Safewhere Identify*Runtime build 5.9.0.33 Copyright © Safewhere 2018

Plugin endpoint listing.

  1. NemID authentication plugin : Plugin providing authentication using NemID (with OTP)
    • NemID authentication endpoint : https://login-demo.casewhere.com/runtime/nemid/authentication.idp
      This endpoint loads the NemID login form.
    • NemID digital signature operation ok endpoint : https://login-demo.casewhere.com/runtime/nemid/operationok.idp
      This endpoint provides a redirect point after Identify processes token from NemID to create a local authentication session for user.
    • NemID digital signature operation error endpoint : https://login-demo.casewhere.com/runtime/nemid/operationerror.idp
      This endpoint processes all errors returned from the NemID login process.
  2. SAML 2.0 SignOn plug-in : Plugin provides SAML 2.0 support to the Identity Provider.
    • SAML 2.0 SignOn endpoint : https://login-demo.casewhere.com/runtime/saml2auth/signon.idp
      This endpoint provides a place where SAML 2.0 authnRequest is sent to an IdP.
    • SAML 2.0 auth assertion consumer endpoint : https://login-demo.casewhere.com/runtime/saml2auth/consume.idp
      This endpoint consumes SAML 2.0 authentication responses from an IdP.
    • SAML 2.0 auth assertion consumer artifact endpoint : https://login-demo.casewhere.com/runtime/saml2auth/artifact.idp
      This endpoints receives SAML 2.0 artifact messages, parses them and returns the SAML response.
    • SAML 2.0 auth metadata endpoint : https://login-demo.casewhere.com/runtime/saml2auth/metadata.idp
      This endpoint provides SAML 2.0 auth metadata when identify acts as an RP.
    • SAML 2.0 Authentication SignOff Request Endpoint : https://login-demo.casewhere.com/runtime/saml2auth/signoffrequest.idp
      This endpoint sends Log out responses to an IdP.
    • SAML 2.0 Authentication SignOff Artifact Endpoint : https://login-demo.casewhere.com/runtime/saml2auth/artifactsignoffrequest.idp
      This endpoint sends Log out responses to an IdP.
    • SAML 2.0 Authentication SignOff Response Endpoint : https://login-demo.casewhere.com/runtime/saml2auth/signoffresponse.idp
      This endpoint receives SAML 2.0 log out responses from an IdP.
  3. SAML 2.0 : Implements federated Sign On via the SAML 2.0 protocol.
    • Main SAML 2.0 endpoint : https://login-demo.casewhere.com/runtime/saml2/issue.idp
      This endpoint receives requests from RPs and also is where responses are sent back to RPs.
    • Main SAML 2.0 artifact endpoint : https://login-demo.casewhere.com/runtime/saml2/artifact.idp
      Main SAML 2.0 artifact endpoint
    • Main IdP Initiated SAML 2.0 endpoint : https://login-demo.casewhere.com/runtime/saml2/idpInitiatedIssue.idp
      This endpoint provides main IdP Initiated SAML 2.0.
    • SAML 2.0 SignOff Endpoint : https://login-demo.casewhere.com/runtime/saml2/signoff.idp
      This endpoints receives signoff responses from RPs.
    • SAML 2.0 metadata endpoint : https://login-demo.casewhere.com/runtime/saml2/metadata.idp
      This endpoint provides metadata to a SAML 2.0 RP - who wants to connect to Identify - should use.
  4. Username & password login plug-in : Allow users to login with username and password stored in Identify's local.
    • Username & password login endpoint. : https://login-demo.casewhere.com/runtime/usernamepasswordauth/login.idp
      This endpoint allows you to enter username & password from Identify system and then processes and authenticates the user.
  5. WS-Federation login : Plugin provides WS Federation authentication to the Identity Provider.
    • WS-Federation login endpoint : https://login-demo.casewhere.com/runtime/wsfedauth/login.idp
      This endpoint sends a sign in request to an Idp.
    • WS-Federation Service Provider Metadata Endpoint : https://login-demo.casewhere.com/runtime/wsfedauth/metadata.idp
      This endpoint provides metadata for an Idp to work with a RP.
    • WS-Federation assertion consumer endpoint : https://login-demo.casewhere.com/runtime/wsfedauth/consume.idp
      This endpoint consumes sign in responses and also sign out cleanup requests.
