Hi, I'm Ask INFA!
What would you like to know?
ASK INFAPreview
Please to access Ask INFA.
Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Administrator
  • All Products

Table of Contents

Search

  1. Preface
  2. Informatica Intelligent Cloud Services REST API
  3. Platform REST API version 2 resources
  4. Platform REST API version 3 resources
  5. Data Integration REST API
  6. File Ingestion and Replication REST API
  7. Streaming Ingestion and Replication REST API
  8. RunAJob utility
  9. ParamSetCli utility
  10. REST API codes
  11. REST API resource quick references

REST API Reference

REST API Reference

Back Next

Logging in using a JSON web token

Logging in using a JSON web token

Use this resource to log in to
Informatica Intelligent Cloud Services
 using a JSON Web Token (JWT) access token.
The JWT access token is provided by your identity provider, sometimes called an IDP. Retrieve the token from your identity provider and include it in the loginOAuth request. The token can be used for one login request.
Before you can use the loginOAuth resource, the following prerequisites must be met:
  • The organization is configured to use SAML. For information about SAML configuration, see
    User Administration
     in the Administrator help.
  • Users are set up as SAML users and are activated in the organization.
  • The organization's identity provider is registered. For information about registering identity providers, see Identity providers.
The following table lists the claims that must be present in the JWT access token:
Claim
Description
iss
Issuer of the the JWT. Includes the absolute URL of the identity provider issuer.
The JWT issuer claim must be the same as the issuer that appeared when the identity provider was registered.
sub
Subject of the JWT. Includes the user name or email address of the user.
aud
Audience for the JWT. The JWT access token's audience claim maps to the SAML entity ID configured in your organization's SAML setup. The audience claim can be one of the following values:
  • api://<orgId>.<cloud provider>-<region>.informaticacloud.com
  • api://<cloud provider>-<region>.informaticacloud.com.<orgId>
  • api://<cloud provider>-<region>.informaticacloud.com/<orgId>
  • https://<orgId>.<cloud provider>-<region>.informaticacloud.com
  • https://<cloud provider>-<region>.informaticacloud.com.<orgId>
  • https://<cloud provider>-<region>.informaticacloud.com/<orgId>
Optionally, you can include the resource in the audience claim. The resource name is customizable and can be set to any value, for example, LoginResource1, or UserLoginResource.
exp
Expiration time for the JWT.
nbf
Time before which the JWT can't be accepted for processing.
iat
Time at which the JWT was issued. This value can determine the age of the JWT.
jti/uti
Unique identifier for the JWT. The identifier can be used to prevent the JWT from being replayed so that each JWT is used only once.
If a required claim is absent, the API rejects the request and returns an error.
After you log in to
Informatica Intelligent Cloud Services
, use the values from the following response fields to make subsequent requests:
  • icSessionId. REST API session ID that you include in the header for REST API calls. The session expires at the earliest of the following values:
    • Current time plus 30 minutes
    • OAuth token expiration time
    After the session ID expires, log in again to continue working with the REST API. For information on retrieving session status details, see Session IDs.
  • serverUrl. The base URL that you use in all resource URIs.
Use the logout resource to end the session.

POST request

The login request must include a JWT access token. To get a JWT access token, see the documentation provided by your identity provider.
To log in, use the following URL: 
https://<cloud provider>-<region>.informaticacloud.com/ma/api/v2/user/loginOAuth
For a list of cloud provider and region values, see Logging in.
Include the following attributes in the request:
Field
Type
Required
Description
oauthToken
String
Yes
JWT access token.
orgId
String
Yes
ID of the organization the user belongs to.

