Build self-service capabilities for your application

Developers can use WSO2 Identity Server's REST APIs to implement self-service capabilities for the users on their business applications.

Here are some capabilities you may want to enable when you implement self-service capabilities in your business app.

• Allow users to update their user profiles
• Allow users to change passwords
• Allow users to enable MFA
• Allow users to manage consents given to applications

Once the user logs in to the business application, you can make these capabilities available to the user from the business application itself.

Self-service APIs

You can use the following WSO2 Identity Server APIs to enable self-service capabilities in your business application.

• SCIM/Me Endpoint

  • List user details
  • Update user profile

  • Update user password

    Note

    To update the password of a user, update the value parameter of the API payload as follows:

    {
      "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:PatchOp"
      ],
      "Operations": [
        {
          "op": "add",
          "value": {
            "nickName": "shaggy"
          }
        }
      ]
    }
    

• Manage MFA settings and recovery

  • TOTP

• Manage consent of users

Prerequisites

You need an application that integrates login with WSO2 Identity Server over OpenID connect standards.

Learn more about registering OIDC applications on WSO2 Identity Server.

• SPA
• Traditional Web application
• Mobile appliction

Invoke the self-service APIs

To invoke the self-service APIs from your application:

1. Once the user logs into your application, get an access token on behalf of the user.
2. Use the obtained access_token as a bearer token to invoke the APIs.

Given below is a sample API request for a client sending a PATCH request sent to the /scim2/Me endpoint to update the user password.

URL:  https://api.asgardeo.io/t/<org_name>/scim2/Me
HTTP Method: PATCH
Headers:
'Content-Type: application/scim+json'
 'Authorization: Bearer <access_token>'
Data:
{
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:PatchOp"
  ],
  "Operations": [
    {
      "op": "add",
      "value": {
        "password": "<new-password>"
      }
    }
  ]
}

If you are using WSO2 Identity Server's React SDK

You can use the httpRequest method to invoke the APIs on WSO2 Identity Server's React SDK.

A sample of how to use the httpRequest method in WSO2 Identity Server's React SDK is given below:

import { useAuthContext, HttpRequestConfig } from "@asgardeo/auth-react";
const {httpRequest } = useAuthContext();

   const requestConfig: HttpRequestConfig = {
            // Add API content here
            headers: {
                "Accept": "application/json",
                "Content-Type": "application/scim+json"
            },
            attachToken: true,
            method: "GET",
            url: "https://api.asgardeo.io/t/<org_name>/scim2/Me"
        };
        httpRequest(requestConfig).then((response: any) => {
            console.log(“request response : ”+response.data);
        }).catch((error) => {
            console.log("request error: " + error);
        })

You can replace the body of const requestConfig: HttpRequestConfig = {} with the API you wish to invoke.