search

Authentication

Manage authentication.

hashtag
Retrieve metadata.

get

Retrieve system metadata information. If the optional domain query parameter is specified, the relevant tenant metadata information will be returned together. System metadata:

  • web_domain

  • private_ipv4

  • public_ipv4

  • enable_ipv6

  • private_ipv6

  • public_ipv6

  • primary_dns_server

  • secondary_dns_server Tenant metadata:

  • name

  • domain

  • website

  • avatar_url

  • enable_ms365_integration

  • ms365_authorization_endpoint

Query parameters
domainstringOptional

Use the domain query parameter to retrieve just a subset of a collection.

Responses
chevron-right
200

OK

application/json
web_domainstringOptional

The web domain for PortSIP PBX

private_ipv4stringOptional

The private IPv4 of system.

public_ipv4stringOptional

The public IPv4 of system.

enable_ipv6booleanOptional

Indicates if IPv6 would be enabled.

Default: true
private_ipv6stringOptional

The private IPv6 of system.

public_ipv6stringOptional

The public IPv6 of system.

primary_dns_serverstringOptional

The primary DNS server.

secondary_dns_serverstringOptional

The secondary DNS server.

namestring · min: 1 · max: 1024Optional

The name of the tenant.

domainstring · min: 1 · max: 280Optional

The SIP domain of tenant.
It is usually a fully qualified domain name (FQDN). If there is no FQDN, you can also use the IP address of the PBX server as the SIP domain. The SIP domain name is only used for SIP message authentication and does not require analysis.

websitestring · max: 255Optional

The official website of tenant.

avatar_urlstringRead-onlyOptional

The relative path to file url for file downloading.

Example: /api/blobs/WexWdABcd5D4PDgzTKV3gAAAEu00WcK
enable_ms365_integrationbooleanOptional

Microsoft 365 SSO integration enabled or not.

ms365_authorization_endpointstringOptional

The Microsoft Identity Provider authorization endpoint for this tenant.

get
/info

hashtag
Sign in with credentials

post

Sign in with credentials

Query parameters
qrbooleanOptionalDefault: false
Body
usernamestring · min: 1 · max: 64Required

The user's account name.
Only letters, numbers, and the following special characters can be added: underscore, dash, single quote, and period (_, -, ', and .).
Username cannot start or end with period (.).
admin, system, administrator, and root are reserved names for system admin only with case ignored.

passwordstringRequired

The password of user.

domainstring · min: 1 · max: 280Optional

The SIP domain of tenant.
It is usually a fully qualified domain name (FQDN). If there is no FQDN, you can also use the IP address of the PBX server as the SIP domain. The SIP domain name is only used for SIP message authentication and does not require analysis.

Responses
chevron-right
200

OK

application/json
or
post
/auth/sign_in

hashtag
Sign in with social account

post

Sign in with social account

Path parameters
providerstringRequired

The name of IdP provider. Currently only supports microsoft.

Body
domainstring · min: 1 · max: 280Required

The SIP domain of tenant.
It is usually a fully qualified domain name (FQDN). If there is no FQDN, you can also use the IP address of the PBX server as the SIP domain. The SIP domain name is only used for SIP message authentication and does not require analysis.

callback_urlstringRequired

The callback url for authentication flow.

Responses
chevron-right
200

OK

application/json
urlstringOptional

The IdP authentication url.

post
/auth/sign_in/{provider}

hashtag
Sign out from system.

post

Sign out from system.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Responses
chevron-right
200

OK

No content
post
/auth/sign_out
No content

hashtag
Send OTP to email.

post

Request to send OTP to email.

Body
tokenstringRequired

The session token in authentication flow.

Responses
chevron-right
200

OK

No content
post
/auth/send_otp
No content

hashtag
Verify OTP from email.

post

Request to verify OTP from email.

Body
tokenstringRequired

The session token in authentication flow.

codestringRequired

The OTP code in authentication flow.

Responses
chevron-right
200

OK

No content
post
/auth/verify_otp
No content

hashtag
Initiate authentication forget password flow

post

Initiate authentication forget password flow.

Body
domainstring · min: 1 · max: 280Required

The SIP domain of tenant.
It is usually a fully qualified domain name (FQDN). If there is no FQDN, you can also use the IP address of the PBX server as the SIP domain. The SIP domain name is only used for SIP message authentication and does not require analysis.

usernamestring · min: 1 · max: 64Required

The user's account name.
Only letters, numbers, and the following special characters can be added: underscore, dash, single quote, and period (_, -, ', and .).
Username cannot start or end with period (.).
admin, system, administrator, and root are reserved names for system admin only with case ignored.

callback_urlstringRequired

The callback url for authentication flow.

