TeamBeam API Version 2
API Endpoint
https://free.teambeam.de/api/skp/v2This document describes version 2 of the TeamBeam Transfer API.
This version is currently being developed. Eventually, it will replace version 1 of the API.
Getting Started ¶
Transport ¶
The TeamBeam API is available via HTTPS only. The hostname matters, most entities are bound to a specific hostname, and accessing them on other hostnames will often not work.
SSL 2.0 and SSL 3.0 are disabled.
The base URI for all resources is:
https://{hostname}/api/skp/v2
Authentication ¶
Most requests require authentication in the form of bearer tokens. See authentication.
Some unauthenticated requests may use a cookie-based session.
Rate Limiting ¶
Many resources are protected against misuse or overload caused by badly behaving clients through rate limits according to the Leaky Bucket Algorithm as a Queue concept. Buckets are initially empty. Every request attempts to add a drop to the bucket. If the capacity does not allow this, the request is rejected (see ‘HTTP 509 Rate Limit Exceeded’ in section ‘Error handling’). Buckets drain over time, reducing their specific level and allowing new requests.
HTTP headers inform about the current bucket properties:
-
X-RateLimit-Limit
The total capacity of the current bucket.
Example:
X-RateLimit-Limit: 60 -
X-RateLimit-Remaining
The remaining capacity in the current bucket. Once this value is exhausted, future requests will be rejected until the bucket has been drained sufficiently.
Example:
X-RateLimit-Remaining: 42
Different resources use different buckets:
| Resource | Bucket Identifier | Capacity | Drainrate [1/s] |
|---|---|---|---|
| Login | Email-address of user | 3 | 1/15 |
| Get Onetime Key | User-ID | 10 | 1/30 |
| Environment | no limit | n/a | n/a |
| Other resources | session ID | 60 | 1 |
API Deprecation ¶
Over time, the backend may change and a new version of the API will be released. To inform developers and clients of upcoming changes, the server indicates API deprecation by sending a Warning header with warning-code 229.
Example:
Warning: 299 - “API Deprecation Warning: Support for this request will be dropped soon, please update your client.”
While API deprecation is indicated, the API call will still function as documented. At a later stage, support for individual API calls up to the complete API-path may be dropped. This is indicated by responding with HTTP status code 410 (see section ‘Error handling’).
Payload format ¶
Unless explicitely stated, request and response bodies are encoded in JSON format. Appropriate headers (Content-Type: application/json, Accept: application/json) must be set.
Timestamps are encoded in ISO 8601 format, including timezone offset from UTC. Example:
{ “validDate”: “2037-12-31T15:29:59+00:00” }
Error handling ¶
The API responds with different HTTP Status Codes and messages:
-
HTTP 400 Bad Request
The request cannot be processed for syntax reasons. This could be because of a missing field, an incorrect type or an invalid value. The error message might provide more information. Check your code against the documentation. Retrying the request will not improve your chances of success.
Example:
{ "error": { "code": 400001, "message": "The request cannot be fulfilled.", "details": ["Invalid or unsupported value.", "Please consult the documentation."] } } -
HTTP 401 Not Authorized
Your request is missing an authenticated session ID, your session ID has expired, or your user is not valid. Obtain a new session and/or authenticate it (see the AuthResource).
-
HTTP 403 Forbidden
Your request was syntactically correct, but violated somehing else. Possible reasons are feature- and/or contract-limitations, accessing someone else’s data without authorization. Retrying the request will lead to the same result. The details of the message will provide more details.
Example:
{ "error": { "code": 403001, "message": "This request is forbidden.", "details": ["TTL is not acceptable"] } } -
HTTP 404 Not Found
The request could not be fulfilled, since the resource or entity at the URI does not exist (anymore). Retrying is futile.
-
HTTP 405 Method Not Allowed
The resource or entity does not support the HTTP method. Please consult the documentation.
