Skip to main content

RainMaker has rich set of user lifecycle management APIs like user onboarding through signup, authenticating the user through login, Fetching the user details, letting the user to logout the current session, allow user to change the password or if user has forgotten the password.

Sign Up

This API provides support to create new user. User creation is a two steps process.

By default the user is in unconfirmed state when created.

A verification code is sent to user's email/Phone number which should be used to confirm the user.

Refer User Sign Up Swagger for more details

Login

Authentication

Login API can be used to authenticate the confirmed user. On successful login, access token and refresh tokens are returned.

The access token should be used to call further RainMaker APIs. The access toke should be sent as Authorization header in subsequent requests to authenticated APIs.

Extend Session

The access token issued here is valid for one hour only. Refresh token can be used to extend the current session without having to login in again. The refresh token has validity of 10 years. Its client's(Phone APP/Dashboard etc) responsibility to cache the token securely.

Login without password

Login with MFA

Log out

Logout from one session

Log out API can be used to log out the user. This API invalidates the current refresh token. So, the refresh token can be used to extend the session. Due to limitation from AWS, the current access token ramains valid for one hour.

Logout from all session

To facilitate logging out from all the sessions, logout_all query parameter can be set to true. This invalidates all the active refresh tokens.

Get User details

Get User Details API can be used to fetch the current logged in user's details like user id, user name etc. If logged in user is a super admin then only output will have super_admin flag.

Change Password

Change Password API can be used to allow users to change their current password by providing current and new password.

The password rules can be set by your Administrator who has access to AWS console where RainMaker is deployed.

Forgot Password

Forgot Password API facilitate changing the password if user has forgot the current password.

This is a two step process. Provide the user's email or phone number to get the verification code.

In subsequent call, pass on the verification code, user's email/phone number and new password to get the password updated.