You can use the REST API to log in to your organization using your Informatica Intelligent Cloud Services user account, a JSON web token, SAML, or Salesforce.
Logging in
You can use this resource to log in to your organization using your Informatica Intelligent Cloud Services user account.
The login response includes the base URL and session ID values that you include in requests that you send during the REST API session.
Note: Your team might use multiple organizations such as an organization for development and an organization for testing. The user credentials that you use to log in determine the organization that you access.
The values for cloud provider and region correspond to the name of the POD (Point of Deployment) that your organization uses. The following table lists the POD names and the corresponding cloud provider and region to use in the login URL
POD name
Cloud provider-region
USW1
dm-us
USE2
dm-us
USW3
dm-us
USE4
dm-us
USW5
dm-us
USE6
dm-us
USW1-1
dm1-us
USW3-1
dm1-us
USW1-2
dm2-us
CAC1
dm-na
APSE1
dm-ap
APSE2
dm1-apse
APNE1
dm1-ap
APNE2
dm-apne
APAUC1
dm1-apau
EMW1
dm-em
EMC1
dm1-em
UK1
dm-uk
For example, if your organization uses the APNE1 POD, use the following URL:
Informatica Intelligent Cloud Services user name for the organization that you want to log in to.
Maximum length is 255 characters.
password
String
Yes
Informatica Intelligent Cloud Services password.
Maximum length is 255 characters.
POST Response
Returns the user object if the request is successful. Returns the error object if errors occur.
The response includes the following information that you need to include in the header of subsequent REST API calls:
•icSessionId. A REST API session ID that you include in the header for version 2 REST API calls. The session ID expires after 30 minutes of inactivity. If the session ID expires, log in again to continue working with the REST API.
For information on retrieving session status details, see Session IDs.
•serverUrl. The base URL that you use in all version 2 resource URIs except for login, for example:
<serverUrl>/api/v2/job
The user object includes the following attributes:
Field
Type
Description
id
String
User ID.
orgId
String
ID of the organization the user belongs to.
22 characters.
Note: Organizations that were created in legacy Informatica Cloud might have an organization ID of 6 characters.
orgUuid
String
Unique identifier for the organization.
name
String
Informatica Intelligent Cloud Services user name.
description
String
Description of the user.
createTime
String
When the user account was created.
updateTime
String
When the user account was last updated
createdBy
String
Informatica Intelligent Cloud Services user who created the user account.
updatedBy
String
Informatica Intelligent Cloud Services user who last updated the user account.
sfUsername
String
Salesforce user name. Included when user is configured to authenticate through Salesforce.
password
String
Salesforce user password. Included when user is configured to authenticate through Salesforce.
firstName
String
First name for the user account.
lastName
String
Last name for the user account.
title
String
Title of the user.
phone
String
Phone number for the user.
securityQuestion
String
Security question. Returns one of the following codes:
- SPOUSE_MEETING_CITY
- FIRST_JOB_CITY
- CHILDHOOD_FRIEND
- MOTHER_MAIDEN_NAME
- PET_NAME
- CHILDHOOD_NICKNAME
- CUSTOM_QUESTION:"<question>"
securityAnswer
String
Answer to the security question.
roles
Object that includes a role object for each role assigned to the user.
name
String
Included in role object.
Role name. Returns one of the following codes:
- Service Consumer
- Designer
- Admin
description
String
Included in role object.
Role description.
emails
String
Email address to be notified when the user changes the account password.
timezone
String
Time zone of the user. Time zone honors Daylight Saving Time.
Informatica Intelligent Cloud Services URL for the organization the user belongs to. Use the serverUrl as a base for most version 2 REST API resource URIs.
spiUrl
String
This field is no longer applicable and has been deprecated.
uuId
String
Unique identifier for the user.
icSessionId
String
Informatica Intelligent Cloud Services session ID for version 2 REST API session. Use in most version 2 REST API request headers.
forceChangePassword
Boolean
Determines if the user must reset the password after the user logs in for the first time. Includes the following values:
- True. The user must reset the password.
