# User Management

This API is a tool for ApManagers to manage ApUsers for their organization.

# Roles

There are two roles our API users can have: ApUser and ApManager. An ApUser can use the APIs that are necessary for sending and receiving documents via the Peppol network. The ApManager role has access to endpoints that manage ApUsers and partyId’s for their organization. ApManagers can create users, assign partyId’s to them and give users permissions, like sending or receiving invoices. ApManagers can also register new partyId’s in the Peppol network and manage them.

# Get/Add/Update User

The user API can be used to list all your organization’s users with the GET method on endpoint api/v1/user. The PUT method on the same endpoint is used to add new users or update existing ones. To add new users, provide a username and a password in the payload. To update existing users, use the username of the user that you want to update.

{
  "name": "string",
  "password": "string"
}

# Remove User

Deleting users can be done by calling the DELETE method on endpoint /api/v1/user/{name} with the username of the user you want to delete.

# Party Authorizations

Registering party authorizations is one of the steps of the enrollment process. During this process a party is linked to a user and the user permissions are set.

# Permissions

The permissions indicate the actions which a user can perform on behalf of the party. The following permissions can be set:

  • sending documents
  • receiving documents
  • removing documents
  • setting hooks

In the PSB every enrolled party is connected to at least one user with the ApUser role. The party authorizations API can be used by a ApManager user to get information concerning the existing user’s party authorizations and set/edit/delete them.

# Get/Add/Update Authorizations

The following endpoint is used for getting, adding and updating authorizations: /api/v1/user/{name}/party. It will return an array of parties (with permissions) connected to the specified user as a response to a GET call.

The party authorizations are added and updated by sending the following object in the body of a PUT call:

{
“name”: "string",
“permissions”: {
    "canSendDocument": true,
    "canReceiveDocument": true,
    "canRemoveDocument": true,
    "canManageHook": true
},
“id”: “string”
}

The “name” field is used to assign a human-readable name to the partyId. Note that all the fields are obligatory.

# Remove Authorizations

DELETE call to the /api/v1/user/{name}/party/{partyId} endpoint is used to remove specified party’s authorization from the specified user.

© 2021 eConnect International B.V.