Package com.veeva.vault.vapil.api.request

Class AuthenticationRequest

java.lang.Object
com.veeva.vault.vapil.api.request.VaultRequest<AuthenticationRequest>
com.veeva.vault.vapil.api.request.AuthenticationRequest
public class AuthenticationRequest extends VaultRequest<AuthenticationRequest>
Authenticate to Vault using standard username/password, OAuth, or Salesforce delegated authentication. Successful connections return an AuthenticationResponse, which stores the Vault session ID.

Note that the VaultClient automatically performs Authentication requests to establish the Vault session.

Vault API Coverage:
https://developer.veevavault.com/api/25.1/#authentication

  • Method Details

    • retrieveApiVersions

      public ApiVersionResponse retrieveApiVersions()
      Retrieves api versions supported by the current Vault
      Returns:
      ApiVersionResponse
      Vault API Endpoint:
       GET /api
      Vault API Help Link:
      https://developer.veevavault.com/api/25.1/#retrieve-api-versions

    • login

      public AuthenticationResponse login(String userName, String userPassword)
      Authenticate via standard Vault user name and password in the user's default Vault.
      Parameters:
      userName - The user name for authentication
      userPassword - The user password
      Returns:
      AuthenticationResponse
      Vault API Endpoint:
       GET /api/{version}/auth
      Vault API Help Link:
      https://developer.veevavault.com/api/25.1/#user-name-and-password

    • login

      public AuthenticationResponse login(String username, String password, String vaultDNS)
      Authenticate via standard Vault user name and password in a specific Vault Domain.
      Parameters:
      username - The user name for authentication
      password - The user password
      vaultDNS - The DNS of the vault for which you want to generate a session
      Returns:
      AuthenticationResponse
      Vault API Endpoint:
       GET /api/{version}/auth
      Vault API Help Link:
      https://developer.veevavault.com/api/25.1/#user-name-and-password

    • loginOAuth

      public AuthenticationResponse loginOAuth(String oauthOidcProfileId, String accessToken, String vaultDNS)
      Authenticate your account using OAuth 2.0 / Open ID Connect token to obtain a Vault session ID. Learn more about OAuth 2.0 / Open ID Connect in Vault Help.

      When requesting a sessionId, Vault allows the ability for Oauth2/OIDC client applications to pass the client_id with the request. Vault uses this client_id when talking with the introspection endpoint at the authorization server to validate that the access_token presented by the application is valid. Learn more about Client ID in the REST API Documentation.

      Parameters:
      oauthOidcProfileId - The ID of your OAuth2.0 / Open ID Connect profile.
      accessToken - OAuth Access Token (access_token)
      vaultDNS - The DNS of the vault for which you want to generate a session
      Returns:
      AuthenticationResponse
      Vault API Endpoint:
       POST login.veevavault.com/auth/oauth/session/{oath_oidc_profile_id}
      Vault API Help Link:
      https://developer.veevavault.com/api/25.1/#oauth-2-0-openid-connect

    • loginWithDiscovery

      public AuthenticationResponse loginWithDiscovery(String vaultUserName, String password, String vaultDNS)
      Authenticate using Vault Discovery endpoints. First Vault is queried for the user's authentication method, and if SSO, this method attempts to acquire an OAuth token. If the user is basic username/password, the simple login method is used.
      Parameters:
      vaultUserName - The user name for authentication
      password - The user password
      vaultDNS - The DNS of the vault for which you want to generate a session
      Returns:
      AuthenticationResponse

    • authenticationTypeDiscovery

      public DiscoveryResponse authenticationTypeDiscovery(String username)
      Discover the authentication type of a user. With this API, applications can dynamically adjust the login requirements per user, and support either username/password or OAuth2.0 / OpenID Connect authentication schemes.

      Create an unauthenticated Vault Client to call this endpoint.

      Parameters:
      username - The user name for authentication
      Returns:
      DiscoveryResponse
      Vault API Endpoint:
       POST login.veevavault.com/auth/discovery
      Vault API Help Link:
      https://developer.veevavault.com/api/25.1/#authentication-type-discovery
      Example Request:
       VaultClient vaultClient = VaultClientBuilder
                                .newClientBuilder(VaultClient.AuthenticationType.NO_AUTH)
                                .withVaultClientId(vaultClientId)
                                .build();

 DiscoveryResponse response = vaultClient.newRequest(AuthenticationRequest.class)
                                .setVaultOAuthClientId("OAuthClientId")
                                .authenticationTypeDiscovery("username@cholecap.com");
      Example Response:
       System.out.println("Auth Type: " + response.getData().getAuthType());

 for (DiscoveryResponse.DiscoveryData.AuthProfile authProfile : response.getData().getAuthProfiles()) {
                System.out.println("ID: " + authProfile.getId());
                System.out.println("Label: " + authProfile.getLabel());
                System.out.println("AS Client ID: " + authProfile.getAsClientId());
                System.out.println("*** AS Metadata ***");
                System.out.println("    Token Endpoint: " + authProfile.getAsMetadata().getTokenEndpoint());
 }

    • sessionKeepAlive

      public VaultResponse sessionKeepAlive()
      Session Keep Alive

      Developers are now able to keep a Vault API Session alive with a light-weight endpoint that returns SUCCESS when a valid Session Id is supplied. If an invalid Session Id is supplied, Vault returns INVALID_SESSION_ID. Vault always enforces a 48-hour maximum session duration even when used with the Session Keep Alive.