-
HTTP 406 Not Acceptable
The backend cannot supply the response in the requested mediatype (as per the
Acceptrequest header). Please consult the documentation. You can retry your request, specifying appropriate headers. -
HTTP 409 Conflict
The request was not successful, because the a persistence-opertion failed. This can be temporary, or because another operation has modified the data in the meantime. Reread your data again, apply your changes and retry the request. You haven’t broken anything yet.
-
HTTP 410 Gone
The request was once valid but is no longer acceptable. This is a permanent situation. It indicates that parts of the API have since been deprecated and support for them has been dropped. It is recommended to consult the documentation and update clients.
-
HTTP 413 Request Entity Too Large
The backend is unwilling or unable to process a request body of this size.
-
HTTP 415 Unsupported Mediatype
The backend does not support the request payload, as announced in the
Content-Typeheader. -
HTTP 416 Range Not Satisfiable
This occurs when an upload or download request does not provide acceptable values for headers
RangeorContent-Range. -
HTTP 429 Rate Limit Exceeded
The request was not accepted because of a rate limit violation. The API is protected against overload and bruteforce attacks with rate limits. See the section on rate limiting for details. The response contains a
Retry-Afterheader (in seconds) to assist in retrying the request again.Example:
Retry-After: 23 -
HTTP 500 Server Error
Oops! It looks like something went horribly wrong in the backend. You might want to get in touch with us.
-
HTTP 503 Maintenance
The host you’re addressing is currently undergoing maintenance and is not serving requests. You can retry your request until is being accepted again.
Authentication ¶
In order to access privileged data or perform actions, the request must use an authenticated session.
Access Token ¶
Access to the API is granted in the form of a short-lived access token, which the client must present as bearer token in the Authorization header in each request. A client can obtain an access token by presenting a valid Skalio ID token.
Access tokens follow the JSON Web Token standard and can be analyzed by the client.
| claim | relevance, purpose |
|---|---|
sub |
Contains the UID of the person the token belongs to. |
exp |
Timestamp in epoch-format, when the token is expired and is no longer accepted. |
scope |
Value: access. Can be used to distinguish between tokens. |
http://skalio.com/hostname |
Hostname where the access token is accepted. |
amr |
Optional array claim. Contains the authentication methods used to obtain the ID token. |
An access token is only accepted at the hostname it is intended for.
Scenario where the ID token grants access to the current host.
Headers
Authorization: Bearer {.. ID token ..}The authentication was successful.
Headers
Content-Type: application/jsonBody
{
"token": "Hello, world!"
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"token": {
"type": "string",
"description": "An access token. Encoded JWT according to RFC 7519."
}
},
"required": [
"token"
]
}The ID token was rejected.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "Request cannot be fulfilled",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"enum": [
0
],
"description": "unique error code"
},
"message": {
"type": "string",
"enum": [
"Request cannot be fulfilled"
],
"description": "localized error text"
},
"details": {
"type": "array",
"items": {
"type": "string",
"enum": [
""
]
},
"description": "additional localized error messages"
}
},
"required": [
"code",
"message"
],
"additionalProperties": false
}
},
"required": [
"error"
],
"additionalProperties": false
}Access to the adminunit is rejected. Check the details for an explanation.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "This request is forbidden.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Get access tokenPOST/auth/access?cookie={cookie}
Provide a Skalio ID token and receive a short lived access token to use TeamBeam Transfer.
The backend accepts a valid ID token and issues an access token, even if the person belongs to an adminunit on a different hostname. However, the resulting access token is only valid at the person’s own adminunit.
Requirements:
- The ID token contains claims matching the current adminunit.
- Skalio ID token v3 uses claims
http:/skalio.com/org_idandroles
- Skalio ID token v3 uses claims
The backend will try to find, migrate or auto-create a user matching the ID token:
-
search for user by uid matching
subjectclaim from token -
if not found: search for user by email matching
emailclaim from token- excludes users managed by an LDAP directory
- if found: migrate to “Skalio ID authentication” by setting
uidfield and clearingpasswordHash
-
if not found: auto-create the user as per Skalio ID profile
On the web-platform, it is recommended to request cookie=true. This will deliver the access token as a secure HTTP cookie in addition to the regular payload. A web-browser will then automatically send the cookie for matching requests. This enables downloading of locked or protected files as the authenticated sender or receiver directly within a web-browser.
