The USERSERVICE API allows accessing and managing custom user information, settings and content.

This is a draft documentation of an alpha version of the API!

The API is available with the 2020 Winter release as an alpha version. It will be restructured, extended, and published for external clients in the yuuvis® Momentum 2021 Spring release, based on users' and customers' feedback we receive during development.

If the path parameter userId is specified in a request URL, the corresponding endpoint operates on the data of the user specified by this ID. In order to work with the data of the currently authorized user, the path alias /me can be used instead of /users/{userId}. For example, a GET /api/me request leads to the same result as calling the GET /api/users/{userId} endpoint.

Note: Accessing or managing the data of users other than the currently authorized user may require administrative rights (as configured in the service parameter app.security.admin-role). If the service is accessed with administrative rights, no further checks on existence of users are performed. This allows more flexibility to users and apps with admin rights. For instance, it is possible to remove the data of users stored by USERSERVICE that have left the system and are no longer in the security system, or to prepare data for users that are about to be added to the system.

This API requires Keycloak as identity provider for yuuvis® Momentum.

In order to use the endpoints, a valid JWT token is required which is provided after successful authentication with valid credentials.

HTTP Method as of product version	Purpose	Response Format	Description
	User Content
GET as of 2021 Summer	getContent	Binary data	Retrieves an existing binary content specified by the `contentId` under which the logged-in user has saved the content earlier. The binary content is provided in the response body whereas the mime type of the content is returned in the HTTP header. `/userservice/api/user/content/{contentId}`
POST as of 2021 Summer	setContent	HTTP status code	Stores a new binary content passed in the request body with the specified `contentId` for the logged-in user. If the specified `contentId` already exists for the logged-in user, the corresponding existing content will be overwritten with the new content provided. `/userservice/api/user/content/{contentId}`
DELETE as of 2021 Summer	deleteContent	HTTP status code	Deletes the existing binary content that is stored under the specified `contentId` for the logged-in user, or returns a `404` error if the specified `contentId` does not exist for the logged-in user. `/userservice/api/user/content/{contentId}`
	User Info
GET as of 2021 Summer	getUser	JSON	Retrieves information on the currently logged-in user, such as first name, last name and username. `/userservice/api/whoami`
	User Settings
GET as of 2021 Summer	getSetting	JSON	Retrieves the settings a user has stored under `settingsId` if it exists for the logged-in user. `/userservice/api/user/settings/{settingsId}`
POST as of 2021 Summer	setSetting	HTTP status code	Stores a new set of settings under the `settingsId` for the logged-in user. If a set of settings with the provided `settingsId` already exists for the logged-in user, it will be overwritten. Sets of setting are always JSON files, unlike content which can be any binary content file. `/userservice/api/user/settings/{settingsId}`
DELETE as of 2021 Summer	deleteSetting	HTTP status code	Deletes an existing set of settings that is stored under the `settingsId` for the logged-in user, or returns a 404 error if `settingsId` does not exist for the logged-in user. `/userservice/api/user/settings/{settingsId}`

Browser not supported