      Returns:
      VaultResponse
      Vault API Endpoint:
       POST /api/{version}/keep-alive
      Vault API Help Link:
      https://developer.veevavault.com/api/25.1/#session-keep-alive
      Example Request:
       VaultResponse response = vaultClient.newRequest(AuthenticationRequest.class)
      .sessionKeepAlive();
 }
      Example Response:
       System.out.println("Response Status:" + vaultClient.getAuthenticationResponse().getResponseStatus());

    • validateSessionUser

      public UserRetrieveResponse validateSessionUser()
      Validate Session User

      Given a valid session ID, this request returns information for the currently authenticated user. If the session ID is not valid, this request returns an INVALID_SESSION_ID error type. This is similar to a whoami request.

      Returns:
      UserRetrieveResponse Vault returns an array of size 1
      Vault API Endpoint:
       GET /api/{version}/objects/users/me
      Vault API Help Link:
      https://developer.veevavault.com/api/25.1/#validate-session-user
      Example Request:
       UserRetrieveResponse resp = vaultClient.newRequest(AuthenticationRequest.class).validateSessionUser();
      Example Response:
       for(UserRetrieveResponse.UserNode userNode : resp.getUsers()) {
   User user = userNode.getUser();
   System.out.println("User name: " + user.getUserName());
   System.out.println("User: " + user.getUserFirstName() + " " + user.getUserLastName());
   System.out.println("Email: " + user.getUserEmail());
   System.out.println("Id: " + user.getId());
 }

    • retrieveDelegations

      public DelegationsResponse retrieveDelegations()
      Retrieve delegations

      Retrieve Vaults where the currently authenticated user has delegate access. You can then use this information to Initiate a Delegated Session.

      Returns:
      DelegationsResponse
      Vault API Endpoint:
       GET /api/{version}/delegation/vaults
      Vault API Help Link:
      https://developer.veevavault.com/api/25.1/#retrieve-delegations
      Example Request:
       DelegationsResponse response = vaultClient.newRequest(AuthenticationRequest.class)
                                .retrieveDelegations();
      Example Response:
       for (DelegationsResponse.DelegatedVault delegatedVault : response.getDelegatedVaults()) {
   System.out.println("Id: " + delegatedVault.getId());
         System.out.println("Name: " + delegatedVault.getName());
         System.out.println("DNS: " + delegatedVault.getDns());
         System.out.println("Delegator user Id: " + delegatedVault.getDelegatorUserId());
 }

    • initiateDelegatedSession

      public DelegatedSessionResponse initiateDelegatedSession(int vaultId, String delegatorUserId)
      Initiate Delegated Session

      Generate a delegated session ID. This allows you to call the Vault REST API on behalf of a user who granted you delegate access.

      Parameters:
      vaultId - vault id
      delegatorUserId - delegator id
      Returns:
      InitiateDelegatedSessionResponse
      Vault API Endpoint:
       POST /api/{version}/delegation/login
      Vault API Help Link:
      https://developer.veevavault.com/api/25.1/#initiate-delegated-session
      Example Request:
       InitiateDelegatedSessionResponse response = vaultClient.newRequest(AuthenticationRequest.class)
                                .initiateDelegatedSession(vaultId, delegatorUserId);
      Example Response:
       System.out.println("Delegated session Id: " + response.getDelegatedSessionId());

    • endSession

      public VaultResponse endSession()
      End Session

      Given an active sessionId, inactivate an API session. If a user has multiple active sessions, inactivating one session does not inactivate all sessions for that user. Each session has its own unique sessionId

      Returns:
      VaultResponse
      Vault API Endpoint:
       DELETE /api/{version}/session
      Vault API Help Link:
      https://developer.veevavault.com/api/25.1/#end-session
      Example Request:
       VaultResponse response = vaultClient.newRequest(AuthenticationRequest.class)
                .endSession();
      Example Response:
       System.out.println("Response Status = " + response.getResponseStatus());

    • setVaultOAuthClientId

      public AuthenticationRequest setVaultOAuthClientId(String vaultOAuthClientId)
      Set the Header Accept to return CSV
      Parameters:
      vaultOAuthClientId - Client Id for the Vault App
      Returns:
      The Request

    • setIdpUserName

      public AuthenticationRequest setIdpUserName(String idpUserName)

    • setIdpOAuthScope

      public AuthenticationRequest setIdpOAuthScope(String idpOAuthScope)
      Sets the scope body param for an OAuth Access Token Call
      Parameters:
      idpOAuthScope - OAuth "scope" body param. Default = "openid"
      Returns:
      The request

    • setValidateDNS

      public AuthenticationRequest setValidateDNS(Boolean validateDNS)
      Validate Vault DNS after successful login
      Parameters:
      validateDNS - true/false
      Returns:
      The request