    • WS-Federation Authentication Sign Off endpoint : https://login-demo.casewhere.com/runtime/wsfedauth/signoff.idp
      This endpoint receives sign out responses from an RP.
  6. WS-Federation protocol plug-in : Implements the WS Federation authentication.
    • Main WS-Federation endpoint : https://login-demo.casewhere.com/runtime/WSFederation/WSFederation.idp
      This endpoint receives sign in, sign out, and sign out cleanup requests and reponses.
    • WS-Federation protocol Sign Off endpoint : https://login-demo.casewhere.com/runtime/WSFederation/SignOff.idp
      This endpoint receives sign out responses from an RP.
    • WS-Federation protocol metadata endpoint : https://login-demo.casewhere.com/runtime/FederationMetadata/2007-06/FederationMetadata.xml
      This endpoint provides metadata that an WS Federation RP should use to connect to Identify.
  7. One Time Password authentication plugin : Plugin provides authentication using One Time Password
    • One Time Password login endpoint : https://login-demo.casewhere.com/runtime/otpauth/login.idp
      This endpoint generates a One Time Password (OTP) code, shows a form where the user can enter this code and validates the code that the user enters.
  8. OAuth 2.0/OIDC authentication provider plugin : Plugin provides authentication using OAuth 2.0/OIDC provider
    • LinkedIn login endpoint : https://login-demo.casewhere.com/runtime/linkedin/login.idp
      This endpoint provides LinkedIn login authentication.
    • Facebook login endpoint : https://login-demo.casewhere.com/runtime/facebook/login.idp
      This endpoint provides Facebook login authentication.
    • Google login endpoint : https://login-demo.casewhere.com/runtime/google/login.idp
      This endpoint provides Google login authentication.
    • Microsoft account login endpoint : https://login-demo.casewhere.com/runtime/microsoft/login.idp
      This endpoint provides Microsoft account login authentication.
    • Twitter login endpoint : https://login-demo.casewhere.com/runtime/twitter/login.idp
      This endpoint provides Twitter login authentication.
    • Generic OAuth provider logon endpoint : https://login-demo.casewhere.com/runtime/GenericOAuthProvider/login.idp
      Generic OAuth provider logon endpoint
    • LinkedIn consumer endpoint : https://login-demo.casewhere.com/runtime/linkedin/consume.idp
      This endpoint receives data/token from LinkedIn and returns status on success or error.
    • Facebook consumer endpoint. : https://login-demo.casewhere.com/runtime/facebook/consume.idp
      This endpoint receives data/token from Facebook and returns status on success or error.
    • Google consumer endpoint : https://login-demo.casewhere.com/runtime/google/consume.idp
      This endpoint receives data/token from Google and returns status on success or error.
    • Microsoft account consumer endpoint : https://login-demo.casewhere.com/runtime/microsoft/consume.idp
      This endpoint receives data/token from Microsoft account and returns status on success or error.
    • Twitter consumer endpoint : https://login-demo.casewhere.com/runtime/twitter/consume.idp
      This endpoint receives data/token from Twitter and returns status on success or error.
    • Generic OAuth provider consumer endpoint : https://login-demo.casewhere.com/runtime/GenericOAuthProvider/consume.idp
      Generic OAuth provider consumer endpoint
    • OAuth Provider authentication SignOff endpoint : https://login-demo.casewhere.com/runtime/OAuthProvider/signoff.idp
      Sign off endpoint place holder for all OAuth Provider connections.
  9. Device-based Login plug-in : Implements device-based login
    • Device-based login endpoint : https://login-demo.casewhere.com/runtime/devicebased/login.idp
      This endpoint provides a login form that requires an activation code if you login by username and password.
    • Device-based activation code/cookie deleted endpoint : https://login-demo.casewhere.com/runtime/devicebased/deviceCookieDeleted.idp
      Use this endpoint to remove device based activation code/cookies.
  10. LDAP authentication provider : Plugin providing authentication using formsbased authentication or integrated Windows authentication to LDAP
    • LDAP endpoint name : https://login-demo.casewhere.com/runtime/ldap/login.idp
      This endpoint provides LDAP login authentication.
    • LDAP form-based authentication endpoint name : https://login-demo.casewhere.com/runtime/ldap/formsbasedlogin.idp
      This endpoint verifies the login user based on form input. If login fails it will show a login retry form
    • LDAP integrated Windows authentication endpoint name : https://login-demo.casewhere.com/runtime/ldap/iwalogin.idp
      This endpoint provides LDAP integrated Windows authentication.
