Getting Started

Entrust Identity as a Service (IDaaS) Administration API client provides integrations with the IDaaS Administration API.

info

Read the installation instructions before continuing.

Create an Administration API Application in IDaaS

Follow these steps to create an Administration API application:

1. Go to your IDaaS Admin portal and navigate to Security > Applications.
2. Click + and then select Administration API from the list of available applications.
3. In the General tab, enter the name and the description of your application.
4. Click Next.
5. In the Setup tab, give your application the role that has the permissions needed by your application.
6. Click Submit.
7. In the Complete tab, click Copy to copy the applicationId and sharedSecret credentials to your clipboard, or download the json file. You need these credentials to initialize the Administration API client. Example:

{
  "applicationId": "b0bd854d-a415-4de8-a511-66da772dd116",
  "hostname": "entrust.us.trustedauth.com",
  "sharedSecret": "HUsenKfwSnZ9rQENr8vXOwMVw4U9WpjM2NAqXTg0rUc"
}

tip

The hostname is the hostname of your IDaaS account and the schema is https. For example, if your IDaaS account is entrust.us.trustedauth.com, then the hostname is https://entrust.us.trustedauth.com.

Initialize the Administration API Client

In order the make the calls to the API, you need to initialize the Administration API client using the applicationId and sharedSecret you copied in step 7 above.

Java

import com.entrustdatacard.intellitrust.admin.ApiClient;
import com.entrustdatacard.intellitrust.admin.api.*;
import com.entrustdatacard.intellitrust.admin.model.*;

public class Main {
    private static final String SHARED_SECRET = "YOUR_SHARED_SECRET";
    private static final String HOST_NAME = "YOUR_HOST_NAME";
    private static final String APPLICATION_ID = "YOUR_APPLICATION_ID";

    public static void main(String[] args) throws Exception {
        ApiClient apiClient = new ApiClient();
        apiClient.setBasePath(HOST_NAME);

        AdminAuthApi adminAuthApi = new AdminAuthApi(apiClient);

        AdminApiAuthentication authParams = new AdminApiAuthentication()
                .applicationId(APPLICATION_ID)
                .sharedSecret(SHARED_SECRET);
        AdminApiAuthenticationResult authResult = adminAuthApi.authenticateAdminApiUsingPOST(authParams);


        apiClient.setApiKey(authResult.getAuthToken());
    }
}

CSharp

using com.entrustdatacard.intellitrust.admin.api;
using com.entrustdatacard.intellitrust.admin.Client;
using com.entrustdatacard.intellitrust.admin.model;

namespace Samples
{
  internal class AdminApiSample
  {
    private static readonly string SHARED_SECRET = "YOUR_SHARED_SECRET";
    private static readonly string HOST_NAME = "YOUR_HOST_NAME";
    private static readonly string APPLICATION_ID = "YOUR_APPLICATION_ID";

    public static void Main()
    {
        Configuration configuration = new Configuration();
        configuration.BasePath = HOST_NAME;
        AdminAuthApi adminAuthApi = new AdminAuthApi(configuration);

        var authParams = new AdminApiAuthentication(APPLICATION_ID, false, SHARED_SECRET);
        var authResult = adminAuthApi.AuthenticateAdminApiUsingPOST(authParams);
        configuration.AddApiKey("Authorization", authResult.AuthToken);
    }
}

Python

from IntelliTrust_Python_Administration import ApiClient, Configuration
import IntelliTrust_Python_Administration.api as apis
import IntelliTrust_Python_Administration.models as models

conf = Configuration(
    host = "YOUR_HOST_NAME",
)
with ApiClient(conf) as api_client:
    auth_api = apis.AdminAuthApi(api_client)
    auth_parms = models.AdminApiAuthentication(
        application_id = "YOUR_APPLICATION_ID",
        shared_secret = "YOUR_SHARED_SECRET",
    )
    auth_result = auth_api.authenticate_admin_api_using_post(auth_parms)

    api_client.set_default_header("Authorization", auth_result.auth_token)

Try some API Requests

After initializing the client, you can make calls to the Administration API. The following example fetches the list of paged users and prints the userId, firstName, lastName, and email of each user.

