Page Comparison

Before you begin:

If you access the Armor API system through an AMP-generated API Key, then you will not be able to access the following endpoints:

• GET /users/{id}/keys

• DELETE /users/{id}/keys/{key}

• POST /users/{id}/keys

• GET /users/{id:int}/ActivationCode

• POST /users/resetpassword

• POST /users/setpassword

• PUT /users/{id:int}

• POST /users/status

• POST /users/

• POST /users/{userId:int}/invite

• GET /users/LockedOut/{accountId}/{email}

• POST /users/unlock/{accountId}/{email}

• DELETE /users/softDelete

• PUT /usersecurity/challengephrase

• GET /usersecurity/securityinformation/{referencekey}

• POST /usersecurity/securityinformation/{referencekey}

• POST /usersecurity/securityinformation/existing/{referencekey}

• GET /usersecurity/challengephrase/{userId}

• POST /usersecurity/validatemfaphone

• POST /usersecurity/securityinformation/{accountId}/{userId}

• POST /usersecurity/validatephoneapppin

To review the API calls, as well as implement the calls, access the interactive Armor API tool at https://developer.armor.com/.

1. To access the API, you must first authenticate. Enter the login information for the Armor Management Portal (AMP). Review the following example.

   Code Block
   POST /auth/authorize { "username": "user@domain.com", "password": "password123%^&" }

   
   

2. If the authentication is successful, you will receive the authorization code (code). Review the following example.

   Code Block
   { "redirect_uri": null, "code": "<<base64-hash>>", "success": true }

   
   

3. Redeem the authorization code (code) to retrieve the access token. You must redeem this code within two minutes of the previous request. Review the following example.

   Code Block
   POST /auth/token { "code":"<<base64-hash>>", "grant_type":"authorization_code" }

   
   

4. If the request is successful, you will receive the access token (access_token). Review the following example.

   Code Block
   { "access_token": "<<32-bit-uuid>>", "id_token": "<<base64-hash>>", "expires_in": 15, "token_type": "Bearer" }

   
   

5. Enter the access token (access_token) to complete the authentication process. Review the following example.

   Code Block
   Authorization: FH-AUTH <<access_token>>

   
   

6. (Optional) The access token expires every 15 minutes. If you want to extend the session, then you can request a new access token before the current access token expires. In this example, you do not need to authenticate again with the new access token. Review the following example.

   Code Block
   POST /auth/token/reissue { "token": "<<32-bit-uuid>>" }

   
   

7. (Optional) If the request is successful, you will receive the previous access token without the ID token. Review the following example.

   Code Block
   { "access_token": "<<32-bit-uuid>>", "id_token": null, "expires_in": 15, "token_type": "Bearer" }

   
   

8. (Optional) If you have multiple accounts in AMP, you may want to specify the account to configure. Enter the integer for the account ID. Review the following example.

   Code Block
   X-Account-Context: <<int>>

   
   

   Note
   There are two ways to retrieve your account ID: Via the command line: 1. In the command line, enter the GET /me command. Via AMP: 1. Access the Armor Management Portal (AMP). 2. On the left-side navigation, click Account. 3. Copy the number in Account Number. 4. In the command line, for X-Account-Context, enter the Account Number.