- False. The user is not forced to reset the password.
POST Example
To log in to your Informatica Intelligent Cloud Services organization, you might use the following request:
POST https://dm-us.informaticacloud.com/ma/api/v2/user/login Content-Type: application/json Accept: application/json
The response returns the user object which contains the serverUrl and icSessionId values to use in subsequent calls, as shown in the following example:
{ "id": "0101TQ03000000000007", "orgId": "0101TQ", "orgUuid": "3FNFLs1uHe2IIgTs8tRjSJ", "name": "John@infa.com", "description": "", "createTime": "2018-02-16T00:20:07.000Z", "updateTime": "2018-07-17T22:45:50.000Z", "createdBy": "System built-in user", "updatedBy": "John@infa.com", "sfUsername": null, "firstName": "John", "lastName": "Randall", "title": "IICS Admin", "password": "**********", "phone": "123-456-7899", "emails": "John@infa.com", "timezone": null, "serverUrl": "https://usw3.dm-us.informaticacloud.com/saas", "icSessionId": "1Ckv5VDHe2IICHi2hq04EF", "securityQuestion": "In what city were you born?", "securityAnswer": "********", "uuid": "a51jk7TB0IDcnWLwJdLaW2", "forceChangePassword": false, "roles": [ { "name": "Admin", "description": "Role for performing administrative tasks for an organization. Has full access to all licensed services." }, { "name": "Data Preview", "description": "Role to preview data" }, { "name": "Designer", "description": "Role for creating assets, tasks, and processes. Can configure connections, schedules, and runtime environments. Has access to the Application Integration Console." } ], }
Using the session ID and server URL values in the above response as an example, to send a GET request to obtain Secure Agent information, you might use the following request:
GET https://usw3.dm-us.informaticacloud.com/saas/api/v2/agent Content-Type: application/json Accept: application/json icSessionId: 1Ckv5VDHe2IICHi2hq04EF
Logging in using a JSON web token
Use this resource to log in to Informatica Intelligent Cloud Services using a JSON Web Token (JWT) access token.
The JWT access token is provided by your identity provider (IDP). Retrieve the token from your identity provider and include it in the loginOAuth request. The token can be used for one login request.
Before you can use the loginOAuth resource, the following prerequisites must be met:
•The organization is licensed and configured to use SAML.
•Users are set up as SAML users and are activated in the organization.
•The organization's identity provider is registered.
•The JWT access token's audience claim maps to the SAML entity ID configured in your organization's SAML setup. The audience claim can be one of the following values:
Note: Optionally, you can include the resource in the audience claim. The resource name is customizable and can be set to any value, for example, LoginResource1, or UserLoginResource.
For more information about SAML configuration, see "User Administration" in Administrator.
For more information about registering identity providers, see Identity providers.
Use values from the following fields returned in the response:
•icSessionId. A 30-minute REST API session ID that you include in the header for REST API calls. After the session ID expires, log in again to continue working with the REST API.
For information on retrieving session status details, see Session IDs.
•serverUrl. The base URL that you use in all resource URIs.
Use the logout resource to end the session.
POST Request
The login request must include a JWT access token. To get a JWT access token, see the documentation provided by your identity provider.
Informatica Intelligent Cloud Services URL for the organization that the user belongs to. Use as a base for most version 2 and version 3 REST API resource URIs.
icSessionId
String
Informatica Intelligent Cloud Services Session ID. Use in most version 2 and version 3 REST API request headers.
securityQuestion
String
Security question. Returns one of the following codes:
- SPOUSE_MEETING_CITY
- FIRST_JOB_CITY
- CHILDHOOD_FRIEND
- MOTHER_MAIDEN_NAME
- PET_NAME
- CHILDHOOD_NICKNAME
- CUSTOM_QUESTION:"<question>"
securityAnswer
String
Answer to the security question, obfuscated.
uuId
String
Unique identifier for the user.
forceChangePassword
Boolean
Determines if the user must reset the password after the user logs in for the first time. Includes the following values:
- True. The user must reset the password.
