Version History
This section describes changes made in subsequent releases and the new features in this API:
| Release | Enhancements | API Version |
|---|---|---|
| 2025.2 | To enhance handling of the Permission Groups via the Public API, we exposed the following new endpoints: - POST /permissionGroups - enables the API client to create permission groups. - GET /permissionGroups/{permissionGroupId} - retrieves information about a specific permission group from the Harmonized Identity Management application based on the Permission Group ID. - PUT /permissionGroups/{permissionGroupId} - updates information about a specific permission group from the Harmonized Identity Management application based on the Permission Group ID. | v1 |
| 2025.2 | We implemented the Access Code login method in the HIDM application by generating an access code during user creation or editing. The Easy Access Password Policy enables users to log into HIDM using the access code. To support this implementation in the Public API, we added the following changes: - we added a new mandatory response field maxLastAccessCodeMatch in the GET /tenant/passwordpolicy endpoint and a new mandatory request field maxLastAccessCodeMatch in the PUT /tenant endpoint. The field maxLastAccessCodeMatch indicates how many last access code matches a user can set. - we added a new optional request field isSkipAccessCodeForever in the PUT /users/{userId} and PUT /users/externalId/{externalId} endpoints. we also added a new optional response field isSkipAccessCodeForever in the GET /users/{userId} endpoint. The field isSkipAccessCodeForever allows external users to skip local access code setup upon each login. | v1 |
| 2025.2 | HIDM application was enhanced with a feature that allows user to login to all child Business Units below if access is provided for the higher node BU. To support this enhancement, we extended Public API with the following endpoints: GET /tenant/passwordpolicy and PUT /tenant where optional flag AllowChildBusinessUnitLogin was added in response and request of the endpoints respectively. When flag AllowChildBusinessUnitLogin set to True, a user with access to higher level BU can see all child BU even when explicit access to child BUs are not provided. | v1 |
| 2025.2 | We implemented the Dallas Key and QR Code authentication or login methods in the HIDM application. Users can generate a QR Code or provide the Dallas Key during user creation or editing. The QR Code allows users to generate a QR Code for login operations. The Dallas Key allows users to provide a Dallas Key for login operations. To support this implementation in the Public API, we added the following changes: - we added the new optional request fields qrCode, dallasKey, and dallasKeyExpiration to the following endpoints: POST /users, PUT /users/{userId}, POST /users/externalId, and PUT /users/externalId/{externalId}. - we added the new optional response fields isDallasKeyAvailable, isQrCodeAvailable, and qrCodeExpiration to the following endpoints: GET /users/{userId} and GET /users/externalId/{externalId}. | v1 |
| 2025.2 | We implemented the Access Code login method in the HIDM application by generating an access code during user creation or editing. The Easy Access Password Policy enables users to log into HIDM using the access code. To support this implementation in the Public API, we added the following changes: - we added a new optional request fields AccessCode and AccessCodeChangeFlag to the following endpoints: POST /users, PUT /users/{userId}, POST /users/externalId, and PUT /users/externalId/{externalId}. The property AccessCode indicates the Access Code of the user. The property AccessCodeChangeFlag indicates whether the Access Code needs to be changed. - we added a new optional response field isEasyAccessEnabled to the following endpoint: GET /clients/externalId/{externalId}. The property isEasyAccessEnabled indicates whether Easy Access is enabled for the client. - we added a new optional response fields accessCodeChangeFlag and isAccessCodeAvailable to the following endpoints: GET /users/{userId} and GET /users/externalId/{externalId}. The property accessCodeChangeFlag indicates whether the Access Code needs to be changed. The property isAccessCodeAvailable indicates whether the user has an Access Code for authentication. | v1 |
| 2025.2 | To enhance user experience, we introduced a new field isSkippedPasswordForever which allows external users to skip local password setup on each HIDM login. To support this improvement in Public API, we added a new optional field isSkippedPasswordForever to the following endpoints: - PUT /users/externalId/{externalId} (in request) - PUT /users/{userId} (in request) - GET /users/{userId} (in response) | v1 |
