logo
Documentation
Versions

Barong

RESTful API for barong OAuth server

#Version: 2.6.49

/api/v2/barong/identity/users/password/confirm_code

POST

Description

Sets new account password

Parameters
NameLocated inDescriptionRequiredSchema
reset_password_tokenformDataToken from emailYesstring
passwordformDataUser passwordYesstring
confirm_passwordformDataUser passwordYesstring
Responses
CodeDescription
201Resets password
400Required params are empty
404Record is not found
422Validation errors

/api/v2/barong/identity/users/password/generate_code

POST

Description

Send password reset instructions

Parameters
NameLocated inDescriptionRequiredSchema
emailformDataAccount emailYesstring
captcha_responseformDataResponse from captcha widgetNostring
Responses
CodeDescription
201Generated password reset code
400Required params are missing
404User doesn't exist
422Validation errors

/api/v2/barong/identity/users/email/confirm_code

POST

Description

Confirms an account

Parameters
NameLocated inDescriptionRequiredSchema
tokenformDataToken from emailYesstring
Responses
CodeDescriptionSchema
201Confirms an accountAPI_V2_Entities_UserWithFullInfo
400Required params are missing
422Validation errors

/api/v2/barong/identity/users/email/generate_code

POST

Description

Send confirmations instructions

Parameters
NameLocated inDescriptionRequiredSchema
emailformDataAccount emailYesstring
captcha_responseformDataResponse from captcha widgetNostring
Responses
CodeDescription
201Generated verification code
400Required params are missing
422Validation errors

/api/v2/barong/identity/users/register_geetest

GET

Description

Register Geetest captcha

Responses
CodeDescription
200Register Geetest captcha

/api/v2/barong/identity/users

POST

Description

Creates new user

Parameters
NameLocated inDescriptionRequiredSchema
emailformDataUser EmailYesstring
passwordformDataUser PasswordYesstring
usernameformDataUser UsernameNostring
refidformDataReferral uidNostring
captcha_responseformDataResponse from captcha widgetNostring
dataformDataAny additional key: value pairs in json string formatNostring
Responses
CodeDescriptionSchema
201Creates new userAPI_V2_Entities_UserWithFullInfo
400Required params are missing
422Validation errors

/api/v2/barong/identity/users/access

POST

Description

Creates new whitelist restriction

Parameters
NameLocated inDescriptionRequiredSchema
whitelink_tokenformDataYesstring
Responses
CodeDescription
200Whitelist restriction was created
400Required params are missing
422Validation errors

/api/v2/barong/identity/sessions/auth0

POST

Description

Auth0 authentication by id_token

Parameters
NameLocated inDescriptionRequiredSchema
id_tokenformDataID TokenYesstring
Responses
CodeDescription
200User authenticated
400Required params are empty
404Record is not found

/api/v2/barong/identity/sessions

DELETE

Description

Destroy current session

Responses
CodeDescription
204Session was destroyed
400Required params are empty
404Record is not found

POST

Description

Start a new session

Parameters
NameLocated inDescriptionRequiredSchema
emailformDataYesstring
passwordformDataYesstring
captcha_responseformDataResponse from captcha widgetNostring
otp_codeformDataCode from Google AuthenticatorNostring
Responses
CodeDescription
201Start a new session
400Required params are empty
404Record is not found

/api/v2/barong/identity/configs

GET

Description

Get barong configurations

Responses
CodeDescription
200Get barong configurations

/api/v2/barong/identity/version

GET

Description

Get barong version

Responses
CodeDescription
200Get barong version

/api/v2/barong/identity/time

GET

Description

Get server current unix timestamp.

Responses
CodeDescription
200Get server current unix timestamp.

