README
IAM SDK
Login
login(email: string, password: string, personaType?: PersonaType, partnerId?: string): Observable<string>
Login accepts an email and password to use to attempt to auth a user. If personaType
isn't specified, IAM will attempt to
auth the email and password combo against any of the associated personas. If personaType
and optionally partnerId
are
specified, IAM will auth against that persona specifically.
Logout
logout(): Observable<boolean>
Logout will clear the user's cookies on IAM's side. Returns true if successful.
SSO Login
ssoLogin(nextUrl: string, personaType: PersonaType, partnerId?: string): void
SSOLogin will redirect the user's browser to IAM's SSOLogin page. IAM handles all of the oauth google has in place for
getting a session using your gmail account (and the whitelabeling of the domain requesting access). Once IAM is done
handling those requests, IAM will then attempt to find the persona specified in this endpoint (the personaType
and
partnerId
combination). If IAM fails to find a persona, it will redirect to the nextUrl
with error
and status
query params indicating why it failed. If IAM is successful in finding the appropriate persona for the request, it
will redirect to the nextUrl
with a session_id
query param. You will then have to take this session_id
and set up
the user's session with it, in the same fashion you would have set up the session from the response of the Login
endpoint.
Get Subject By Session
getSubjectBySession(sessionId: string, personaType: PersonaType, partnerId?: string): Observable<BasePersona>
Specify the personaType
and optionally the partnerId
for the persona you'd like to retrieve using the sessionId
.
This endpoint returns a BasePersona
which is the base class that all Personas inherit. To gain access to the attributes
of a specific persona, you will need to cast the persona as the requested type.
import {BasePersona, PartnerPersona, PersonaType} from '@vendasta/core/iam'
this.iamClient.getSubjectBySession('...sessionId...', PersonaType.partner)
.map((persona: BasePersona) => persona as PartnerPersona)
.subscribe(...)
Get Logged In Subject
getLoggedInSubject(personaType: PersonaType, partnerId?: string): Observable<BasePersona>
Works identically to getSubjectBySession except it grabs the current session being served by the SessionService.
List Personas
listPersonas(sessionId: string, personaType?: PersonaType): Observable<BasePersona[]>
Given a sessionId
, listPersonas will find and return all available personas for the session. Optionally specify a
personaType
to filter the results by only that type of persona. List personas will return a list of all the personas
it found. This endpoint returns BasePersona
and thus they will need to be casted to their appropriate PersonaTypes to
gain access to the attributes.
import {BasePersona, PartnerPersona, PersonaType, SMBPersona} from '@vendasta/core/iam'
this.iamClient.listPersonas('...sessionId...')
.subscribe((personas: BasePersona[]) => {
for (const persona of personas) {
switch(persona.type) {
case PartnerType.partner:
const p: PartnerPersona = (persona as PartnerPersona);
...
break;
case PartnerType.smb:
const p: SMBPersona = (persona as SMBPersona);
...
break;
...
}
}
});
List Logged In Personas
listLoggedInPersonas(personaType?: PersonaType): Observable<BasePersona[]>
Works identically to listPersonas except it grabs the current session being served by the SessionService.
Get Token
getToken(): Observable<string>
Get token will refresh the 30 minute temporary session a user may have, returning the new sessionId
.
Get Multi Users
getMultiUsers(userIdentifiers: UserIdentifierInterface[]): Observable<User[]>
This function takes in an array of user identifiers and converts them (via API) into their respective Users that are stored in IAM. UserIdentifiers are an object containing one of the following:
userId - the user id of a user. This directly identifies the user in our system.
token - a token for a user signed by the platform. These tokens include: the session token from IAM (i.e. the session
part of the namespaced_session
UserIdentifier), as well as access token or identity tokens from SSO.
Deprecated identifiers: namespacedEmail - an email address scoped to a namespace. A namespace is the id of a partner. Prefer to use user id instead, to avoid handling emails and for a more stable user identifier namespacedSession - a session string scoped to a namespace. Use token instead, as sesson is valid token, and namespace is ignored.
List security logs
listSecurityLogs(userId: string, cursor?: string, pageSize?: number, actionId = ''): Observable<ListSecurityLogsResponse>
This function returns security logs for a userId passed in. This is a paged function, but the handling of paged information is left to the implementor (for now). Use the cursor to call this function again and retrieve a new observable of the response to your call.
List Users
listUsers(namespace: string, email?: string, cursor?: string, pageSize?: number): Observable<ListUsersResponse>
ListUsers returns users for a namespace passed in. This is a paged function, but the handling of paged information is left to the implementor (for now). An empty namespace will return users that exist outside of a namespace.