The cookie is only sent if the user’s adminunit matches the hostname the request arrived on. Cookies cannot be sent for a foreign hostname.
- cookie
boolean(optional) Example: falseIf true, the access token will also be delivered as a cookie. Default: false.
Adminunit Resource ¶
An adminunit is the top level entity that combines users, transfers, folders, objects, etc. representing a customer.
All requests must be authenticated with an access token. Administrator privileges are required.
Adminunit ¶
Headers
Authorization: Bearer {... access token ...}Headers
Content-Type: application/jsonBody
{
"uid": "zt8khx5u.hotnvdm",
"customerName": "'Example Org'",
"defaultExpiration": 7,
"expirationIntervals": [
3,
5,
7
],
"allowCustomExpiration": true,
"forcedMalwareCheck": true,
"forcedPasswordUsage": false,
"blockAfterFirstDownload": false,
"forcedRecipientAuthentication": false
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"uid": {
"type": "string",
"description": "Unique identifier, readonly."
},
"customerName": {
"type": "string",
"description": "Organization name, readonly."
},
"defaultExpiration": {
"type": "number",
"description": "Default expiration of a new transfer, in days."
},
"expirationIntervals": {
"type": "array",
"description": "List of expiration intervals that can be used, in days."
},
"allowCustomExpiration": {
"type": "boolean",
"description": "Allows the user to chose from the expiration intervals or always use the default value."
},
"forcedMalwareCheck": {
"type": "boolean",
"description": "Send all new transfers through malware check."
},
"forcedPasswordUsage": {
"type": "boolean",
"description": "Require that all new transfers have a password."
},
"blockAfterFirstDownload": {
"type": "boolean",
"description": "Require that all new transfers can be downloaded only once."
},
"forcedRecipientAuthentication": {
"type": "boolean",
"description": "Require that all new transfers use recipient authentication."
}
},
"required": [
"uid",
"customerName",
"defaultExpiration",
"expirationIntervals",
"allowCustomExpiration",
"forcedMalwareCheck",
"forcedPasswordUsage",
"blockAfterFirstDownload",
"forcedRecipientAuthentication"
]
}Authentication was missing or invalid.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "Authentication failed or missing.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Access to this adminunit has been denied.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "This request is forbidden.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Headers
Content-Type: application/json
Authorization: Bearer {... access token ...}Body
{
"uid": "zt8khx5u.hotnvdm",
"customerName": "'Example Org'",
"defaultExpiration": 7,
"expirationIntervals": [
3,
5,
7
],
"allowCustomExpiration": true,
"forcedMalwareCheck": true,
"forcedPasswordUsage": false,
"blockAfterFirstDownload": false,
"forcedRecipientAuthentication": false
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"uid": {
"type": "string",
"description": "Unique identifier, readonly."
},
"customerName": {
"type": "string",
"description": "Organization name, readonly."
},
"defaultExpiration": {
"type": "number",
"description": "Default expiration of a new transfer, in days."
},
"expirationIntervals": {
"type": "array",
"description": "List of expiration intervals that can be used, in days."
},
"allowCustomExpiration": {
"type": "boolean",
"description": "Allows the user to chose from the expiration intervals or always use the default value."
},
"forcedMalwareCheck": {
"type": "boolean",
"description": "Send all new transfers through malware check."
},
"forcedPasswordUsage": {
"type": "boolean",
"description": "Require that all new transfers have a password."
},
"blockAfterFirstDownload": {
"type": "boolean",
"description": "Require that all new transfers can be downloaded only once."
},
"forcedRecipientAuthentication": {
"type": "boolean",
"description": "Require that all new transfers use recipient authentication."