  11. Generic provider for external authentication : Plugin provides authentication using generic provider for external authentication.
    • Generic provider for external authentication endpoint : https://login-demo.casewhere.com/runtime/gcp/logon.idp
      This endpoint provides external authentication for generic provider.
  12. OAuth 2.0 : Plugin providing OAuth 2.0 support to the Identity Provider and Authorization Server
    • OAuth 2.0 authorization endpoint. : https://login-demo.casewhere.com/runtime/oauth2/authorize.idp
      This endpoint provides Identify authorization.
    • OpenID Connection logout endpoint. : https://login-demo.casewhere.com/runtime/openidconnect/logout.idp
      This endpoint provides a logout by removing the token from repository (cache and database).
    • OpenID Connection logout session status endpoint. : https://login-demo.casewhere.com/runtime/openidconnect/sessionlogout.idp
      This endpoint provides logout session state.
    • OAuth 2.0 token endpoint. : https://login-demo.casewhere.com/runtime/oauth2/token.idp
      This endpoint provides OAuth 2.0 access token.
    • OpenId connect discovery endpoint. : https://login-demo.casewhere.com/runtime/oauth2/.well-known/openid-configuration
      This endpoint provides OpenId connect metadata.
    • OpenId connect JWK endpoint. : https://login-demo.casewhere.com/runtime/oauth2/certs.idp
      This endpoint provides information about Identify public signing key used on Oauth 2.0 endpoints.
    • Oauth 2.0 device pairing endpoint. : https://login-demo.casewhere.com/runtime/oauth2/device_authorization
      This endpoint provide code to authenticate the device.
    • OpenID Connect UserInfo endpoint. : https://login-demo.casewhere.com/runtime/openidconnect/userinfo.idp
      This endpoint parses token, processes response, and validates signature received from OpenID.
    • OpenID Connect user code verification endpoint. : https://login-demo.casewhere.com/runtime/oauth2/devicepairing
      This endpoint to verify user code on device pairing flow.
  13. Yubico authentication plugin : Plugin provides authentication using Yubico One-time password (OTP) key
    • Yubico login endpoint : https://login-demo.casewhere.com/runtime/yubico/login.idp
      This endpoint provides Yubico form to login and process token received from Yubico to make local authentication.

Security Token Service endpoint listing.

  • STS WS Trust 14 Username Message Endpoint : http://login-demo.casewhere.com/runtime/services/trust/14/username
    An endpoint which authenticates the client with its username and password. The client credentials are included in the header of a SOAP message. Confidentiality is preserved by encryption inside the SOAP message.
  • STS WS Trust 14 Username Mixed Endpoint : https://login-demo.casewhere.com/runtime/services/trust/14/usernamemixed
    An endpoint which authenticates the client with its username and password. The client credentials are included in the header of a SOAP message. Confidentiality is preserved at the transport layer (SSL).
  • STS WS Trust 14 Certificate Message Endpoint : http://login-demo.casewhere.com/runtime/services/trust/14/certificate
    An endpoint which authenticates the client with X.509 certificate. The client credentials are included in the header of a SOAP message. Confidentiality is preserved by encryption inside the SOAP message.
  • STS WS Trust 14 Certificate Mixed Endpoint : https://login-demo.casewhere.com/runtime/services/trust/14/certificatemixed
    An endpoint which authenticates the client with X.509 certificate. The client credentials are included in the header of a SOAP message. Confidentiality is preserved at the transport layer (SSL).
  • STS WS Trust OIO IDWS Endpoint : https://login-demo.casewhere.com/runtime/services/oiotrust/14/oioidwsmixed
    STS WS Trust OIO IDWS Endpoint
  • STS WS Trust 14 Issuedtokensymmetricbasic256sha256 Endpoint : http://login-demo.casewhere.com/runtime/services/trust/14/issuedtokensymmetricbasic256sha256
    An endpoint which authenticates the client with an issued token.
  • STS WS Trust 14 Issuedmixedtokensymmetricbasic256sha256 Endpoint : https://login-demo.casewhere.com/runtime/services/trust/14/issuedtokenmixedsymmetricbasic256sha256
    An endpoint which authenticates the client with an issued token.