The Loginapp REST API provides REST end-points for end-users. It is intended to be used by:
- ●The Loginapp REST UI (login web browser application)
- ●Custom login web applications
- ●Mobile apps
- ●Other REST clients (e.g. banking offline tools).
Note that there is also a web UI (web browser application) for the Loginapp REST API. See 17.3. Loginapp REST UI for further information.
- ●This chapter is about the REST API only.
- ●See Loginapp REST API Reference for all available end-points and additional general information.
API Structure
The Loginapp REST API is roughly structured in the following parts:
- ●Public end-points (authentication, self-registration, and other self-services)
- ●Protected end-points (token self-management, user profile self-management, etc.)
- ●OAuth Authorization Server end-points (OAuth/OIDC related)
General information
When sending REST requests to the API, pay special attention to:
- ●Include a CSRF protection header (X-Same-Domain: 1)
- ●Add the correct content-type header (Content-Type: application/json)
In the general part of the REST API configuration (Loginapp >> REST Settings) make sure to review or change the following general settings (relevant for all services):
- ●Config Group Security Settings
- ●Config Group Advanced Settings