}
},
"required": [
"uid",
"customerName",
"defaultExpiration",
"expirationIntervals",
"allowCustomExpiration",
"forcedMalwareCheck",
"forcedPasswordUsage",
"blockAfterFirstDownload",
"forcedRecipientAuthentication"
]
}Headers
Content-Type: application/jsonBody
{
"uid": "zt8khx5u.hotnvdm",
"customerName": "'Example Org'",
"defaultExpiration": 7,
"expirationIntervals": [
3,
5,
7
],
"allowCustomExpiration": true,
"forcedMalwareCheck": true,
"forcedPasswordUsage": false,
"blockAfterFirstDownload": false,
"forcedRecipientAuthentication": false
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"uid": {
"type": "string",
"description": "Unique identifier, readonly."
},
"customerName": {
"type": "string",
"description": "Organization name, readonly."
},
"defaultExpiration": {
"type": "number",
"description": "Default expiration of a new transfer, in days."
},
"expirationIntervals": {
"type": "array",
"description": "List of expiration intervals that can be used, in days."
},
"allowCustomExpiration": {
"type": "boolean",
"description": "Allows the user to chose from the expiration intervals or always use the default value."
},
"forcedMalwareCheck": {
"type": "boolean",
"description": "Send all new transfers through malware check."
},
"forcedPasswordUsage": {
"type": "boolean",
"description": "Require that all new transfers have a password."
},
"blockAfterFirstDownload": {
"type": "boolean",
"description": "Require that all new transfers can be downloaded only once."
},
"forcedRecipientAuthentication": {
"type": "boolean",
"description": "Require that all new transfers use recipient authentication."
}
},
"required": [
"uid",
"customerName",
"defaultExpiration",
"expirationIntervals",
"allowCustomExpiration",
"forcedMalwareCheck",
"forcedPasswordUsage",
"blockAfterFirstDownload",
"forcedRecipientAuthentication"
]
}Authentication was missing or invalid.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "Authentication failed or missing.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Access to this adminunit has been denied.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "This request is forbidden.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Report settings ¶
The adminunit can create different reports:
-
accounting report: creates a list of users who have used TeamBeam Transfer within the configured reporting period. The report is sent via email to the list of registered addresses.
-
archive root folder report: creates a report of all archive root folders and their total storage size. The report is sent via email to the list of registered addresses.
-
transaction log: a detailed, technical log of TeamBeam Transfer transactions. The data is collected in CSV files and stored in the archive.
Headers
Authorization: Bearer {... access token ...}Headers
Content-Type: application/jsonBody
{
"accountingReportReceivers": [
"bob@example.test"
],
"accountingReportTime": 1,
"rootFolderReportReceivers": [
"alice@example.test"
],
"transactionLogEnabled": false,
"accountingReportEnabled": true,
"rootFolderReportEnabled": true
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"accountingReportReceivers": {
"type": "array",
"description": "List of email addresses that receive the accounting report. An empty array disables the report."
},
"accountingReportTime": {
"type": "number",
"description": "Defines the number of months that the accounting report covers. Valid values: 1, 3."
},
"rootFolderReportReceivers": {
"type": "array",
"description": "List of email addresses that receive the archive root-folder report. An empty array disables the report."
},
"transactionLogEnabled": {
"type": "boolean",
"description": "Controls recording of transaction log events."
},
"accountingReportEnabled": {
"type": "boolean",
"description": "Shows if the accounting report is enabled, readonly."
},
"rootFolderReportEnabled": {
"type": "boolean",
"description": "Shows if the archive root-folder report is enabled, readonly."
}
},
"required": [
"accountingReportReceivers",
"accountingReportTime",
"rootFolderReportReceivers",
"transactionLogEnabled",
"accountingReportEnabled",
"rootFolderReportEnabled"
]
}Authentication was missing or invalid.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "Authentication failed or missing.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Access to this adminunit has been denied.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "This request is forbidden.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Fetch settingsGET/adminunit/reports
Returns the reports settings for the adminunit.
