User APIs (2.0.0)

Download OpenAPI specification:Download

fabric Identity APIs to be used by all 3rd party developers to authenticate and obtain access tokens for building commerce applications that integrate with fabric APIs (like OMS, Offers etc.). Additionally user self service APIs are provided for userapp(s) developers to quickly build support for typical identity account operations like get/update login information, change password and forgot password flows.

Get user details

This API allows a logged in user to get his own details from the fabric Identity. The API is designed to return the details of the user whose bearer token is sent in the header.

Request
header Parameters
Authorization
required
string

Bearer token of the login in user

Example: Bearer <access token of the user>
Responses
200

User Identity Object

403

User is not allowed to perform the action

500

The request was received but an internal error occurred

get/users/self
Response samples
application/json
{
  • "id": "1234-1234-1234",
  • "status": "active",
  • "isStaffUserFederated": true,
  • "loginId": "sdsdf232ew-123asdaa-1231231",
  • "orgId": "123123-23wdd-123234",
  • "type": "staff",
  • "email": "test.user@foobar.com",
  • "primarycontact": "+1 650 333 4444",
  • "firstName": "Test",
  • "lastName": "User",
  • "meta": "meta",
  • "accounts": {
    },
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "deletedAt": "2019-08-24T14:15:22Z"
}

Update user details

This API allows a logged in user to update his own details in the fabric Identity. fabric Identity stores only the infromation that is necessary for user authentication functionality. The other customer details of the user like shipping and communication preferences are to be stored in the customer service APIs of fabric.

Request
header Parameters
Authorization
required
string

Bearer token of the login in user

Example: Bearer <access token of the user>
Request Body schema: application/json
loginId
string

User Login Id

email
string <email>

User Email Id

firstName
string

User First Name

lastName
string

User Last Name

primaryContact
string

User Primary Contact

Responses
200

User Identity Object

403

User is not allowed to perform the action

500

The request was received but an internal error occurred

put/users/self
Request samples
application/json
{
  • "loginId": "sdsdf232ew-123asdaa-1231231",
  • "email": "test.user@foobar.com",
  • "firstName": "Test",
  • "lastName": "Jr",
  • "primaryContact": "+1 650 333 4444"
}
Response samples
application/json
{
  • "id": "1231012312-312-31231asda",
  • "status": "active",
  • "orgId": "4ed1acc6-7799-4bee-856e-91f18ca77d7a",
  • "loginId": "testuser@gmail.com",
  • "isStaffUserFederated": true,
  • "type": "staff",
  • "email": "foo@bar.com",
  • "primaryContact": "+1 234 8992341234",
  • "firstName": "James",
  • "lastName": "Bond",
  • "meta": "meta",
  • "createdAt": "2022-03-10T09:20:19.000Z",
  • "updatedAt": "2022-03-10T09:27:42.000Z",
  • "deletedAt": "2022-03-10T09:20:19.000Z"
}

Change password

This API allows a logged in user to change his password (post login). This API is not applicable when the user has logged in or registered using a social login.

Request
header Parameters
x-site-context
required
string

Account id of requesting user

Example: {"account": "5f8eaeb7e639f70008b9f16b"}
Authorization
required
string

Bearer token of the login in user

Example: Bearer <access token of the user>
Request Body schema: application/json
oldPassword
string

Old password used by the user

newPassword
string

New password being set by the user

Responses
200

Response when the password gets successfully changed

403

User is not allowed to perform the action

500

The request was received but an internal error occurred

post/auth/self/password
Request samples
application/json
{
  • "oldPassword": "myoldPassword",
  • "newPassword": "mynewPassword"
}
Response samples
application/json
{
  • "code": "PASSWORD_CHANGED",
  • "message": "Password changed successfully."
}

Forgot password

This API allows the users to reset their password when they are unable to login. This API is not applicable when the user has logged in or registered using a social login.

Request
Request Body schema: application/json
loginId
string

Login id of the user whose ID should be reset

Responses
200

Successful response when the user reset link is sent to the registered email address.

500

The request was received but an internal error occurred

post/auth/forgot-password
Request samples
application/json
{
  • "loginId": "johndoe@fabric.inc"
}
Response samples
application/json
{
  • "success": "FORGOT_PASSWORD_INITIATED",
  • "message": "If user was found a reset link will be sent to the provided email"
}