Kurtosys App Auth Service - Client
The Kurtosys App authentication service also allows for the provisioning of new clients, this functionality is only available to users holding Super Admin privileges.
Add Client /auth/addClient
A client in Kurtosys App stores information about the asset management organization itself, its system configuration, data configuration, and users. A client is the root of everything in the system and the first thing that needs to be configured when onboarding a new customer.
Service call details
| Parameter |
Value |
| End Point |
https://<US: api-us.kurtosys.app OR UK: api-uk.kurtosys.app>/auth/addClient |
| Headers |
X-KSYS-TOKEN |
| Content Type |
application/json |
| HTTP Method |
POST |
| Return Type |
JSON |
| Return Data |
A reflection of the created client |
Body
{
"clientName": "ABC Capital Management",
"stagingClient": true,
"modules": ["Management", "Roles", "Users", ..."SSO", "DataMonitoring"],
"enableDocumentEntitlement": true,
"enabledEntityTypeEntitlements": ["FUND", "CLSS", "BMRK", "ACCT"],
"allow2FA": true,
"snapshotFrequency": 24,
"enabledCaseSensitive": false
}
| JSON Key |
Required |
Description |
| clientName |
TRUE |
The client's name |
| stagingClient |
FALSE |
Whether the client is used to stage data (i.e. not a prod client. Allows for cleardown of data |
| modules |
TRUE |
A list of modules the client has access to |
| enableDocumentEntitlement |
FALSE |
Whether document entitlements are enabled |
| enabledEntityTypeEntitlements |
FALSE |
Which entity types have entitlements enabled |
| allow2FA |
FALSE |
Whether to allow this client to configure 2 factor authentication |
| snapshotFrequency |
FALSE |
The interval between snapshot runs (in hours) |
| enabledCaseSensitive |
FALSE |
Set case sensitive for translations |
Response
{
"clientId": 2,
"clientName": "ABC Capital Management",
"s3Folder": "d8a58971-b869-432a-8e9c-3df1048ab1b3",
"stagingClient": true,
"modules": ["Management", "Roles", "Users", ..."SSO", "DataMonitoring"],
"enableDocumentEntitlement": true,
"enabledEntityTypeEntitlements": [],
"allow2FA": true,
"snapshotFrequency": 24,
"enabledCaseSensitive": false
}
List Clients /auth/listClients
Allows a Super Admin user to search for a client.
Service call details
| Parameter |
Value |
| End Point |
https://<US: api-us.kurtosys.app OR UK: api-uk.kurtosys.app>/auth/listClients |
| Headers |
X-KSYS-TOKEN |
| Content Type |
application/json |
| HTTP Method |
POST |
| Return Type |
JSON |
| Return Data |
A list of clients in the system |
Body
{
"clientName": "ABC"
}
| JSON Key |
Required |
Description |
| clientName |
TRUE |
A search term to find a client |
Response
[
{
"clientId": 2,
"clientName": "ABC Capital Management",
"s3Folder": "d8a58971-b869-432a-8e9c-3df1048ab1b3",
"stagingClient": false,
"modules": ["Management", "Roles", "Users", ..."SSO", "DataMonitoring"],
"enableDocumentEntitlement": true,
"enabledEntityTypeEntitlements": [],
"allow2FA": true,
"snapshotFrequency": 24,
"enabledCaseSensitive": false
}
]
Update Client auth/updateClient
Allows a Super Admin to update a client's details.
Service call details
| Parameter |
Value |
| End Point |
https://<US: api-us.kurtosys.app OR UK: api-uk.kurtosys.app>/auth/updateClient |
| Headers |
X-KSYS-TOKEN |
| Content Type |
application/json |
| HTTP Method |
POST |
| Return Type |
JSON |
| Return Data |
A reflection of the updated client |
Body
{
"clientId": 2,
"clientName": "DEF Capital Management",
"modules": ["Management", "Roles", "Users", ..."SSO", "DataMonitoring"],
"stagingClient": true,
"enableDocumentEntitlement": true,
"enabledEntityTypeEntitlements": [],
"allow2FA": true,
"snapshotFrequency": 24,
"enabledCaseSensitive": false
}
| JSON Key |
Required |
Description |
| clientId |
TRUE |
The id of the Client to update |
| clientName |
TRUE |
The Client Name |
| modules |
TRUE |
A list of modules the client has access to |
| stagingClient |
FALSE |
Determines if the client is in staging mode |
| enableDocumentEntitlement |
FALSE |
Whether document entitlements are enabled |
| enabledEntityTypeEntitlements |
FALSE |
Which entity types have entitlements enabled |
| allow2FA |
FALSE |
Whether to allow this client to configure 2 factor authentication |
| snapshotFrequency |
FALSE |
The interval between snapshot runs (in hours) |
| enabledCaseSensitive |
FALSE |
Set case sensitive for translations |
Response
{
"clientId": 2,
"clientName": "DEF Capital Management",
"s3Folder": "d8a58971-b869-432a-8e9c-3df1048ab1b3",
"stagingClient": true,
"modules": ["Management", "Roles", "Users", ..."SSO", "DataMonitoring"],
"enableDocumentEntitlement": true,
"enabledEntityTypeEntitlements": [],
"allow2FA": true,
"snapshotFrequency": 24,
"enabledCaseSensitive": false
}
Get Client auth/getClient
A person with Super Admin privileges can retrieve specific clients by specifying the clientId in the query string.
