Sentry Identity Server - Gateway API Reference

Overview

This document lists the various APIs currently available in the Sentry Identity Gateway server.

Client Side APIs

AUTH CODE GRANT

Purpose: Oauth2 authorization code flow to get the authorization code

URL: http://<domain>/sentrygw/oauth2/authorize

Method: GET

Request Parameters:

Parameter Type Value Description
response_type String required This will specify what client application is requesting. ‘code’ specifies that your application is requesting an authorization code grant
client_id String required Registered client application client id
redirect_uri String required Where the service redirects the user-agent after an authorization code is granted.
scope String required specifies the level/claims of resource access that the application is requesting
state String optional An opaque value used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client. The parameter SHOULD be used for preventing cross-site request forgery
nonce String optional String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. Sufficient entropy MUST be present in the nonce values used to prevent attackers from guessing values

Example:

GET http:///sentrygw/api/oauth2/authorize?response_type=code&client_id=83c44d2a-7b80-3ff5-9591-478a4936fa7d&redirect_uri=http:/rivetlabs.com/testclient/callback&state=sto5nrlsqvql11r3sat87smvrb&scope=user_profile

Request:

GET /oauth2/authorize

Host: <domain>/sentrygw

Response:

{
    "state": "sto5nrlsqvql11r3sat87smvrb",
    "authcode": "eyJhbGciOiJIUzI1NiJ9.eyjbGllnRpZCI6IjU1ZWQ5MjdiZGQ4NWI5MDE5MTVkNWQ3YiIsImV4cCI6MTQ0MzAwNzY3MTI2MiwidXNlcm5hbWUiOiJ1dHRlc2gifQ.KS7BKv1Hdt2Ef--7yhCAgpWRQv-C0TvIa0jjHMMO094"
  }
}

IMPLICIT GRANT

Purpose: Oauth2 implicit flow to get the access_token

URL: http://<domain>/sentrygw/oauth2/authorize

Method: GET

Request Parameters:

Parameter Type Value Description
response_type String required This will specify what client application is requesting. ‘token’ specifies that your application is requesting an access token
client_id String required Registered client application client id
redirect_uri String required Where the service redirects the user-agent after an token is granted.
scope String required specifies the level/claims of resource access that the application is requesting
state String optional An opaque value used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client. The parameter SHOULD be used for preventing cross-site request forgery
nonce String optional String value used to associate a Client session with an ID Token, and to mitigate replay attacks. The value is passed through unmodified from the Authentication Request to the ID Token. Sufficient entropy MUST be present in the nonce values used to prevent attackers from guessing values

Example:

GET http:///sentrygw/api/oauth2/authorize?response_type=token&client_id=83c44d2a-7b80-3ff5-9591-478a4936fa7d&redirect_uri=http:/rivetlabs.com/testclient/callback&state=sto5nrlsqvql11r3sat87smvrb&scope=user_profile

Request:

GET /oauth2/authorize

Host: <domain>/sentrygw

Response:

{
  "access_token": "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.GGYL6VRrDYkoRtURSAI-imRpOjljwhhhLZ51kLKRwkIX-xE8YyefRU59fJ-W6V3_4l_wCtMVzEze1SUd-dynN_zw5KYKsnkg99VThd75nsVfAuEPThulvJ9aKbM0ffTz-bnaFqyX8itYNR1jQayWK_D9u_4i8fj3LXXutwT_NXlzoDS5RsJIZLPD3F8KFsWtbqiq8IilJk2rW4wSFN10p2T2dPb7OF1LV6J5MpbFwHKfUj7sam6qcP-rnQkTZnwrAkIVN4dwo-six24nt_Uci30UGB2Wcw9rqbmnV4ZIBQ4jixiK0c4oMkZjBL9_jUxzPKo-5G4XI-Id_tM7FTQikQ.a55sJPB5ZH2upfQXeAl1_A.ACMGWyTq0Vbyv_F_U5272s3QHMr557_neOWcY8-qamtG5fHvYnhYEq-LBpUyhGOobaBmi9EmypfwZY-n_zZm5hSC_4UlYG09k2ZsXXZi-jcLqlXy5yK4pOXzAA5FKcacbGz8LUcOF-U5Bwu3BwIfzPF1KlB_YkbK_pEIO8OLcdmsBBMPbU30i1sto13BWO_U3NHlkOuPKXwNfL7akRdWHllsorEqyQdADPnADBdYjdG6UefN2qzTaN30rmst-ofKNe0AtwzJqDZxmJDN_HEyzCYLLw837rOhhmQHT7IIvC6txj7cjtpRgqQ8LlPhV_vdhcR33QTovN5zajGY7-xjHw.il-9NPOtIhQnLKymxU6cjw",
  "refresh_token": "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.CBadr6pkKvLM4GfH0jdSLJ3bFliAunY30CSQoMT361sOWPtN2DfgWqxySehHC8MOEXSpfBm7WRR25JLv11kXqHgTg3mvhCWPeUuwgRJG5769u94WvJYo4aMN5Og-BcJ0FHcZQ_CMCT6dpw2Q7LQv6VXIa2er1VxKDltKTuwrV1RV--r-bSqlOVl2LO2TCCUsNAU6mEYnALDz7GvFlWMBW9AyikA4rhQqIxrrtscj_NO9DheH3pJMnttxLP7Ss2_xeMy4ZwSCcfliAITjeU-4r1rBSriIDBf9lRMuGzgqrUuOC2ZD_YEzkEnlDG_5aHni7_D-mFmkQYUyKEBcBhvk7A.ED7s7tlUm0LpGPCdvn_4LQ.MHk-3YsQID21iUBACLRQdg9eLuCVnL41EHnbP8Q_AQsB-Da6rm0irt2g1wYJA5Zz5QGV3fXH2qgz_0owtGIiu3D-nVw4Xm5owqdAFVII8oomcK5NMaPTj5egBbsCOEX9wSCNes47X38HRcIpB7JbwtlP0QcZE2YDFuF385NhcVB9TiQ0U9diXre0A75tTpZcq08r0T7SyxYPppjPr93L1vTsHT6W8YSz-YvvV7wU9yOu1sifqRZy8_h_xl1gp9087-Vemr3lQRuFS_O-HtO_p7sQ_p2SqheoDzoyJ9l9FMGmjPE1v3b9TLPAWEHsEQEd3-Ko_sQoeAhvGovKIoVTZA.ctFO8XuMb7JovULmxKY6VA",
  "token_type": "Bearer",
  "expires_in": 86400
}

Server Side APIs

PASSWORD GRANT

Purpose: This Oauth2 grant type will be used to get the access_token by passing the user credentials to server

URL: http://<domain>/sentrygw/api/token

Method: POST

Request Parameters:

Parameter Type Value Description
username String required registered username and user should be assigned to given client.
password String required password of the user.
client_id String required client_id provided by the Sentry Admin console after the client application registeration
grant_type String required value should be set to ‘password’

Request:

POST /api/token HTTP/1.1

Host: <domain>/sentrygw
Content-Type: application/json
{
"username": "test",
"password": "*******",
"client_id": "cb56fa0d-f698-3082-bb27-867181d9a739",
"grant_type": "password"
}

Response:

{
  "access_token": "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.GGYL6VRrDYkoRtURSAI-imRpOjljwhhhLZ51kLKRwkIX-xE8YyefRU59fJ-W6V3_4l_wCtMVzEze1SUd-dynN_zw5KYKsnkg99VThd75nsVfAuEPThulvJ9aKbM0ffTz-bnaFqyX8itYNR1jQayWK_D9u_4i8fj3LXXutwT_NXlzoDS5RsJIZLPD3F8KFsWtbqiq8IilJk2rW4wSFN10p2T2dPb7OF1LV6J5MpbFwHKfUj7sam6qcP-rnQkTZnwrAkIVN4dwo-six24nt_Uci30UGB2Wcw9rqbmnV4ZIBQ4jixiK0c4oMkZjBL9_jUxzPKo-5G4XI-Id_tM7FTQikQ.a55sJPB5ZH2upfQXeAl1_A.ACMGWyTq0Vbyv_F_U5272s3QHMr557_neOWcY8-qamtG5fHvYnhYEq-LBpUyhGOobaBmi9EmypfwZY-n_zZm5hSC_4UlYG09k2ZsXXZi-jcLqlXy5yK4pOXzAA5FKcacbGz8LUcOF-U5Bwu3BwIfzPF1KlB_YkbK_pEIO8OLcdmsBBMPbU30i1sto13BWO_U3NHlkOuPKXwNfL7akRdWHllsorEqyQdADPnADBdYjdG6UefN2qzTaN30rmst-ofKNe0AtwzJqDZxmJDN_HEyzCYLLw837rOhhmQHT7IIvC6txj7cjtpRgqQ8LlPhV_vdhcR33QTovN5zajGY7-xjHw.il-9NPOtIhQnLKymxU6cjw",
  "refresh_token": "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.CBadr6pkKvLM4GfH0jdSLJ3bFliAunY30CSQoMT361sOWPtN2DfgWqxySehHC8MOEXSpfBm7WRR25JLv11kXqHgTg3mvhCWPeUuwgRJG5769u94WvJYo4aMN5Og-BcJ0FHcZQ_CMCT6dpw2Q7LQv6VXIa2er1VxKDltKTuwrV1RV--r-bSqlOVl2LO2TCCUsNAU6mEYnALDz7GvFlWMBW9AyikA4rhQqIxrrtscj_NO9DheH3pJMnttxLP7Ss2_xeMy4ZwSCcfliAITjeU-4r1rBSriIDBf9lRMuGzgqrUuOC2ZD_YEzkEnlDG_5aHni7_D-mFmkQYUyKEBcBhvk7A.ED7s7tlUm0LpGPCdvn_4LQ.MHk-3YsQID21iUBACLRQdg9eLuCVnL41EHnbP8Q_AQsB-Da6rm0irt2g1wYJA5Zz5QGV3fXH2qgz_0owtGIiu3D-nVw4Xm5owqdAFVII8oomcK5NMaPTj5egBbsCOEX9wSCNes47X38HRcIpB7JbwtlP0QcZE2YDFuF385NhcVB9TiQ0U9diXre0A75tTpZcq08r0T7SyxYPppjPr93L1vTsHT6W8YSz-YvvV7wU9yOu1sifqRZy8_h_xl1gp9087-Vemr3lQRuFS_O-HtO_p7sQ_p2SqheoDzoyJ9l9FMGmjPE1v3b9TLPAWEHsEQEd3-Ko_sQoeAhvGovKIoVTZA.ctFO8XuMb7JovULmxKY6VA",
  "token_type": "Bearer",
  "expires_in": 86400
}

CLIENT CREDENTIAL GRANT

Purpose: This Oauth2 grant type will be used to get the access_token by passing the client credentials to server

URL: http://<domain>/sentrygw/api/token

Method: POST

Request Parameters:

Parameter Type Value Description
client_id String required client_id provided by the Sentry Admin console after the client application registeration.
client_secret String required client_secret provided by the Sentry Admin console after the client application registeration.
grant_type String required value should be set to ‘client_credentials’

Request:

POST /api/token HTTP/1.1

Host: <domain>/sentrygw
Content-Type: application/json
{
"client_id": "cb56fa0d-f698-3082-bb27-867181d9a739",
"client_secret": "xxxx-xxxx-xxxx-xxx",
"grant_type": "client_credentials"
}

Response:

{
  "access_token": "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.GGYL6VRrDYkoRtURSAI-imRpOjljwhhhLZ51kLKRwkIX-xE8YyefRU59fJ-W6V3_4l_wCtMVzEze1SUd-dynN_zw5KYKsnkg99VThd75nsVfAuEPThulvJ9aKbM0ffTz-bnaFqyX8itYNR1jQayWK_D9u_4i8fj3LXXutwT_NXlzoDS5RsJIZLPD3F8KFsWtbqiq8IilJk2rW4wSFN10p2T2dPb7OF1LV6J5MpbFwHKfUj7sam6qcP-rnQkTZnwrAkIVN4dwo-six24nt_Uci30UGB2Wcw9rqbmnV4ZIBQ4jixiK0c4oMkZjBL9_jUxzPKo-5G4XI-Id_tM7FTQikQ.a55sJPB5ZH2upfQXeAl1_A.ACMGWyTq0Vbyv_F_U5272s3QHMr557_neOWcY8-qamtG5fHvYnhYEq-LBpUyhGOobaBmi9EmypfwZY-n_zZm5hSC_4UlYG09k2ZsXXZi-jcLqlXy5yK4pOXzAA5FKcacbGz8LUcOF-U5Bwu3BwIfzPF1KlB_YkbK_pEIO8OLcdmsBBMPbU30i1sto13BWO_U3NHlkOuPKXwNfL7akRdWHllsorEqyQdADPnADBdYjdG6UefN2qzTaN30rmst-ofKNe0AtwzJqDZxmJDN_HEyzCYLLw837rOhhmQHT7IIvC6txj7cjtpRgqQ8LlPhV_vdhcR33QTovN5zajGY7-xjHw.il-9NPOtIhQnLKymxU6cjw",
  "refresh_token": "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.CBadr6pkKvLM4GfH0jdSLJ3bFliAunY30CSQoMT361sOWPtN2DfgWqxySehHC8MOEXSpfBm7WRR25JLv11kXqHgTg3mvhCWPeUuwgRJG5769u94WvJYo4aMN5Og-BcJ0FHcZQ_CMCT6dpw2Q7LQv6VXIa2er1VxKDltKTuwrV1RV--r-bSqlOVl2LO2TCCUsNAU6mEYnALDz7GvFlWMBW9AyikA4rhQqIxrrtscj_NO9DheH3pJMnttxLP7Ss2_xeMy4ZwSCcfliAITjeU-4r1rBSriIDBf9lRMuGzgqrUuOC2ZD_YEzkEnlDG_5aHni7_D-mFmkQYUyKEBcBhvk7A.ED7s7tlUm0LpGPCdvn_4LQ.MHk-3YsQID21iUBACLRQdg9eLuCVnL41EHnbP8Q_AQsB-Da6rm0irt2g1wYJA5Zz5QGV3fXH2qgz_0owtGIiu3D-nVw4Xm5owqdAFVII8oomcK5NMaPTj5egBbsCOEX9wSCNes47X38HRcIpB7JbwtlP0QcZE2YDFuF385NhcVB9TiQ0U9diXre0A75tTpZcq08r0T7SyxYPppjPr93L1vTsHT6W8YSz-YvvV7wU9yOu1sifqRZy8_h_xl1gp9087-Vemr3lQRuFS_O-HtO_p7sQ_p2SqheoDzoyJ9l9FMGmjPE1v3b9TLPAWEHsEQEd3-Ko_sQoeAhvGovKIoVTZA.ctFO8XuMb7JovULmxKY6VA",
  "token_type": "Bearer",
  "expires_in": 86400
}

REFRESH TOKEN GRANT

Purpose: This Oauth2 grant type will be used to get the fresh access_token by refresh_token of existing access_token to server

URL: http://<domain>/sentrygw/api/token

Method: POST

Request Parameters:

Parameter Type Value Description
client_id String required client_id provided by the Sentry Admin console after the client application registeration.
client_secret String required client_secret provided by the Sentry Admin console after the client application registeration.
grant_type String required value should be set to ‘refresh_token’
refresh_token String required refresh_token of the existing access_token.

Request:

POST /api/token HTTP/1.1

Host: <domain>/sentrygw
Content-Type: application/json
{
"client_id": "cb56fa0d-f698-3082-bb27-867181d9a739",
"client_secret": "xxxx-xxxx-xxxx-xxx"
"grant_type": "refresh_token",
"refresh_token" : "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.CBadr6pkKvLM4GfH0jdSLJ3bFliAunY30CSQoMT361sOWPtN2DfgWqxySehHC8MOEXSpfBm7WRR25JLv11kXqHgTg3mvhCWPeUuwgRJG5769u94WvJYo4aMN5Og-BcJ0FHcZQ_CMCT6dpw2Q7LQv6VXIa2er1VxKDltKTuwrV1RV--r-bSqlOVl2LO2TCCUsNAU6mEYnALDz7GvFlWMBW9AyikA4rhQqIxrrtscj_NO9DheH3pJMnttxLP7Ss2_xeMy4ZwSCcfliAITjeU-4r1rBSriIDBf9lRMuGzgqrUuOC2ZD_YEzkEnlDG_5aHni7_D-mFmkQYUyKEBcBhvk7A.ED7s7tlUm0LpGPCdvn_4LQ.MHk-3YsQID21iUBACLRQdg9eLuCVnL41EHnbP8Q_AQsB-Da6rm0irt2g1wYJA5Zz5QGV3fXH2qgz_0owtGIiu3D-nVw4Xm5owqdAFVII8oomcK5NMaPTj5egBbsCOEX9wSCNes47X38HRcIpB7JbwtlP0QcZE2YDFuF385NhcVB9TiQ0U9diXre0A75tTpZcq08r0T7SyxYPppjPr93L1vTsHT6W8YSz-YvvV7wU9yOu1sifqRZy8_h_xl1gp9087-Vemr3lQRuFS_O-HtO_p7sQ_p2SqheoDzoyJ9l9FMGmjPE1v3b9TLPAWEHsEQEd3-Ko_sQoeAhvGovKIoVTZA.ctFO8XuMb7JovULmxKY6VA"
}

