REST API service overview

The following tables give a quick overview of the available services and their configuration entry points.

For an up-to-date and complete list of services, please refer to the REST API specification: Loginapp REST API Reference.

Public services

The following services are publicly accessible, i.e., to unauthenticated users or clients.

Service

Description

Configuration Path in Config Editor

Authentication API

REST API to authenticate users. See Authentication REST API.

Loginapp >> Authentication Flows

User Registration Self-Service

Allows users to register themselves. May involve a channel verification step (e.g. email). 

There are two types of self-registration REST API:

Loginapp >> Self-Registration Flows

  • Legacy interface
    An old interface not based on flows. Use this only if you have existing REST clients tailored to this interface.

This API has been deprecated.

Loginapp >> REST Settings >> User Self-Service Settings >> Self-Registration Configuration (Legacy)

Public Self-Services

Flow-based public self-services such as password reset or unlock self-services.

Note that there are legacy interfaces for:

  • Flow-based password reset
  • Non-flow-based password reset (deprecated).

Loginapp >> Public Self-Service Flows

Password Policy Check

Validates passwords against the configured password policy.

Loginapp >> REST Settings >> User Self-Service Settings >> Password Settings
Loginapp >> REST Settings >> User Self-Service Settings >> Enable Password Policy Check

Maintenance Messages

Returns currently valid maintenance message(s) for the provided locations.

Loginapp >> REST Settings >> Maintenance Message Settings

Tech-Client Registration

Service to register OAuth2 Clients.

Loginapp >> REST Settings >> Technical Client Registration

Protected services

The following services are protected, i.e., only accessible by authenticated users or clients with the required access rights.

Service

Description

Configuration Path in Config Editor

Password change

Voluntary password change self-service.

Loginapp >> Protected Self-services >> Protected Self-Service Flows >> using a flow with the Password Change Self Service Step

Airlock 2FA self-services

Self-management of Airlock 2FA tokens.

Loginapp >> Protected Self-services >> Airlock 2FA Device List

Loginapp >> Protected Self-services >> Protected Self-Services Flows using flows with relevant Airlock 2FA steps.

Cronto self-services

Self-management of Cronto tokens.

Loginapp >> Protected Self-services >> Cronto Device List

Loginapp >> Protected Self-services >> Protected Self-Service Flows using flows with relevant Cronto steps.

mTAN self-services

Self-management of mTAN tokens.

Loginapp >> Protected Self-services >> mTAN Number List

Loginapp >> Protected Self-services >> Protected Self-service Flows using flows with relevant mTAN steps.

FIDO registration self-service

Self-registration of FIDO tokens.

Loginapp >> Protected Self-services >> Protected Self-service Flows using a flow with the FIDO Registration Step

User profile self-service

Self-services to change user profile data (e.g. email address, postal address, etc.)

Loginapp >> Protected Self-services >> Protected Self-service Flows using arbitrary flows to modify user profile data. Use approval steps to have changes approved by 2nd-factors.

Account linking

Link IAM account to social login accounts (OAuth, OIDC).

Loginapp >> Protected Self-Services >> Account Linking Lists

and

Loginapp >> Protected Self-Services >> Protected Self-Service Flows using flows with relevant account linking steps.

Remember-me self-service

Management of persistently logged-in browsers and devices.

Loginapp >> Protected Self-Services >> Remember-Me Device List

and

Loginapp >> Protected Self-Services >> Protected Self-Service Flows using flows with relevant steps.

OAuth session management

Self-service to manage OAuth/OIDC sessions.

Loginapp >> Protected Self-Services >> OAuth 2.0 Session List

and

Loginapp >> Protected Self-Services >> Protected Self-Service Flows using flows with the Delete OAuth 2.0 Session Initiation Step.