| 2025.2 and Patch in API 2024.2 | We enhanced large-scale data sets processing in HIDM with the bulk load operations feature. It minimizes the number of requests and improves integration of batch processes. You can perform bulk import of the following HIDM objects: Business Unit Types, Permission Groups, Roles, and Users using the following endpoints: - POST /businessUnitTypes/bulkImport - POST /permissionGroups/bulkImport - POST /roles/bulkImport - POST /users/bulkImport | v1 |
| 2025.2 and Patch in API 2024.2 | We improved User Role hierachy in the HIDM application by restricting users' access to only assigned Roles and downwards in the Role tree. Currently, you can only view and manage other users' roles who have the same role as you or a lower role. To support this enhancement in Public API, we introduced the following changes: - we added new fields isSystem and parentId to the following endpoints: POST /roles (in request), PUT /roles/{roleId} (in request), GET /roles/{roleId} (in response) , and GET /roles (in response). The property isSystem indicates role dedicated for client-only usage by system applications or services. The parentId field identifies a parent role. Both new properties are not mandatory. - we added a new request parameter includeSystem to the GET /roles, and GET /roles/externalId endpoints. It depicts technical roles used by system applications or services. - we added new response fields: isSystem and parentExternalId (external identifier of a parent role) to the GET /roles/externalId/{externalId} and GET /roles/externalId endpoints. | v1 |
| 2025.2 and Patch in API 2024.2 | The HIDM application was enhanced with operations using External Identifiers (externalId). External Id is a reference to a unique ID of the entity (for example Business Unit, Business Unit Type, Role, Client, etc.) as defined in the external application, for instance, third-party ERP system. To support this enhancement we extended Public API with the following endpoints: - DELETE /businessunits/externalId/{externalId} - deletes a Business Unit based on the unique externalId. - PUT /businessunits/externalId/{externalId}/changeStatus - updates the status of a Business Unit based on the BU ExternalId. - GET /businessunits/externalId - retrieves a list of Business Units with ExternalId. - GET /businessunits/externalId/{externalId} - provides details on a specific Business Unit based on the unique externalId. - DELETE /businessUnitTypes/externalId/{externalId} - delete a Business Unit Type based on the unique externalId. - PUT /businessUnitTypes/externalId/{externalId}/status - updates the status of a Business Unit Type based on the unique externalId. - GET /businessUnitTypes/externalId - retrieves a list of Business Unit Types with External Ids. - GET /businessUnitTypes/externalId/{externalId} - provides details on a specific Business Unit Type based on the unique externalId. - DELETE /roles/externalId/{externalId} - deletes a Role based on the unique externalId. - GET /roles/externalId - retrieves a list of Roles with external identifiers. - GET /roles/externalId/{externalId} - provides details on a specific Role based on the unique externalId. - DELETE /applications/externalId/{externalId} - deletes an Application based on the unique externalId. - PUT /applications/externalId/{externalId}/status - enables to change status for an Application, based on the unique externalId. - GET /applications/externalId/{externalId} - provides details on a specific Application based on the unique externalId. - DELETE /clients/externalId/{externalId} - deletes a Client based on the unique externalId. - PUT /clients/externalId/{externalId}/enabled - updates status (active/inactive) of a Client, based on the unique externalId. - GET /clients/externalId/{externalId} - provides details on a specific Client based on the unique externalId. - GET /permissions/externalId/{externalId} - provides details on a specific Permission based on the unique externalId. - DELETE /permissionGroups/externalId/{externalId} - deletes a Permission Group based on the unique externalId. - GET /permissionGroups/externalId - retrieves a list of Permission Groups with external identifiers. - GET /permissionGroups/externalId/{externalId} - provides details on a specific Permission Group based on the unique externalId. - DELETE /users/externalId/{externalId} - deletes a User based on the unique externalId. - PUT /users/externalId/{externalId}/lock - locks/unlocks a User based on the unique externalId. - PUT /users/externalId/{externalId}/resetMfa - allows to reset Multi-Factor Authentication (MFA) for a User, based on the unique externalId. | v1 |
