7.25. JSON REST Endpoints

The endpoints in this section document the REST-based JSON interfaces used for authentication and authorization.

/json/agents

Authorization: Supports the PassThroughAuthorizationFilter. No authorization logic is performed in the filter. Information is logged. The authorization logic is performed by the underlying identity services.

/json/authenticate

Authentication: Supports HTTP GET and POST methods. Can handle Integrated Windows Authentication.

Authorization: No filter.

/json/dashboard

Authorization: Supports the PassThroughAuthorizationFilter. No authorization logic is performed in the filter. Information is logged.

/json/groups

Authorization: Supports the PassThroughAuthorizationFilter. No authorization logic is performed in the filter. Information is logged. The authorization logic is performed by the underlying identity services.

/json/serverinfo

Authorization: Supports the PassThroughAuthorizationFilter. No authorization logic is performed in the filter. Information is logged. One sub-endpoint, /json/serverinfo/cookieDomains, supports HTTP GET.

/json/sessions

Authorization: Supports the SessionResourceAuthZFilter. Allows POST _action=logout for all users. Other functionality is limited to the administrative amadmin superuser.

/json/tokens

Authorization: Supports the AdminAuthorizationFilter. Access limited to the amadmin superuser.

/json/users

Authentication: Supports HTTP POST. Uses the _action query parameter with the following allowed values: register, confirm, forgotPassword, forgotPasswordReset.

Authorization: Supports the PassThroughAuthorizationFilter. No authorization logic is performed in the filter. Information is logged. The authorization logic is performed by the underlying identity services.