

Visit Relativity Learning to explore additional learning opportunities for this topic.
Last date modified: July 07 2025
The login profile defines how an individual user logs into Relativity by setting user-specific options for each provider in the authentication profile. Each entry in the user's login profile corresponds to a matching entry in the environment's authentication profile, such as Provider in the environment for Password, Integrated Authentication, Active Directory, RSA, and Client Certificate.
The Login Profile Manager service is used to configure authentication profiles and user login profiles.
You can also use the Login Profile Manager service through .NET. For more information, see Login Profile Manager (.NET).
Review the following guidelines for working with this service.
The URLs for REST endpoints contain path parameters that you need to set before making a call:
See Login Profile Manager (.NET) for more information.
To retrieve the global authentication profile, send a GET request with a URL in the following format:
1
<host>/Relativity.REST/api/Relativity-Identity/{versionNumber}/auth-profile/global
The request body is empty.
The response contains the following fields:
The value of this setting is added to the work factor for the Relativity environment. Set this value to zero to use the default work factor for the Relativity environment. In most cases, this value is sufficient.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
{
"ID":1,
"IsGlobal":true,
"Description":"Global Authentication Profile",
"Password":{
"Name":"Default Password Provider",
"IsEnabled":true,
"MinimumPasswordLength":8,
"MaximumPasswordLength":50,
"MaximumPasswordAgeInDaysDefaultValue":0,
"UsersCanChangePasswordDefaultValue":true,
"AdminsCanSetPassword":true,
"AllowEmailPasswordRecovery":false,
"PasswordRecoveryRequestLimit":10,
"MaximumPasswordHistory":5,
"MaximumInvalidLoginAttempts":10,
"AdditionalWorkFactor":0
},
"IntegratedAuthentication":{
"Name":"Default Integrated Authentication Provider",
"IsEnabled":true
},
"ActiveDirectory":{
"Name":"Default Active Directory Provider",
"IsEnabled":true
},
"ClientCertificate":{
"Name":"Default Smart Card Provider",
"Description":"",
"IsEnabled":true,
"DisplayOnLoginPage":false,
"Caption":""
},
"RSA":{
"Name":"Default RSA Provider",
"IsEnabled":true
},
"OpenIDConnectProviders":[
],
"SAML2Providers":[
]
}
To update an authentication profile, send a PUT with a URL in the following format:
1
<host>/Relativity.REST/api/Relativity-Identity/{versionNumber}/auth-profile
The request for an update operation contains the same fields as a response for a create operation. See the descriptions in View field descriptions for a response.
This sample request illustrates how to update each provider type. The response contains a profile object with the following fields:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
{
"profile":{
"ID":1,
"IsGlobal":true,
"Description":"Global Authentication Profile",
"Password":{
"Name":"Default Password Provider",
"IsEnabled":true,
"MinimumPasswordLength":8,
"MaximumPasswordLength":50,
"MaximumPasswordAgeInDaysDefaultValue":0,
"UsersCanChangePasswordDefaultValue":true,
"AdminsCanSetPassword":true,
"AllowEmailPasswordRecovery":false,
"PasswordRecoveryRequestLimit":10,
"MaximumPasswordHistory":5,
"MaximumInvalidLoginAttempts":10,
"AdditionalWorkFactor":0
},
"IntegratedAuthentication":{
"Name":"Default Integrated Authentication Provider",
"IsEnabled":true
},
"ActiveDirectory":{
"Name":"Default Active Directory Provider",
"IsEnabled":true
},
"ClientCertificate":{
"Name":"Default Smart Card Provider",
"Description":"",
"IsEnabled":true,
"DisplayOnLoginPage":false,
"Caption":""
},
"RSA":{
"Name":"Default RSA Provider",
"IsEnabled":true
},
"OpenIDConnectProviders":[
],
"SAML2Providers":[
]
}
}
When the profile is successfully updated, the response returns the status code of 200. For more information, see HTTP status codes in Relativity REST APIs.
To get a login profile for a user, send a GET request with a URL in the following format:
1
<host>/Relativity.REST/api/Relativity-Identity/{versionNumber}/users/{userID:int}/login-profile
The request body is empty.
