GET/POST http://yourserver.com/services/profile |
What does it do?
Retrieve details about the user authenticated in the current browser session.
Log in requirement
Before being able to request information from Assets Server by using a GET request or make changes to the system through a POST request, a log in to Assets Server is required. For information about the available APIs for logging in, see Assets Server REST API - introduction.
POST requests only
This REST API only accepts POST requests, not GET requests. Also, the POST request needs to include a cross-site request forgery (csrf) token.
The csrf token is a unique code which, by including it in the request, also makes the POST request unique and therefore much more secure.
The csrf token is obtained by first logging in to Assets Server through a POST request. The response that is received will include the csrf token which can then be used in subsequent POST requests as a http header:
"X-CSRF-TOKEN: <some_csrf_token>"
For more information including examples, see Assets Server REST API - Performing a POST request with a csrf token.
Parameters
This service has no parameters.
Return value
The service returns a JSON response with the following information:
username |
Primary unique user name or principle. When authenticated against LDAP/ActiveDirectory, this may be different than the username used to log in. |
fullName | Full name of the user. This can be used as a display name. |
User's e-mail address. Only returned when the user is authenticated against an LDAP/ActiveDirectory, and an e-mail address is available there. |
|
userZone | The location in Assets Server where the private files of the user are stored. Only returned for users that have access to a private zone. |
groups | The groups that the user belongs to. These are associated with a user in the LDAP/ActiveDirectory or in the internal-users config file. |
authorities | The capabilities assigned to the user. |
Examples
AJAX login with success
The following shows the response of a successful authentication attempt.
login http://demo.assets-server.com/services/login ?username=demo &password=demo |
profile http://demo.assets-server.com/services/profile |
{
"authorities" : [ "ROLE_USER", ... ],
"username" : "demo",
"fullName" : "Demo User",
"userZone" : "/Users/demo",
"groups" : [ "department1" ],
"email" : "demo@example.com"
}
Session not authenticated
The following shows the response when the session is not authenticated.
logout http://demo.assets-server.com/services/logout |
profile
http://demo.assets-server.com/services/profile |
{
"errorcode" : 401,
"message" : "Not logged in"
}
Comment
Do you have corrections or additional information about this article? Leave a comment! Do you have a question about what is described in this article? Please contact Support.
0 comments
Please sign in to leave a comment.