Java

UsersApi usersApi = new UsersApi(apiClient);
System.out.println("userId,firstName,lastName,email");
SearchParms searchParms = new SearchParms();
UsersPage usersPage = usersApi.usersPagedUsingPOST(searchParms);
while (true) {
    if (usersPage.getResults() != null) {
        for (User user : usersPage.getResults()) {
            System.out.println(user.getId() + "," + user.getFirstName() + "," + user.getLastName() + "," + user.getEmail());
        }
    }
    if (usersPage.getPaging() != null && usersPage.getPaging().getNextCursor() == null) {
        break;
    }
    searchParms.setCursor(usersPage.getPaging().getNextCursor());
    usersPage = usersApi.usersPagedUsingPOST(searchParms);
}

CSharp

var usersApi = new UsersApi(configuration);
Console.WriteLine("userId,firstName,lastName,email");
var searchParms = new SearchParms();
var usersPaged = usersApi.UsersPagedUsingPOST(searchParms);
while (true)
{
    if (usersPaged.Results != null)
    {
        foreach (var user in usersPaged.Results)
        {
            Console.WriteLine("{0},{1},{2},{3}", user.UserId, user.FirstName, user.LastName, user.Email);
        }
    }
    if (usersPaged.Paging == null || usersPaged.Paging != null && usersPaged.Paging.NextCursor == null)
    {
        break;
    }
    searchParms.Cursor = usersPaged?.Paging?.NextCursor;
    usersPaged = usersApi.UsersPagedUsingPOST(searchParms);
}

Python

users_api = apis.UsersApi(api_client)
print("userId,firstName,lastName,email")
order_by_attribute = models.OrderByAttribute(
    ascending = True,
    name = "userId",
)
search_parms = models.SearchParms()
users_page = users_api.users_paged_using_post(search_parms=search_parms)
while True:
    for user in users_page.results:
        print("{},{},{},{}".format(
            user.get("userId"),
            user.get("firstName"),
            user.get("lastName"),
            user.get("email"),
        ))
    if users_page['paging']['nextCursor'] == None:
        break
    search_parms['cursor'] = users_page['paging']['nextCursor']
    users_page = users_api.users_paged_using_post(search_parms)

Full Example Snippet

Java

package com.entrust.idaas.userValidate;

import com.entrustdatacard.intellitrust.admin.ApiClient;
import com.entrustdatacard.intellitrust.admin.api.AdminAuthApi;
import com.entrustdatacard.intellitrust.admin.api.UsersApi;
import com.entrustdatacard.intellitrust.admin.model.*;

public class UserValidate {
    private static final String SHARED_SECRET = "YOUR_SHARED_SECRET";
    private static final String HOST_NAME = "YOUR_HOST_NAME";
    private static final String APPLICATION_ID = "YOUR_APPLICATION_ID";

    public static void main(String[] args) throws Exception {
        ApiClient apiClient = new ApiClient();
        apiClient.setBasePath(HOST_NAME);

        AdminAuthApi adminAuthApi = new AdminAuthApi(apiClient);

        AdminApiAuthentication authParams = new AdminApiAuthentication()
                .applicationId(APPLICATION_ID)
                .sharedSecret(SHARED_SECRET);
        AdminApiAuthenticationResult authResult = adminAuthApi.authenticateAdminApiUsingPOST(authParams);


        apiClient.setApiKey(authResult.getAuthToken());

