From fc2fa32382935c012e70a89e277fada8e0be1779 Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Mon, 7 Apr 2025 15:18:45 +0530 Subject: [PATCH 1/9] Create User Deactivation API doc --- .../governance/user-deactivation-api.md | 66 +++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100644 content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md diff --git a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md new file mode 100644 index 00000000000..4abcc72b8f4 --- /dev/null +++ b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md @@ -0,0 +1,66 @@ +--- +title: "User Deactivation API" +linktitle: "User Deactivation API" +url: /apidocs-mxsdk/apidocs/user-deactivation-api/ +type: swagger +description: "The User Deactivation API allows Mendix Admins to deactivate users within their company on the Mendix Platform." +restapi: true +weight: 112 +--- + +{{% alert color="warning" %}} +The User Deactivation API is available for Mendix Admins. +{{% /alert %}} + +## Introduction + +## Authentication{#authentication} + +Authentication for the User Identifiers API uses a personal access token (PAT). + +### Generating a PAT + +To generate a PAT, see the [Personal Access Tokens](/community-tools/mendix-profile/user-settings/#pat) section of *User Settings*. + +Select the following as **User Identifiers API** scopes: + +* `mx:mxid3:user-identifiers:uuid:read` – to obtain the user's UUIDs + +Store the generated value `{GENERATED_PAT}` somewhere safe so you can use it to authorize your User Identifiers API calls. + +### Using the PAT + +Each request must contain an `Authorization` header with the value `MxToken {GENERATED_PAT}`. Here is an example: + +```http +GET /api/user-identifiers/v1/uuids HTTP/1.1 +Authorization: MxToken 7LJE…vk +``` + +To authenticate calls when using the Open API specification below, click **Authorize** and use the value `MxToken {GENERATED_PAT}`. + +## Examples + +### Using the API to Retrieve User UUIDs + +{{% alert color="info" %}}Only Mendix Admins from the company have the authority to retrieve user UUIDs.{{% /alert %}} + +The following steps lead to retrieval of user's UUIDs of the email addresses provided in {emailAddresses}. + +1. Set up your authentication PAT. You must be a Mendix Admin. +1. Create a request body containing the email addresses under `emailAddresses`. For example, to get user UUIDs of `jane.doe@domain.tld` and `john.doe@domain.tld`, provide a body like this: + + ```json + { + "emailAddresses":[ + { "emailAddress":"jane.doe@domain.tld" }, + { "emailAddress":"john.doe@domain.tld" } + ] + } + ``` + +1. Call `GET /api/user-identifiers/v1/uuids` to get the UUIDs of the provided email addresses. + +## API Reference + +{{< swaggerui src="/openapi-spec/user-identifier-api.yaml" >}} From 25c915184a2d065abdb5f145d40dde4945eb7492 Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Mon, 7 Apr 2025 15:44:04 +0530 Subject: [PATCH 2/9] Add sections: Introduction and Authentication --- .../governance/user-deactivation-api.md | 24 +++++++++++++------ 1 file changed, 17 insertions(+), 7 deletions(-) diff --git a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md index 4abcc72b8f4..2798d52611b 100644 --- a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md +++ b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md @@ -14,31 +14,41 @@ The User Deactivation API is available for Mendix Admins. ## Introduction -## Authentication{#authentication} +The User Deactivation API allows Mendix admins to deactivate users within their company on the Mendix Platform. You can use this API to automate the Joiner, Mover, and Leaver (JML) processes. It can help manage access by revoking it for certain 'movers' and 'leavers' from the Mendix platform. Using this API may also help your company to contribute to compliance with its policies. -Authentication for the User Identifiers API uses a personal access token (PAT). +Note that this API only manages access to Mendix as a development platform. If you need to implement JML processes for end-users in your Mendix apps, it is recommended to add the [SCIM](/appstore/modules/scim/) module to your applications. + +Once you have deactivated users, they will no longer be able to log in to the