- Index - API Documentation
- Parameters - API Parameter Details
- Profiles - Manage user profiles
- Resources - Manage resources
- Rules - Manage the ACRs for resources
- EML - Manage EML documents and associated ACRs
- Groups - Manage groups and group members
- Search - Search for profiles and groups
- Tokens and API keys - Manage tokens and API keys
This document describes the API for managing user profiles.
POST /auth/v1/profile
Create a 'skeleton' EDI profile that can be used in permissions. This method is idempotent — if a profile already exists for the provided idp_uid, it returns the existing profile identifier instead of creating a new one.
If and when a user logs in for the first time, the skeleton profile is upgraded to a full profile with information provided by the IdP.
Required permission: Caller must be in the Vetted system group.
| Parameter | In | Required | Description |
|---|---|---|---|
edi-token |
Cookie | Yes | See Parameters |
idp_uid |
JSON body | Yes | See Parameters |
| Status | Description |
|---|---|
200 OK |
Profile was created, or an existing profile was found |
400 Bad Request |
See Parameters |
401 Unauthorized |
See Parameters |
403 Forbidden |
Caller is not in the Vetted group |
200 OK response body:
| Field | Description |
|---|---|
method |
"createProfile" |
msg |
Whether a new profile was created or an existing one was found |
edi_id |
EDI-ID of the new or existing profile |
Request:
curl -X POST https://auth.edirepository.org/auth/v1/profile \
-H "Cookie: edi-token=$(<~/Downloads/token-EDI-<my-token>.jwt)" \
-d '{"idp_uid": "uid=username,o=EDI,dc=edirepository,dc=org"}'Response 200 OK:
{
"method": "createProfile",
"msg": "A new profile was created",
"edi_id": "EDI-1234567890abcdef1234567890abcdef"
}GET /auth/v1/profile/<edi_id>
Return the EDI profile associated with an EDI profile identifier. When the profile is owned by the requesting user, additional information such as email, avatar URL, and privacy policy acceptance status is included in the response.
Required permission: Caller must be authenticated. Full profile details are only returned when the profile is owned by the requesting user.
| Parameter | In | Required | Description |
|---|---|---|---|
edi-token |
Cookie | Yes | See Parameters |
edi_id |
URL path | Yes | EDI-ID of the profile to retrieve |
| Status | Description |
|---|---|
200 OK |
Profile retrieved successfully |
401 Unauthorized |
See Parameters |
403 Forbidden |
Caller is not authenticated |
404 Not Found |
Profile not found |
200 OK response body — always included:
| Field | Description |
|---|---|
method |
"readProfile" |
msg |
"Profile retrieved successfully" |
edi_id |
EDI-ID of the profile |
common_name |
Common name of the profile owner |
Additional fields included when the profile is owned by the requesting user:
| Field | Description |
|---|---|
email |
Email address of the profile owner |
avatar_url |
URL of the user's avatar image |
email_notifications |
Whether the user has opted in to email notifications |
privacy_policy_accepted |
Whether the user has accepted the privacy policy |
privacy_policy_accepted_date |
Date when the privacy policy was accepted |
Request:
curl https://auth.edirepository.org/auth/v1/profile/EDI-1234567890abcdef1234567890abcdef \
-H "Cookie: edi-token=$(<~/Downloads/token-EDI-<my-token>.jwt)"Response 200 OK (profile owned by requesting user):
{
"method": "readProfile",
"msg": "Profile retrieved successfully",
"edi_id": "EDI-147dd745c653451d9ef588aeb1d6a188",
"common_name": "John Smith",
"email": "john@smith.com",
"avatar_url": "https://localhost:5443/auth/ui/api/avatar/gen/JS"
}Response 200 OK (profile not owned by requesting user):
{
"method": "readProfile",
"msg": "Profile retrieved successfully",
"edi_id": "EDI-1234567890abcdef1234567890abcdef",
"common_name": "John Smith"
}PUT /auth/v1/profile/<edi_id>
Update the attributes of a user profile. Only the common_name and email fields can be modified; other fields are read-only. If neither field is provided, the profile remains unchanged.
Required permission: Caller must be the owner of the profile.
| Parameter | In | Required | Description |
|---|---|---|---|
edi-token |
Cookie | Yes | See Parameters |
edi_id |
URL path | Yes | EDI-ID of the profile to update |
common_name |
JSON body | No | New common name for the user |
email |
JSON body | No | New preferred email address |
| Status | Description |
|---|---|
200 OK |
Profile updated successfully |
400 Bad Request |
See Parameters |
401 Unauthorized |
See Parameters |
403 Forbidden |
Caller does not own the profile |
404 Not Found |
Profile not found |
Request:
curl -X PUT https://auth.edirepository.org/auth/v1/profile/EDI-1234567890abcdef1234567890abcdef \
-H "Cookie: edi-token=$(<~/Downloads/token-EDI-<my-token>.jwt)" \
-d '{"common_name": "Jane Smith", "email": "jane@smith.com"}'DELETE /auth/v1/profile/<edi_id>
Delete a user profile and all associated data.
Required permission: Caller must be the owner of the profile.
| Parameter | In | Required | Description |
|---|---|---|---|
edi-token |
Cookie | Yes | See Parameters |
edi_id |
URL path | Yes | EDI-ID of the profile to delete |
| Status | Description |
|---|---|
200 OK |
Profile deleted successfully |
401 Unauthorized |
See Parameters |
403 Forbidden |
Caller does not own the profile |
404 Not Found |
Profile not found |