REST - Logon

REST-Interface

PreLogin

Checks user/password including active instance. Gets all available datasources for current user.
URL
POST <application-url>/api/logon/prelogin

Query parameter

  • rememberMe possible: true, false default: false Remember the user on success (cookie + tempKey)
  • overwriteServerUrl Special option for webdev: possibility to overwrite the serverUrl of the datasource. Format: http://localhost:8080

Consumes

application/json
application/xml

com.matterial.mtr.api.object.Logon

Produces

application/json
application/xml

List<com.matterial.mtr.api.object.DataSource>

  • 200 OK
  • 401 UNAUTHORIZED

Permission
-

Sample
POST http://localhost:8080/mtr-backend/api/logon/prelogin


PreChangeInstance

Gets all available datasources for current user.
URL
PUT <application-url>/api/logon/prechangeinstance

Query parameter

  • overwriteServerUrl Special option for webdev: possibility to overwrite the serverUrl of the datasource. Format: http://localhost:8080

Produces

application/json
application/xml

List<com.matterial.mtr.api.object.DataSource>

  • 200 OK
  • 401 UNAUTHORIZED

Permission
Login

Sample
PUT http://localhost:8080/mtr-backend/api/logon/prechangeinstance


Redirect to LoginServer

Login after prelogin / preChangeInstance with instance-id.
This does only work after a preLogin- or preChangeInstance-call, because these prepare a LoginToken for the user.
URL
GET <application-url>/api/logon/login/<instanceId>

Produces

Permission
Login

Sample
GET http://localhost:8080/mtr-backend/api/logon/login/2


Login

Login with username / password.

Attention:
Won't work on multiserve-installation.
Use preLogin-api!

URL
POST <application-url>/api/logon

Query parameter

  • rememberMe possible: true, false default: false Remember the user on success (cookie + tempKey)

Consumes

application/json
application/xml

com.matterial.mtr.api.object.Logon

Produces

application/json
application/xml

com.matterial.mtr.api.object.LoginData

  • 200 OK
  • 401 UNAUTHORIZED

Permission
-

Sample
POST http://localhost:8080/mtr-backend/api/logon


Check username and password only

Only check user/password against database.
Returns true, if person with given credentials was found.
No active-instance-check.
URL
POST <application-url>/api/logon/check

Consumes

application/json
application/xml

com.matterial.mtr.api.object.Logon

Produces

text/plain

boolean - passwordOk

  • 200 OK
  • 401 UNAUTHORIZED

Permission
-

Sample
POST http://localhost:8080/mtr-backend/api/logon/check


Impersonate

Only allowed for "system"-account!
URL
POST <application-url>/api/logon/impersonate

Consumes

application/json
application/xml

com.matterial.mtr.api.object.Logon

Produces

application/json
application/xml

com.matterial.mtr.api.object.LoginData

  • 200 OK
  • 401 UNAUTHORIZED

Permission
ADMINISTRATE_ALL, systemAccountRequired

Sample
POST http://localhost:8080/mtr-backend/api/logon/impersonate


Change client

URL
PUT <application-url>/api/logon/client/<clientId>

Path parameter

  • clientId

Produces

application/json
application/xml

com.matterial.mtr.api.object.LoginData

  • 200 OK
  • 401 UNAUTHORIZED

Permission
Login

Sample
PUT http://localhost:8080/mtr-backend/api/logon/client/2


Change password

URL
PUT <application-url>/api/logon

Consumes

application/json
application/xml

com.matterial.mtr.api.object.PasswordContainer

Produces

application/json
application/xml

com.matterial.mtr.api.object.LoginData

  • 200 OK
  • 400 BAS REQUEST

Permission
Login, demoAccountForbidden

Sample
PUT http://localhost:8080/mtr-backend/api/logon


Logout

URL
DELETE <application-url>/api/logon

Produces

text/plain

Boolean - loggedOut

  • 200 OK
  • 500 INTERNAL_SERVER_ERROR

Permission
-

Sample
DELETE http://localhost:8080/mtr-backend/api/logon


Logout via GET

Logout from the current session and redirects to ui.
URL
GET <application-url>/api/logon/logout

Produces

text/plain

Boolean - loggedOut

Permission
Login

Sample
GET http://localhost:8080/mtr-backend/api/logon/logout


Is logged-in

Always results in HTTP-Status OK (200) with additional answer "true/false".
URL
GET <application-url>/api/logon

Produces

text/plain

Boolean - loggedIn

  • 200 OK

Permission
-

Sample
GET http://localhost:8080/mtr-backend/api/logon


Get LoginData

URL
GET <application-url>/api/logon/logindata

Produces

application/json
application/xml

com.matterial.mtr.api.object.LoginData

  • 200 OK
  • 401 UNAUTHORIZED

Permission
Login

Sample
GET http://localhost:8080/mtr-backend/api/logon/logindata


Activate DisableRightsCheck

Set disable rights check to true for this session and overwrites account-setting.
URL
PUT <application-url>/api/logon/disablerightscheck/activate

Produces

text/plain

Integer 1 on success

  • 200 OK

Permission
ADMINISTRATE_ALL, licenceRoleRequired

Sample
PUT http://localhost:8080/mtr-backend/api/logon/disablerightscheck/activate


Deactivate DisableRightsCheck

Set disable rights check to false for this session and overwrites account-setting.
URL
PUT <application-url>/api/logon/disablerightscheck/deactivate

Produces

text/plain

Integer 1 on success

  • 200 OK

Permission
ADMINISTRATE_ALL, licenceRoleRequired

Sample
PUT http://localhost:8080/mtr-backend/api/logon/disablerightscheck/deactivate


Rest DisableRightsCheck

Reset disable rights check for this session and reset to account-setting-value.
URL
PUT <application-url>/api/logon/disablerightscheck/reset

Produces

text/plain

Integer 1 on success

  • 200 OK

Permission
ADMINISTRATE_ALL, licenceRoleRequired

Sample
PUT http://localhost:8080/mtr-backend/api/logon/disablerightscheck/reset

×
Peter's Problem.