/api/v2/barong/identity/ping

GET

Description

Test connectivity

Responses
CodeDescription
200Test connectivity

/api/v2/barong/identity/password/validate

POST

Description

Password strength testing

Parameters
NameLocated inDescriptionRequiredSchema
passwordformDataUser passwordYesstring
Responses
CodeDescription
201Password strength testing

/api/v2/barong/resource/swagger_doc/{name }

GET

Description

Swagger compatible API description for specific API

Parameters
NameLocated inDescriptionRequiredSchema
namepathResource name of mounted APIYesstring
localequeryLocale of API documentationNostring
Responses
CodeDescription
200Swagger compatible API description for specific API

/api/v2/barong/resource/swagger_doc

GET

Description

Swagger compatible API description

Responses
CodeDescription
200Swagger compatible API description

/api/v2/barong/resource/service_accounts/api_keys/{kid }

PUT

Description

Updates an api key

Parameters
NameLocated inDescriptionRequiredSchema
service_account_uidformDataYesstring
kidpathService account kidYesstring
scopeformDataComma separated scopesNostring
stateformDataState of API Key. "active" state means key is active and can be used for authNostring
totp_codeformDataCode from Google AuthenticatorYesstring
Responses
CodeDescriptionSchema
200Updates an api keyAPI_V2_Entities_APIKey
400Required params are empty
401Invalid bearer token
404Record is not found
422Validation errors

DELETE

Description

Delete an api key for specific service account

Parameters
NameLocated inDescriptionRequiredSchema
service_account_uidqueryYesstring
kidpathService account kidYesstring
totp_codequeryCode from Google AuthenticatorYesstring
Responses
CodeDescription
204Succefully deleted
400Required params are empty
401Invalid bearer token
404Record is not found

/api/v2/barong/resource/service_accounts/api_keys

POST

Description

Create api key for specific service account.

Parameters
NameLocated inDescriptionRequiredSchema
service_account_uidformDataYesstring
algorithmformDataService account algorithmYesstring
scopeformDataComma separated scopesNostring
totp_codeformDataCode from Google AuthenticatorYesstring
Responses
CodeDescriptionSchema
201Create api key for specific service account.API_V2_Entities_APIKey
400Require 2FA and totp code
401Invalid bearer token

GET

Description

List all api keys for specific service account.

Parameters
NameLocated inDescriptionRequiredSchema
orderingqueryIf set, returned values will be sorted in specific order, defaults to 'asc'.Nostring
order_byqueryName of the field, which result will be ordered by.Nostring
pagequeryPage number (defaults to 1).Nointeger
limitqueryNumber of users per page (defaults to 100, maximum is 100).Nointeger
service_account_uidqueryYesstring
Responses
CodeDescriptionSchema
200List all api keys for specific service account.API_V2_Entities_APIKey
400Require 2FA and totp code
401Invalid bearer token

/api/v2/barong/resource/service_accounts

GET

Description

List all service accounts for current user.

Responses
CodeDescription
200List all service accounts for current user.
400Require 2FA and totp code
401Invalid bearer token
Security
Security SchemaScopes
BearerToken

/api/v2/barong/resource/data_storage

POST

Description

Create data storage

Parameters
NameLocated inDescriptionRequiredSchema
titleformDataStorage titleYesstring
dataformDataStorage dataYesstring
Responses
CodeDescription
201Data Storage was created
401Invalid bearer token
422Validation errors

/api/v2/barong/resource/api_keys

GET

Description

List all api keys for current account.

Parameters
NameLocated inDescriptionRequiredSchema
orderingqueryIf set, returned values will be sorted in specific order, defaults to 'asc'.Nostring
order_byqueryName of the field, which result will be ordered by.Nostring
pagequeryPage number (defaults to 1).Nointeger
limitqueryNumber of users per page (defaults to 100, maximum is 100).Nointeger
Responses
CodeDescriptionSchema
200List all api keys for current account.API_V2_Entities_APIKey
400Require 2FA and totp code
401Invalid bearer token

POST

Description

Create an api key

Parameters
NameLocated inDescriptionRequiredSchema
algorithmformDataAPI key algorithmYesstring
scopeformDataComma separated scopesNostring
totp_codeformDataCode from Google AuthenticatorYesstring
Responses
CodeDescriptionSchema
201Create an api keyAPI_V2_Entities_APIKey
400Required params are empty
401Invalid bearer token
422Validation errors

/api/v2/barong/resource/api_keys/{kid }

DELETE

Description

Delete an api key

Parameters
NameLocated inDescriptionRequiredSchema
kidpathAPI key kidYesstring
totp_codequeryCode from Google AuthenticatorYesstring
Responses
CodeDescription
204Succefully deleted
400Required params are empty
401Invalid bearer token
404Record is not found

