Skip to content
Vault Logo
Vault Developer Portal Developer
Advanced Search

    Release Notes

    Discovery

    Discover the Authentication type of a user. With this API, you can build applications which could dynamically adjust the the login requirements per user, and support either username/password or OAuth2.0 / OpenID Connect authentication schemes.

    POSThttps://{auth_server_url}/auth/discovery

    Headers

    Section link for Headers
    NameDescription
    Acceptapplication/json (default)
    Hostlogin.veevavault.com

    Query Parameters

    Section link for Query Parameters
    NameDescription
    usernameThe user’s Vault username.

    Request

    Section link for Request
    curl -X POST \
-H "Accept: application/json" \
https://login.veevavault.com/auth/discovery?username=meganmurray@veepharm.com

    Response

    Section link for Response
    {
    "responseStatus": "SUCCESS",
    "data": {
        "auth_type": "sso",
        "auth_profiles": [
            {
                "id": "_9ad0a091-cbd6-4c59-ab5a-d4f2870f218c",
                "label": "PMDemo",
                "description": "",
                "vault_session_endpoint": "https://devauth1.vaultdev.com/auth/oauth/session/_9ad0a091-cbd6-4c59-ab5a-d4f2870f218c",
                "as_metadata": {
                    "issuer": "https://veevatest.okta.com/oauth2/aus1b8xga9o48qdj31d8",
                    "authorization_endpoint": "https://veevatest.okta.com/oauth2/aus1b8xga9o48qdj31d8/v1/authorize",
                    "token_endpoint": "https://veevatest.okta.com/oauth2/aus1b8xga9o48qdj31d8/v1/token",
                    "registration_endpoint": "https://veevatest.okta.com/oauth2/v1/clients",
                    "jwks_uri": "https://veevatest.okta.com/oauth2/aus1b8xga9o48qdj31d8/v1/keys",
                    "response_types_supported": [
                        "code",
                        "token",
                        "code token"
                    ],
                    "response_modes_supported": [
                        "query"
                    ],
                    "introspection_endpoint": "https://veevatest.okta.com/oauth2/aus1b8xga9o48qdj31d8/v1/introspect",
                    "introspection_endpoint_auth_methods_supported": [
                        "client_secret_basic",
                    ],
                    "revocation_endpoint": "https://veevatest.okta.com/oauth2/aus1b8xga9o48qdj31d8/v1/revoke",
                    "revocation_endpoint_auth_methods_supported": [
                        "client_secret_basic",
                    ],
                    "end_session_endpoint": "https://veevatest.okta.com/oauth2/aus1b8xga9o48qdj31d8/v1/logout"
                }
            }
        ]
    }
}

    Response Details

    Section link for Response Details

    The response specifies the user’s auth_type, either:

    • password: The user is configured with a username and password.
    • sso: The user is configured with an SSO Security Policy and at least one SSO profile.

    The response specifies the user’s auth_profiles, which includes all other information about the user’s authentication profile. If the user’s Security Profile is associated with:

    • An OAuth2/OIDC profile, the response will also contain the Authentication Server metadata (as_metadata).
    • A SAML profile, the auth_profiles array will be empty.