Skip to main content

Identity Management API

The Identity Management API lets you manage SAML SSO configuration, retrieve audit logs, and configure RBAC through APIs, clients, scopes, and roles. Use it to automate identity and access management tasks programmatically.

For authentication and general Swagger UI navigation, refer to Use the Invicti Platform API. Open this API definition directly in Swagger UI.

Common examples

List audit log entries

Use this to retrieve a paginated list of audit log entries showing actions performed by users in your organization.

View list audit log entries example

Endpoint: GET /api/identity/v1/audit/list

Try it in Swagger UI:

  1. Expand Auditing and select GET /api/identity/v1/audit/list.
  2. Click Try it out.
  3. Set pageSize and pageNumber to control pagination. Optionally use query to filter entries and sortBy to order results.
  4. Click Execute.

Example response:

{
  "items": [
    {
      "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
      "organizationId": "yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy",
      "userId": "zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz",
      "action": "user.login",
      "timestamp": "2025-11-15T10:30:00Z",
      "details": {
        "ipAddress": "192.0.2.1",
        "userAgent": "Mozilla/5.0"
      }
    }
  ],
  "pageInfo": {
    "totalCount": 500,
    "pageSize": 20,
    "currentPage": 1,
    "totalPages": 25
  }
}

Export audit log

Use this to export audit log entries as a file for compliance reporting or external processing.

View export audit log example

Endpoint: GET /api/identity/v1/audit/log

Try it in Swagger UI:

  1. Expand Auditing and select GET /api/identity/v1/audit/log.
  2. Click Try it out.
  3. Set the export parameters:
    • exportType - file format (csv or json)
    • fromDate and toDate - date range for the export
    • pageSize - number of entries to include
  4. Click Execute.
  5. The response returns a binary file. Click Download in Swagger UI to save it.

Get SAML settings

Use this to retrieve the current SAML SSO configuration for your organization.

View get SAML settings example

Endpoint: GET /api/identity/v1/saml/settings

Try it in Swagger UI:

  1. Expand SAML and select GET /api/identity/v1/saml/settings.
  2. Click Try it out.
  3. Click Execute.

Example response:

{
  "entityId": "https://platform.invicti.com",
  "ssoUrl": "https://idp.example.com/sso/saml",
  "certificate": "-----BEGIN CERTIFICATE-----\n...\n-----END CERTIFICATE-----",
  "attributeMappings": {
    "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
    "firstName": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
    "lastName": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
  }
}

Configure SAML settings

Use this to set or update the SAML SSO configuration for your organization.

View configure SAML settings example

Endpoint: POST /api/identity/v1/saml/settings

Try it in Swagger UI:

  1. Expand SAML and select POST /api/identity/v1/saml/settings.
  2. Click Try it out.
  3. Replace the example request body with your IdP values:
{
  "entityId": "https://platform.invicti.com",
  "ssoUrl": "string",
  "certificate": "string",
  "attributeMappings": {
    "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
    "firstName": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
    "lastName": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
  }
}
  1. Click Execute.

A successful response returns HTTP 200.

tip

To get the SAML metadata that your IdP needs to configure trust with Invicti, use GET /api/identity/v1/saml/metadata. This returns the XML metadata document.

List APIs (audiences)

Use this to retrieve all registered APIs (audiences) in your organization. APIs represent the services that clients can request access to.

View list APIs example

Endpoint: GET /api/identity/v1/apis

Try it in Swagger UI:

  1. Expand Api and select GET /api/identity/v1/apis.
  2. Click Try it out.
  3. Optionally use the expand parameter to include related data such as scopes or clients in the response.
  4. Click Execute.

Example response:

{
  "items": [
    {
      "id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
      "name": "Inventory API",
      "identifier": "https://platform.invicti.com/api/inventory",
      "description": "Access to inventory resources",
      "enabled": true,
      "createdOn": "2025-11-01T09:00:00Z"
    }
  ],
  "pageInfo": {
    "totalCount": 8,
    "pageSize": 20,
    "currentPage": 1,
    "totalPages": 1
  }
}

Need help?

The Support team is ready to provide you with technical help. Go to Help Center

Last updated on
Was this page useful?