Users and SSO
This page is about the partner dashboard, not the API itself. Most readers won't need it on day one.
Dashboard users
CRUD plus deactivate/reactivate:
| Endpoint | Purpose |
|---|---|
GET /users | List dashboard users |
POST /users | Create one |
GET /users/{id} | Read one |
PATCH /users/{id} | Update |
DELETE /users/{id} | Permanently remove |
POST /users/{id}/deactivate | Temporary access off |
POST /users/{id}/reactivate | Back on |
User ids are of the form <partner-id>-USR-<random>.
SSO
| Endpoint | Purpose |
|---|---|
GET /sso | Current SSO state for the partner |
POST /sso/enforce | Require SSO for all dashboard users |
POST /sso/disable | Stop requiring it |
Enforcing SSO logs out password-only users on their next request. Make sure all active dashboard users have an SSO identity wired up before you call /sso/enforce.