PATCH

Description

Updates an api key

Parameters
NameLocated inDescriptionRequiredSchema
kidpathAPI key kidYesstring
scopeformDataComma separated scopesNostring
stateformDataState of API Key. "active" state means key is active and can be used for authNostring
totp_codeformDataCode from Google AuthenticatorYesstring
Responses
CodeDescriptionSchema
200Updates an api keyAPI_V2_Entities_APIKey
400Required params are empty
401Invalid bearer token
404Record is not found
422Validation errors

/api/v2/barong/resource/otp/verify

POST

Description

Verify 2FA code

Parameters
NameLocated inDescriptionRequiredSchema
codeformDataCode from Google AuthenticatorYesstring
Responses
CodeDescription
2002FA was verified
4002FA has not been enabled for this account or code is missing
401Invalid bearer token
422Validation errors

/api/v2/barong/resource/otp/disable

POST

Description

Disable 2FA

Parameters
NameLocated inDescriptionRequiredSchema
codeformDataCode from Google AuthenticatorYesstring
Responses
CodeDescription
2002FA was disabled
4002FA has not been enabled for this account or code is missing
401Invalid bearer token
422Validation errors

/api/v2/barong/resource/otp/enable

POST

Description

Enable 2FA

Parameters
NameLocated inDescriptionRequiredSchema
codeformDataCode from Google AuthenticatorYesstring
Responses
CodeDescription
2002FA was enabled
4002FA has been enabled for this account or code is missing
401Invalid bearer token
422Validation errors

/api/v2/barong/resource/otp/generate_qrcode

POST

Description

Generate qr code for 2FA

Responses
CodeDescription
200QR code was generated
4002FA has been enabled for this account
401Invalid bearer token

/api/v2/barong/resource/phones/verify

POST

Description

Verify a phone

Parameters
NameLocated inDescriptionRequiredSchema
phone_numberformDataPhone number with country codeYesstring
verification_codeformDataVerification code from smsYesstring
Responses
CodeDescriptionSchema
201Verify a phoneAPI_V2_Entities_UserWithFullInfo
400Required params are empty
401Invalid bearer token
404Record is not found

/api/v2/barong/resource/phones/send_code

POST

Description

Resend activation code

Parameters
NameLocated inDescriptionRequiredSchema
phone_numberformDataPhone number with country codeYesstring
channelformDataThe verification method to useNostring
Responses
CodeDescription
200Activation code was resend
400Required params are empty
401Invalid bearer token
404Record is not found
422Validation errors

/api/v2/barong/resource/phones

POST

Description

Add new phone

Parameters
NameLocated inDescriptionRequiredSchema
phone_numberformDataPhone number with country codeYesstring
channelformDataThe verification method to useNostring
Responses
CodeDescription
200New phone was added
400Required params are empty
401Invalid bearer token
404Record is not found
422Validation errors

GET

Description

Returns list of user's phones

Responses
CodeDescriptionSchema
200Returns list of user's phonesAPI_V2_Entities_Phone
401Invalid bearer token

/api/v2/barong/resource/documents

POST

Description

Upload a new document for current user

Parameters
NameLocated inDescriptionRequiredSchema
doc_typeformDataDocument typeYesstring
doc_numberformDataDocument numberYesstring
uploadformDataArray of Rack::Multipart::UploadedFileYesstring
doc_expireformDataDocument expiration dateNodate
doc_categoryformDataCategory of the submitted document - front/back/selfie etc.Nostring
identificatorformDataIdentificator for documents to be supplied togetherNostring
metadataformDataAny additional key: value pairs in json string formatNostring
Responses
CodeDescription
201Document is uploaded
400Required params are empty
401Invalid bearer token
422Validation errors

GET

Description

Return current user documents list

Responses
CodeDescriptionSchema
200Return current user documents listAPI_V2_Entities_Document
401Invalid bearer token

