Skip to main content
Version: 4.0

Add User

Path
http://{supOS ip:port}/open-api/auth/v2/users
Request body
{
"username": "test", //required
"password": "xxxxx", //required
"userDesc": "general user",
"timeZone": "GMT+0800", //required
"personCode": "person01", //required
"companyCode": "default", //required
"accountType": 0, //required
"roleNameList": [ //role code list
"role1"
],
"recoveryDeleted": false //whether to restore deleted users
}{
"username": "test",
"password": "xxxxx",
"userDesc": "general user",
"timeZone": "GMT+0800",
"personCode": "person01",
"companyCode": "default",
"accountType": 0,
"roleNameList": [
"role1"
],
"recoveryDeleted": false
}
Response
  • 200: Successful.
  • 400
{
"code": 100106021,
"message": "password rule: Contains upper and lower cases, and number, and the length is 6-8 digits."
}
    • 100106500: Parameter validation error
    • 100106004: Username already exists
    • 100106005: Person is already bound to a user
    • 100106012: Person does not exist
    • 100106013: Role does not exist
    • 100106021: Password complexity does not meet system requirements
    • 100106014: Company does not exist
    • 100106020: Person does not belong to this company
    • 100106022: Role does not belong to this company
  • 500
{
"code": 100000001,
"message": "internal service exception"
}

Get User List

Path
http://{supOS ip:port}/open-api/auth/v2/users
Query parameter
  • keyword: Keyword for fuzzy matching.
  • pageIndex: Page number. Required.
  • pageSize: Items on the page.
  • companyCode: Required.
  • roleCode: Role code.
  • modifyTime: Modify time.
Response
  • 200: Successful.
{
"list": [
{
"username": "admin",
"userDesc": "super admin",
"accountType": 0,
"lockStatus": 0,
"personCode": "person01",
"personName": "person01",
"modifyTime": "2020-09-22T07:38:13.893+0800",
"createTime": "2020-09-22T07:38:13.893+0800",
"userRoleList": [
{
"name": "systemRole",
"showname": "admin role",
"description": "string"
}
],
"avatar": "/auth/v2/users/admin/avatar"
}
],
"pagination": {
"total": 100,
"pageSize": 20,
"pageIndex": 1
}
}
  • 400
{
"code": 100106500,
"message": "pageSize exceeds the maximum of 500"
}

100106014: Company does not exist.

  • 500
{
"code": 100000001,
"message": "internal service exception"
}

Delete User in Batches

Path
http://{supOS ip:port}/open-api/auth/v2/users
Query parameter

usernames: Required. For example, usernames=user1,user2...

Response
  • 200: Successful.
  • 400
{
"code": 100106017,
"message": "{name},pending tasks exist, {name} cannot be deleted"
}
    • 100106500: pageSize exceeds the maximum of 500.
    • 100106018: xxx (name), admin xxx cannot be deleted.
  • 500
{
"code": 100000001,
"message": "internal service exception"
}

Get User Details

Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}
Response
  • 200: Successful.
{
"username": "admin",
"userDesc": "super admin",
"accountType": 0,
"lockStatus": 0,
"personCode": "person01",
"personName": "person01",
"modifyTime": "2020-09-22T07:38:13.893+0800",
"createTime": "2020-09-22T07:38:13.893+0800",
"userRoleList": [
{
"name": "systemRole",
"showname": "admin role",
"description": "string"
}
],
"avatar": "/auth/v2/users/admin/avatar"
}
  • 500
{
"code": 100000001,
"message": "internal service exception"
}

Edit User

Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}
Request body
{
"userDesc": "manager",
"timeZone": "GMT+0000",
"personCode": "person01",
"lockStatus": 0 //0-not locked, 1-locked
}
Response
  • 200: Successful.
  • 400
{
"code": 100106500,
"message": "timeZone format error"
}
    • 100106500: Parameter validation error.
    • 100106012: Person does not exist.
  • 500
{
"code": 100000001,
"message": "internal service exception"
}

Unbind User

info

Up to 10 roles can be unbind.

Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/role
Request body
{
"roleCodes": [ //required
"role1"
]
}
Response
  • 200: Successful.
  • 400
{
"code": 100106013,
"message": "role1,role2 do not exist"
}
    • 100106500: Parameter validation error.
    • 100106013: Person does not exist.
    • 100106019: System admin cannot edit roles.
  • 500
{
"code": 100000001,
"message": "internal service exception"
}

Bind User

info

Up to 10 roles can be bound.

Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/role
Request body
{
"roleCodes": [ //required
"role1"
]
}
Response
  • 200: Successful.
  • 400
{
"code": 100106013,
"message": "role1,role2 do not exist"
}
    • 100106500: Parameter validation error.
    • 100106013: Person does not exist.
    • 100106019: System admin cannot edit roles.
    • 100106022: Role does not belong to the company.
  • 500
{
"code": 100000001,
"message": "internal service exception"
}

Reset Default Admin Password

info
  • Only works on admin.
  • Permission must be granted before using this API.
Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/role
Response
  • 200: Successful.
{
"password": "9Bo0JPnIfi0A9tptjB/pwisHnom1gSPm/OLyuPDXldM="
}
info

The returned password is encrypted with base64. Decipher with following algorithms:

  • Symmetric decryption algorithm: AES-128-ECB
  • Data: PKCS5Padding
  • Symmetric decryption key: aeskey=md5(sk). aeskey has 16 bytes.

Unbind Third-party Role

info
  • Works on 1-10 third-party roles.
  • No reminders when unbinding non-existent roles.
Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/role/third/identity
Query parameter

identityIds: Unique identity code. Required. For example: identityIds=12131231,123123123.

Response
  • 200: Successful.
  • 400
{
"code": 100106500,
"message": "number of roles exceeds the maximum of 10"
}

Get Accessible Menus by Username

Path
http://{supOS ip:port}/open-api/rbac/v2/users/{username}/permissions/menus
Query parameter
  • companyCode: Required. Based on the company code, get accessible menus of the user in this company.
  • source: Menu source. source=IDE means to get menus whose source is APP designer; emptyt means to get all menus.
Response
  • 200: Successful.
{
"list": [
{
"name": "device management",
"url": "/project/compute-engine/datadump",
"code": "bisDesigner"
}
]
}
  • 400
{
"code": 100105225,
"message": "specified user does not exist"
}
    • 100105226: Specified user is not employed by specified company.
    • 100105227: Specified company does not exist.
    • 100000001: Source is not in compliance with the rules, example: IDE.
    • 100000001: Company code cannot be empty.
    • 100000001: Internal service exception.
  • 500
{
"code": 100000001,
"message": "internal service exception"
}

Get Accessible Menus by Role

Path
http://{supOS ip:port}/open-api/rbac/v2/roles/{rolecode}/permissions/menus
Query parameter
  • companyCode: Required. Based on the company code, get accessible menus of the role in this company.
  • scope: Menu source. 0-design center menu; 1-operation center menu; emptyt means to get all menus.
Response
  • 200: Successful.
{
"list": [
{
"name": "device management",
"url": "/project/compute-engine/datadump",
"code": "bisDesigner"
}
]
}
  • 400
{
"code": 100105228,
"message": "specified role does not exist"
}
    • 100000003: Illegal scope. For example:0, 1.
    • 100105225: Specified user does not exist.
    • 100105226: Specified user is not employed by specified company.
    • 100105227: Specified company does not exist.
    • 100000001: Company code cannot be empty.
  • 500
{
"code": 100000001,
"message": "internal service exception"
}

Load User Icon

Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/avatar
Query parameter
  • companyCode: Required. Based on the company code, get accessible menus of the user in this company.
  • source: Menu source. source=IDE means to get menus whose source is APP designer; emptyt means to get all menus.
Response
  • 200: Successful.
  • 400
{
"code": 100106114,
"message": "avatar file does not exist"
}

Upload User Icon

Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/avatar
Query parameter

fileName: Required.

Response
  • 200: Successful.
{
"fileName": "string",
"fileFullPath": "string",
"fileDownloadUrl": "string"
}
  • 400
{
"code": 100106112,
"message": "file type can only be jpg, gif and png"
}
    • 100106111: File name length cannot exceed 20.
    • 100106113: File size exceeds the limit. The maximum size is 5 M.