This request requires admin privileges.
Headers
Content-Type: application/json
Authorization: Bearer {... access token ...}Body
{
"accountingReportReceivers": [
"bob@example.test"
],
"accountingReportTime": 1,
"rootFolderReportReceivers": [
"alice@example.test"
],
"transactionLogEnabled": false
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"accountingReportReceivers": {
"type": "array",
"description": "List of email addresses that receive the accounting report. An empty array disables the report."
},
"accountingReportTime": {
"type": "number",
"description": "Defines the number of months that the accounting report covers. Valid values: 1, 3."
},
"rootFolderReportReceivers": {
"type": "array",
"description": "List of email addresses that receive the archive root-folder report. An empty array disables the report."
},
"transactionLogEnabled": {
"type": "boolean",
"description": "Controls recording of transaction log events."
}
},
"required": [
"accountingReportReceivers",
"accountingReportTime",
"rootFolderReportReceivers",
"transactionLogEnabled"
]
}Headers
Content-Type: application/jsonBody
{
"accountingReportReceivers": [
"bob@example.test"
],
"accountingReportTime": 1,
"rootFolderReportReceivers": [
"alice@example.test"
],
"transactionLogEnabled": false,
"accountingReportEnabled": true,
"rootFolderReportEnabled": true
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"accountingReportReceivers": {
"type": "array",
"description": "List of email addresses that receive the accounting report. An empty array disables the report."
},
"accountingReportTime": {
"type": "number",
"description": "Defines the number of months that the accounting report covers. Valid values: 1, 3."
},
"rootFolderReportReceivers": {
"type": "array",
"description": "List of email addresses that receive the archive root-folder report. An empty array disables the report."
},
"transactionLogEnabled": {
"type": "boolean",
"description": "Controls recording of transaction log events."
},
"accountingReportEnabled": {
"type": "boolean",
"description": "Shows if the accounting report is enabled, readonly."
},
"rootFolderReportEnabled": {
"type": "boolean",
"description": "Shows if the archive root-folder report is enabled, readonly."
}
},
"required": [
"accountingReportReceivers",
"accountingReportTime",
"rootFolderReportReceivers",
"transactionLogEnabled",
"accountingReportEnabled",
"rootFolderReportEnabled"
]
}Data was missing or invalid.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "The request cannot be fulfilled.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Authentication was missing or invalid.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "Authentication failed or missing.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Access to this adminunit has been denied.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "This request is forbidden.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Update settingsPUT/adminunit/reports
Updates the reports settings for the adminunit.
To enable the accounting report or the archive root-folder report, a list of recipient email addresses has to be set. If the list of addresses is empty, the report is disabled.
Valid values for accountReportTime is 1 or 3 (months).
This request requires admin privileges.
Preset settings ¶
When a new user is first created as a member of the adminunit, the values from this preset are applied to the user. Afterwards the user can change the settings for themselves.
Headers
Authorization: Bearer {... access token ...}Headers
Content-Type: application/jsonBody
{
"expiryWarningEnabled": true,
"uploadConfirmationEnabled": true
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"expiryWarningEnabled": {
"type": "boolean",
"description": "If true, the user will be notified of expiring transfers."
},
"uploadConfirmationEnabled": {
"type": "boolean",
"description": "If true, the user will be notified after a transfer has been uploaded successfully."
}
},
"required": [
"expiryWarningEnabled",
"uploadConfirmationEnabled"
]
}Authentication was missing or invalid.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "Authentication failed or missing.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Access to this adminunit has been denied.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "This request is forbidden.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Fetch presetGET/adminunit/preset
Returns the preset for the adminunit.
This request requires admin privileges.
Headers
Content-Type: application/json
Authorization: Bearer {... access token ...}Body
{
"expiryWarningEnabled": true,
"uploadConfirmationEnabled": true
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"expiryWarningEnabled": {
"type": "boolean",
"description": "If true, the user will be notified of expiring transfers."