- False. The user is not forced to reset the password.
roles
Object that contains roles assigned to the user.
name
String
Included in role object.
Role name. Returns one of the following codes:
- Service Consumer
- Designer
- Admin
description
String
Included in role object.
Role description.
usergroups
Object that contains the usergroups assigned to the user.
id
String
Included in the usergroups object.
User group ID.
orgId
String
Included in the usergroups object.
ID of the organization the user group belongs to.
name
String
Included in the usergroups object.
Name of the user group.
description
String
Included in the usergroups object.
Description of the user group.
createTime
String
Included in the usergroups object.
Date and time the user group was created.
updateTime
String
Included in the usergroups object.
Date and time the user group was last updated.
createdBy
String
Included in the usergroups object.
User who created the user account.
updatedBy
String
Included in the usergroups object.
User who last updated the user account.
spiUrl
String
This field is no longer applicable and has been deprecated.
POST Example
To log in to Informatica Intelligent Cloud Services using a JWT access token, you might use the following request:
POST https://dm-us.informaticacloud.com/ma/api/v2/user/loginOAuth Content-Type: application/json Accept: application/json
The response returns the user object which contains the serverUrl and icSessionId values to use in subsequent calls, as shown in the following example:
{ "id": "01000103000000000002", "orgId": "010001", "orgUuid": "6xVpQpzHBAoizhbMOLzty9", "name": "Larry@infa.com", "description": null, "createTime": "2023-07-20T15:13:12.000Z", "updateTime": "2023-07-20T15:13:32.000Z", "createdBy": "ma", "updatedBy": "Scott@infa.com", "sfUsername": null, "firstName": "Larry", "lastName": "Felyne", "title": "Manager", "password": "********", "phone": "423435546657652", "emails": "Larry@infa.com", "timezone": null, "serverUrl": "https://na4.dm-us.informaticacloud.com/saas", "icSessionId": "0UNdbRXUXHpfqKZEbfmxoQ", "securityQuestion": "In what city did you meet your spouse/significant other?", "securityAnswer": "********", "uuid": "6qnnXdzBdtUbObUTYhyWO1", "forceChangePassword": false, "roles": [ { "name": "Admin", "description": "Role for performing administrative tasks for an organization. Has full access to all licensed services." }, { "name": "Data Preview", "description": "Role to preview data" }, { "name": "Designer", "description": "Role for creating assets, tasks, and processes. Can configure connections, schedules, and runtime environments. Has access to the Application Integration Console." } ], "usergroups": [ { "id": "aRfrqNzCfg7e9SDOJ3y1Yn", "orgId": "010001", "name": "G2", "description": "", "createTime": "2023-08-01T05:33:22.000Z", "updateTime": "2023-08-01T05:33:23.000Z", "createdBy": "Scott@infa.com", "updatedBy": "Scott@infa.com" } ], "spiUrl": null }
As an example of using the serverUrl and icSessionId values in subsequent requests, to send a GET request to obtain Secure Agent information, you might use the following request:
GET https://na4.dm-us.informaticacloud.com/saas/api/v2/agent Content-Type: application/json Accept: application/json icSessionId: 0UNdbRXUXHpfqKZEbfmxoQ
Logging in using SAML
Use this version 2 API resource to log in to Informatica Intelligent Cloud Services using a Security Assertion Markup Language (SAML) token. The SAML token is a Base64-encoded XML file that contains a SAML assertion. This token is provided by your identity provider (IDP) after successful login.
Note: If a SAML token was already used to perform SSO login, it can't be used to perform API logins, even if the token hasn't expired yet. You must log in using your username and password.
The loginSaml response includes the session ID and base URL that you include in subsequent REST API calls. Use values from the following fields returned in the response:
•icSessionId. A 30-minute REST API session ID that you include in the header for version 2 REST API calls. After the session ID expires, log in again to continue working with the REST API.
For information on retrieving session status details, see Session IDs.
