Viewing Claims

PreviousSourcing Claims NextSearching Claims / Users

Last updated 2 months ago

Viewing Claims

There are 4 ways in which claims can be viewed:

By the user during the signup or login process.
Manually by the user in the Account UI.
Manually by an admin in the Admin UI.
Automatically by an admin client via the Management API.

Viewed by the user

The user can view claims during signup or login using the Authentication API. Important is the score of the claims you want to view as the user needs to have a session with a (security) score at least equal to or larger as the score of the claim. Only claims within the score are returned.

The API call to view claims using the Authentication API looks as below (Postman documentation ):

// GET https://{{tenant_id}}.api.quasr.io/attributes
// Authorization: Bearer <session_token>
// RESPONSE IS AN ARRAY OF CLAIMS
[
    {
        "id": "<claim_id>",
        "type": "claim", // FIXED
        "subtype": "<claim_subtype>",
        "value": "<claim_value>",
        "label": "<claim_label>",
        "score": "<claim_score>", // ALWAYS LOWER OR EQUAL TO SESSION SCORE
        "status": "PENDING|ENABLED" // DISABLED CLAIMS ARE NOT RETURNED
    }
]

Alternatively the user can also manually view claims in the Account UI or via the Management API. In the Account UI users can go to Attributes.

// POST https://{{tenant_id}}.api.quasr.io/graphql
// Authorization: Bearer <accesss_token>
{
    "query": `
        query listClaims($account: ID!) {
            listClaims(account: $account) {
                id
                subtype
                value
                label
                score
                status
            }
        }`,
    "variables": `{
        "account": "<account_id>" // REQUIRED
    }`
}

Viewed by an admin

An admin can manually view claims in the Admin UI or via the Management API. In the Admin UI admins can go to Users, select the desired user, go to the Attributes tab.

// POST https://{{tenant_id}}.api.quasr.io/graphql
// Authorization: Bearer <accesss_token>
{
    "query": `
        query listClaims($account: ID!) {
            listClaims(account: $account) {
                id
                subtype
                value
                label
                score
                status
            }
        }`,
    "variables": `{
        "account": "<account_id>" // REQUIRED
    }`
}

PreviousSourcing Claims NextSearching Claims / Users

Last updated 2 months ago

There are 4 ways in which claims can be viewed:

By the user during the signup or login process.
Manually by the user in the Account UI.
Manually by an admin in the Admin UI.
Automatically by an admin client via the Management API.

Viewed by the user

The API call to view claims using the Authentication API looks as below (Postman documentation ):

// GET https://{{tenant_id}}.api.quasr.io/attributes
// Authorization: Bearer <session_token>
// RESPONSE IS AN ARRAY OF CLAIMS
[
    {
        "id": "<claim_id>",
        "type": "claim", // FIXED
        "subtype": "<claim_subtype>",
        "value": "<claim_value>",
        "label": "<claim_label>",
        "score": "<claim_score>", // ALWAYS LOWER OR EQUAL TO SESSION SCORE
        "status": "PENDING|ENABLED" // DISABLED CLAIMS ARE NOT RETURNED
    }
]

Alternatively the user can also manually view claims in the Account UI or via the Management API. In the Account UI users can go to Attributes.

The API call to view claims using the Management API looks as below (Postman documentation ):

// POST https://{{tenant_id}}.api.quasr.io/graphql
// Authorization: Bearer <accesss_token>
{
    "query": `
        query listClaims($account: ID!) {
            listClaims(account: $account) {
                id
                subtype
                value
                label
                score
                status
            }
        }`,
    "variables": `{
        "account": "<account_id>" // REQUIRED
    }`
}

Viewed by an admin

An admin can manually view claims in the Admin UI or via the Management API. In the Admin UI admins can go to Users, select the desired user, go to the Attributes tab.

The API call to view claims using the Management API looks as below (Postman documentation ):

// POST https://{{tenant_id}}.api.quasr.io/graphql
// Authorization: Bearer <accesss_token>
{
    "query": `
        query listClaims($account: ID!) {
            listClaims(account: $account) {
                id
                subtype
                value
                label
                score
                status
            }
        }`,
    "variables": `{
        "account": "<account_id>" // REQUIRED
    }`
}