Responses
chevron-right
200

OK

No content
post
/auth/forget_password
No content

hashtag
Reset password with session token.

post

Reset password with session token.

Body
tokenstringRequired

The session token in authentication flow.

new_passwordstringRequired

The password of user.

Responses
chevron-right
200

OK

No content
post
/auth/reset_password
No content

hashtag
Refresh the access token.

post

Refresh the access token.

Body
refresh_tokenstringRequired

The refresh token.

Responses
chevron-right
200

OK

application/json
token_typestringOptional

The token type.

access_tokenstringOptional

The access token.

refresh_tokenstringOptional

The refresh token.

expires_inintegerOptional

The access token expiration time in seconds.

post
/auth/refresh_token

hashtag
Get the authentication information of the logged-in user.

get

Get the authentication information of the logged-in user.

Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Responses
chevron-right
200

OK

application/json
rolestring · min: 1 · max: 64Optional

Roles include built-in roles and custom roles.
Built-in roles roles cannot be modified.
Also, the names of built-in roles are reserved words, custom roles are not allowed to use these names to avoid unnecessary confusion.
Built-in roles include:

  • SystemAdmin: the system administrator has almost all permissions.
  • Replicator: the application permissions collection.
  • Dealer: the sales manager has all sold tenant resource permissions
  • Admin: the admin has all tenant-wide resource permissions.
  • StandardUser: the user all user-wide resource permissions.
  • StandardInternationalUser: the user all user-wide resource permissions with international call permissions.
  • QueueManager: The call queue manager.
Example: User
password_verifiedbooleanOptional

Whether the user password has been verified.

Example: true
password_force_resetbooleanOptional

Whether to force reset the initial password.

Default: false
get
/auth/user

hashtag
Get login status of current session

get

Get login status of current session.

Responses
chevron-right
200

OK

application/json
access_tokenstringOptional

Access token to be passed as a header

Example: 4DFCF1D4C30B4D798ECE3AE43769F008.
expires_atstring · date_timeOptional

The expiration date of the access token in RFC 3339 format, for example, 2017-07-21T17:32:28Z. The RFC 3339 format is defined by RFC 3339, section 5.6

Example: 2017-07-21T17:32:28Z
expires_ininteger · int32Read-onlyOptional

The number of seconds that the access token will be valid.

Example: 1800
rolestring · min: 1 · max: 64Optional

Roles include built-in roles and custom roles.
Built-in roles roles cannot be modified.
Also, the names of built-in roles are reserved words, custom roles are not allowed to use these names to avoid unnecessary confusion.
Built-in roles include:

  • SystemAdmin: the system administrator has almost all permissions.
  • Replicator: the application permissions collection.
  • Dealer: the sales manager has all sold tenant resource permissions
  • Admin: the admin has all tenant-wide resource permissions.
  • StandardUser: the user all user-wide resource permissions.
  • StandardInternationalUser: the user all user-wide resource permissions with international call permissions.
  • QueueManager: The call queue manager.
Example: User
get
/login

hashtag
Login into system

post

Login with username and password.

Body
usernamestring · min: 1 · max: 64Required

The user's account name.
Only letters, numbers, and the following special characters can be added: underscore, dash, single quote, and period (_, -, ', and .).
Username cannot start or end with period (.).
admin, system, administrator, and root are reserved names for system admin only with case ignored.

passwordstringRequired

The password of user.

domainstring · min: 1 · max: 280Optional

The SIP domain of tenant.
It is usually a fully qualified domain name (FQDN). If there is no FQDN, you can also use the IP address of the PBX server as the SIP domain. The SIP domain name is only used for SIP message authentication and does not require analysis.

Responses
chevron-right
200

OK

No content
post
/login
No content

hashtag
login with Microsoft Identity Provider by Authorization Code Flow

post

login with Microsoft Identity Provider by Authorization Code Flow.

Body
domainstring · min: 1 · max: 280Required

The SIP domain of tenant.
It is usually a fully qualified domain name (FQDN). If there is no FQDN, you can also use the IP address of the PBX server as the SIP domain. The SIP domain name is only used for SIP message authentication and does not require analysis.

Responses
post
/login/by_microsoft
No content

hashtag
Log out from system

post

Logs out current session.

Responses
post
/logout
No content
PreviousUsersNextTenants

Last updated