•serverUrl. The base URL that you use in all version 2 resource URIs except for loginSaml, for example:
<serverUrl>/api/v2/job
Use the logout resource to end the session.
POST Request
The login request must include a SAML token, which you can obtain from your identity provider.
Informatica Intelligent Cloud Services URL for the organization the user belongs to. Use the serverUrl as a base for most version 2 REST API resource URIs.
icSessionId
String
Informatica Intelligent Cloud Services session ID for version 2 REST API session. Use in most version 2 REST API request headers.
spiUrl
String
This field is no longer applicable and has been deprecated.
uuId
String
Unique identifier for the user.
POST Example
To log in to Informatica Intelligent Cloud Services using SAML single sign-on, you might use the following request:
POST https://dm-us.informaticacloud.com/ma/api/v2/user/loginSaml Content-Type: application/json Accept: application/json
The response returns the user object which contains the serverUrl and icSessionId values to use in subsequent calls, as shown in the following example:
{ "id": "0101TQ03000000000007", "orgId": "003420", "orgUuid": "3FNFLs1uHe2IIgTs8tRjSJ", "name": "John@infa.com", "description": "", "createTime": "2018-02-16T00:20:07.000Z", "updateTime": "2018-07-17T22:45:50.000Z", "createdBy": "System built-in user", "updatedBy": "John@infa.com", "sfUsername": null, "firstName": "John", "lastName": "Randall", "title": "IICS Admin", "phone": "123-456-7899", "emails": "John@infa.com", "timezone": null, "serverUrl": "https://na4.dm-us.informaticacloud.com/saas", "icSessionId": "1Ckv5VDHe2IICHi2hq04EF", "securityQuestion": "In what city were you born?", "securityAnswer": "********", "uuid": "a51jk7TB0IDcnWLwJdLaW2", "forceChangePassword": false, "roles": [ { "name": "Admin", "description": "Role for performing administrative tasks for an organization. Has full access to all licensed services." }, { "name": "Data Preview", "description": "Role to preview data" }, { "name": "Designer", "description": "Role for creating assets, tasks, and processes. Can configure connections, schedules, and runtime environments. Has access to the Application Integration Console." } ], }
Using the above response as an example, to send a GET request to obtain Secure Agent information, you might use the following request:
GET https://na4.dm-us.informaticacloud.com/saas/api/v2/agent Content-Type: application/json Accept: application/json icSessionId: 1Ckv5VDHe2IICHi2hq04EF
Logging in using Salesforce
Use this resource to log in to an Informatica Intelligent Cloud Services organization using Salesforce credentials.
The login response includes the session ID and base URL that you need to include in subsequent REST API calls.
Note: You must activate your Informatica Intelligent Cloud Services user account before you can log in using the loginSf resource.
Use the Salesforce Web Services API to generate a Salesforce session ID and to retrieve the Salesforce server URL. For more information, see the Salesforce Web Services API Developer's Guide.
Use the logout resource to end the session.
POST Request
To log in using Salesforce credentials, use the following URL:
For a list of cloud provider and region values, see Logging in.
Use the following attributes in a loginSf object:
Field
Type
Required
Description
sfSessionId
String
Yes
Salesforce session ID. For information about generating the Salesforce session ID, see the login resource in the Salesforce Web Services API Developer's Guide.
sfServerUrl
String
Yes
Salesforce server URL.
Retrieve the Salesforce server URL from the Salesforce API login resource response.
POST Response
Returns the user object if the request is successful. Returns the error object if errors occur.
The response includes the following information that you need to include in the header of subsequent REST API calls:
•icSessionId. A REST API session ID that you include in the header for version 2 REST API calls. The session ID expires after 30 minutes of inactivity. After the session ID expires, log in again to continue working with the REST API.
For information on retrieving session status details, see Session IDs.
•serverUrl. The base URL that you use in all version 2 resource URIs except for login, for example:
<serverUrl>/api/v2/job
The user object includes the following attributes:
Field
Type
Description
id
String
User ID.
orgId
String
ID of the organization the user belongs to.
