Use this resource to log in to Informatica Intelligent Cloud Services using a JSON Web Token (JWT) access token.
The JWT access token is provided by your identity provider (IDP). Retrieve the token from your identity provider and include it in the loginOAuth request. The token can be used for one login request.
Before you can use the loginOAuth resource, the following prerequisites must be met:
•The organization is licensed and configured to use SAML.
•Users are set up as SAML users and are activated in the organization.
•The organization's identity provider is registered.
•The JWT access token's audience claim maps to the SAML entity ID configured in your organization's SAML setup. The audience claim can be one of the following values:
Note: Optionally, you can include the resource in the audience claim. The resource name is customizable and can be set to any value, for example, LoginResource1, or UserLoginResource.
For more information about SAML configuration, see "User Administration" in Administrator.
For more information about registering identity providers, see Identity providers.
Use values from the following fields returned in the response:
•icSessionId. A 30-minute REST API session ID that you include in the header for REST API calls. After the session ID expires, log in again to continue working with the REST API.
For information on retrieving session status details, see Session IDs.
•serverUrl. The base URL that you use in all resource URIs.
Use the logout resource to end the session.
POST Request
The login request must include a JWT access token. To get a JWT access token, see the documentation provided by your identity provider.
Informatica Intelligent Cloud Services URL for the organization that the user belongs to. Use as a base for most version 2 and version 3 REST API resource URIs.
icSessionId
String
Informatica Intelligent Cloud Services Session ID. Use in most version 2 and version 3 REST API request headers.
securityQuestion
String
Security question. Returns one of the following codes:
- SPOUSE_MEETING_CITY
- FIRST_JOB_CITY
- CHILDHOOD_FRIEND
- MOTHER_MAIDEN_NAME
- PET_NAME
- CHILDHOOD_NICKNAME
- CUSTOM_QUESTION:"<question>"
securityAnswer
String
Answer to the security question, obfuscated.
uuId
String
Unique identifier for the user.
forceChangePassword
Boolean
Determines if the user must reset the password after the user logs in for the first time. Includes the following values:
- True. The user must reset the password.
- False. The user is not forced to reset the password.
roles
Object that contains roles assigned to the user.
name
String
Included in role object.
Role name. Returns one of the following codes:
- Service Consumer
- Designer
- Admin
description
String
Included in role object.
Role description.
usergroups
Object that contains the usergroups assigned to the user.
id
String
Included in the usergroups object.
User group ID.
orgId
String
Included in the usergroups object.
ID of the organization the user group belongs to.
name
String
Included in the usergroups object.
Name of the user group.
description
String
Included in the usergroups object.
Description of the user group.
createTime
String
Included in the usergroups object.
Date and time the user group was created.
updateTime
String
Included in the usergroups object.
Date and time the user group was last updated.
createdBy
String
Included in the usergroups object.
User who created the user account.
updatedBy
String
Included in the usergroups object.
User who last updated the user account.
spiUrl
String
This field is no longer applicable and has been deprecated.
POST Example
To log in to Informatica Intelligent Cloud Services using a JWT access token, you might use the following request:
POST https://dm-us.informaticacloud.com/ma/api/v2/user/loginOAuth Content-Type: application/json Accept: application/json
The response returns the user object which contains the serverUrl and icSessionId values to use in subsequent calls, as shown in the following example:
{ "id": "01000103000000000002", "orgId": "010001", "orgUuid": "6xVpQpzHBAoizhbMOLzty9", "name": "Larry@infa.com", "description": null, "createTime": "2023-07-20T15:13:12.000Z", "updateTime": "2023-07-20T15:13:32.000Z", "createdBy": "ma", "updatedBy": "Scott@infa.com", "sfUsername": null, "firstName": "Larry", "lastName": "Felyne", "title": "Manager", "password": "********", "phone": "423435546657652", "emails": "Larry@infa.com", "timezone": null, "serverUrl": "https://na4.dm-us.informaticacloud.com/saas", "icSessionId": "0UNdbRXUXHpfqKZEbfmxoQ", "securityQuestion": "In what city did you meet your spouse/significant other?", "securityAnswer": "********", "uuid": "6qnnXdzBdtUbObUTYhyWO1", "forceChangePassword": false, "roles": [ { "name": "Admin", "description": "Role for performing administrative tasks for an organization. Has full access to all licensed services." }, { "name": "Data Preview", "description": "Role to preview data" }, { "name": "Designer", "description": "Role for creating assets, tasks, and processes. Can configure connections, schedules, and runtime environments. Has access to the Application Integration Console." } ], "usergroups": [ { "id": "aRfrqNzCfg7e9SDOJ3y1Yn", "orgId": "010001", "name": "G2", "description": "", "createTime": "2023-08-01T05:33:22.000Z", "updateTime": "2023-08-01T05:33:23.000Z", "createdBy": "Scott@infa.com", "updatedBy": "Scott@infa.com" } ], "spiUrl": null }
As an example of using the serverUrl and icSessionId values in subsequent requests, to send a GET request to obtain Secure Agent information, you might use the following request:
GET https://na4.dm-us.informaticacloud.com/saas/api/v2/agent Content-Type: application/json Accept: application/json icSessionId: 0UNdbRXUXHpfqKZEbfmxoQ