| 2025.2 and Patch in API 2024.2 | To enable a service-level health check, we introduced a new endpoint: - GET /healthCheck. It enables the API client to check the API health status including the backend service status. A client can check the status of the backend service so that it knows when to switch from cloud to edge. On the 200 response, the client receives the overall status information: healthy, degraded, unhealthy. | v1 |
| 2024.3 | To enhance handling Permissions, Permission Groups, Applications, Clients and Resources via the Public API, we exposed the following new endpoints: - GET /permissions - retrieves a list of all permissions. - GET /permissionGroups - retrieves a list of all permission groups. - GET /applications - retrieves a list of all applications. - GET /clients - retrieves a list of all clients. - GET /resources - retrieves a list of all resources. | v1 |
| Patch in API 2024.2 | Users is a module in Harmonized Identity Management (HIDM) that enables HIDM users to set up and manage User details in HIDM. Managing Users includes tasks such as creating and editing a User, activating-deactivating status of a User, deleting a User, and more. To support handling Users by the Public API, we introduced the following new endpoints: - PUT /users/{userId} - updates a user data in the HIDM application, based on the unique userId. - DELETE /users/{userId} - deletes a User (based on the unique userId) from the HIDM application. - PUT /users/{userId}/status - updates the Status of a User in the HIDM application, based on the unique userId. The available statuses are: active and inactive. - PUT /users/{userId}/lock - enables the API Client to lock/unlock a user in the HIDM application, based on the unique userId. - PUT /users/{userId}/resetMfa - enables to reset Multi-Factor Authentication (MFA) for a user in the HIDM application, based on the unique userId. - POST /users/externalId - creates a user in the HIDM application, based on external identifiers. - GET /users/externalId/{externalId} - provides details on a specific user based on the unique externalId. - PUT /users/externalId/{externalId} - updates a user data in the HIDM application, based on the user external identifier (externalId). - PUT /users/externalId/{externalId}/status - updates a user status in the HIDM application, based on the user external identifier (externalId). We also introduced the following changes in the previously implemented endpoints: - the users.userName maximum size changed to 40 characters in the GET /users, GET /users/{userId}, and GET /users/{userId} endpoints. - the users.email maximum size changed to 256 characters in the GET /users endpoint. - the maximum characters restriction for rowVersion removed in the GET /users and GET /users/{userId} endpoints. - the externalId field changed from optional to mandatory in the POST /users endpoint. - the lastName field changed from mandatory to optional in the POST /users and GET /users/{userId} endpoints. | v1 |
| Patch in API 2024.2 | Roles is a module in Harmonized Identity Management that enables users to set up and manage Local Roles and Global Roles for different applications. Managing Roles includes tasks such as creating, editing, deleting, or viewing details of the Roles added. To support handling Roles by the Public API, we introduced the following new endpoints: - POST /roles - creates a Role in the HIDM application. - GET /roles - retrieves a multiple Roles details (for instance, name, description, externalId, permission groups associated with Roles). - GET /roles/{roleId} - enables the API client to retrieve a Role details (for instance, name, description, externalId, permission groups associated with the Role), based on the roleId. - PUT /roles/{roleId} - updates a given Role details, based on the roleId. - DELETE /roles/{roleId} - enables the API client to delete a Role, based on the roleId. | v1 |
| Patch in API 2024.2 | To enhance managing Business Unit Types, we exposed the following new endpoints: - GET /businessUnitTypes/parents - retrieves a list of all parents of a Business Unit Type. - GET /locationtypes - retrieves location types (Office, Warehouse, Location) We also introduced the following changes: - we changed the maximum characters for Name of Business Unit Type (name field) to 100 in the following endpoints: POST /businessUnitTypes, GET /businessUnitTypes/{businessUnitTypeId}, GET /businessUnitTypes, PUT /businessUnitTypes/{businessUnitTypeId}. - we changed externalId field from optional to mandatory in the POST /businessUnitTypes endpoint and removed externalId field in the PUT /businessUnitTypes/{businessUnitTypeId} endpoint. - In the PUT /businessUnitTypes/{businessUnitTypeId} and PUT /businessUnitTypes/{businessUnitTypeId}/status endpoints we deleted the maximum characters restriction for rowVersion string (in request and response). | v1 |