22 characters.
Note: Organizations that were created in legacy Informatica Cloud might have an organization ID of 6 characters.
orgUuid
String
Unique identifier for the organization.
name
String
Informatica Intelligent Cloud Services user name.
description
String
Description of the user.
createTime
String
When the user account was created.
updateTime
String
When the user account was last updated
createdBy
String
Informatica Intelligent Cloud Services user who created the user account.
updatedBy
String
Informatica Intelligent Cloud Services user who last updated the user account.
sfUsername
String
Salesforce user name. Included when user is configured to authenticate through Salesforce.
password
String
Salesforce user password. Included when user is configured to authenticate through Salesforce.
firstName
String
First name for the user account.
lastName
String
Last name for the user account.
title
String
Title of the user.
phone
String
Phone number for the user.
securityQuestion
String
Security question. Returns one of the following codes:
- SPOUSE_MEETING_CITY
- FIRST_JOB_CITY
- CHILDHOOD_FRIEND
- MOTHER_MAIDEN_NAME
- PET_NAME
- CHILDHOOD_NICKNAME
- CUSTOM_QUESTION:"<question>"
securityAnswer
String
Answer to the security question.
roles
Object that includes a role object for each role assigned to the user.
name
String
Included in role object.
Role name. Returns one of the following codes:
- Service Consumer
- Designer
- Admin
description
String
Included in role object.
Role description.
emails
String
Email address to be notified when the user changes the account password.
timezone
String
Time zone of the user. Time zone honors Daylight Saving Time.
Informatica Intelligent Cloud Services URL for the organization the user belongs to. Use the serverUrl as a base for most version 2 REST API resource URIs.
spiUrl
String
This field is no longer applicable and has been deprecated.
uuId
String
Unique identifier for the user.
icSessionId
String
Informatica Intelligent Cloud Services session ID for version 2 REST API session. Use in most version 2 REST API request headers.
forceChangePassword
Boolean
Determines if the user must reset the password after the user logs in for the first time. Includes the following values:
- True. The user must reset the password.
- False. The user is not forced to reset the password.
POST Example
To log in to your Informatica Intelligent Cloud Services organization, you might use the following request:
POST https://dm-us.informaticacloud.com/ma/api/v2/user/loginSf Content-Type: application/json Accept: application/json
The response returns the user object which contains the serverUrl and icSessionId values to use in subsequent calls, as shown in the following example:
{ "id": "0101TQ03000000000007", "orgId": "0101TQ", "orgUuid": "3FNFLs1uHe2IIgTs8tRjSJ", "name": "John@infa.com", "description": "", "createTime": "2018-02-16T00:20:07.000Z", "updateTime": "2018-07-17T22:45:50.000Z", "createdBy": "System built-in user", "updatedBy": "John@infa.com", "sfUsername": "JohnR", "firstName": "John", "lastName": "Randall", "title": "IICS Admin", "password": "**********", "phone": "123-456-7899", "emails": "John@infa.com", "timezone": null, "serverUrl": "https://na4.dm-us.informaticacloud.com/saas", "icSessionId": "1Ckv5VDHe2IICHi2hq04EF", "securityQuestion": "In what city were you born?", "securityAnswer": "********", "uuid": "a51jk7TB0IDcnWLwJdLaW2", "forceChangePassword": false, "roles": [ { "name": "Admin", "description": "Role for performing administrative tasks for an organization. Has full access to all licensed services." }, { "name": "Data Preview", "description": "Role to preview data" }, { "name": "Designer", "description": "Role for creating assets, tasks, and processes. Can configure connections, schedules, and runtime environments. Has access to the Application Integration Console." } ], }
Using the above response as an example, to send a GET request to obtain Secure Agent information, you might use the following request:
GET https://na4.dm-us.informaticacloud.com/saas/api/v2/agent Content-Type: application/json Accept: application/json icSessionId: 1Ckv5VDHe2IICHi2hq04EF