Mendix platform or use the Mendix platform API with a Personal Access Token (PAT). + +As an alternative, you can use this API to deactivate platform users, instead of the deprecated User Management API. + +## Authentication + +Authentication for the User Deactivation API uses a personal access token (PAT). ### Generating a PAT To generate a PAT, see the [Personal Access Tokens](/community-tools/mendix-profile/user-settings/#pat) section of *User Settings*. -Select the following as **User Identifiers API** scopes: +Select the following as **User Deactivation API** scopes: -* `mx:mxid3:user-identifiers:uuid:read` – to obtain the user's UUIDs +* `mx:user-deactivation:write` – to deactivate users -Store the generated value `{GENERATED_PAT}` somewhere safe so you can use it to authorize your User Identifiers API calls. +Store the generated value `{GENERATED_PAT}` somewhere safe so you can use it to authorize your User Deactivation API. ### Using the PAT Each request must contain an `Authorization` header with the value `MxToken {GENERATED_PAT}`. Here is an example: ```http -GET /api/user-identifiers/v1/uuids HTTP/1.1 -Authorization: MxToken 7LJE…vk +PATCH /v1/platform-users/user-status/{uuid} HTTP/1.1 +Authorization: MxToken EKNJ…vk ``` To authenticate calls when using the Open API specification below, click **Authorize** and use the value `MxToken {GENERATED_PAT}`. +## Prerequisites + ## Examples ### Using the API to Retrieve User UUIDs From f53d9f21e0c0862632d3ae4ebd3c67d2903e7b47 Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Mon, 7 Apr 2025 16:41:45 +0530 Subject: [PATCH 3/9] Added the sections: prerequisites and example --- .../governance/user-deactivation-api.md | 22 ++++++++++--------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md index 2798d52611b..3fb2d757269 100644 --- a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md +++ b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md @@ -49,28 +49,30 @@ To authenticate calls when using the Open API specification below, click **Autho ## Prerequisites +You must have the UserID of the user you want to deactivate. Follow the steps below to retrieve the UUID of the user: + +1. The Mendix Administrator creates a Personal Access Token (PAT) via the Developer Portal, with the following scope: +`mx:mxid3:user-identifiers:uuid:read` +2. Invoke the User Identifier API to fetch the UUID based on the user's email address, using the PAT generated in the above step. + ## Examples -### Using the API to Retrieve User UUIDs +### Using the API to Deactivate User -{{% alert color="info" %}}Only Mendix Admins from the company have the authority to retrieve user UUIDs.{{% /alert %}} +{{% alert color="info" %}}Only Mendix Admins from the company have the authority to deactivate user.{{% /alert %}} -The following steps lead to retrieval of user's UUIDs of the email addresses provided in {emailAddresses}. +The following steps lead to deactivate the user based on UUID provided as in {UUID}: 1. Set up your authentication PAT. You must be a Mendix Admin. -1. Create a request body containing the email addresses under `emailAddresses`. For example, to get user UUIDs of `jane.doe@domain.tld` and `john.doe@domain.tld`, provide a body like this: +1. Create a request body containing the active status, provide a body like this: ```json { - "emailAddresses":[ - { "emailAddress":"jane.doe@domain.tld" }, - { "emailAddress":"john.doe@domain.tld" } - ] + "active" : false } ``` -1. Call `GET /api/user-identifiers/v1/uuids` to get the UUIDs of the provided email addresses. +1. Call `GET /v1/platform-users/user-status/{UUID}` to deactivate the User with the provided {UUID}. ## API Reference -{{< swaggerui src="/openapi-spec/user-identifier-api.yaml" >}} From 371dd984295f365bf10c8d0581c2108d12e250e0 Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Thu, 10 Apr 2025 12:03:32 +0530 Subject: [PATCH 4/9] Add yaml file --- .../governance/user-deactivation-api.md | 1 + .../openapi-spec/user-deactivation-api.yaml | 228 ++++++++++++++++++ 2 files changed, 229 insertions(+) create mode 100644 static/openapi-spec/user-deactivation-api.yaml diff --git a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md index 3fb2d757269..312544cc628 100644 --- a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md +++ b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md @@ -76,3 +76,4 @@ The following steps lead to deactivate the user based on UUID provided as in {UU ## API Reference +{{< swaggerui src="/openapi-spec/user-deactivation-api.yaml" >}} \ No newline at end of file diff --git a/static/openapi-spec/user-deactivation-api.yaml b/static/openapi-spec/user-deactivation-api.yaml new file mode 100644 index 00000000000..917a726f9dc --- /dev/null +++ b/static/openapi-spec/user-deactivation-api.yaml @@ -0,0 +1,228 @@ +openapi: 3.0.0 +info: + version: 1.0.0 + title: User Deactivation API + description: The API allows a Mendix Admin to deactivate user of company by providing UUID of the user. + termsOfService: 'https://www.mendix.com/terms-of-use/' + contact: + name: Mendix Support + url: 'https://support.mendix.com' + email: support@mendix.com +servers: + - url: 'https://users-status-api.home.mendix.com/v1' +paths: + '/platform-users/user-status/{uuid}': + patch: + tags: + - default + summary: User Deactivation API + description: This API deactivates user of the company based on the UUID provided as parameter + operationId: user-deactivation-api + parameters: + - name: uuid + in: path + description: UUID of the user + required: true + schema: + type: string + pattern: '^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$' + minLength: 36 + maxLength: 36 + example: c5f3afba-cc28-4f56-b922-1e606807bed4 + requestBody: + description: |- + Request payload containing the Active attribute. It should be false to deactivate the user + Note: The API only allows 'false' as value + content: + application/json: + schema: + $ref: '#/components/schemas/requestPayload' + examples: + requestPayload: + value: + active: false + responses: + '204': + description: No Content + '400': + description: Bad Request + content: + application/json: + schema: + oneOf: + - $ref: '#/components/schemas/error' + - $ref: '#/components/schemas/wrongPayloadResponse' + x-examples: + Example 1: + error: + message: The request data did not validate + detail: Request payload is invalid. + code: 400 + instance: 'urn:uuid:1266dcea-445b-4699-a1d4-36af114961c3' + examples: + payloadNotJSON: + value: + error: + code: '400' + message: 'Error parsing JSON. com.mendix.systemwideinterfaces.core.UserException: A problem occurred parsing attribute ''Active'' of object of type ''CompanyService.PatchUserRequest''. The value was ''fal''. This isn''t allowed by the schema.' + invalidPayload: + value: + error: + message: The request data did not validate + detail: Request payload is invalid. + code: 400 + instance: 'urn:uuid:d18fb790-05e7-4cd1-8f36-31326a894778' + '401': + description: Unauthorized + content: + application/json: + schema: + oneOf: + - $ref: '#/components/schemas/error' + - $ref: '#/components/schemas/patError' + examples: + invalidAccessToken: + value: + error: + message: Unauthorized + detail: Access token is non-existent or expired. + code: 401 + instance: 'urn:uuid:766f0ee2-e9a2-445b-bbc5-93dfdc5b5d22' + wrongPATtoken: + value: Supplied personal access token is invalid. + emptyToken: + value: + error: + message: Unauthorized + detail: No access token provided in the request. + code: 401 + instance: 'urn:uuid:6472756a-a65a-4a32-8ff7-372d5deef7f5' + '403': + description: Forbidden + content: + application/json: + schema: + $ref: '#/components/schemas/error' + examples: + requestorNotAdmin: + summary: 403 Forbidden wrong admin + value: + error: + message: Forbidden + detail: Requestor is not Mendix Admin for the company + code: 403 + instance: 'urn:uuid:0e5d5395-da05-4f27-86b3-cc5e559af5ab' + personDeactivatingHimself: + summary: 403 member Cannot deactivate Himself + value: + error: + message: Forbidden + detail: '{"status":403,"title":"Forbidden","detail":"Member cannot (de)active himself"}' + code: 403 + instance: 'urn:uuid:9d13b5a2-47be-495d-a4f8-321de86b7e47' + forbiddenScope: + value: + error: + message: Forbidden + detail: Access token does not include the required scope. + code: 403 + instance: 'urn:uuid:0cbe900c-6656-447d-8e51-54097cdfcd65' + '500': + description: Internal Server Error + content: + application/json: + schema: + $ref: '#/components/schemas/error' + examples: + InternalServerError: + value: + error: + message: Internal Server Error + detail: Internal Server error + code: 500 + instance: 'urn:uuid:dab1c9ba-1b2a-423a-8a56-4f627a571740' + '503': + description: Service Unavailable + content: + application/json: + schema: + type: object + properties: + message: + type: string + request_id: + type: string + x-examples: + Example 1: + message: failure to get a peer from the ring-balancer + request_id: 960c04249094f36ecf89252924e61571 + examples: + ServerUnavailable: + value: + message: failure to get a peer from the ring-balancer + request_id: 960c04249094f36ecf89252924e61571 + security: + - PersonalAccessToken: [] + servers: + - url: 'https://users-status-api.home.mendix.com/v1' + description: '' +tags: + - name: user-deactivation-api +components: + securitySchemes: + PersonalAccessToken: + type: apiKey + description: 'For more information about requesting and using a token see [Create a Personal Access Token with Warden](https://docs.mendix.com/developerportal/community-tools/warden).
The header must be set to `MxToken `' + name: Authorization + in: header + schemas: + requestPayload: + type: object + description: The payload format + properties: + active: + type: boolean + x-examples: + Example 1: + active: false + error: + type: object + properties: + error: + type: object + properties: + message: + type: string + detail: + type: string + code: + type: integer + instance: + type: string + x-examples: + Example 1: + error: + message: Unauthorized + detail: Access token is non-existent or expired. + code: 401 + instance: 'urn:uuid:766f0ee2-e9a2-445b-bbc5-93dfdc5b5d22' + wrongPayloadResponse: + type: object + properties: + error: + type: object + properties: + code: + type: string + message: + type: string + x-examples: + Example 1: + error: + code: '400' + message: 'Error parsing JSON. com.mendix.systemwideinterfaces.core.UserException: A problem occurred parsing attribute ''Active'' of object of type ''CompanyService.PatchUserRequest''. The value was ''fal''. This isn''t allowed by the schema.' + patError: + type: string + title: patError +security: + - PersonalAccessToken: [] From b684b758d29cd88a77c4a49400dc79c8cd0c0f99 Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Thu, 10 Apr 2025 16:16:23 +0530 Subject: [PATCH 5/9] corrections --- .../apidocs-mxsdk/apidocs/governance/user-deactivation-api.md | 2 +- static/openapi-spec/user-deactivation-api.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md index 312544cc628..e2fa245e701 100644 --- a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md +++ b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md @@ -72,7 +72,7 @@ The following steps lead to deactivate the user based on UUID provided as in {UU } ``` -1. Call `GET /v1/platform-users/user-status/{UUID}` to deactivate the User with the provided {UUID}. +1. Call `PATCH /v1/platform-users/user-status/{UUID}` to deactivate the User with the provided {UUID}. ## API Reference diff --git a/static/openapi-spec/user-deactivation-api.yaml b/static/openapi-spec/user-deactivation-api.yaml index 917a726f9dc..a633526db0d 100644 --- a/static/openapi-spec/user-deactivation-api.yaml +++ b/static/openapi-spec/user-deactivation-api.yaml @@ -14,7 +14,7 @@ paths: '/platform-users/user-status/{uuid}': patch: tags: - - default + - user-deactivation summary: User Deactivation API description: This API deactivates user of the company based on the UUID provided as parameter operationId: user-deactivation-api From 93a783a520511f07392d55d4a1ce296e0ce8458f Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Thu, 10 Apr 2025 16:30:39 +0530 Subject: [PATCH 6/9] Changing the tag --- static/openapi-spec/user-deactivation-api.yaml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/static/openapi-spec/user-deactivation-api.yaml b/static/openapi-spec/user-deactivation-api.yaml index a633526db0d..e31613d9ae4 100644 --- a/static/openapi-spec/user-deactivation-api.yaml +++ b/static/openapi-spec/user-deactivation-api.yaml @@ -14,8 +14,8 @@ paths: '/platform-users/user-status/{uuid}': patch: tags: - - user-deactivation - summary: User Deactivation API + - user-deactivation-api + summary: Deactivate