Help Center/ OneAccess/ API Reference/ Before You Start
Updated on 2024-12-30 GMT+08:00
View PDF
Share

Before You Start

Welcome to OneAccess. OneAccess is an identity management service that enables you to centrally manage, authenticate, and authorize identities. With OneAccess, you can control access of your users to cloud and on-premises applications, and defend against access risks.

This document describes how to perform operations on OneAccess using the following types of APIs:
  • Management APIs: for administrators to manage users, organizations, and applications.
  • User APIs: for users to log in, log out, and manage their passwords.
  • Application integration APIs: for downstream applications to implement single sign-on (SSO) and other functions.

If you plan to access OneAccess through an API, ensure that you are familiar with OneAccess concepts. For details, see Service Overview.

Endpoints

An endpoint is the request address for calling an API. Endpoints vary depending on services and regions.

OneAccess is a global service. You do not need to specify an endpoint when you call OneAccess APIs. You only need to specify the user access domain name. For details, see Obtaining the User Access Domain Name.

Concepts

  • Enterprise administrator

    Enterprise administrators include the account administrator and users who have administrator permissions for OneAccess. Enterprise administrators manage users, user groups, organizations, applications, and APIs in the administrator portal.

  • System administrator

    System administrators are created by enterprise administrators in Identity and Access Management (IAM). They can access the organizations, users, and applications menus in the administrator portal but cannot create administrators.

  • User

    Users include employees, partners, and customers who use enterprise applications. They can log in to the user portal to access and use applications.

Obtaining the User Access Domain Name

When calling a OneAccess API, you must specify the user access domain name {domain_name} in the request header.

As a OneAccess instance creator, you can obtain the user access domain name on the OneAccess console. The procedure is as follows:

  1. Log in to the OneAccess console as an administrator.
  2. Click Copy next to the user access domain name under Domain Name.

    Figure 1 Obtaining the user access domain name