| Patch in API 2024.2 | Business Units enable an Enterprise to create and manage organization business hierarchy. Managing Business unit records includes tasks such as editing, deleting, deactivating or viewing details of the Business Units added. To support managing Business Units by the Public API, we enhanced the following endpoins: - POST /businessunits - we added new optional request fields: vrpVersionId (specifies VRP version installed in a particular Business Unit), regionCode (region code of the Business Unit), globalLocationNumber (GLN is a reference to a unique ID of the newly created Business Unit in an external system). We also changed the following request field: ownerBusinessUnitId from optional to mandatory. - GET /businessunits - we added new optional response fields: businessUnits.isFranchise (flag indicating if the Business Unit operates as a franchise), businessUnits.metadata, businessUnits.vrpVersionId,businessUnits.regionCode, businessUnits.globalLocationNumber. We changed the following response fields: businessUnits.id,businessUnits.parentBusinessUnitId, businessUnits.externalId to optional. - GET /businessunits/{businessUnitId} - we added new optional response fields: isFranchise, metadata, vrpVersionId, regionCode, globalLocationNumber. We changed the following response fields to optional: id, parentBusinessUnitId, externalId. - DELETE /businessunits/{businessUnitId} - we added a new mandatory request field: ownerBusinessUnitId (unique identifier of Business Unit Owner) - PUT /businessunits/{businessUnitId} - we added new optional request fields: isFranchise, metadata, vrpVersionId, regionCode, globalLocationNumber, and a new mandatory request field: ownerBusinessUnitId. We changed the following fields: parentBusinessUnitId (in request) and rowVersion (in response) to optional. The request field: externalId was deleted. - PUT /businessunits/{businessUnitId}/changeStatus - we added a new mandatory request field: ownerBusinessUnitId. We changed response field: rowVersion from mandatory to optional. | v1 |
| 2024.2 | To support managing Business Unit Types by the Public API endpoints, we added a new optional field: locationTypeId, indicating a location type, to the following endpoints: - POST /businessUnitTypes (in request) - GET /businessUnitTypes/{businessUnitTypeId} (in response) - GET /businessUnitTypes (businessUnitTypes.locationTypeId, in response) We also removed the isLocation field from the PUT /businessUnitTypes/{businessUnitTypeId} endpoint (in request). | v1 |
| 2024.1 | To resolve the issue with adding a business unit and to be consistent with the current backend we modified the POST /businessunits endpoint: - we increased the Business Unit name size to 100 characters - we changed the parentBusinessUnitId field from required to optional - we added the following new fields in request: isFranchise and ownerBusinessUnitId | v1 |
| 2024.1 | Users is a module in Harmonized Identity Management (HIDM) that enables the Retailer to successfully manage and maintain user authentication and authorization. Users may be assigned to one or more applications integrated with HIDM, assuming different roles in each application. To support the set up and management of User details in HIDM we exposed the following endpoints: - POST /users - Enables to create a user. - GET /users/{userId} - Provides details on the specific user based on unique userId - GET /users - Retrieves details on multiple users | v1 |
| 2024.1 | We changed the request field externalId to mandatory in the POST /businessunits endpoint. | v1 |
| 2023.3 | To improve using business units in HIDM, we introduced the following endpoints for managing Business Unit Types: - GET /businessUnitTypes - retrieves a list of all Business Unit Types. - POST /businessUnitTypes - enables to create a new Business Unit Type. - GET /businessUnitTypes/{businessUnitTypeId} - provides details about a specific Business Unit Type based on the BU Types's Id (unique identifier). - DELETE /businessUnitTypes/{businessUnitTypeId} - enables to delete a Business Unit Type entry. - PUT /businessUnitTypes/{businessUnitTypeId} - enables to update information on a specific Business Unit Type. - PUT /businessUnitTypes/{businessUnitTypeId}/status - enables to change the status of a Business Unit Type. The available statuses are active and inactive. | 1.1.7 |