Build self-service capabilities for your application¶
Developers can use WSO2 Identity Server's REST APIs to implement self-service capabilities for the users on their business applications.
Here are some capabilities you may want to enable when you implement self-service capabilities in your business app.
- Allow users to update their user profiles
- Allow users to change passwords
- Allow users to enable MFA
- Allow users to manage consents given to applications
Once the user logs in to the business application, you can make these capabilities available to the user from the business application itself.
Self-service APIs¶
You can use the following WSO2 Identity Server APIs to enable self-service capabilities in your business application.
-
SCIM/Me Endpoint
- List user details
- Update user profile
-
Note
To update the password of a user, update the
value
parameter of the API payload as follows:{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations": [ { "op": "add", "value": { "nickName": "shaggy" } } ] }
-
Manage MFA settings and recovery
Prerequisites¶
You need an application that integrates login with WSO2 Identity Server over OpenID connect standards.
Learn more about registering OIDC applications on WSO2 Identity Server.
Invoke the self-service APIs¶
To invoke the self-service APIs from your application:
- Once the user logs into your application, get an access token on behalf of the user.
- Use the obtained
access_token
as a bearer token to invoke the APIs.
Given below is a sample API request for a client sending a PATCH
request sent to the /scim2/Me
endpoint to update the user password.
URL: https://api.asgardeo.io/t/<org_name>/scim2/Me
HTTP Method: PATCH
Headers:
'Content-Type: application/scim+json'
'Authorization: Bearer <access_token>'
Data:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations": [
{
"op": "add",
"value": {
"password": "<new-password>"
}
}
]
}
If you are using WSO2 Identity Server's React SDK
You can use the httpRequest
method to invoke the APIs on WSO2 Identity Server's React SDK.
A sample of how to use the httpRequest
method in WSO2 Identity Server's React SDK is given below:
import { useAuthContext, HttpRequestConfig } from "@asgardeo/auth-react";
const {httpRequest } = useAuthContext();
const requestConfig: HttpRequestConfig = {
// Add API content here
headers: {
"Accept": "application/json",
"Content-Type": "application/scim+json"
},
attachToken: true,
method: "GET",
url: "https://api.asgardeo.io/t/<org_name>/scim2/Me"
};
httpRequest(requestConfig).then((response: any) => {
console.log(“request response : ”+response.data);
}).catch((error) => {
console.log("request error: " + error);
})
You can replace the body of const requestConfig: HttpRequestConfig = {}
with the API you wish to invoke.