1

If I have a usergrid generated user access token, how do I get the user profile (username, organization, etc.) information from it ?

I am planning to expose a REST api service which would use usergrid as a backend to store multitenant data.

The REST api service has some business logic and which will query data from usergrid, carry out business logic and return results.

I am thinking that the user of this service will first authenticate using an authentication api (which is another REST API I am planning to expose). They will pass their username and password and organization details to the authentication api, which in turn will call the usergrid token api to validate the user and send back the access token as a response to the request.

The subsequent request to the business service api will pass the access token. Now given this access token I wanted to know the user details say username, so that I could query the right data for that user (e.g. apply a filter condition like "where createdBY = :username") and feed it to the business logic.

Is it possible ?

nilesh
  • 35
  • 3

1 Answers1

1

There are two different kinds of users in Usergrid: admin users and app-level users. For admin level users, you can hit an endpoint like this to get orgs/apps that admin user is an administrator of:

GET /management/users/username or email of admin user?access_token=your token here

From your description, I think you probably want app-level users. Because app-level users are, well, app-level, you must specify the org and app to get information about them. In other words, they live inside the app, in a hierarchy that looks like this: /org/app/users. If you didn't specify which org/app they were in, the system wouldn't know where to look to get the user. Also, it is possible to have users with the same email or username in multiple apps. So you must specify the org/app, but you don't have to specify the username or email. Instead, use /me:

GET /org/app/users/me?access_token=your token here

The system will use the token to figure out which users is being referenced.

Of course the above calls assume that you have prefixed with a proper http/https url:

GET https://api.usergrid.com/org/app/users/me?access_token=your token here

rockerston
  • 521
  • 2
  • 10
  • Thanks for the answer. It helps to some extent. The problem is that one need to know the org and the app and knowing only the access token is not enough. Looks like a limitation of usergrid – nilesh Jan 05 '15 at 10:46