Authentication provider type (REST)

Authentication Provider Types are types of authentication flows that the system can be configured to allow users to authenticate. Authentication Provider Types cannot be added or removed from a system, but they can be enabled or disabled.

The OAuth2 Client Manager service allows you to interact with OAuth2 Clients from browser-based and cross-platform applications. The service provides the same set of operations as the .NET interface.

The IAuthProviderTypeManager service allows you to interact with authentication provider types from browser-based and cross-platform applications. The service provides the same set of operations as the .NET interface. For more information, see Authentication provider type (.NET) .

This page contains the following information:

Authentication provider type fundamentals

Before programmatically interacting with authentication provider types, familiarize yourself with the Relativity authentication provider user interface and review the information in the RelativityOne Documentation site.

The URLs for REST endpoints contain path parameters that you need to set before making a call:

  • Set the {versionNumber} placeholder to the version of the REST API that you want to use, using the format lowercase v and the version number, for example v1 or v2
  • Set other path parameters in the URLs to the Artifact ID of a given entity, for example setting {workspaceID} to the Artifact ID of a workspace.

    • Note: To indicate the admin-level context, set the {workspaceID} path parameter to -1.

Use these addtional guidelines when working with authentication providers:

  • Contracts and data models related to the API are contained in the Relativity.Identity.SDK NuGet package.
  • Wrap the IAuthProviderTypeManager interface proxy in a using block.

Read an authentication provider type

To read an authentication provider type, send a GET request to the following Auth Provider Type Manager service URL:

<host>/Relativity.REST/api/Relativity-Identity/{versionNumber}/auth-provider-types/{providerTypeName}

There is no request body.

The response contains the following fields for AuthProviderType:

  • Name (string) - name of the protocol.
  • IsEnabled (boolean) - whether the authentication provider type is enabled (true or false).
  • Type (Protocol Type enum) - protocol type where user enters credentials.
    • Local - a protocol type where the user will enter credentials on the login page.
    • External - a protocol type where the user is authenticated with an external identity provider.
  • Description (string) - description of the protocol.
{
   "Name":"Password",
   "Type":"Local",
   "Description":"Authenticate using an e-mail address and a password.",
   "IsEnabled":true
}

Read all authentication provider types

To read all available authentication provider types, send a GET request to the following Auth Provider Type Manager service URL:

<host>/Relativity.REST/api/Relativity-Identity/{versionNumber}/auth-provider-types

The response contains the following fields for AuthProviderType:

  • Name (string) - name of the protocol.
  • IsEnabled (boolean) - whether the authentication provider type is enabled (true or false).
  • Type (Protocol Type enum) - protocol type where user enters credentials.
    • Local - a protocol type where the user will enter credentials on the login page.
    • External - a protocol type where the user is authenticated with an external identity provider.
  • Description (string) - description of the protocol.
[
   {
      "Name":"Password",
      "Type":"Local",
      "Description":"Authenticate using an e-mail address and a password.",
      "IsEnabled":true
   },
   {
      "Name":"Integrated Authentication",
      "Type":"External",
      "Description":"Authenticate using integrated Kerberos / NTLM.",
      "IsEnabled":true
   },
   {
      "Name":"Active Directory",
      "Type":"Local",
      "Description":"Authenticate using an e-mail address and an Active Directory password.",
      "IsEnabled":true
   }
]

Update an authentication provider type

To enable/disable an authentication provider type, send a POST request to the following Auth Provider Type Manager service URL:

<host>/Relativity.REST/api/Relativity-Identity/{versionNumber}/auth-provider-types

The request must contain the following fields:

  • name - name of the protocol (string).
  • isEnabled - whether to enable or disable authentication provider type (true or false).

The following is a sample JSON request payload for disabling a password authentication type:

{
   "name":"RSA",
   "isEnabled":false
}

The method returns the following values:

  • 200 - Update successful
  • 400 - Update failed