},
"uploadConfirmationEnabled": {
"type": "boolean",
"description": "If true, the user will be notified after a transfer has been uploaded successfully."
}
},
"required": [
"expiryWarningEnabled",
"uploadConfirmationEnabled"
]
}Headers
Content-Type: application/jsonBody
{
"expiryWarningEnabled": true,
"uploadConfirmationEnabled": true
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"expiryWarningEnabled": {
"type": "boolean",
"description": "If true, the user will be notified of expiring transfers."
},
"uploadConfirmationEnabled": {
"type": "boolean",
"description": "If true, the user will be notified after a transfer has been uploaded successfully."
}
},
"required": [
"expiryWarningEnabled",
"uploadConfirmationEnabled"
]
}Data was missing or invalid.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "The request cannot be fulfilled.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Authentication was missing or invalid.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "Authentication failed or missing.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Access to this adminunit has been denied.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "This request is forbidden.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Update presetPUT/adminunit/preset
Updates the preset settings, to apply to future users.
This request requires admin privileges.
Role settings ¶
All users and mailboxes are assigned the default role. The privileges defined here apply to all users of the adminunit and their mailboxes.
| privilege | type | description |
|---|---|---|
canUsePersonalArchive |
boolean | Controls if the user can store new transfers in their personal archive. |
personalArchiveQuotaMb |
number, 0 … 2.000.000 | Maximum storage space for transfers in the personal archive, in megabyte. A value of 0 disables this limit. |
transferMaxFileSizeMb |
number, 1 … 2.000.000 | Maximum size of a each file or a person-to-person transfer. |
transferMaxFiles |
number, 1 … 300 | Maximum number of files of a person-to-person transfer. |
transferMaxRecipients |
number, 1 … 2.000 | Maximum number of recipients of a person-to-person transfer. |
mailboxMaxFileSizeMb |
number, 1 … 2.000.000 | Maximum size of a each file of a mailbox transfer. |
mailboxMaxFiles |
number, 1 … 300 | Maximum number of files of a mailboxMaxFiles transfer. |
Headers
Authorization: Bearer {... access token ...}Headers
Content-Type: application/jsonBody
{
"name": "Standard role",
"canUsePersonalArchive": true,
"personalArchiveQuotaMb": 1000,
"transferMaxFileSizeMb": 1000,
"transferMaxFiles": 300,
"transferMaxRecipients": 100,
"mailboxMaxFileSizeMb": 1000,
"mailboxMaxFiles": 300
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"name": {
"type": "string",
"description": "The role name."
},
"canUsePersonalArchive": {
"type": "boolean",
"description": "Controls if users can store transfers in their personal archive."
},
"personalArchiveQuotaMb": {
"type": "number",
"description": "Maximum total storage spaces of the personal archive. A value of 0 removes the limit."
},
"transferMaxFileSizeMb": {
"type": "number",
"description": "Maximum size of a each file in a person-to-person transfer."
},
"transferMaxFiles": {
"type": "number",
"description": "Maximum number of files of a person-to-person transfer."
},
"transferMaxRecipients": {
"type": "number",
"description": "Maximum number of recipients of a person-to-person transfer."
},
"mailboxMaxFileSizeMb": {
"type": "number",
"description": "Maximum size of a each file in a mailbox transfer."
},
"mailboxMaxFiles": {
"type": "number",
"description": "Maximum number of files of a mailbox transfer."
}
},
"required": [
"name",
"canUsePersonalArchive",
"personalArchiveQuotaMb",
"transferMaxFileSizeMb",
"transferMaxFiles",
"transferMaxRecipients",
"mailboxMaxFileSizeMb",
"mailboxMaxFiles"
]
}Authentication was missing or invalid.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "Authentication failed or missing.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Access to this adminunit has been denied.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "This request is forbidden.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Fetch roleGET/adminunit/role
Returns the default role for the adminunit.
