Skip to content

Elevate Authentication & Users API (1.6)

Authentication

Elevate API uses Bearer authentication (also called token authentication) - this is an HTTP authentication scheme that uses security tokens called bearer tokens The bearer tokens used by Elevate are the industry standard JSON Web Tokens (JWT)

The client can obtain the token from this endpoint and must send this token in the Authorization header when making requests to other endpoints Tokens will be valid for 15 minutes before a new token must be obtained

Download OpenAPI description
billing-rest-authentication.json
billing-rest-authentication.yaml
Languages
Servers
https://rest.elevatebilling.com/v1

authentication

The Elevate REST API uses JWT Bearer tokens for authentication

Operations

users

An identification used by a person with access to Elevate

Operations

user-roles

Permission groups that can be assigned to users

Operations

app-clients

An identification used by a service that access Elevate APIs programmatically

Operations

identity-providers

Federated identity providers configured for a billing client

Operations

Create a federated identity provider for the current billing client

Request

Configures a SAML 2.0 federated identity provider (IdP) in the Cognito user pool that belongs to the current billing client, and updates the Elevate app client to use that provider exclusively.

Security
bearerAuth
Bodyapplication/jsonrequired

request

providerNamestring[ 1 .. 128 ] charactersrequired
providerTypestring(IdentityProviderType)required
Value"SAML"
metadataUrlstring(uri)required
attributeMappingobject(IdentityProviderAttributeMapping)required

Maps standard Cognito user attributes to the SAML claim URIs that your external IdP includes in its SAML assertion.

attributeMapping.​emailstring[ 1 .. 255 ] charactersrequired

SAML claim URI that carries the user's email address.

Example: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"
attributeMapping.​given_namestring[ 1 .. 255 ] charactersrequired

SAML claim URI that carries the user's first name.

Example: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"
attributeMapping.​family_namestring[ 1 .. 255 ] charactersrequired

SAML claim URI that carries the user's last name (surname).

Example: "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
curl -i -X POST \
  https://rest.elevatebilling.com/v1/identity-providers \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "providerName": "Azure-AD",
    "providerType": "SAML",
    "metadataUrl": "https://login.microsoftonline.com/<tenant-id>/federationmetadata/2007-06/federationmetadata.xml",
    "attributeMapping": {
      "email": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
      "given_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname",
      "family_name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"
    }
  }'

Responses

Created

Bodyapplication/json
billingClientIdinteger(int32)required
providerNamestringrequired
providerTypestring(IdentityProviderType)required
Value"SAML"
Response
application/json
{
  "billingClientId": 0,
  "providerName": "string",
  "providerType": "SAML"
}