The response contains the following fields:
For examples of additional providers, see View field descriptions for a response.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
{
"UserID":9,
"Password":{
"Email":"relativity.admin@kcura.com",
"InvalidLoginAttempts":0,
"IsEnabled":true,
"MustResetPasswordOnNextLogin":false,
"UserCanChangePassword":true,
"PasswordExpirationInDays":0,
"PasswordExpires":"9999-12-31T23:59:59.9999999",
"TwoFactorMode":"None"
},
"OpenIDConnectMethods":[
],
"SAML2Methods":[
]
}
To update a user's profile, send a POST request with a URL in the following format:
1
<host>/Relativity.REST/api/Relativity-Identity/{versionNumber}/users/{userID:int}/login-profile
The request contains a profile object with the same fields as the following fields:
For examples of additional providers, see View field descriptions for a response.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
{
"profile":{
"UserID":9,
"Password":{
"Email":"relativity.admin@kcura.com",
"InvalidLoginAttempts":0,
"IsEnabled":true,
"MustResetPasswordOnNextLogin":false,
"UserCanChangePassword":true,
"PasswordExpirationInDays":0,
"PasswordExpires":"9999-12-31T23:59:59.9999999",
"TwoFactorMode":"None"
},
"OpenIDConnectMethods":[
],
"SAML2Methods":[
]
}
}
When the profile is successfully updated, the response returns the status code of 200. For more information, see HTTP status codes in Relativity REST APIs.
The Login Profile Manager service has helper endpoints that you can use to send invitations to newly-created users to log in to Relativity and set their passwords.
Before sending invitation emails, you can determine whether the users can be invited. Send a POST request with a URL in the following format:
1
<host>/Relativity.REST/api/Relativity-Identity/{versionNumber}/users/bulk-invitation/verify
The request must include an array of the Artifact IDs for users .
1
2
3
4
5
6
{
"userIDList":[
"102010",
"12313123"
]
}
The response contains any validation errors:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
{
"Success":false,
"Errors":[
{
"UserID":102010,
"Exception":"SMTP server not running, verify smtp settings",
"StatusCode":422
},
{
"UserID":12313123,
"Exception":"SMTP server not running, verify smtp settings",
"StatusCode":422
}
]
}
To send an invitation email, issue a POST request with a URL in the following format:
1
<host>/Relativity.REST/api/Relativity-Identity/{versionNumber}/users/{userID:int}/invitation
The request body is empty.
When the invitation is successfully sent, the response returns the status code of 200. For more information, see HTTP status codes in Relativity REST APIs.
To send invitations to multiple users, send a POST request with a URL in the following format:
1
<host>Relativity.REST/api/Relativity-Identity/{versionNumber}/users/bulk-invitation
The request must contain an array of the Artifact IDs for the users who should receive the invitations:
1
2
3
4
5
6
{
"userIDList":[
"102010",
"12313123"
]
}
If any of the invitations fail to be sent, the response returns the Success flag with the value of false, and the errors for specific users:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
{
"Success":false,
"Errors":[
{
"UserID":102010,
"Exception":"SMTP server not running, verify smtp settings",
"StatusCode":422
},
{
"UserID":12313123,
"Exception":"SMTP server not running, verify smtp settings",
"StatusCode":422
}
]
}
If all invitations are successfully sent, the response does not contain any errors:
1
2
3
4
{
"Success": true,
"Errors": []
}
To set the user's password, send a PUT request with a URL in the following format:
1
<host>/Relativity.REST/api/Relativity-Identity/{versionNumber}/users/{userID:int}/login-profile/set/password
The request body must include a string value for the password:
1
2
3
{
"password":"newpassword"
}
When the password is successfully set, the response returns the status code of 200. For more information, see HTTP status codes in Relativity REST APIs.
To set the authenticator secret, send a DELETE request with a URL in the following format:
1
<host>/Relativity.REST/api/Relativity-Identity/{versionNumber}/users/{userID:int}/login-method/{loginMethodID:int}/two-factor-application
The request must contain a value for the login method ID:
1
2
3
{
"loginMethodID":1010121
}
When the secret is successfully reset, the response returns the status code of 200. For more information, see HTTP status codes in Relativity REST APIs.
Why was this not helpful?
Check one that applies.
Thank you for your feedback.
Want to tell us more?
Great!
Additional Resources |
|||
DevHelp Community | GitHub | Release Notes | NuGet |