Response:

{
  "access_token": "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.cz-VDZ6EPMaadesZvQ4BKV8U3XqjpMsqRWjgwvgHXOCNqAff5PRdJe_UKe6JMui0zKOIQdE8gv_F-FHSoVhT9NVawgzlgBjBCpwT2bQc8tLHaCS5LVC5BomKGyReYY3UsfmUDxXsYSKP9s25PpH9mOZBOfa7RazT5fag5hjoRFC5Ss2ticOX1jdXRgnVUWV3Lv8xmKF7TqSVBzY3gneonrhPgGZDpD2XHgvznVJ9YMclOF6y_wRTTNYANYM8TNJg6ywtNrXZeTOHcZ_7CWZOVdJKvao8Kxk-vXJMms5DWmO7rss510MEtZ3e4c-yNSeSgSTVAQnEJ4nTr2v5mOn0Jw.qiyu92B3FFVv7dBdkpgUoA.Zx1veMguw2fUCqxZEXfsLeYHGE1JDXeOVEfwv6xYG5Hd6pTRO47Lc7thksE8Vikd_uu0NzfJFmHk7dduiWEyrNL9GVi7fzdCChBn0RjaXGzJLh-0yJHVYWGyej6OuItH6DUi6jceqa2EeRyrLAQHR1wpBgAWsh2dyjxJRhBjNzs6yG8wtMmfM0XrhGF8Pn1RBveRP1Z2fo-vqsdm3m45YmI-1b9RQr0djwW_fvJeoztuTP0Oxe4KkGCgNN1GGskDEMQn69G9B5zXxoUxuUgXPxbzPnS0ubN5p2dxC9LdX8MzZFxFYITLsdGRayKXxK82je8lZjrkrPo1bTDTdnNOGQ.Q7MXC9b2GE60h1cdpkJpKg",
  "refresh_token": "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.QAAG7YGK5AI41UZc5ru5B0LbmIAPSs9QfQKOz1o3q9TI6XFwAsqq05gYMUtRgBewT6kG6PXcDLq4i48AS6pSuBsKNH-xDz6cSfh8XhumeYgc_EcH0YgXQGvwWCkVVi3o5dzvtFIJ8aLCngnCQBZ7ht1gVvkAKYpCb3tu1Kd9e0WYDHgLpRFIohOzUNhEH4XxlhJOfB7l_Wd2mfnVIhVkxyQajxLL8nd-p_JLG0XhYwKapxpPPq8cTsZ6ZjvMn2roj7gfpOLUeTDpsz-jtldGS6x00qIBhIdY_e7uAf9SpQn8aGkeCAC5Awk5EOZ2GVzfB2OKYupCwidBfDMhdf0zkw.1vDCRQ_goiVyFne0YvP_ug.WFAhqWmG8wxmugHH7QQHIvZ64s62nBpAoPW2zjw13LNc8zES9DovSYqYcqPGoEbjzVbxkDERQfs21DtdMWrjGQ54ykvXoIQZFH1uGetj_BwgRpBbKW-D0qQSkg7umqXB5XRdkJlXZ-2VCDktDMvYyzqGiwFXw0Qydc8Bfc8A8BfvE0_E6gKEx_nM8ZH7O-dRLdvGsW_l2DIIwLJDVB275E8iN8IHnNAZWcP2wXRrOWnTr9Mo6agje39Eop_C8s7A05X9d_BFf5T8pPYd0X9aoihP_iA5Wpdle7jh8jIRC2pOTuK_2x2CrNRBQDtZGroHGnzfGuHo5vkREFWSJaPu1Q.AckO0eTtbNfCpgFWgvWFhw",
  "token_type": "Bearer",
  "expires_in": 86400
}

USER RESOURCE

Purpose: Exchange the access_token to get the user properties from the sentry gateway

URL: http://<domain>/sentrygw/api/resource

Method: GET

Request Parameters:

Parameter Type Value Description
access_token String required The access token received from sentry gateway after exchanging the authorization code/implicit grant type

Example:

