabled": true,
  • "trusted": true,
  • "created_on": 0,
  • "last_logged_in": 0,
  • "reset_password_otp": {
    },
  • "contacts": {
    },
  • "oauth_sub": "string",
  • "oauth_provider_id": "string"
}

Enable a specific account

path Parameters
account_id
required
string

The ID of the account to enable

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "account_type": "User",
  • "system_id": "string",
  • "username": "string",
  • "password": "string",
  • "org_unit": {
    },
  • "org_bound": true,
  • "permissions": [
    ],
  • "enabled": true,
  • "trusted": true,
  • "created_on": 0,
  • "last_logged_in": 0,
  • "reset_password_otp": {
    },
  • "contacts": {
    },
  • "oauth_sub": "string",
  • "oauth_provider_id": "string"
}

Admin/OAuth

List Configured OAuth Provider Configs

query Parameters
search
string or null

Search by OAuth Provider Id

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Create a new OAuth Provider Config

Request Body schema: application/json
required
id
required
string

provider id used for FE decoration (eg. google, keycloak)

owner
required
string

org or org:brand owning the config data

client_id
required
string

client id as defined in the provider

client_secret
required
string

client secret as defined in the provider

issuer_url
required
string

oauth issuer url

token_url
required
string

oauth token exchange url

jwk_url
required
string

oauth jwk location for validating the user claims

redirect_url
required
string

oauth redirect url - https://{THRILLOFFICE-HOST}/oauth/callback

frontend_url
required
string

FE url to redirect after successful auth - https://{THRILLOFFICE-HOST}/backoffice/oauth

Responses

Request samples

Content type
application/json
{
  • "id": "string",
  • "owner": "string",
  • "client_id": "string",
  • "client_secret": "string",
  • "issuer_url": "string",
  • "token_url": "string",
  • "jwk_url": "string",
  • "redirect_url": "string",
  • "frontend_url": "string"
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "owner": "string",
  • "client_id": "string",
  • "client_secret": "string",
  • "issuer_url": "string",
  • "token_url": "string",
  • "jwk_url": "string",
  • "redirect_url": "string",
  • "frontend_url": "string",
  • "created": 0,
  • "updated": 0
}

Update OAuth Provider Config

path Parameters
provider_id
required
string

The ID of the OAuth Provider to update

Request Body schema: application/json
required
id
string or null
owner
string or null
client_id
string or null
client_secret
string or null
issuer_url
string or null
token_url
string or null
jwk_url
string or null
redirect_url
string or null
frontend_url
string or null

Responses

Request samples

Content type
application/json
{
  • "id": "string",
  • "owner": "string",
  • "client_id": "string",
  • "client_secret": "string",
  • "issuer_url": "string",
  • "token_url": "string",
  • "jwk_url": "string",
  • "redirect_url": "string",
  • "frontend_url": "string"
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "owner": "string",
  • "client_id": "string",
  • "client_secret": "string",
  • "issuer_url": "string",
  • "token_url": "string",
  • "jwk_url": "string",
  • "redirect_url": "string",
  • "frontend_url": "string",
  • "created": 0,
  • "updated": 0
}

Delete OAuth Provider Config

path Parameters
provider_id
required
string

The ID of the OAuth Provider to delete

Responses

Response samples

Content type
application/json
null

Admin/Organisations

Get all organisations

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Add a new organisation

Request Body schema: application/json
required
id
required
string

The identifier of the organisation. Must be unique

units
required
Array of strings

The organisation's units

name
string

Organisation descriptive name

parent_id
string or null

Organisation Parent

base_currency
string or null

Organisation Base Currency, if None then use parent.base_currency

Responses

Request samples

Content type
application/json
{
  • "id": "string",
  • "units": [
    ],
  • "name": "string",
  • "parent_id": "string",
  • "base_currency": "string"
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "name": "string",
  • "parent_id": "string",
  • "enabled": true,
  • "base_currency": "string",
  • "children": [
    ],
  • "created": 0,
  • "updated": 0,
  • "units": [
    ]
}

Fetch a specific organisation

path Parameters
org_id
required
string

ID of the organisation

Responses

Response samples

Content type
application/json
{
  • "id": "string",
  • "name": "string",
  • "parent_id": "string",
  • "enabled": true,
  • "base_currency": "string",
  • "children": [
    ],
  • "created": 0,
  • "updated": 0,
  • "units": [
    ]
}

Update a specific organisation

path Parameters
org_id
required
string

ID of the organisation to update

Request Body schema: application/json
required
units
Array of strings or null

The units of the organisation (must be the full list)

enabled
boolean or null

Flag indicating whether the organisation is enabled or not

name
string or null

Organisation descriptive name

parent_id
string or null

Organisation Parent

base_currency
string or null

Organisation Base Currency, if None then use parent.base_currency

Responses

Request samples

Content type
application/json
{
  • "units": [
    ],
  • "enabled": true,
  • "name": "string",
  • "parent_id": "string",
  • "base_currency": "string"
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "name": "string",
  • "parent_id": "string",
  • "enabled": true,
  • "base_currency": "string",
  • "children": [
    ],
  • "created": 0,
  • "updated": 0,
  • "units": [
    ]
}

enable_organisation

path Parameters
org_id
required
string

ID of the organisation to update

enable_flag
required
boolean

Enable flag (true / false)

Responses

Response samples

Content type
application/json
null

add_units

path Parameters
org_id
required
string

ID of the organisation to update

Request Body schema: application/json
required
Array
string

Responses

Request samples

Content type
application/json
[
  • "string"
]

Response samples

Content type
application/json
{
  • "succeeded": [
    ],
  • "failed": [
    ]
}

delete_units

path Parameters
org_id
required
string

ID of the organisation to update

Request Body schema: application/json
required
Array
string

Responses

Request samples

Content type
application/json
[
  • "string"
]

Response samples

Content type
application/json
{
  • "succeeded": [
    ],
  • "failed": [
    ]
}

Admin/Systems

Get Account(s)

query Parameters
id
required
string

System ID to filter by

name
required
string

System name to filter by

sort_field
required
string

Field to sort on

sort_direction
required
integer <int32>

Direction to sort in (1 = ASC, -1 = DESC)

page
required
integer <int32>

Page to retrieve

limit
required
integer <int32>

Number of items to retrieve

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Health

Service Health

Responses

Response samples

Content type
application/json
{
  • "version": "string"
}