This request requires admin privileges.
Headers
Content-Type: application/json
Authorization: Bearer {... access token ...}Body
{
"name": "Standard role",
"canUsePersonalArchive": true,
"personalArchiveQuotaMb": 1000,
"transferMaxFileSizeMb": 1000,
"transferMaxFiles": 300,
"transferMaxRecipients": 100,
"mailboxMaxFileSizeMb": 1000,
"mailboxMaxFiles": 300
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"name": {
"type": "string",
"description": "The role name."
},
"canUsePersonalArchive": {
"type": "boolean",
"description": "Controls if users can store transfers in their personal archive."
},
"personalArchiveQuotaMb": {
"type": "number",
"description": "Maximum total storage spaces of the personal archive. A value of 0 removes the limit."
},
"transferMaxFileSizeMb": {
"type": "number",
"description": "Maximum size of a each file in a person-to-person transfer."
},
"transferMaxFiles": {
"type": "number",
"description": "Maximum number of files of a person-to-person transfer."
},
"transferMaxRecipients": {
"type": "number",
"description": "Maximum number of recipients of a person-to-person transfer."
},
"mailboxMaxFileSizeMb": {
"type": "number",
"description": "Maximum size of a each file in a mailbox transfer."
},
"mailboxMaxFiles": {
"type": "number",
"description": "Maximum number of files of a mailbox transfer."
}
},
"required": [
"name",
"canUsePersonalArchive",
"personalArchiveQuotaMb",
"transferMaxFileSizeMb",
"transferMaxFiles",
"transferMaxRecipients",
"mailboxMaxFileSizeMb",
"mailboxMaxFiles"
]
}Headers
Content-Type: application/jsonBody
{
"name": "Standard role",
"canUsePersonalArchive": true,
"personalArchiveQuotaMb": 1000,
"transferMaxFileSizeMb": 1000,
"transferMaxFiles": 300,
"transferMaxRecipients": 100,
"mailboxMaxFileSizeMb": 1000,
"mailboxMaxFiles": 300
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"name": {
"type": "string",
"description": "The role name."
},
"canUsePersonalArchive": {
"type": "boolean",
"description": "Controls if users can store transfers in their personal archive."
},
"personalArchiveQuotaMb": {
"type": "number",
"description": "Maximum total storage spaces of the personal archive. A value of 0 removes the limit."
},
"transferMaxFileSizeMb": {
"type": "number",
"description": "Maximum size of a each file in a person-to-person transfer."
},
"transferMaxFiles": {
"type": "number",
"description": "Maximum number of files of a person-to-person transfer."
},
"transferMaxRecipients": {
"type": "number",
"description": "Maximum number of recipients of a person-to-person transfer."
},
"mailboxMaxFileSizeMb": {
"type": "number",
"description": "Maximum size of a each file in a mailbox transfer."
},
"mailboxMaxFiles": {
"type": "number",
"description": "Maximum number of files of a mailbox transfer."
}
},
"required": [
"name",
"canUsePersonalArchive",
"personalArchiveQuotaMb",
"transferMaxFileSizeMb",
"transferMaxFiles",
"transferMaxRecipients",
"mailboxMaxFileSizeMb",
"mailboxMaxFiles"
]
}Data was missing or invalid.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "The request cannot be fulfilled.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Authentication was missing or invalid.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "Authentication failed or missing.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Access to this adminunit has been denied.
Headers
Content-Type: application/jsonBody
{
"error": {
"code": 0,
"message": "This request is forbidden.",
"details": [
"Hello, world!"
]
}
}Schema
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"error": {
"type": "object",
"properties": {
"code": {
"type": "number",
"description": "The error code"
},
"message": {
"type": "string",
"description": "English error message."
},
"details": {
"type": "array",
"description": "English details to error."
}
}
}
}
}Update rolePUT/adminunit/role
Updates the default role. Changes apply to all users.
This request requires admin privileges.
Generated by aglio on 10 Mar 2025