API Endpoints for Apps

Get Started with OBO

OBO or On-Behalf-Of authentication allows an extension application to be able to call REST API endpoints to perform operations on behalf of an application end-user.

Such operations include:

  • List the streams of a given user
  • Initiate connection requests to and determine connection status with other users
  • Get the presence state of other connected users
  • Initiate IMs and MIMs with other users
  • Send messages and attachments
  • Set the context user's own presence

📘

More information on OBO

For more information, please refer to OBO Authentication.

API endpoints enabled for OBO

The following table describes which of our REST API endpoints are OBO-enabled, and for each the application permission that must be granted to the app.

OBO-enabled endpoint

Permission

Endpoint documentation

"GET", "/pod/v1/connection/list"

GET_USER_CONNECTIONS

List Connections

"GET", "/pod/v1/admin/system/protocols/list"

SEND_MESSAGES

Deprecated documentation.
For more information, refer to:

List Protocols v2

"GET", "/pod/v1/connection/user/{userId}/info"

GET_USER_CONNECTIONS

Get Connection

"GET", "/pod/v1/files/allowedTypes"

SEND_MESSAGES

Attachment Types

"GET", "/pod/v1/presence/feed/{feedId}/read"

GET_PRESENCE

Read Presence Feed

"GET", "/pod/v1/sessioninfo"

GET_BASIC_USER_INFO

Deprecated documentation.
For more information, refer to:

Session User v2

"GET", "/pod/v1/streams/{streamId}/info"

SEND_MESSAGES

Deprecated documentation.
For more information, refer to:

Stream Info v2

"GET", "/pod/v1/user"

GET_BASIC_CONTACT_INFO

Deprecated documentation.
For more information, refer to:

Users Lookup v3

"GET", "/pod/v1/user/presence"

GET_PRESENCE

Deprecated documentation.
For more information, refer to:

Get Presence

"GET", "/pod/v1/user/{userId}/presence"

GET_PRESENCE

Deprecated documentation.
For more information, refer to:

Get User Presence

"GET", "/pod/v2/sessioninfo"

GET_BASIC_USER_INFO

Session User v2

"GET", "/pod/v2/user"

GET_BASIC_CONTACT_INFO
SEND_MESSAGES

Deprecated documentation.
For more information, refer to:

Users Lookup v3

"GET", "/pod/v2/user/presence"

GET_PRESENCE

Get Presence

"GET", "/pod/v2/user/{userId}/presence"

GET_PRESENCE

Deprecated documentation.
For more information, refer to:

Get User Presence

"GET", "/pod/v3/room/{roomId}/info"

MANAGE_ROOMS

Room Info v3

"GET", "/pod/v3/user/{userId}/presence"

GET_PRESENCE

Get User Presence

"GET", "/pod/v3/users"

GET_BASIC_CONTACT_INFO

Users Lookup v3

"POST", "/v1/user/{uid}/follow"

MANAGE_USER_FOLLOWING

Follow User

"POST", "/v1/user/{uid}/unfollow"

MANAGE_USER_FOLLOWING

Unfollow User

"GET", "/agent/v1/signals/{signalId}/get"

MANAGE_SIGNALS

Get Signal

"GET", "/agent/v1/signals/{signalId}/subscribers"

MANAGE_SIGNALS

Subscribers

"GET", "/agent/v1/signals/list"

MANAGE_SIGNALS

List Signals

"POST", "/agent/v1/signals/create"

MANAGE_SIGNALS

Create Signal

"POST", "/agent/v1/signals/{signalId}/update"

MANAGE_SIGNALS

Update Signal

"POST", "/agent/v1/signals/{signalId}/delete"

MANAGE_SIGNALS

Delete Signal

"POST", "/agent/v1/signals/{signalId}/subscribe"

MANAGE_SIGNALS

Subscribe Signal

"POST", "/agent/v1/signals/{signalId}/unsubscribe"

