APIs in IDHub
Overview
IDHub allows you to monitor and respond to specific events or actions related to API (Application Programming Interface) usage within our product. These triggers enable you to implement additional security measures and automate certain actions based on the occurrence of predefined events.
Features
IDHub API Capabilities
Our IAM solution is slightly different that other IAM solutions in API security. We provide additional flexibility to change user data based on individual needs without compromising the security protocols. Here are some common capabilities associated with API triggers that IDHub has:
Observational
Event Monitoring
API triggers enable you to monitor various events and actions related to API usage, such as authentication attempts, access requests, data modifications, and other security-relevant activities.
API Rules
Rule-based Actions
You can define rules or conditions that, when met, trigger specific actions or responses. For example, you might set up a rule that triggers an alert when a user attempts multiple failed login attempts within a certain timeframe.
Attacks
Threat Detection and Prevention
API triggers can be used to detect and prevent potential threats or suspicious activities. By monitoring API events, you can identify patterns indicative of unauthorized access attempts, brute force attacks, or other malicious behavior.
Emails and SMS
Real-time Alerts and Notifications
When an API trigger event occurs, you can configure the system to generate real-time alerts or notifications. These alerts can be delivered via email, SMS, or integrated with incident response systems to ensure timely action.
Revoke Access
Access Control and Authorization
API triggers can be leveraged to enforce access control and authorization policies. For example, you can define triggers that automatically revoke API access for a user or application if certain conditions are met, such as a security breach or violation of usage policies.
Node based Workflows
Workflow Orchestration
API triggers can be used to automate workflows and execute predefined actions based on specific events. For instance, you might configure a trigger that initiates a workflow to revoke access privileges for a user who has been inactive for a specified period.
API Auth
Authentication Mechanism
API Keys
API keys are unique identifiers assigned to users or applications to authenticate their access to the API. The API key is included in the API request as a parameter or header.
OAuth 2.0
IDHub uses OAuth 2.0 for authentication and authorization. It enables users or applications to obtain access tokens from an authorization server by presenting their credentials.
OpenID Connect (OIDC)
IDHub Keycloak and HashiCorp's OIDC capability in its authentication layer which is built on top of OAuth 2.0. OIDC enables the API to receive an ID token containing user claims.
JSON Web Tokens (JWT)
IDHub also uses JWT self contained access tokens in API Authentication. The tokens are digitally signed, allowing the API to verify their authenticity and integrity.
REST APIs
How to construct your API
Below are the key details of IDHub APIs:
- The IDHub API is organized around REST. Our API has predictable resource-oriented URLs, accepts form-encoded request bodies, returns JSON-encoded responses, and uses standard HTTP response codes, authentication, and verbs.
- The IDHub API uses API keys to authenticate requests. You can view and manage your API keys in IDHub Developer Guide
- Your API keys carry many privileges, so be sure to keep them secure! Do not share your secret API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
- Use your API key by assigning it to
IDHub.apiKey
. The Java library will then automatically send this key in each request. - All API requests must be made over HTTPS. Calls made over plain HTTP will fail. API requests without authentication will also fail.
- You can also set a per-request key with an option. This is often useful for Connect applications that use multiple API keys during the lifetime of a process.
Limitations of IDHub APIs are:
- The IDHub API doesn't support bulk updates. You can work on only one object per request.
- The IDHub API differs for every account as we release new versions and tailor functionality. The IDHub docs are customized to each version of the API and it display a test key and test data.
Quick Start
Getting Started
Developer Guide
Looking for a comprehensive guide for developers? Check out our development quick-start guide (A one stop solution for developers).
Not a Developer?
Use IDHub's no-code options by signing up to our Cloud platform to get started and to do more with your IDHub account—no code required.