Try Gliffy for FREE

Try Gliffy for FREE
No signup required

Home

Gliffy Developer Program breadcrumb arrow

REST API

User

BETA - Please note, that the Gliffy API is currently in BETA testing. There may be minor changes to the API that are likely to occur before the product leaves BETA.

User

A user is an authenticated entity accessing Gliffy

+Get Users in an account

Request URL

HTTP METHOD	URL
GET or POST	$API_ROOT/accounts/$YOUR_ACCOUNT_ID/users.xml?action=get

Parameters

PARAMETER	REQUIRED	POSSIBLE VALUES	DESCRIPTION
action	Yes	get	Get the users in an account.

Example Response containing <users>

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response xmlns="http://www.gliffy.com" success="true">
    <users>
        <user id="209">
            <username>barney</username>
            <email>barney@BurnsODyne.apiuser.gliffy.com</email>
        </user>
        <user id="205">
            <username>bart</username>
            <email>bart@BurnsODyne.apiuser.gliffy.com</email>
        </user>
        <user id="210">
            <username>discostu</username>
            <email>discostu@BurnsODyne.apiuser.gliffy.com</email>
        </user>
        <user id="204"> 
            <username>homer</username> 
            <email>homer@BurnsODyne.apiuser.gliffy.com</email> 
        </user> 
    </users> 
</response>

+Create a user

Create this user explicitly. If you wish to auto-provision a user into your Gliffy account when they log into your application, a more expedient way of creating the user would be to simply create their login token.

Request URL

HTTP METHOD	URL
POST	$API_ROOT/accounts/$YOUR_ACCOUNT_ID/users.xml?action=create&userName=$USERNAME

Parameters

PARAMETER	REQUIRED	POSSIBLE VALUES	DESCRIPTION
action	Yes	create	Create a user in the account.
userName	Yes	any string	The username of a user, unique in the account. Should contain no spaces.

Example of successful <response>

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response xmlns="http://www.gliffy.com" success="true" />

+Update a user's information

Updates the user's meta data. By default, users created via the API cannot log into Gliffy via www.gliffy.com. If you wish to allow certain users to do so, they will need a unique email address and a password. Users are given a fake email address when provisioned, so you are free to use that, coupled with a password of your choice, if you do not wish to store a user's actual email address with Gliffy.

Request URL

HTTP METHOD	URL
POST	$API_ROOT/accounts/$YOUR_ACCOUNT_ID/users/$USERNAME.xml?action=update

Parameters

PARAMETER	REQUIRED	POSSIBLE VALUES	DESCRIPTION
action	Yes	update	Update a user in the account.
email	no	an email address	the new email address
password	no	any string	their user password for logging into Gliffy Online
admin	no	true \| false	"true" to grant user with administrative privileges on the account. "false" to remove administrative privileges.

Example of successful <response>

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response xmlns="http://www.gliffy.com" success="true" />

+Delete a user

Deletes the user. This cannot be undone. Documents they created will not be deleted; their ownership will be given to an admin of the account. For un-owned documents where changes (revisions) were made by this user, those changes will now be assigned to the admin as well.

Request URL

HTTP METHOD	URL
DELETE or POST	$API_ROOT/accounts/$YOUR_ACCOUNT_ID/users/$USERNAME.xml?action=delete

Parameters

PARAMETER	REQUIRED	POSSIBLE VALUES	DESCRIPTION
action	Yes	delete	Delete a user in the account.

Example of successful <response>

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response xmlns="http://www.gliffy.com" success="true" />

+Create a User's OAuth Token

Most calls to gliffy require the user to be identified via a short-lived OAuth Token. When you create a user OAuth Token, you are essentially logging a user in. Every request in which you use this token means you are making the request on behalf of the user. This token will also be part of the OAuth signature. You can also provision users this way. This keeps your application from having to check if a given user has a Gliffy user already. You simply access the user's OAuth Token at the start of their session and Gliffy will provision them if needed.

The username can be anything, and may contain the "@" sign (i.e. an email address).

This call also requires a 'description' parameter. This is a string that describes the Home Application making the request (i.e. "Media Wiki Plugin")

This returns a new OAuth Token if it hasn't expired. It will also return the OAuth Token Secret used for signing requests with the OAuth Token. If the user doesn't exist, provisions them, creates a token and returns it. If your account has already reached its maximum number of users, this call will fail if the username provided is not known to Gliffy.

This method does not require an OAuth Token

Request URL

HTTP METHOD	URL
POST	$API_ROOT/accounts/$YOUR_ACCOUNT_ID/users/$USERNAME/oauth_token.xml?action=create

Parameters

PARAMETER	REQUIRED	POSSIBLE VALUES	DESCRIPTION
action	Yes	create	Gets a user token.
description	Yes	Any string	Short description of Home Application making the request.

Example Response containing <oauth-token-credentials>

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response success="true">
    <oauth-token-credentials>
        <oauth-token>140a1b58c248d13872499df769606766</oauth-token>
        <oauth-token-secret>481830f5827e35b0644a32c1caac5245</oauth-token-secret>
        <create-date>1236204382765</create-date>
    </oauth-token-credentials>
</response>

If the token request requires provisioning a user (i.e. you are getting the token for a new user), and your account has reached the maximum number of users, the error response you receive will have an http-status-code of 401. This is the only instance where the request for a token will return that code, unless there was a problem with the request specific to the OAuth specification (i.e. bad timestamp or nonce, invalid signature, etc.)

Example <response> when user provisioning has failed

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response xmlns="http://www.gliffy.com" success="false">
    <error http-status-code="401">Your account has reached the maximum number of users</error>
</response>

+Delete a User's OAuth Token

When you delete a user OAuth Token, you are essentially logging a user out.

The username can be anything, but should not contain the "@" sign, nor should it be entirely numeric. It may contain spaces.

Request URL

HTTP METHOD	URL
POST	$API_ROOT/accounts/$YOUR_ACCOUNT_ID/users/$USERNAME/oauth_token.xml?action=delete

Parameters

PARAMETER	REQUIRED	POSSIBLE VALUES	DESCRIPTION
action	Yes	delete	Gets a user token.

Example of successful <response>

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response xmlns="http://www.gliffy.com" success="true" />

+Get folders that a user has access to

Returns folders in this account that this user has rights to access

Request URL

HTTP METHOD	URL
GET or POST	$API_ROOT/accounts/$YOUR_ACCOUNT_NAME/users/$USERNAME/folders.xml?action=get

Parameters

PARAMETER	REQUIRED	POSSIBLE VALUES	DESCRIPTION
action	Yes	get	Gets a user token.

Example Response containing <folders>

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<response xmlns="http://www.gliffy.com" success="true">
    <folders>
        <folder is-default="true">
            <name>ROOT</name>
            <path>ROOT</path>
            <folder is-default="false">
                <name>Tulacca Camp</name>
                <path>ROOT/Tulacca Camp</path>
            </folder>
            <folder is-default="false">
                <name>Simpsons Family</name>
                <path>ROOT/Simpsons Family</path>
                <folder is-default="false">
                    <name>Homer's Secrets</name>
                    <path>ROOT/Simpsons Family/Homer's Secrets</path>
                </folder>
            </folder>
        </folder>
    </folders>
</response>

Gliffy Developer Program

REST API Documentation