MANAGE_SIGNALS

Unsubscribe Signal

"POST", "/agent/v3/stream/{streamId}/message/create"

SEND_MESSAGES

Deprecated documentation.
For more information, refer to:

Create Message v4

"POST", "/agent/v3/stream/{streamId}/share"

SEND_MESSAGES

Share

"POST", "/agent/v4/stream/{streamId}/message/create"

SEND_MESSAGES

Create Message v4

"POST", "/v1/admin/messagesuppression/{messageId}/suppress"

SUPPRESS_MESSAGES

Suppress Message

"POST", "/pod/v1/connection/create"

REQUEST_USER_CONNECTIONS

Create Connection

"POST", "/pod/v1/im/create"

SEND_MESSAGES

Create IM or MIM

"POST", "/pod/v1/presence/feed/create"

GET_PRESENCE

Create Presence Feed

"POST", "/pod/v1/presence/feed/{feedId}/delete"

GET_PRESENCE

Delete Presence Feed

"POST", "/pod/v1/room/{roomId}/membership/add"

MANAGE_ROOMS

Add Member

"POST", "/pod/v1/room/{roomId}/membership/demoteOwner"

MANAGE_ROOMS

Demote Owner

"POST", "/pod/v1/room/{roomId}/membership/promoteOwner"

MANAGE_ROOMS

Promote Owner

"POST", "/pod/v1/room/{roomId}/membership/remove"

MANAGE_ROOMS

Remove Member

"POST", "/pod/v1/room/{roomId}/setActive"

MANAGE_ROOMS

De/Re-activate Room

"POST", "/pod/v1/streams/list"

LIST_USER_STREAMS

List User Streams

"POST", "/pod/v1/user/presence"

SET_PRESENCE

Deprecated documentation.
For more information, refer to:

Set Presence

"POST", "/pod/v1/user/presence/register"

GET_PRESENCE

External Presence Interest

"POST", "/pod/v1/user/search"

GET_BASIC_CONTACT_INFO

Search Users

"POST", "/pod/v2/user/presence"

SET_PRESENCE

Set Presence

"POST", "/pod/v3/room/create"

MANAGE_ROOMS
CREATE_USER_STREAM

Create Room v3

"POST", "/pod/v3/room/search"

MANAGE_ROOMS

Search Rooms v3

"POST", "/pod/v3/room/{roomId}/update"

MANAGE_ROOMS

Update Room v3

"POST", "/pod/v3/user/presence"

SET_PRESENCE

Set Other User's Presence - Admin V3

The following table describes the use of permissions:

Permission

Usage

GET_BASIC_CONTACT_INFO

An app can get basic contact info.

GET_BASIC_USER_INFO

An app can get basic contact info.

SEND_MESSAGES

An app can send messages on behalf of a user. Creates IM for users.

SUPPRESS_MESSAGES

An app can suppress a user's messages on behalf of that user.

CREATE_USER_STREAM

An app can create streams on behalf of a user.

MANAGE_ROOMS

An app can manage streams on behalf of a user.

MANAGE_SIGNALS

An app can list, create, edit, and delete signals on behalf of a user.

LIST_USER_STREAMS

An app can get a list of user streams on behalf of users.

GET_USER_CONNECTIONS

An app can get an appinfo of all user connections on behalf of users.

REQUEST_USER_CONNECTIONS

An app can send connection requests on behalf of users.

GET_PRESENCE

An app can get a user presence on behalf of users.

SET_PRESENCE

An app can set presence on behalf of users.

MANAGE_USER_FOLLOWING

An app can make a list of users follow or unfollow a considered user, identified by his uid.

🚧

All OBO endpoints respect any existing entitlements or state for the user in session.

For instance, if a user is not already connected to another user, an app cannot send a message to the second user on behalf of the first. Another example is that if a user does not have the "Can Send Files" entitlement in Symphony, an app cannot send a message containing an attachment on behalf of the user.