API Endpoints for Apps
Get Started with OBO
OBO or On-Behalf-Of authentication allows an extension application to be able to call REST API endpoints to perform operations on behalf of an application end-user.
Such operations include:
List the streams of a given user
Initiate connection requests to and determine connection status with other users
Get the presence state of other connected users
Initiate IMs and MIMs with other users
Send messages and attachments
Set the context user's own presence
📘 More information on OBOFor more information, please refer to OBO Authentication.
API endpoints enabled for OBO
The following table describes which of our REST API endpoints are OBO-enabled, and for each the application permission that must be granted to the app.
OBO-enabled endpoint | Permission | Endpoint documentation |
---|---|---|
GET /pod/v1/connection/list | GET_USER_CONNECTIONS | |
GET /pod/v1/admin/system/protocols/list | SEND_MESSAGES | Deprecated documentation. For more information, refer to: |
GET /pod/v1/connection/user/{userId}/info | GET_USER_CONNECTIONS | |
GET /pod/v1/files/allowedTypes | SEND_MESSAGES | |
GET /pod/v1/presence/feed/{feedId}/read | GET_PRESENCE | |
GET /pod/v1/sessioninfo | GET_BASIC_USER_INFO | Deprecated documentation. For more information, refer to: Session User |
GET /pod/v1/streams/{streamId}/info | SEND_MESSAGES | Deprecated documentation. For more information, refer to: Stream Info |
GET /pod/v1/user | GET_BASIC_CONTACT_INFO | Deprecated documentation. For more information, refer to: Users Lookup |
GET /pod/v1/user/presence | GET_PRESENCE | Deprecated documentation. For more information, refer to: Get Presence |
GET /pod/v1/user/{userId}/presence | GET_PRESENCE | Deprecated documentation. For more information, refer to: Get User Presence |
GET /pod/v2/sessioninfo | GET_BASIC_USER_INFO | |
GET /pod/v2/user | GET_BASIC_CONTACT_INFO SEND_MESSAGES | Deprecated documentation. For more information, refer to: Users Lookup |
GET /pod/v2/user/presence | GET_PRESENCE | |
GET /pod/v2/user/{userId}/presence | GET_PRESENCE | Deprecated documentation. For more information, refer to: Get User Presence |
GET /pod/v3/room/{roomId}/info | MANAGE_ROOMS | |
GET /pod/v3/user/{userId}/presence | GET_PRESENCE | |
GET /pod/v3/users | GET_BASIC_CONTACT_INFO | |
POST /v1/user/{uid}/follow | MANAGE_USER_FOLLOWING | |
POST /v1/user/{uid}/unfollow | MANAGE_USER_FOLLOWING | |
GET /agent/v1/signals/{signalId}/get | MANAGE_SIGNALS | |
GET /agent/v1/signals/{signalId}/subscribers | MANAGE_SIGNALS | |
GET /agent/v1/signals/list | MANAGE_SIGNALS | |
POST /agent/v1/signals/create | MANAGE_SIGNALS | |
POST /agent/v1/signals/{signalId}/update | MANAGE_SIGNALS | |
POST /agent/v1/signals/{signalId}/delete | MANAGE_SIGNALS | |
POST /agent/v1/signals/{signalId}/subscribe | MANAGE_SIGNALS | |
POST /agent/v1/signals/{signalId}/unsubscribe | MANAGE_SIGNALS | |
POST /agent/v3/stream/{streamId}/share | SEND_MESSAGES | |
POST /agent/v4/stream/{streamId}/message/create | SEND_MESSAGES | |
POST /agent/v4/message/blast | SEND_MESSAGES | |
POST /agent/v4/stream/{:sid}/message/{:mid}/update | SEND_MESSAGES | |
POST /v1/admin/messagesuppression/{messageId}/suppress | SUPPRESS_MESSAGES | |
POST /pod/v1/connection/create | REQUEST_USER_CONNECTIONS | |
POST /pod/v1/im/create | SEND_MESSAGES | |
POST /pod/v1/presence/feed/create | GET_PRESENCE | |
POST /pod/v1/presence/feed/{feedId}/delete | GET_PRESENCE | |
POST /pod/v2/room/{roomId}/membership/list | MANAGE_ROOMS LIST_USER_STREAMS | Since SBE 20.16 Room Members |
POST /pod/v1/room/{roomId}/membership/add | MANAGE_ROOMS | |
POST /pod/v1/room/{roomId}/membership/demoteOwner | MANAGE_ROOMS | |
"POST" /pod/v1/room/{roomId}/membership/promoteOwner | MANAGE_ROOMS | |
POST /pod/v1/room/{roomId}/membership/remove | MANAGE_ROOMS | |
POST /pod/v1/room/{roomId}/setActive | MANAGE_ROOMS | |
POST /pod/v1/streams/list | LIST_USER_STREAMS | |
POST /pod/v2/user/presence | SET_PRESENCE | |
POST /pod/v1/user/presence/register | GET_PRESENCE | |
POST /pod/v1/user/search | GET_BASIC_CONTACT_INFO | |
POST /pod/v2/user/presence | SET_PRESENCE | |
POST /pod/v3/room/create | MANAGE_ROOMS CREATE_USER_STREAM | |
POST /pod/v3/room/search | MANAGE_ROOMS | |
POST /pod/v3/room/{roomId}/update | MANAGE_ROOMS | |
POST /pod/v3/user/presence | SET_PRESENCE |
The following table describes the use of permissions:
Permission | Usage |
---|---|
GET_BASIC_CONTACT_INFO | An app can get basic contact info. |
GET_BASIC_USER_INFO | An app can get basic contact info. |
SEND_MESSAGES | An app can send messages on behalf of a user. Creates IM for users. |
SUPPRESS_MESSAGES | An app can suppress a user's messages on behalf of that user. |
CREATE_USER_STREAM | An app can create streams on behalf of a user. |
MANAGE_ROOMS | An app can manage streams on behalf of a user. |
MANAGE_SIGNALS | An app can list, create, edit, and delete signals on behalf of a user. |
LIST_USER_STREAMS | An app can get a list of user streams on behalf of users. |
GET_USER_CONNECTIONS | An app can get an |
REQUEST_USER_CONNECTIONS | An app can send connection requests on behalf of users. |
GET_PRESENCE | An app can get a user presence on behalf of users. |
SET_PRESENCE | An app can set presence on behalf of users. |
MANAGE_USER_FOLLOWING | An app can make a list of users follow or unfollow a considered user, identified by his uid. |
🚧 All OBO endpoints respect any existing entitlements or state for the user in session.
For instance, if a user is not already connected to another user, an app cannot send a message to the second user on behalf of the first. Another example is that if a user does not have the "Can Send Files" entitlement in Symphony, an app cannot send a message containing an attachment on behalf of the user.
Last updated