# API Endpoints for Apps ### Get Started with OBO OBO or On-Behalf-Of authentication allows an extension application to be able to call REST API endpoints to perform operations on behalf of an application end-user. Such operations include: * List the streams of a given user * Initiate connection requests to and determine connection status with other users * Get the presence state of other connected users * Initiate IMs with other users * Send messages and attachments * Set the context user's own presence > #### 📘 More information on OBO > > For more information, please refer to [OBO Authentication](https://docs.developers.symphony.com/building-extension-applications-on-symphony/app-authentication/obo-authentication). ## API endpoints enabled for OBO The following table describes which of our REST API endpoints are OBO-enabled, and for each the application permission that must be granted to the app.

OBO-enabled endpoint	Permission	Endpoint documentation
GET /pod/v1/connection/list	GET_USER_CONNECTIONS	/pages/mIozaSn9HaKKBMF72SbQ
GET /pod/v1/admin/system/protocols/list	SEND_MESSAGES	Deprecated documentation. For more information, refer to: /pages/rrW0dxqJ0XALRyQUEI3b
GET /pod/v1/connection/user/{userId}/info	GET_USER_CONNECTIONS	/pages/1skpI0wNR2ouSnWJcJoU
GET /pod/v1/files/allowedTypes	SEND_MESSAGES	/pages/lVq6rByF9MGbEhL1GGmi
GET /pod/v1/presence/feed/{feedId}/read	GET_PRESENCE	/pages/U7OxQkFF5VQletQPFMes
GET /pod/v1/sessioninfo	GET_BASIC_USER_INFO	Deprecated documentation. For more information, refer to: /pages/yYK763uCdGWxeyw0cKYQ
GET /pod/v1/streams/{streamId}/info	SEND_MESSAGES	Deprecated documentation. For more information, refer to: /pages/f1lkRncUJmnoka8J69gC
GET /pod/v1/user	GET_BASIC_CONTACT_INFO	Deprecated documentation. For more information, refer to: /pages/eKBGHqOjwe6iaz62HWEA
GET /pod/v1/user/presence	GET_PRESENCE	Deprecated documentation. For more information, refer to: /pages/L8Abr3Wf0n6N23pxk9vI
GET /pod/v1/user/{userId}/presence	GET_PRESENCE	Deprecated documentation. For more information, refer to: /pages/PoFcOW1wge8cBui4jD19
GET /pod/v2/sessioninfo	GET_BASIC_USER_INFO	/pages/yYK763uCdGWxeyw0cKYQ
GET /pod/v2/user	GET_BASIC_CONTACT_INFO SEND_MESSAGES	Deprecated documentation. For more information, refer to: /pages/eKBGHqOjwe6iaz62HWEA
GET /pod/v2/user/presence	GET_PRESENCE	/pages/L8Abr3Wf0n6N23pxk9vI
GET /pod/v2/user/{userId}/presence	GET_PRESENCE	Deprecated documentation. For more information, refer to: /pages/PoFcOW1wge8cBui4jD19
GET /pod/v3/room/{roomId}/info	MANAGE_ROOMS	/pages/lB8KolMLiQkIQOJNSxBQ
GET /pod/v3/user/{userId}/presence	GET_PRESENCE	/pages/PoFcOW1wge8cBui4jD19
GET /pod/v3/users	GET_BASIC_CONTACT_INFO	/pages/eKBGHqOjwe6iaz62HWEA
POST /v1/user/{uid}/follow	MANAGE_USER_FOLLOWING	/pages/7IPrcdfnQWmuEHqyA19I
POST /v1/user/{uid}/unfollow	MANAGE_USER_FOLLOWING	/pages/i9GnDKrzeGPGHMPJqOvs
GET /agent/v1/signals/{signalId}/get	MANAGE_SIGNALS	/pages/wd0koxucO0LwcL5LbNKm
GET /agent/v1/signals/{signalId}/subscribers	MANAGE_SIGNALS	/pages/ACeKPqEUkOa8WiLZHqRL
GET /agent/v1/signals/list	MANAGE_SIGNALS	/pages/H9BvxfGCH7GIRUnuc7HY
POST /agent/v1/signals/create	MANAGE_SIGNALS	/pages/bDLu6q1eZJCk0CgfoHza
POST /agent/v1/signals/{signalId}/update	MANAGE_SIGNALS	/pages/0D9fLyAUb20gPeupPnpd
POST /agent/v1/signals/{signalId}/delete	MANAGE_SIGNALS	/pages/HP0Z4uMWBwUbn8TTi2cT
POST /agent/v1/signals/{signalId}/subscribe	MANAGE_SIGNALS	/pages/AC5L5WAKnTLTNtajzJ1G
POST /agent/v1/signals/{signalId}/unsubscribe	MANAGE_SIGNALS	/pages/gdJs5kQkbHSb5i7sfsAf
POST /agent/v3/stream/{streamId}/share	SEND_MESSAGES	/pages/SU7Ch6IObT1Z0cLmDiMh
POST /agent/v4/stream/{streamId}/message/create	SEND_MESSAGES	/pages/ehGwBvwaMIEWzlStKYOx
POST /agent/v4/message/blast	SEND_MESSAGES	/pages/UHXORS6Dz7xn35s62W5L
POST /agent/v4/stream/{:sid}/message/{:mid}/update	SEND_MESSAGES	/pages/vucA2sPJHQ9PMcFGrqbU
POST /v1/admin/messagesuppression/{messageId}/suppress	SUPPRESS_MESSAGES	/pages/uRcJWMyZEK8dyh7FIwhO
POST /pod/v1/connection/create	REQUEST_USER_CONNECTIONS	/pages/FbG9fRDvI4qT8YOLkcN9
POST /pod/v1/im/create	SEND_MESSAGES	/pages/q9CAqiK7ruQK9t16OuyH
POST /pod/v1/presence/feed/create	GET_PRESENCE	/pages/xDWny0kWxp7DnrXu7OMk
POST /pod/v1/presence/feed/{feedId}/delete	GET_PRESENCE	/pages/vombKpIS3y8MXmk11DJX
POST /pod/v2/room/{roomId}/membership/list	MANAGE_ROOMS LIST_USER_STREAMS	Since SBE 20.16 /pages/7ILYTDxOcojZDuIR9H6T
POST /pod/v1/room/{roomId}/membership/add	MANAGE_ROOMS	/pages/QC1Rsg9M3CyEPEbVTJtM
POST /pod/v1/room/{roomId}/membership/demoteOwner	MANAGE_ROOMS	/pages/S86t6XTphY6Jg7byPXeU
"POST" /pod/v1/room/{roomId}/membership/promoteOwner	MANAGE_ROOMS	/pages/2Kss9VcbVjVwnplgwMxh
POST /pod/v1/room/{roomId}/membership/remove	MANAGE_ROOMS	/pages/nYnj8ov8uEvfC6WUSsOm
POST /pod/v1/room/{roomId}/setActive	MANAGE_ROOMS	/pages/xpY7Pl9GOoeGsprbEfu5
POST /pod/v1/streams/list	LIST_USER_STREAMS	/pages/E1u41UHYesTLGJSg3jRz
POST /pod/v2/user/presence	SET_PRESENCE	/pages/PiOGmxBF6g96fY6B9r4K
POST /pod/v1/user/presence/register	GET_PRESENCE	/pages/tuIPEwbfPA0dFdw4VkqR
POST /pod/v1/user/search	GET_BASIC_CONTACT_INFO	/pages/pBbBmSNvNOqlRJtTaaKa
POST /pod/v2/user/presence	SET_PRESENCE	/pages/PiOGmxBF6g96fY6B9r4K
POST /pod/v3/room/create	MANAGE_ROOMS CREATE_USER_STREAM	/pages/yCsXZPy2jssQzEh8R4ew
POST /pod/v3/room/search	MANAGE_ROOMS	/pages/WcJCaaZLaDd0de0bT5pK
POST /pod/v3/room/{roomId}/update	MANAGE_ROOMS	/pages/MRgt7FVE43dWvZAxgGhG
POST /pod/v3/user/presence	SET_PRESENCE	/pages/afTlLFjj3ICA2an5Dkdw

