Symphony Messaging REST APIs
  • Symphony Messaging API Reference documentation
  • Endpoints Reference
    • Bots Authentication
      • Session Authenticate
      • Key Manager Authenticate
      • Session Authenticate (Cert)
      • Key Manager Authenticate (Cert)
      • Session Logout
      • Key Manager Logout
    • Apps Authentication
      • Authenticate App
      • Pod Certificate
    • Apps On Behalf Of (OBO)
      • API Endpoints for Apps
      • App Authentication
      • User Authentication by User ID
      • User Authentication by User Name
    • Info - Health Check
      • Health Check
      • Health Check Extended
      • Session User
      • Agent Info
      • Echo
    • Messages
      • Get Messages
      • Create Message
      • Blast Message
      • Attachment
      • Import Message
      • Update Message
      • Suppress Message
      • Message Search
      • Message Search
      • Message Status
      • Attachment Types
      • Get Message
      • List Attachments
      • List Message Receipts
      • Message Metadata
    • Datafeed - Real Time Events
      • Create Datafeed
      • Read Datafeed
      • List Datafeed
      • Delete Datafeed
    • Datahose - Pod Real Time Events
      • Datahose - Read Events
    • Streams - Conversations
      • Related to IMs
        • Create IM
        • Create IM non-inclusive
        • Update IM
        • IM Info
      • Related to Rooms
        • Room Attributes
        • Create Room
        • Update Room
        • Room Info
        • De/Re-activate Room
        • Room Members
        • Add Member
        • Remove Member
        • Promote Owner
        • Demote Owner
        • Search Rooms
      • All streams
        • Share Content
        • List User Streams
        • List User Streams (Admin)
        • Stream Info
        • List Streams for Enterprise
        • Stream Members
    • Signals
      • List Signals
      • Get Signal
      • Create Signal
      • Update Signal
      • Delete Signal
      • Subscribe Signal
      • Unsubscribe Signal
      • Suscribers
      • Signal Object
    • Connections
      • Get Connection
      • List Connection
      • Create Connection
      • Accept Connection
      • Reject Connection
      • Remove Connection
    • Presence
      • Get Presence
      • Get All Presence
      • Get User Presence
      • External Presence Interest
      • Set Presence
      • Set Other User's Presence - Admin
    • Users
      • Users Lookup
      • Search Users
      • Follow User
      • Unfollow User
      • List User Followers
      • List Users Followed
    • User Management
      • User Attributes Object
      • Password Object
      • Roles Object
      • UserKeyRequest Object
      • Get User
      • List Users
      • Create User
      • Update User
      • User Avatar
      • Update User Avatar
      • User Status
      • Update User Status
      • List Features
      • User Features
      • Update User Features
      • Find Users
      • List Roles
      • Add Role
      • Remove Role
      • List Audit Trail
      • Suspend User Account
      • Get Bot Manifest
      • Update Bot Manifest
    • User Sessions
      • List Sessions
      • Logout Session
      • Logout All Sessions
    • Groups - Distribution Lists
      • OAuth2 Authenticate
      • Add a new user to an existing group
      • Insert a new group
      • Retrieve a group
      • Update a group
      • List all groups of specified type
      • Update the group avatar
    • URI Protocols
      • Create Protocol
      • List Protocols
      • Delete Protocol
    • Manage Apps
      • Create App
      • Update App
      • Delete App
      • Get App
    • Apps Entitlements
      • List Apps
      • Update App Entitlements
      • List User Apps
      • Update User Apps
      • Update All User Apps
    • Disclaimers
      • Disclaimer
      • List Disclaimers
      • List Disclaimer Users
      • User Disclaimer
      • Update User Disclaimer
      • Unassign User Disclaimer
    • Delegates
      • User Delegates
      • Update User Delegates
    • Information Barrier Groups
      • List IB Groups
      • List IB Group Members
      • Add IB Group Members
      • Remove IB Group Members
      • List Policies
    • Certificates
      • Public (Signing) Certificate
      • List Company Certificates
      • Create Company Certificate
      • Delete Company Certificate
      • Company Certificate Details
      • List Verified Certificates
      • List Trusted Certificates
      • List Certificate Types
      • Update Company Certificate
    • Malware Scanner
      • Malware Scanner APIs
        • File Malware Scanner State
        • Update File Malware Scanner State
      • Customer Malware Scanner APIs
        • Malware Scanner Health
        • File Malware Scanner
    • DLP Dictionary & Policy Management
      • Overview
      • Dictionary Management endpoints
        • Create Dictionary
        • All Dictionaries
        • Specific Dictionary
        • Update Dictionary
        • Upload Dictionary Content
        • Download Dictionary Content
        • Delete Dictionary
      • V3 Policy Management endpoints
        • V3 Policy structure for Create/Update
        • V3 Create Policy
        • V3 All Policies
        • V3 Get Policy
        • V3 Update Policy
        • V3 Enable Policy
        • V3 Disable Policy
        • V3 Delete Policy
      • V3 Violations endpoints
        • V3 Violations - Sample Responses
        • V3 Violations - Special Scenarios of Attachments
        • V3 Message Violations
        • V3 Signal Violations
        • V3 Stream Violations
        • V3 Violation Attachment Download
    • Audit Trail 2
      • OAuth2 Authenticate
      • Get Audit trails
      • Get distinct values of a list of filters
      • Get Audit Trail Stream
      • Get categories permissions
    • Compliance Barrier Groups
      • Compliance Group Types
      • Compliance User Groups
        • List Compliance User Groups
        • Get a Compliance User Group
        • Create a Compliance User Group
        • Update a Compliance User Group
      • Compliance Group Assignments
        • List Assignments
        • List Compliance Group Assignments
        • Update a Compliance Group
      • Compliance Group Memberships
        • List Memberships
        • List Compliance Group Memberships
        • Add Compliance Group Membership
        • Update a User Membership
  • Deprecated Endpoints
    • DLP Dictionary and Policy management
      • V2 Policy Management endpoints
        • V2 Create Policy
        • V2 All Policies
        • V2 Get Policy
        • V2 Update Policy
        • V2 Enable Policy
        • V2 Disable Policy
        • V2 Delete Policy
      • V2 Violations endpoints
        • V2 Signal Violations
        • V2 Message Violations
        • V2 Stream Violations
    • Create Presence Feed
    • Read Presence Feed
    • Delete Presence Feed
    • Get Message IDs by Timestamp
    • Health Check v2
    • Datafeed 1
      • Create Datafeed 1
      • Read Datafeed 1
Powered by GitBook
On this page
  • Get Started with OBO
  • API endpoints enabled for OBO
  • The following table describes the use of permissions:

