Build self-service capabilities for your application

# Build self-service capabilities for your application

Developers can use Asgardeo's REST APIs to implement self-service capabilities for the users on their business applications.

Here are some capabilities you may want to enable when you implement self-service capabilities in your business app.

Allow users to update their user profiles
Allow users to change passwords
Allow users to enable MFA
Allow users to manage consents given to applications

Once the user logs in to the business application, you can make these capabilities available to the user from the business application itself.

# Self-service APIs

You can use the following Asgardeo APIs to enable self-service capabilities in your business application.

SCIM/Me Endpoint

List user details
Update user profile

Update user password

To update the password of a user, update the value parameter of the API payload as follows:

{
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:PatchOp"
  ],
  "Operations": [
    {
      "op": "add",
      "value": {
        "nickName": "shaggy"
      }
    }
  ]
}

1
2
3
4
5
6
7
8
9
10
11
12
13

Manage MFA settings and recovery
- TOTP
- Backup codes
Export user profile
Manage consent of users

# Prerequisites

You need an application that integrates login with Asgardeo over OpenID connect standards.

Learn more about registering OIDC applications on Asgardeo.

# Invoke the self-service APIs

To invoke the self-service APIs from your application:

Once the user logs into your application, get an access token on behalf of the user.
Use the obtained access_token as a bearer token to invoke the APIs.

Given below is a sample API request for a client sending a PATCH request sent to the /scim2/Me endpoint to update the user password.

URL:  https://api.asgardeo.io/t/<org_name>/scim2/Me
HTTP Method: PATCH
Headers:
'Content-Type: application/scim+json'
 'Authorization: Bearer <access_token>'
Data:
{
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:PatchOp"
  ],
  "Operations": [
    {
      "op": "add",
      "value": {
        "password": "<new-password>"
      }
    }
  ]
}

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19

If you are using Asgardeo's React SDK

You can use the httpRequest method to invoke the APIs on Asgardeo's React SDK.

A sample of how to use the httpRequest method in Asgardeo's React SDK is given below:

import { useAuthContext, HttpRequestConfig } from "@asgardeo/auth-react";
const {httpRequest } = useAuthContext();

   const requestConfig: HttpRequestConfig = {
            // Add API content here
            headers: {
                "Accept": "application/json",
                "Content-Type": "application/scim+json"
            },
            attachToken: true,
            method: "GET",
            url: "https://api.asgardeo.io/t/<org_name>/scim2/Me"
        };
        httpRequest(requestConfig).then((response: any) => {
            console.log(“request response : ”+response.data);
        }).catch((error) => {
            console.log("request error: " + error);
        })

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

You can replace the body of const requestConfig: HttpRequestConfig = {} with the API you wish to invoke.