GET http:///sentrygw/api/resource?access_token=eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.kfkxPGvhFY2zg1E6UYc8SB02J54FjPzh6a3JjOzb8DPmAeZNuSqdSL4cMtkHxXlhSipNzZodUC7ZTwL9oOildmYT4x-MOe2wKniF0o9CEWlo02IFRkdJTsBYwaX1Qn2yZ4Z0evjsAlZoUXrNM76M7gJF6e4EbQAjrVFt4KISvmgw3kYKRy_CTmzYDjpMnJE6o69N52hWz-3LyW3syQXZyvN9ptnhj-wnuwKoGnB-945RhwSG7tZ6mEFhfC17K0qJatC592XfFnz_TAPS_r6gZFvGlnCyc4-ekArWoU_gsQDDvMnnc1qbFGiJwxrWAmqc5L_RO2wGqWMTG6aKl6Y4gw.Kps-clFwum18OSHttrlxrQ.P7Kikn_GTpc6JMjSKo97xRuTiKza3JEnqfdK_Zf3utbfCOT_nmr5ZRkCh3xno19x6FDq02_MQA51BygtOqyy-asuGHgeYV33q77JpjJGspwzfD3yvUUnfZ0BjqxPNIVeC7Ygb97B2SJhx-23cHjP290A_b3Ex0gN54IR_hyuLodhru5WGhIbGL27sA1CFvGR3RTB6j4KPqBjC7lfe0p0pBJOLe-RJvRKA4AtqmyAw802tKqFdAffvJFCHp9WsS2Y9gEcjcrSKIKy5dsssWt0xChxVpLzH1uaL8a6HEp8x-UGrd_V90jxRgqcn9SyuwSKDiuKETk1X5UDlGI0LRF6Lw.8k_htb1NKgeTbmY_kUjIeA

Request:

GET /oauth2/authorize

Host: <domain>/sentrygw

Response:

{
  "id": 8,
  "name": "demo@rivetsys.com",
  "username": "demo@rivetsys.com",
  "accessToken": "eyJhbGciOiJSU0ExXzUiLCJlbmMiOiJBMTI4Q0JDLUhTMjU2In0.tykPOGe_L2jf-NSRJF5YQpm2VBCdFsRQgfdkUv7FT-hyIu7ViXPGiWdCNYpXCfR4bTdcPvX24yRNY1-Bk57PBy2q5Xr21isxdKFo_di0ZgZ2y2qBhx1dkHyotHo0gpb5JReavNotLUbOk3OSvD6PDTywmtPMoEOOHwAoyuayQb784LiON1BB7KIaisPan16JinXeUW0waftsD41Vf9XqW2ZKO8mzdc8BsXHMBFUzW-riGv0d2OS5TDR2j7yzpBgJA51mBF_zNJtncTthX3u9IojJbaQV-CB6Kws-JWx3XnN_teccHz_3hlTJkhedGzxqXOTtS86TzIXYiE5kaSrqaw.obSOUGbmJFXQR6vZdXV5ew._rOEsLfiyX8MIqyKxkb_vgHytVfHYs0wgnSOOH0DeS_V9HhnZ5BUtHGSp_d_BrT5vzAU6-RckvRtS886ExeyZcVXm_i7lpyl-XLDYc90sgwgky9hm9zS8Dq77nQfZxPP_blJ9VaNBrzy7ErQyEi1EpS3aJi6_x7k9s1eZDJPfk7y11AYEH7w3PFQPaLJmXVykNaZVe677FCFdDZCIYJkcbRyVACaIb03CjLBNWNmEael-9EMNoQUvP0ZMm-xZzOzuvMjBc0LtiJ8uEHacOPlrOA3wfX959A7XZZLvRFVvdqrJnvlm2y3nlNkpFo35zuYCtD9szXPjEt7Kr-BO3G8uA.ub9zLYwBxNU3cjNsSPPpPw",
  "status": "ACTIVE",
  "firstname": "demo",
  "lastname": "demo",
  "emailId": demo@rivetsys.com,
  "emailIdVerified": true,
  "rolesStr": "com.rivetlabs.sentry.persistence.domain.Role@1e4686bb,SENTRY_ROLE_USER",
  "firmId": 1,
  "roles": [
    {
      "label": "SENTRY_ROLE_USER",
      "value": "SENTRY_ROLE_USER",
      "status": "ACTIVE"
    }
  ],
  "telephone": "123456789",
  "identity": null,
  "loginFailedCount": 0
}