POST response

Returns the user object if the request is successful. Returns the error object if errors occur.
Use the base URL and session ID returned in the response for subsequent requests during this session.
The user object includes the following attributes:
Field
Type
Description
id
String
User ID.
orgId
String
ID of the organization the user belongs to.
orgUuid
String
Unique identifier for the organization.
name
String
Informatica Intelligent Cloud Services
 user name.
description
String
Description of the user.
createTime
String
When the user account was created.
updateTime
String
When the user account was last updated
createdBy
String
Informatica Intelligent Cloud Services
 user who created the user account.
updatedBy
String
Informatica Intelligent Cloud Services
 user who last updated the user account.
sfUsername
String
Salesforce user name. Included when user is configured to authenticate through Salesforce.
password
String
Salesforce user password. Included when user is configured to authenticate through Salesforce.
firstName
String
First name for the user account.
lastName
String
Last name for the user account.
title
String
Title of the user.
password
String
User password, obfuscated.
phone
String
Phone number for the user.
emails
String
Email address to be notified when the user changes the account password.
timezone
String
Time zone of the user. Time zone honors Daylight Saving Time.
For more information, see Time zone codes.
serverUrl
String
Informatica Intelligent Cloud Services
 URL for the organization that the user belongs to. Use as a base for most version 2 and version 3 REST API resource URIs.
icSessionId
String
Informatica Intelligent Cloud Services
 Session ID. Use in most version 2 and version 3 REST API request headers.
securityQuestion
String
Security question. Returns one of the following codes:
  • SPOUSE_MEETING_CITY
  • FIRST_JOB_CITY
  • CHILDHOOD_FRIEND
  • MOTHER_MAIDEN_NAME
  • PET_NAME
  • CHILDHOOD_NICKNAME
  • CUSTOM_QUESTION:"<question>"
securityAnswer
String
Answer to the security question, obfuscated.
uuId
String
Unique identifier for the user.
forceChangePassword
Boolean
Determines if the user must reset the password after the user logs in for the first time. Includes the following values:
  • True. The user must reset the password.
  • False. The user is not forced to reset the password.
roles
Object that contains roles assigned to the user.
name
String
Included in role object.
Role name. Returns one of the following codes:
  • Service Consumer
  • Designer
  • Admin
description
String
Included in role object.
Role description.
usergroups
Object that contains the usergroups assigned to the user.
id
String
Included in the usergroups object.
User group ID.
orgId
String
Included in the usergroups object.
ID of the organization the user group belongs to.
name
String
Included in the usergroups object.
Name of the user group.
description
String
Included in the usergroups object.
Description of the user group.
createTime
String
Included in the usergroups object.
Date and time the user group was created.
updateTime
String
Included in the usergroups object.
Date and time the user group was last updated.
createdBy
String
Included in the usergroups object.
User who created the user account.
updatedBy
String
Included in the usergroups object.
User who last updated the user account.
spiUrl
String
This field is no longer applicable and has been deprecated.

POST example

To log in to
Informatica Intelligent Cloud Services
 using a JWT access token, you might use the following request: 
POST https://dm-us.informaticacloud.com/ma/api/v2/user/loginOAuth
Content-Type: application/json
Accept: application/json

{
"orgId": "6xVpQpzHBAoizhbMOLzty9",
"oauthToken": "<JWT token>"
}
The response returns the user object which contains the serverUrl and icSessionId values to use in subsequent calls, as shown in the following example: 
{
    "id": "01000103000000000002",
    "orgId": "010001",
    "orgUuid": "6xVpQpzHBAoizhbMOLzty9",
    "name": "Larry@infa.com",
    "description": null,
    "createTime": "2023-07-20T15:13:12.000Z",
    "updateTime": "2023-07-20T15:13:32.000Z",
    "createdBy": "ma",
    "updatedBy": "Scott@infa.com",
    "sfUsername": null,
    "firstName": "Larry",
    "lastName": "Felyne",
    "title": "Manager",
    "password": "********",
    "phone": "423435546657652",
    "emails": "Larry@infa.com",
    "timezone": null,
    "serverUrl": "https://na4.dm-us.informaticacloud.com/saas",
    "securityQuestion": "In what city did you meet your spouse/significant other?",
    "securityAnswer": "********",
    "uuid": "6qnnXdzBdtUbObUTYhyWO1",
    "forceChangePassword": false,
    "roles": [
        {
            "name": "Admin",
            "description": "Role for performing administrative tasks for an organization. Has full access to all licensed services."
        },
        {
            "name": "Data Preview",
            "description": "Role to preview data"
        },
        {
            "name": "Designer",
            "description": "Role for creating assets, tasks, and processes. Can configure connections, schedules, and runtime environments. Has access to the Application Integration Console."
        }
    ],
    "usergroups": [
        {
            "id": "aRfrqNzCfg7e9SDOJ3y1Yn",
            "orgId": "010001",
            "name": "G2",
            "description": "",
            "createTime": "2023-08-01T05:33:22.000Z",
            "updateTime": "2023-08-01T05:33:23.000Z",
            "createdBy": "Scott@infa.com",
            "updatedBy": "Scott@infa.com"
        }
    ],
    "spiUrl": null
}
As an example of using the serverUrl and icSessionId values in subsequent requests, to send a GET request to obtain Secure Agent information, you might use the following request: 
GET https://na4.dm-us.informaticacloud.com/saas/api/v2/agent HTTP/<HTTP version>
Content-Type: application/json
Accept: application/json
0 COMMENTS
We’d like to hear from you!