Management APIs Overview
LoginRadius Management APIs provide comprehensive backend administration and automation capabilities for your identity infrastructure. These server-side APIs enable you to configure security policies, manage identity providers, customize templates, control access restrictions, and automate tenant operations—all through a programmatic interface.
Authentication
Management APIs require API Key and API Secret authentication for secure access to administrative functions.
Header Authentication (Recommended)
Query String Authentication
X-LoginRadius-ApiKey: YOUR_API_KEY
X-LoginRadius-ApiSecret: YOUR_API_SECRET
Best for secure server-to-server communication.
?apikey=YOUR_API_KEY&apisecret=YOUR_API_SECRET
Useful for testing, but avoid exposing API Secret in client-side code.
Security Note: Never expose your API Secret in client-side applications or public repositories.
Key Features
User & Data Management
SOTT (Secure One-Time Token)
Generate time-bound tokens for secure user registration, providing bot protection and enhanced security for sign-up workflows.
User Migration
Bulk import users from external systems with support for password hashing, custom fields, and automated email verification workflows.
Custom Fields
Define additional profile fields beyond the standard user schema to capture business-specific data requirements.
Access Control & Permissions
Roles Management
Create and manage roles with associated permissions for role-based access control (RBAC) implementation.
Permissions
Define granular permissions that can be assigned to roles for fine-grained access control.
Security & Authentication
Second Factor Configuration
Configure multi-factor authentication (MFA) settings including TOTP, SMS, email OTP, and Duo authentication.
- Get MFA Configuration
- Update MFA Configuration
- Get TOTP Configuration
- Update TOTP Configuration
- Get Duo Configuration
- Update Duo Configuration
Passkey Configuration
Manage WebAuthn/FIDO2 passkey settings for passwordless authentication.
Push Notification Configuration
Configure push notification settings for mobile authentication flows.
Password Policy
Define password complexity requirements, expiration rules, and history settings.
Security Questions
Manage security questions used for account recovery and additional verification.
Captcha Configuration
Configure reCAPTCHA or other CAPTCHA services to prevent bot attacks.
Access Restrictions
Domain Access Restrictions
Control which domains can access your LoginRadius authentication services.
IP Access Restrictions
Whitelist or blacklist IP addresses for enhanced security control.
Identity Provider Management
Social Providers
Configure and manage social login providers like Google, Facebook, Twitter, LinkedIn, and more.
- List Social Providers
- Get Social Provider
- Update Social Provider
- Delete Social Provider
- Set Provider Status
- Set Provider Order
OAuth Clients
Manage OAuth 2.0 client applications for delegated authentication.
- List OAuth Clients
- Create OAuth Client
- Get OAuth Client
- Update OAuth Client
- Delete OAuth Client
- Reset OAuth Client Secret
JWT Clients (Identity Provider)
Configure JWT-based identity provider integrations for token-based SSO.
- List JWT IdP Clients
- Create JWT IdP Client
- Get JWT IdP Client
- Update JWT IdP Client
- Delete JWT IdP Client
SAML Clients (Identity Provider)
Manage SAML 2.0 identity provider configurations for enterprise SSO.
- List SAML IdP Clients
- Create SAML IdP Client
- Get SAML IdP Client
- Update SAML IdP Client
- Delete SAML IdP Client
- Renew SAML Certificate
OAuth Custom Providers
Create custom OAuth provider integrations for proprietary identity systems.
JWT Custom Providers (Service Provider)
Configure custom JWT service provider integrations.
- List JWT SP Configurations
- Create JWT SP Configuration
- Get JWT SP Configuration
- Update JWT SP Configuration
- Delete JWT SP Configuration
SAML Custom Providers (Service Provider)
Manage custom SAML service provider configurations.
- List SAML SP Configurations
- Create SAML SP Configuration
- Get SAML SP Configuration
- Update SAML SP Configuration
- Delete SAML SP Configuration
- Renew SAML SP Certificate
Communication Templates
Email Templates
Customize email templates for verification, password reset, welcome messages, and other transactional emails.
SMS Templates
Configure SMS message templates for OTP delivery and mobile verification.
Automation & Integration
Webhooks
Configure webhook endpoints to receive real-time notifications for user events and activities.
- List Webhook Configurations
- Create Webhook
- Get Webhook
- Update Webhook
- Delete Webhook
- List Webhook Events
Workflows
Create custom authentication workflows with conditional logic and actions.
- List Workflows
- Create Workflow
- Get Workflow
- Update Workflow
- Delete Workflow
- List Workflow Versions
- Delete Workflow Version
- Restore Workflow Version
Privacy & Compliance
Consent Management
Manage consent forms and options for GDPR and privacy compliance.
- Get Consent Options
- Create Consent Option
- Delete Consent Option
- Get Consent Forms
- Add Consent Form
- Delete Consent Form
Common Use Cases
| Use Case | Description | Key APIs |
|---|---|---|
| Bulk User Import | Migrate users from legacy systems | User Migration APIs |
| SSO Configuration | Set up enterprise single sign-on | SAML/OAuth/JWT Client APIs |
| Security Hardening | Enforce MFA, password policies, IP restrictions | Security Configuration APIs |
| Custom Branding | Customize email and SMS communications | Template Management APIs |
| Compliance | Implement consent management and privacy controls | Consent APIs |
| Automation | Trigger actions based on user events | Webhook APIs |
| Access Control | Implement role-based permissions | Roles & Permissions APIs |