Was this helpful?

  1. Endpoints Reference
  2. Apps On Behalf Of (OBO)

API Endpoints for Apps

Last updated 4 months ago

Was this helpful?

Get Started with OBO

OBO or On-Behalf-Of authentication allows an extension application to be able to call REST API endpoints to perform operations on behalf of an application end-user.

Such operations include:

  • List the streams of a given user

  • Initiate connection requests to and determine connection status with other users

  • Get the presence state of other connected users

  • Initiate IMs with other users

  • Send messages and attachments

  • Set the context user's own presence

📘 More information on OBO

For more information, please refer to .

API endpoints enabled for OBO

The following table describes which of our REST API endpoints are OBO-enabled, and for each the application permission that must be granted to the app.

OBO-enabled endpoint
Permission
Endpoint documentation

GET /pod/v1/connection/list

GET_USER_CONNECTIONS

GET /pod/v1/admin/system/protocols/list

SEND_MESSAGES

Deprecated documentation. For more information, refer to:

GET /pod/v1/connection/user/{userId}/info

GET_USER_CONNECTIONS

GET /pod/v1/files/allowedTypes

SEND_MESSAGES

GET /pod/v1/presence/feed/{feedId}/read

GET_PRESENCE

GET /pod/v1/sessioninfo

GET_BASIC_USER_INFO

GET /pod/v1/streams/{streamId}/info

SEND_MESSAGES

GET /pod/v1/user

GET_BASIC_CONTACT_INFO

GET /pod/v1/user/presence

GET_PRESENCE

GET /pod/v1/user/{userId}/presence

GET_PRESENCE

GET /pod/v2/sessioninfo

GET_BASIC_USER_INFO

GET /pod/v2/user

GET_BASIC_CONTACT_INFO SEND_MESSAGES

GET /pod/v2/user/presence

GET_PRESENCE

GET /pod/v2/user/{userId}/presence

GET_PRESENCE

GET /pod/v3/room/{roomId}/info

MANAGE_ROOMS

GET /pod/v3/user/{userId}/presence

GET_PRESENCE

GET /pod/v3/users

GET_BASIC_CONTACT_INFO

POST /v1/user/{uid}/follow

MANAGE_USER_FOLLOWING

POST /v1/user/{uid}/unfollow

MANAGE_USER_FOLLOWING

GET /agent/v1/signals/{signalId}/get

MANAGE_SIGNALS

GET /agent/v1/signals/{signalId}/subscribers

MANAGE_SIGNALS

GET /agent/v1/signals/list

MANAGE_SIGNALS

POST /agent/v1/signals/create

MANAGE_SIGNALS

POST /agent/v1/signals/{signalId}/update

MANAGE_SIGNALS

POST /agent/v1/signals/{signalId}/delete

MANAGE_SIGNALS

POST /agent/v1/signals/{signalId}/subscribe

MANAGE_SIGNALS

POST /agent/v1/signals/{signalId}/unsubscribe

MANAGE_SIGNALS

POST /agent/v3/stream/{streamId}/share

SEND_MESSAGES

POST /agent/v4/stream/{streamId}/message/create

SEND_MESSAGES

POST /agent/v4/message/blast

SEND_MESSAGES

POST /agent/v4/stream/{:sid}/message/{:mid}/update

SEND_MESSAGES

POST /v1/admin/messagesuppression/{messageId}/suppress

SUPPRESS_MESSAGES

POST /pod/v1/connection/create

REQUEST_USER_CONNECTIONS

POST /pod/v1/im/create

SEND_MESSAGES

POST /pod/v1/presence/feed/create

GET_PRESENCE

POST /pod/v1/presence/feed/{feedId}/delete

GET_PRESENCE

POST /pod/v2/room/{roomId}/membership/list

MANAGE_ROOMS LIST_USER_STREAMS

POST /pod/v1/room/{roomId}/membership/add

MANAGE_ROOMS

POST /pod/v1/room/{roomId}/membership/demoteOwner

MANAGE_ROOMS

"POST" /pod/v1/room/{roomId}/membership/promoteOwner

MANAGE_ROOMS