/api/v2/barong/resource/profiles

PUT

Description

Update a profile for current_user

Parameters
NameLocated inDescriptionRequiredSchema
first_nameformDataFirst NameNostring
last_nameformDataLast NameNostring
dobformDataDate of BirthNodate
addressformDataAddressNostring
postcodeformDataPostcodeNostring
cityformDataCityNostring
countryformDataCountryNostring
metadataformDataAny additional key: value pairs in json string formatNostring
confirmformDataProfile confirmationNoboolean
Responses
CodeDescriptionSchema
200Update a profile for current_userAPI_V2_Entities_Profile
401Invalid bearer token
422Validation errors

POST

Description

Create a profile for current_user

Parameters
NameLocated inDescriptionRequiredSchema
first_nameformDataFirst NameNostring
last_nameformDataLast NameNostring
dobformDataDate of BirthNodate
addressformDataAddressNostring
postcodeformDataPostcodeNostring
cityformDataCityNostring
countryformDataCountryNostring
metadataformDataAny additional key: value pairs in json string formatNostring
confirmformDataProfile confirmationNoboolean
Responses
CodeDescriptionSchema
201Create a profile for current_userAPI_V2_Entities_Profile
400Required params are empty
401Invalid bearer token
409Profile already exists
422Validation errors

/api/v2/barong/resource/profiles/me

GET

Description

Return profiles of current resource owner

Responses
CodeDescriptionSchema
200Return profiles of current resource ownerAPI_V2_Entities_Profile
401Invalid bearer token
404User has no profile

/api/v2/barong/resource/labels/{key }

DELETE

Description

Delete a label with 'public' scope.

Parameters
NameLocated inDescriptionRequiredSchema
keypathLabel key.Yesstring
Responses
CodeDescription
204Succefully deleted
400Required params are empty
401Invalid bearer token
404Record is not found

PATCH

Description

Update a label with 'public' scope.

Parameters
NameLocated inDescriptionRequiredSchema
keypathLabel key.Yesstring
valueformDataLabel value.Yesstring
Responses
CodeDescriptionSchema
200Update a label with 'public' scope.API_V2_Entities_Label
400Required params are empty
401Invalid bearer token
404Record is not found
422Validation errors

GET

Description

Return a label by key.

Parameters
NameLocated inDescriptionRequiredSchema
keypathLabel key.Yesstring
Responses
CodeDescriptionSchema
200Return a label by key.API_V2_Entities_Label
400Required params are empty
401Invalid bearer token
404Record is not found

/api/v2/barong/resource/labels

POST

Description

Create a label with 'public' scope.

Parameters
NameLocated inDescriptionRequiredSchema
keyformDataLabel key.Yesstring
valueformDataLabel value.Yesstring
Responses
CodeDescriptionSchema
201Create a label with 'public' scope.API_V2_Entities_Label
400Required params are empty
401Invalid bearer token
422Validation errors

GET

Description

List all labels for current user.

Parameters
NameLocated inDescriptionRequiredSchema
orderingqueryIf set, returned labels sorted in specific order, default to "asc".Nostring
Responses
CodeDescriptionSchema
200List all labels for current user.API_V2_Entities_Label
401Invalid bearer token

/api/v2/barong/resource/users/password

PUT

Description

Sets new account password

Parameters
NameLocated inDescriptionRequiredSchema
old_passwordformDataPrevious account passwordYesstring
new_passwordformDataUser passwordYesstring
confirm_passwordformDataUser passwordYesstring
Responses
CodeDescription
201Changes password
400Required params are empty
404Record is not found
422Validation errors

/api/v2/barong/resource/users/activity/{topic }

GET

Description

Returns user activity

Parameters
NameLocated inDescriptionRequiredSchema
topicpathTopic of user activity. Allowed: [all, password, session, otp]Yesstring
time_fromqueryAn integer represents the seconds elapsed since Unix epoch.If set, only activities created after the time will be returned.Nointeger
time_toqueryAn integer represents the seconds elapsed since Unix epoch.If set, only activities created before the time will be returned.Nointeger
resultqueryResult of user activity. Allowed: [succeed, failed, denied]Nostring
pagequeryPage number (defaults to 1).Nointeger
limitqueryNumber of users per page (defaults to 100, maximum is 100).Nointeger
Responses
CodeDescriptionSchema
200Returns user activityAPI_V2_Entities_Activity

/api/v2/barong/resource/users/me

DELETE

Description

Blocks current user

Parameters
NameLocated inDescriptionRequiredSchema
passwordqueryAccount passwordYesstring
otp_codequeryCode from Google AuthenticatorNostring
Responses
CodeDescription
204Current user was blocked