        UsersApi usersApi = new UsersApi(apiClient);
        System.out.println("userId,firstName,lastName,email");
        SearchParms searchParms = new SearchParms();
        UsersPage usersPage = usersApi.usersPagedUsingPOST(searchParms);
        while (true) {
            if (usersPage.getResults() != null) {
                for (User user : usersPage.getResults()) {
                    System.out.println(user.getId() + "," + user.getFirstName() + "," + user.getLastName() + "," + user.getEmail());
                }
            }
            if (usersPage.getPaging() != null && usersPage.getPaging().getNextCursor() == null) {
                break;
            }
            searchParms.setCursor(usersPage.getPaging().getNextCursor());
            usersPage = usersApi.usersPagedUsingPOST(searchParms);
        }
    }
}

CSharp

using com.entrustdatacard.intellitrust.admin.api;
using com.entrustdatacard.intellitrust.admin.Client;
using com.entrustdatacard.intellitrust.admin.model;

namespace Samples
{
  internal class AdminApiSample
  {
    private static readonly string SHARED_SECRET = "YOUR_SHARED_SECRET";
    private static readonly string HOST_NAME = "YOUR_HOST_NAME";
    private static readonly string APPLICATION_ID = "YOUR_APPLICATION_ID";

    public static void Main()
    {
        Configuration configuration = new Configuration();
        configuration.BasePath = HOST_NAME;
        AdminAuthApi adminAuthApi = new AdminAuthApi(configuration);

        var authParams = new AdminApiAuthentication(APPLICATION_ID, false, SHARED_SECRET);
        var authResult = adminAuthApi.AuthenticateAdminApiUsingPOST(authParams);
        configuration.AddApiKey("Authorization", authResult.AuthToken);

        var usersApi = new UsersApi(configuration);
        Console.WriteLine("userId,firstName,lastName,email");
        var searchParms = new SearchParms();
        var usersPaged = usersApi.UsersPagedUsingPOST(searchParms);
        while (true)
        {
            if (usersPaged.Results != null)
            {
                foreach (var user in usersPaged.Results)
                {
                    Console.WriteLine("{0},{1},{2},{3}", user.UserId, user.FirstName, user.LastName, user.Email);
                }
            }
            if (usersPaged.Paging == null || usersPaged.Paging != null && usersPaged.Paging.NextCursor == null)
            {
                break;
            }
            searchParms.Cursor = usersPaged?.Paging?.NextCursor;
            usersPaged = usersApi.UsersPagedUsingPOST(searchParms);
        }
    }
  }
}

Python

from IntelliTrust_Python_Administration import ApiClient, Configuration
import IntelliTrust_Python_Administration.api as apis
import IntelliTrust_Python_Administration.models as models

conf = Configuration(
    host = "YOUR_HOST_NAME",
)
with ApiClient(conf) as api_client:
    auth_api = apis.AdminAuthApi(api_client)
    auth_parms = models.AdminApiAuthentication(
        application_id = "YOUR_APPLICATION_ID",
        shared_secret = "YOUR_SHARED_SECRET",
    )
    auth_result = auth_api.authenticate_admin_api_using_post(auth_parms)

    api_client.set_default_header("Authorization", auth_result.auth_token)

    users_api = apis.UsersApi(api_client)
    print("userId,firstName,lastName,email")
    order_by_attribute = models.OrderByAttribute(
        ascending = True,
        name = "userId",
    )
    search_parms = models.SearchParms()
    users_page = users_api.users_paged_using_post(search_parms=search_parms)
    while True:
        for user in users_page.results:
            print("{},{},{},{}".format(
                user.get("userId"),
                user.get("firstName"),
                user.get("lastName"),
                user.get("email"),
            ))
        if users_page['paging']['nextCursor'] == None:
            break
        search_parms['cursor'] = users_page['paging']['nextCursor']
        users_page = users_api.users_paged_using_post(search_parms)

NOTE

The code samples above are provided for reference only. They are not intended to be used in production.

It is dangerous to store the shared secret as plain text in your code. You should use a secure storage tool to store the shared secret and retrieve it at runtime. In case of a security breach, you should regenerate the shared secret in your IDaaS Admin portal and update your application.

More Examples

For more examples, click here.