### The following table describes the use of permissions:

Permission	Usage
GET_BASIC_CONTACT_INFO	An app can get basic contact info.
GET_BASIC_USER_INFO	An app can get basic contact info.
SEND_MESSAGES	An app can send messages on behalf of a user. Creates IM for users.
SUPPRESS_MESSAGES	An app can suppress a user's messages on behalf of that user.
CREATE_USER_STREAM	An app can create streams on behalf of a user.
MANAGE_ROOMS	An app can manage streams on behalf of a user.
MANAGE_SIGNALS	An app can list, create, edit, and delete signals on behalf of a user.
LIST_USER_STREAMS	An app can get a list of user streams on behalf of users.
GET_USER_CONNECTIONS	An app can get an `appinfo` of all user connections on behalf of users.
REQUEST_USER_CONNECTIONS	An app can send connection requests on behalf of users.
GET_PRESENCE	An app can get a user presence on behalf of users.
SET_PRESENCE	An app can set presence on behalf of users.
MANAGE_USER_FOLLOWING	An app can make a list of users follow or unfollow a considered user, identified by his uid.

> 🚧 All OBO endpoints respect any existing entitlements or state for the user in session. > > For instance, if a user is not already connected to another user, an app cannot send a message to the second user on behalf of the first. Another example is that if a user does not have the "Can Send Files" entitlement in Symphony, an app cannot send a message containing an attachment on behalf of the user. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://rest-api.symphony.com/main/apps-on-behalf-of-obo/obo-enabled-endpoints.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.