Identity Admin APIs

Identity Management APIs

Retrieve all registered identities in the system.

get

This endpoint allows administrators to access a complete list of identities currently registered in the system. It is intended for internal use to manage user identities effectively. Use this API to ensure proper identity management and facilitate administrative tasks.

💻 Service Credentials is required to access this service.

🔒 Permission: identity.list is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations

OAuth2authorizationCodeRequired

An OIDC service account that was authenticated.

Token URL:

Responses

200

application/json

401

Unauthorized

*/*

get

/identities/admin/users

GET /identities/admin/users HTTP/1.1
Host: gateway.dev.klustr.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

{
  "id": "text",
  "schema_id": "text",
  "source": "text",
  "schema_url": "text",
  "organization_id": "text",
  "credentials": {
    "oidc": {
      "type": "text",
      "identifiers": [
        "text"
      ]
    },
    "password": {
      "type": "text",
      "config": {
        "password": "text"
      }
    }
  },
  "state": "text",
  "state_changed_at": "2026-02-13T01:36:54.726Z",
  "traits": {
    "name": {
      "given_name": "text",
      "family_name": "text",
      "middle_name": "text"
    },
    "birthdate": "2026-02-13",
    "email": "text",
    "username": "text",
    "gender": "male",
    "citizenship": "text",
    "locale": "text"
  },
  "verifiable_addresses": [
    {
      "id": "text",
      "value": "text",
      "verified": true,
      "via": "text",
      "status": "text",
      "verified_at": "2026-02-13T01:36:54.726Z"
    }
  ],
  "recovery_addresses": [
    {
      "id": "text",
      "value": "text",
      "via": "text"
    }
  ],
  "metadata_public": {
    "picture": "text"
  },
  "metadata_admin": {
    "person_id": "text"
  }
}

Create a new identity in the admin context

post

This endpoint allows administrators to create a new identity and register associated personal information. It is intended for use in identity management and ensures that proper authorization is in place. The operation is crucial for maintaining accurate user records and facilitating communication through various channels.

💻 Service Credentials is required to access this service.

🔒 Permission: identity.create is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations

OAuth2authorizationCodeRequired

An OIDC service account that was authenticated.

Token URL:

Body

idstringOptional

schema_idstringOptional

sourcestringOptional

schema_urlstringOptional

organization_idstringOptional

statestringOptional

state_changed_atstring · date-timeOptional

Responses

200

The consent scopes available

application/json

401

Unauthorized

*/*

post

/identities/admin/users

POST /identities/admin/users HTTP/1.1
Host: gateway.dev.klustr.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 745

{
  "id": "text",
  "schema_id": "text",
  "source": "text",
  "schema_url": "text",
  "organization_id": "text",
  "credentials": {
    "oidc": {
      "type": "text",
      "identifiers": [
        "text"
      ]
    },
    "password": {
      "type": "text",
      "config": {
        "password": "text"
      }
    }
  },
  "state": "text",
  "state_changed_at": "2026-02-13T01:36:54.726Z",
  "traits": {
    "name": {
      "given_name": "text",
      "family_name": "text",
      "middle_name": "text"
    },
    "birthdate": "2026-02-13",
    "email": "text",
    "username": "text",
    "gender": "male",
    "citizenship": "text",
    "locale": "text"
  },
  "verifiable_addresses": [
    {
      "id": "text",
      "value": "text",
      "verified": true,
      "via": "text",
      "status": "text",
      "verified_at": "2026-02-13T01:36:54.726Z"
    }
  ],
  "recovery_addresses": [
    {
      "id": "text",
      "value": "text",
      "via": "text"
    }
  ],
  "metadata_public": {
    "picture": "text"
  },
  "metadata_admin": {
    "person_id": "text"
  }
}

{
  "id": "text",
  "schema_id": "text",
  "source": "text",
  "schema_url": "text",
  "organization_id": "text",
  "credentials": {
    "oidc": {
      "type": "text",
      "identifiers": [
        "text"
      ]
    },
    "password": {
      "type": "text",
      "config": {
        "password": "text"
      }
    }
  },
  "state": "text",
  "state_changed_at": "2026-02-13T01:36:54.726Z",
  "traits": {
    "name": {
      "given_name": "text",
      "family_name": "text",
      "middle_name": "text"
    },
    "birthdate": "2026-02-13",
    "email": "text",
    "username": "text",
    "gender": "male",
    "citizenship": "text",
    "locale": "text"
  },
  "verifiable_addresses": [
    {
      "id": "text",
      "value": "text",
      "verified": true,
      "via": "text",
      "status": "text",
      "verified_at": "2026-02-13T01:36:54.726Z"
    }
  ],
  "recovery_addresses": [
    {
      "id": "text",
      "value": "text",
      "via": "text"
    }
  ],
  "metadata_public": {
    "picture": "text"
  },
  "metadata_admin": {
    "person_id": "text"
  }
}

Retrieve user identity by subject ID

get

This endpoint allows administrators to retrieve the user identity associated with a specific subject ID. It ensures that only authorized personnel can access sensitive identity information. Use this API to manage user identities effectively within the admin context.

💻 Service Credentials is required to access this service.

🔒 Permission: identity.get is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations

OAuth2authorizationCodeRequired

An OIDC service account that was authenticated.