POST /pod/v1/room/{roomId}/membership/remove

MANAGE_ROOMS

POST /pod/v1/room/{roomId}/setActive

MANAGE_ROOMS

POST /pod/v1/streams/list

LIST_USER_STREAMS

POST /pod/v2/user/presence

SET_PRESENCE

POST /pod/v1/user/presence/register

GET_PRESENCE

POST /pod/v1/user/search

GET_BASIC_CONTACT_INFO

POST /pod/v2/user/presence

SET_PRESENCE

POST /pod/v3/room/create

MANAGE_ROOMS CREATE_USER_STREAM

POST /pod/v3/room/search

MANAGE_ROOMS

POST /pod/v3/room/{roomId}/update

MANAGE_ROOMS

POST /pod/v3/user/presence

SET_PRESENCE

The following table describes the use of permissions:

Permission
Usage

GET_BASIC_CONTACT_INFO

An app can get basic contact info.

GET_BASIC_USER_INFO

An app can get basic contact info.

SEND_MESSAGES

An app can send messages on behalf of a user. Creates IM for users.

SUPPRESS_MESSAGES

An app can suppress a user's messages on behalf of that user.

CREATE_USER_STREAM

An app can create streams on behalf of a user.

MANAGE_ROOMS

An app can manage streams on behalf of a user.

MANAGE_SIGNALS

An app can list, create, edit, and delete signals on behalf of a user.

LIST_USER_STREAMS

An app can get a list of user streams on behalf of users.

GET_USER_CONNECTIONS

An app can get an appinfo of all user connections on behalf of users.

REQUEST_USER_CONNECTIONS

An app can send connection requests on behalf of users.

GET_PRESENCE

An app can get a user presence on behalf of users.

SET_PRESENCE

An app can set presence on behalf of users.

MANAGE_USER_FOLLOWING

An app can make a list of users follow or unfollow a considered user, identified by his uid.

🚧 All OBO endpoints respect any existing entitlements or state for the user in session.

For instance, if a user is not already connected to another user, an app cannot send a message to the second user on behalf of the first. Another example is that if a user does not have the "Can Send Files" entitlement in Symphony, an app cannot send a message containing an attachment on behalf of the user.

Deprecated documentation. For more information, refer to:

Deprecated documentation. For more information, refer to:

Deprecated documentation. For more information, refer to:

Deprecated documentation. For more information, refer to:

Deprecated documentation. For more information, refer to:

Deprecated documentation. For more information, refer to:

Deprecated documentation. For more information, refer to:

Since SBE 20.16

OBO Authentication
List Connection
List Protocols
Get Connection
Attachment Types
Read Presence Feed
Session User
Stream Info
Users Lookup
Get Presence
Get User Presence
Session User
Users Lookup
Get Presence
Get User Presence
Room Info
Get User Presence
Users Lookup
Follow User
Unfollow User
Get Signal
Suscribers
List Signals
Create Signal
Update Signal
Delete Signal
Subscribe Signal
Unsubscribe Signal
Share Content
Create Message
Blast Message
Update Message
Suppress Message
Create Connection
Create IM
Create Presence Feed
Delete Presence Feed
Room Members
Add Member
Demote Owner
Promote Owner
Remove Member
De/Re-activate Room
List User Streams
Set Presence
External Presence Interest
Search Users
Set Presence
Create Room
Search Rooms
Update Room
Set Other User's Presence - Admin