PUT

Description

Updates current user data field

Parameters
NameLocated inDescriptionRequiredSchema
dataformDataAny additional key: value pairs in json string formatYesstring
Responses
CodeDescriptionSchema
200Updates current user data fieldAPI_V2_Entities_UserWithFullInfo

GET

Description

Returns current user

Responses
CodeDescriptionSchema
200Returns current userAPI_V2_Entities_UserWithFullInfo

/api/v2/barong/resource/addresses

POST

Description

Upload a new address approval document for current user

Parameters
NameLocated inDescriptionRequiredSchema
countryformDataDocument typeYesstring
addressformDataDocument numberYesstring
uploadformDataArray of Rack::Multipart::UploadedFileYesstring
cityformDataDocument expiration dateYesstring
postcodeformDataAny additional key: value pairs in json string formatYesstring
Responses
CodeDescription
201New address approval document was uploaded
400Required params are empty
401Invalid bearer token
422Validation errors

/api/v2/barong/public/configs/auth0

GET

Description

Get auth0 configuration

Responses
CodeDescription
200Get auth0 configuration

/api/v2/barong/public/configs

GET

Description

Get barong configurations

Responses
CodeDescription
200Get barong configurations

/api/v2/barong/public/version

GET

Description

Get barong version

Responses
CodeDescription
200Get barong version

/api/v2/barong/public/time

GET

Description

Get server current unix timestamp.

Responses
CodeDescription
200Get server current unix timestamp.

/api/v2/barong/public/ping

GET

Description

Test connectivity

Responses
CodeDescription
200Test connectivity

/api/v2/barong/public/password/validate

POST

Description

Password strength testing

Parameters
NameLocated inDescriptionRequiredSchema
passwordformDataUser passwordYesstring
Responses
CodeDescription
201Password strength testing

/api/v2/barong/public/kyc

POST

Description

KYC callback

Responses
CodeDescription
201KYC callback

Models

API_V2_Entities_UserWithFullInfo

Returns current user

NameTypeDescriptionRequired
emailstringUser EmailNo
uidstringUser UIDNo
rolestringUser roleNo
levelintegerUser levelNo
otpbooleanis 2FA enabled for accountNo
statestringUser state: active, pending, inactiveNo
referral_uidstringUID of referrerNo
datastringAdditional phone and profile infoNo
csrf_tokenstringСsrf protection tokenNo
usernamestringUser usernameNo
labelsAPI_V2_Entities_LabelNo
phonesAPI_V2_Entities_PhoneNo
profilesAPI_V2_Entities_ProfileNo
data_storagesAPI_V2_Entities_DataStorageNo
created_atstringNo
updated_atstringNo

API_V2_Entities_Label

List all labels for current user.

NameTypeDescriptionRequired
keystringLabel key. [a-z0-9_-]+ should be used. Min - 3, max - 255 characters.No
valuestringLabel value. [A-Za-z0-9_-] should be used. Min - 3, max - 255 characters.No
scopestringLabel scope: 'public' or 'private'No
created_atstringNo
updated_atstringNo

API_V2_Entities_Phone

Returns list of user's phones

NameTypeDescriptionRequired
countrystringPhone countryNo
numberstringSubmasked phone numberNo
validated_ats (g)Phone validation dateNo

API_V2_Entities_Profile

Return profiles of current resource owner

NameTypeDescriptionRequired
first_namestringFirst NameNo
last_namestringSubmasked last nameNo
dobdateSubmasked birth dateNo
addressstringAddressNo
postcodestringAddress PostcodeNo
citystringCity nameNo
countrystringCountry nameNo
statestringProfile state: drafted, submitted, verified, rejectedNo
metadataobjectProfile additional fieldsNo
created_atstringNo
updated_atstringNo

API_V2_Entities_DataStorage

NameTypeDescriptionRequired
titlestringAny additional data titleNo
datastringAny additional data json key:value pairsNo
created_atstringNo
updated_atstringNo