the user based on UUID provided. description: This API deactivates user of the company based on the UUID provided as parameter operationId: user-deactivation-api parameters: @@ -166,8 +166,6 @@ paths: servers: - url: 'https://users-status-api.home.mendix.com/v1' description: '' -tags: - - name: user-deactivation-api components: securitySchemes: PersonalAccessToken: From 636b3d84125073bf666dc07167bf7fa3ffed9a44 Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Thu, 10 Apr 2025 16:40:51 +0530 Subject: [PATCH 7/9] small changes --- .../apidocs/governance/user-deactivation-api.md | 6 +++--- static/openapi-spec/user-deactivation-api.yaml | 10 +++++----- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md index e2fa245e701..1e4f8394815 100644 --- a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md +++ b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md @@ -59,12 +59,12 @@ You must have the UserID of the user you want to deactivate. Follow the steps be ### Using the API to Deactivate User -{{% alert color="info" %}}Only Mendix Admins from the company have the authority to deactivate user.{{% /alert %}} +{{% alert color="info" %}}Only Mendix Admins from the company have the authority to deactivate users.{{% /alert %}} -The following steps lead to deactivate the user based on UUID provided as in {UUID}: +The following steps lead to deactivating the user based on the UUID provided as in {UUID}: 1. Set up your authentication PAT. You must be a Mendix Admin. -1. Create a request body containing the active status, provide a body like this: +1. Create a request body containing the active status, and provide a body like this: ```json { diff --git a/static/openapi-spec/user-deactivation-api.yaml b/static/openapi-spec/user-deactivation-api.yaml index e31613d9ae4..d527c4d83fb 100644 --- a/static/openapi-spec/user-deactivation-api.yaml +++ b/static/openapi-spec/user-deactivation-api.yaml @@ -2,7 +2,7 @@ openapi: 3.0.0 info: version: 1.0.0 title: User Deactivation API - description: The API allows a Mendix Admin to deactivate user of company by providing UUID of the user. + description: The API allows a Mendix Admin to deactivate users of company by providing UUID of the users. termsOfService: 'https://www.mendix.com/terms-of-use/' contact: name: Mendix Support @@ -16,7 +16,7 @@ paths: tags: - user-deactivation-api summary: Deactivate the user based on UUID provided. - description: This API deactivates user of the company based on the UUID provided as parameter + description: This API deactivates users of the company based on the UUID provided as parameter. operationId: user-deactivation-api parameters: - name: uuid @@ -31,8 +31,8 @@ paths: example: c5f3afba-cc28-4f56-b922-1e606807bed4 requestBody: description: |- - Request payload containing the Active attribute. It should be false to deactivate the user - Note: The API only allows 'false' as value + Request payload containing the Active attribute. It should be false to deactivate the user. + Note: The API only allows 'false' as value. content: application/json: schema: @@ -64,7 +64,7 @@ paths: value: error: code: '400' - message: 'Error parsing JSON. com.mendix.systemwideinterfaces.core.UserException: A problem occurred parsing attribute ''Active'' of object of type ''CompanyService.PatchUserRequest''. The value was ''fal''. This isn''t allowed by the schema.' + message: 'Error parsing JSON. com.mendix.systemwideinterfaces.core.UserException: A problem occurred parsing attribute ''Active'' of the object of type ''CompanyService.PatchUserRequest''. The value was ''fal''. This isn''t allowed by the schema.' invalidPayload: value: error: From 8fa70b4411a4f4619125d26765c24964f7343ae9 Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Wed, 16 Apr 2025 17:07:21 +0530 Subject: [PATCH 8/9] Updates as per confluence draft --- .../apidocs/governance/user-deactivation-api.md | 6 +++--- .../apidocs-mxsdk/apidocs/governance/user-management-api.md | 2 ++ .../en/docs/community-tools/mendix-profile/user-settings.md | 1 + 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md index 1e4f8394815..a86234e27a5 100644 --- a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md +++ b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-deactivation-api.md @@ -14,7 +14,7 @@ The User Deactivation API is available for Mendix Admins. ## Introduction -The User Deactivation API allows Mendix admins to deactivate users within their company on the Mendix Platform. You can use this API to automate the Joiner, Mover, and Leaver (JML) processes. It can help manage access by revoking it for certain 'movers' and 'leavers' from the Mendix platform. Using this API may also help your company to contribute to compliance with its policies. +The User Deactivation API allows Mendix admins to deactivate users within their company on the Mendix Platform. You can use this API as part of your implementation of Joiner, Mover, and Leaver (JML) processes, for example, deactivation of users can be used to revoke access to the Mendix platform for certain 'movers' and for 'leavers'. In this way the API may help your company to comply with its access policies. Note that this API only manages access to Mendix as a development platform. If you need to implement JML processes for end-users in your Mendix apps, it is recommended to add the [SCIM](/appstore/modules/scim/) module to your applications. @@ -41,7 +41,7 @@ Store the generated value `{GENERATED_PAT}` somewhere safe so you can use it to Each request must contain an `Authorization` header with the value `MxToken {GENERATED_PAT}`. Here is an example: ```http -PATCH /v1/platform-users/user-status/{uuid} HTTP/1.1 +PATCH /v1/platform-users/{uuid} HTTP/1.1 Authorization: MxToken EKNJ…vk ``` @@ -72,7 +72,7 @@ The following steps lead to deactivating the user based on the UUID provided as } ``` -1. Call `PATCH /v1/platform-users/user-status/{UUID}` to deactivate the User with the provided {UUID}. +1. Call `PATCH /v1/platform-users/{UUID}` to deactivate the User with the provided {UUID}. ## API Reference diff --git a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-management-api.md b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-management-api.md index bed38e7a6de..ea7f29e5234 100644 --- a/content/en/docs/apidocs-mxsdk/apidocs/governance/user-management-api.md +++ b/content/en/docs/apidocs-mxsdk/apidocs/governance/user-management-api.md @@ -13,6 +13,8 @@ deprecated: true This API is deprecated. If you are currently using this API or intend to start using it, please look at, and contribute to [this idea in the Mendix Community](https://community.mendix.com/link/space/user-experience/ideas/3962). This will allow us to understand your use case and will help us to prioritize a new API that is fit for purpose. Alternatively, you can consider using the [Projects API](/apidocs-mxsdk/apidocs/projects-api/), which provides functionality to manage project memberships for platform users. Although it does not fully cover all kinds of platform users, it can still serve as a viable option for many use cases. Additionally, if you are using BYOIDP, you can restrict platform access to a designated group of users by creating a Mendix platform users group in your IdP. For more information, see [Set Up an SSO (BYOIDP)](/control-center/security/set-up-sso-byoidp/). + +You can also consider using the [User Deactivation API](/apidocs-mxsdk/apidocs/user-deactivation-api/) that allows Mendix admins to deactivate users within their company on the Mendix Platform. {{% /alert %}} The User Management API allows your company's user management systems to integrate with the Mendix Platform. Through this API, you can create and manage user accounts in your company. Additionally you can create and manage groups. In the Mendix Platform, you can define group policies for groups which grant access to your company's applications to their members. diff --git a/content/en/docs/community-tools/mendix-profile/user-settings.md b/content/en/docs/community-tools/mendix-profile/user-settings.md index e9059e3ba5c..16d319f8622 100644 --- a/content/en/docs/community-tools/mendix-profile/user-settings.md +++ b/content/en/docs/community-tools/mendix-profile/user-settings.md @@ -209,6 +209,7 @@ The following Mendix services support usage of PATs: * [Catalog API](/apidocs-mxsdk/apidocs/catalog-apis/) * [App Repository API](/apidocs-mxsdk/apidocs/app-repository-api/) * [Projects