Token URL:

Path parameters

subjectIdstringRequired

Responses

200

application/json

401

Unauthorized

*/*

get

/identities/admin/users/{subjectId}

GET /identities/admin/users/{subjectId} HTTP/1.1
Host: gateway.dev.klustr.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

{
  "id": "text",
  "schema_id": "text",
  "source": "text",
  "schema_url": "text",
  "organization_id": "text",
  "credentials": {
    "oidc": {
      "type": "text",
      "identifiers": [
        "text"
      ]
    },
    "password": {
      "type": "text",
      "config": {
        "password": "text"
      }
    }
  },
  "state": "text",
  "state_changed_at": "2026-02-13T01:36:54.726Z",
  "traits": {
    "name": {
      "given_name": "text",
      "family_name": "text",
      "middle_name": "text"
    },
    "birthdate": "2026-02-13",
    "email": "text",
    "username": "text",
    "gender": "male",
    "citizenship": "text",
    "locale": "text"
  },
  "verifiable_addresses": [
    {
      "id": "text",
      "value": "text",
      "verified": true,
      "via": "text",
      "status": "text",
      "verified_at": "2026-02-13T01:36:54.726Z"
    }
  ],
  "recovery_addresses": [
    {
      "id": "text",
      "value": "text",
      "via": "text"
    }
  ],
  "metadata_public": {
    "picture": "text"
  },
  "metadata_admin": {
    "person_id": "text"
  }
}

Update an existing identity in the admin context

put

This endpoint allows administrators to update the details of a specified identity. It is intended for use within the identity management system, ensuring that only authorized users can modify identity information. Proper permissions are required to access this functionality.

💻 Service Credentials is required to access this service.

🔒 Permission: identity.update is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations

OAuth2authorizationCodeRequired

An OIDC service account that was authenticated.

Token URL:

Body

idstringOptional

schema_idstringOptional

sourcestringOptional

schema_urlstringOptional

organization_idstringOptional

statestringOptional

state_changed_atstring · date-timeOptional

Responses

200

The consent scopes available

application/json

401

Unauthorized

*/*

put

/identities/admin/users/{subjectId}

PUT /identities/admin/users/{subjectId} HTTP/1.1
Host: gateway.dev.klustr.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 745

{
  "id": "text",
  "schema_id": "text",
  "source": "text",
  "schema_url": "text",
  "organization_id": "text",
  "credentials": {
    "oidc": {
      "type": "text",
      "identifiers": [
        "text"
      ]
    },
    "password": {
      "type": "text",
      "config": {
        "password": "text"
      }
    }
  },
  "state": "text",
  "state_changed_at": "2026-02-13T01:36:54.726Z",
  "traits": {
    "name": {
      "given_name": "text",
      "family_name": "text",
      "middle_name": "text"
    },
    "birthdate": "2026-02-13",
    "email": "text",
    "username": "text",
    "gender": "male",
    "citizenship": "text",
    "locale": "text"
  },
  "verifiable_addresses": [
    {
      "id": "text",
      "value": "text",
      "verified": true,
      "via": "text",
      "status": "text",
      "verified_at": "2026-02-13T01:36:54.726Z"
    }
  ],
  "recovery_addresses": [
    {
      "id": "text",
      "value": "text",
      "via": "text"
    }
  ],
  "metadata_public": {
    "picture": "text"
  },
  "metadata_admin": {
    "person_id": "text"
  }
}

{
  "id": "text",
  "schema_id": "text",
  "source": "text",
  "schema_url": "text",
  "organization_id": "text",
  "credentials": {
    "oidc": {
      "type": "text",
      "identifiers": [
        "text"
      ]
    },
    "password": {
      "type": "text",
      "config": {
        "password": "text"
      }
    }
  },
  "state": "text",
  "state_changed_at": "2026-02-13T01:36:54.726Z",
  "traits": {
    "name": {
      "given_name": "text",
      "family_name": "text",
      "middle_name": "text"
    },
    "birthdate": "2026-02-13",
    "email": "text",
    "username": "text",
    "gender": "male",
    "citizenship": "text",
    "locale": "text"
  },
  "verifiable_addresses": [
    {
      "id": "text",
      "value": "text",
      "verified": true,
      "via": "text",
      "status": "text",
      "verified_at": "2026-02-13T01:36:54.726Z"
    }
  ],
  "recovery_addresses": [
    {
      "id": "text",
      "value": "text",
      "via": "text"
    }
  ],
  "metadata_public": {
    "picture": "text"
  },
  "metadata_admin": {
    "person_id": "text"
  }
}

Admin action to delete a user identity.

delete

This endpoint allows an admin to delete a user identity. It ensures that the action is performed with the appropriate permissions. The operation is crucial for managing user accounts and maintaining security within the identity management system.

💻 Service Credentials is required to access this service.

🔒 Permission: identity.delete is required in order for the call to succeed. You must configure permissions for the person or service calling this endpoint and add this permission to their identity.

Authorizations

OAuth2authorizationCodeRequired

An OIDC service account that was authenticated.

Token URL:

Path parameters

subjectIdstringRequired

Responses

200

No content

401

Unauthorized

*/*

delete

/identities/admin/users/{subjectId}

DELETE /identities/admin/users/{subjectId} HTTP/1.1
Host: gateway.dev.klustr.io
Authorization: Bearer YOUR_OAUTH2_TOKEN
Accept: */*

No content

PreviousIdentity APIs NextPerson APIs

Last updated 3 months ago

hashtagRetrieve all registered identities in the system.

hashtagCreate a new identity in the admin context

hashtagRetrieve user identity by subject ID

hashtagUpdate an existing identity in the admin context

hashtagAdmin action to delete a user identity.

Retrieve all registered identities in the system.

Create a new identity in the admin context

Retrieve user identity by subject ID

Update an existing identity in the admin context

Admin action to delete a user identity.