API_V2_Entities_APIKey

Create an api key

NameTypeDescriptionRequired
kidstringJWT public keyNo
algorithmstringCryptographic hash function typeNo
scopestringSerialized array of scopesNo
statestringactive/non-active state of keyNo
secretstringApi key secretNo
created_atstringNo
updated_atstringNo

API_V2_Entities_Document

Return current user documents list

NameTypeDescriptionRequired
uploadstringFile urlNo
doc_typestringDocument type: passport, driver license, utility bill, identity card, institutional, address, residentalNo
doc_numberstringSubmasked document number: AB123123 typeNo
doc_expirestringExpire date of uploaded documentsNo
metadatastringAny additional stored dataNo
created_atstringNo
updated_atstringNo

API_V2_Entities_Activity

Returns user activity

NameTypeDescriptionRequired
idintegerActivity IDNo
user_ipstringUser IPNo
user_ip_countrystringUser IP countryNo
user_agentstringUser Browser AgentNo
topicstringDefined topic (session, adjustments) or general by defaultNo
actionstringAPI action: POST => 'create', PUT => 'update', GET => 'read', DELETE => 'delete', PATCH => 'update' or system if there is no match of HTTP methodNo
resultstringStatus of API response: succeed, failed, deniedNo
datastringParameters which was sent to specific API endpointNo
created_atstringNo

API_V2_Entities_Level

NameTypeDescriptionRequired
idintegerLevel identifier, level numberNo
keystringLabel key. [A-Za-z0-9_-] should be used. Min - 3, max - 255 characters.No
valuestringLabel value. [A-Za-z0-9_-] should be used. Min - 3, max - 255 characters.No

API_V2_Entities_User

NameTypeDescriptionRequired
emailstringUser EmailNo
uidstringUser UIDNo
rolestringUser roleNo
levelintegerUser levelNo
otpbooleanis 2FA enabled for accountNo
statestringUser state: active, pending, inactiveNo
referral_uidstringUID of referrerNo
datastringAdditional phone and profile infoNo
usernamestringUser usernameNo

API_V2_Entities_UserWithProfile

NameTypeDescriptionRequired
emailstringUser EmailNo
uidstringUser UIDNo
rolestringUser roleNo
levelintegerUser levelNo
otpbooleanis 2FA enabled for accountNo
statestringUser state: active, pending, inactiveNo
referral_uidstringUID of referrerNo
datastringAdditional phone and profile infoNo
usernamestringUser usernameNo
profilesAPI_V2_Entities_ProfileNo
created_atstringNo
updated_atstringNo

API_V2_Entities_UserWithKYC

NameTypeDescriptionRequired
emailstringUser EmailNo
uidstringUser UIDNo
rolestringUser roleNo
levelintegerUser levelNo
otpbooleanis 2FA enabled for accountNo
statestringUser state: active, pending, inactiveNo
referral_uidstringUID of referrerNo
datastringAdditional phone and profile infoNo
usernamestringUser usernameNo
profilesAPI_V2_Entities_ProfileNo
labelsAPI_V2_Entities_AdminLabelViewNo
phonesAPI_V2_Entities_PhoneNo
documentsAPI_V2_Entities_DocumentNo
data_storagesAPI_V2_Entities_DataStorageNo
commentsAPI_V2_Entities_CommentNo
created_atstringNo
updated_atstringNo

API_V2_Entities_AdminLabelView

NameTypeDescriptionRequired
keystringLabel key. [a-z0-9_-]+ should be used. Min - 3, max - 255 characters.No
valuestringLabel value. [A-Za-z0-9_-] should be used. Min - 3, max - 255 characters.No
scopestringLabel scope: 'public' or 'private'No
descriptionstringLabel desc: json string with any additional informationNo
created_atstringNo
updated_atstringNo

API_V2_Entities_Comment

NameTypeDescriptionRequired
idintegerComment idNo
author_uidstringComment author UIDNo
titlestringComment titleNo
datastringComment plain textNo
created_atstringNo
updated_atstringNo

API_V2_Entities_ServiceAccounts

NameTypeDescriptionRequired
emailstringUser EmailNo
uidstringUser UIDNo
rolestringService Account RoleNo
levelintegerUser LevelNo
statestringService Account State: active, disabledNo
userAPI_V2_Entities_UserNo
created_atstringNo
updated_atstringNo