API](/apidocs-mxsdk/apidocs/projects-api/) +* [User Deactivation API](/apidocs-mxsdk/apidocs/user-deactivation-api/) #### Creating a PAT {#create-pat} From 290c074ec6d8e2f91227e832e6624a462e8d8738 Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Wed, 16 Apr 2025 17:48:04 +0530 Subject: [PATCH 9/9] updated the yaml file --- .../openapi-spec/user-deactivation-api.yaml | 52 ++++++------------- 1 file changed, 15 insertions(+), 37 deletions(-) diff --git a/static/openapi-spec/user-deactivation-api.yaml b/static/openapi-spec/user-deactivation-api.yaml index d527c4d83fb..3cae173b775 100644 --- a/static/openapi-spec/user-deactivation-api.yaml +++ b/static/openapi-spec/user-deactivation-api.yaml @@ -2,21 +2,21 @@ openapi: 3.0.0 info: version: 1.0.0 title: User Deactivation API - description: The API allows a Mendix Admin to deactivate users of company by providing UUID of the users. + description: The API allows a Mendix Admin to deactivate user of company by providing UUID of the user. termsOfService: 'https://www.mendix.com/terms-of-use/' contact: name: Mendix Support url: 'https://support.mendix.com' email: support@mendix.com servers: - - url: 'https://users-status-api.home.mendix.com/v1' + - url: 'https://users-status-api.home-test.mendix.com/v1' paths: - '/platform-users/user-status/{uuid}': + '/platform-users/{uuid}': patch: tags: - - user-deactivation-api - summary: Deactivate the user based on UUID provided. - description: This API deactivates users of the company based on the UUID provided as parameter. + - User Deactivation API + summary: Deactivate the user based on UUID provided + description: This API deactivates user of the company based on the UUID provided as parameter operationId: user-deactivation-api parameters: - name: uuid @@ -31,8 +31,8 @@ paths: example: c5f3afba-cc28-4f56-b922-1e606807bed4 requestBody: description: |- - Request payload containing the Active attribute. It should be false to deactivate the user. - Note: The API only allows 'false' as value. + Request payload containing the Active attribute. It should be false to deactivate the user + Note: The API only allows 'false' as value content: application/json: schema: @@ -49,22 +49,13 @@ paths: content: application/json: schema: - oneOf: - - $ref: '#/components/schemas/error' - - $ref: '#/components/schemas/wrongPayloadResponse' - x-examples: - Example 1: - error: - message: The request data did not validate - detail: Request payload is invalid. - code: 400 - instance: 'urn:uuid:1266dcea-445b-4699-a1d4-36af114961c3' + $ref: '#/components/schemas/error' examples: payloadNotJSON: value: error: - code: '400' - message: 'Error parsing JSON. com.mendix.systemwideinterfaces.core.UserException: A problem occurred parsing attribute ''Active'' of the object of type ''CompanyService.PatchUserRequest''. The value was ''fal''. This isn''t allowed by the schema.' + code: 400 + message: 'Error parsing JSON. com.mendix.systemwideinterfaces.core.UserException: A problem occurred parsing attribute ''Active'' of object of type ''CompanyService.PatchUserRequest''. The value was ''fal''. This isn''t allowed by the schema.' invalidPayload: value: error: @@ -150,7 +141,7 @@ paths: properties: message: type: string - request_id: + requestId: type: string x-examples: Example 1: @@ -164,7 +155,7 @@ paths: security: - PersonalAccessToken: [] servers: - - url: 'https://users-status-api.home.mendix.com/v1' + - url: 'https://users-status-api.home-test.mendix.com/v1' description: '' components: securitySchemes: @@ -204,23 +195,10 @@ components: detail: Access token is non-existent or expired. code: 401 instance: 'urn:uuid:766f0ee2-e9a2-445b-bbc5-93dfdc5b5d22' - wrongPayloadResponse: - type: object - properties: - error: - type: object - properties: - code: - type: string - message: - type: string - x-examples: - Example 1: - error: - code: '400' - message: 'Error parsing JSON. com.mendix.systemwideinterfaces.core.UserException: A problem occurred parsing attribute ''Active'' of object of type ''CompanyService.PatchUserRequest''. The value was ''fal''. This isn''t allowed by the schema.' patError: type: string title: patError + x-examples: + WrongPATToken: Supplied personal access token is invalid. security: - PersonalAccessToken: []