EmailResponseLink()

This API call is used to validate the email of a user currently and create a new link between the user and the requesting node.

A node may use this endpoint to validate the email of the user which they are currently linked to by submitting the request with a valid DST in the Authorization header.

If called, the Coordinator will send a verification email to the requested email address. This email will contain a link to the Coordinator S-host, where the user will be linked to the requesting node and directed back to the nodes default SAML endpoint.

API URL:

[BaseURL]/VerificationToken/urn:dece:type:token:DelegationTokenRequest?responseType={responseType}&subject={subject}

Request Method:

POST

Request Parameters:

• responseType is the response type for the request (must be urn:dece:type:tokenprofile:saml2)
• subject is the verified email address of the User to link to

Request Format

XML type:

• saml2:AuthnRequest

Headers:

• Content-type: application/x-www-form-urlencoded
• Authorization: SAML2 assertion=[Assertion]

Request Body Arguments:

• SAMLRequest is the AuthnRequest including the verified email address in the NameID element. This argument must be base64 encoded

Response Format

Status Code:

• HTTP 200

Errors

• AuthnRequestNotValid
  • The provided AuthnRequest in the SAMLRequest body argument is incomplete or malformed
  • HTTP Status Code: 400
• SecurityTokenResponseTypeNotValid
  • responseType query argument was not urn:dece:type:tokenprofile:saml2
  • HTTP Status Code: 400
• InvalidXMLDocument
  • The provided AuthnRequest in the SAMLRequest body argument was not properly base64 endcoded
  • HTTP Status Code: 400
• EmailAddressMissingInAuthnRequest
  • Verified email address from the AuthnRequest NameID element was not found
  • HTTP Status Code: 400
• EmailAddressMismatch
  • Email address referenced in the AuthnRequest NameID element did not match the subject query argument
  • HTTP Status Code: 400
• UserIdentifierRequired
  • Email not provided
  • HTTP Status Code: 400
• UserIdentifierNotFound
  • Email address did not match any known Users
  • HTTP Status Code: 404
• UserIdentifierNotValid
  • Email address did not identify a unique user
  • HTTP Status Code: 400
• UserIdInvalid
  • The UserID in the security token did not match the actual UserID
  • HTTP Status Code: 400
• ULCPolicyMissingInAuthnRequest
  • SAMLRequest did not have policy UserLinkConsent
  • HTTP Status Code: 403

Example

EmailLink

The following example demonstrates requesting a linking request to be sent to an Ultraviolet user’s email

Sample Request:

POST /rest/2015/02/VerificationToken/urn:dece:type:token:DelegationTokenRequest?responseType=urn:dece:type:tokenprofile:saml2&subject=unverified-email@test.com
Content-type: application/x-www-form-urlencoded
Host: api.uvvu.com

SAMLRequest=dsafndksalfjdsafodsaifdnsa....==

Sample Response:

HTTP/1.1 200
Date: [Date]
X-transaction-info: [TransactionInfo]

See Also

• InstaLink()
• SecurityTokenExchangeCredentials()
• SecurityTokenURIRefAssertionID()
• SecurityTokenURIRefExchange()