Query String
auth/getClient?clientId=2
| Parameter |
Required |
Description |
| clientId |
FALSE |
The id of the Client to retrieve |
Response
{
"clientId": 2,
"clientName": "DEF Capital Management",
"s3Folder": "d8a58971-b869-432a-8e9c-3df1048ab1b3",
"stagingClient": true,
"modules": ["Management", "Roles", "Users", ..."SSO", "DataMonitoring"],
"enableDocumentEntitlement": true,
"enabledEntityTypeEntitlements": [],
"allow2FA": true,
"snapshotFrequency": 24,
"enabledCaseSensitive": false
}
Clear Client /auth/clearClient
Not Implemented 501
Update Client Whitelisted Domains
Allows a Client Admin to update the list of whitelisted domains for a client. Will overwrite the current contents of the domain whitelist. Current Valid Types: "iframe"
Service Call Details
| Parameter |
Value |
| End Point |
https://<US: api-us.kurtosys.app OR UK: api-uk.kurtosys.app>/auth/client/domainwhitelist/upsert |
| Headers |
X-KSYS-TOKEN |
| Content Type |
application/json |
| HTTP Method |
POST |
| Return Type |
JSON |
| Return Data |
The updated list of whitelisted domains for a client |
Body
{
"clientName": "ABC Capital Management",
"whitelist": [
{
"type": "iframe",
"domain": "abccapital.com"
}
]
}
Response
{
"clientName": "ABC Capital Management",
"whitelist": [
{
"type": "iframe",
"domain": "abccapital.com"
}
]
}
Get Client Whitelisted Domains
Allows a Client Admin to get the list of whitelisted domains for a client.
Service Call Details
| Parameter |
Value |
| End Point |
https://<US: api-us.kurtosys.app OR UK: api-uk.kurtosys.app>/auth/client/domainwhitelist/list |
| Headers |
X-KSYS-TOKEN |
| Content Type |
application/json |
| HTTP Method |
POST |
| Return Type |
JSON |
| Return Data |
The updated list of whitelisted domains for a client |
Body
{
"clientName": "ABC Capital Management"
}
Response
{
"clientName": "ABC Capital Management",
"whitelist": [
{
"type": "iframe",
"domain": "abccapital.com"
}
]
}
Get Client 2FA Settings
Allows a user to get the 2FA settings for their client.
Service Call Details
| Parameter |
Value |
| End Point |
https://<US: api-us.kurtosys.app OR UK: api-uk.kurtosys.app>/auth/2fa/settings |
| Headers |
X-KSYS-TOKEN |
| Content Type |
application/json |
| HTTP Method |
POST |
| Return Type |
JSON |
| Return Data |
The 2FA settings for the client |
Response
{
"settings": {
"allow2FA": 1,
"enabled2FAMethods": ["PUSH", "TEXT", "CALL"]
}
}
Clear Test Client /auth/clearTestClient
Clears all data for a test client out. Only applicable to clients where testingClient is set to true.
Service call details
| Parameter |
Value |
| End Point |
https://<US: api-us.kurtosys.app OR UK: api-uk.kurtosys.app>/auth/clearTestClient |
| Headers |
X-KSYS-TOKEN |
| Content Type |
application/json |
| HTTP Method |
POST |
| Return Type |
Status Code Only |
| Return Data |
None |
Body
{
"clientId": 99
}
| JSON Key |
Required |
Description |
| clientId |
TRUE |
The id of the client to clear |