Maestrano currently provides four SDKs to facilitate the integration of Single Sign-On, Billing and Data Sharing. Current SDKs are: Java, PHP, Ruby and .NET.
If no SDKs are available in the language you currently use, then it may be necessary to revert to a SDK-free integration using our REST APIs directly. This guide explains how to proceed in such case.
1 - Single Sign-On
Maestrano provides two different Single Sign-On protocols: SAML 2.0 and OpenID. OpenID has become fairly more popular than SAML and is also more supported by the community. Chances are you will find a library handling OpenID out-of-the-box for your language of choice. A few examples:
- Node.js - http://passportjs.org/
- Go - https://github.com/yohcop/openid-go
- Scala/Play - https://www.playframework.com/documentation/2.0/ScalaOpenID
- Perl - http://search.cpan.org/~wrog/Net-OpenID-Consumer-1.16/lib/Net/OpenID/Consumer.pm
Our OpenID guide will give you all the details on the best way to integrate our OpenID provider into your application, just check it out here.
2 - Account Management API & Webhooks
Our account management API is a REST API allowing you to perform:
- Membership Management: get details about your Maestrano customers (memberships) and get notified of service cancellation actions via webhooks.
- Group/Organization
- User
- Groups Webhook MANDATORY
- Group Users Webhook - Mandatory
- Billing Management: create/retrieve/cancel bills or recurring bills for your Maestrano customers.
- Bill (Adhoc)
- RecurringBill
2.1 - Membership Management
Dev Sandbox endpoint: http://api-sandbox.maestrano.io/api/v1/account/
Production endpoint: https://maestrano.com/api/v1/account/
Groups (company/organization) API
> Retrieve your list of customers (= list of companies having selected your application on Maestrano)
# Request curl -u <my-app-id>:<my-app-secret> \ -H "Accept: application/json" \ https://maestrano.com/api/v1/account/groups # Response { "success":true, "errors":{}, "data":[ { "object":"account_group", "id":"cld-4", "created_at":"2014-05-21T04:04:53Z", "updated_at":"2014-05-21T04:04:53Z", "has_credit_card":true, "status":"running", "name":"Logistics Department - Sales", "free_trial_end_at":"2014-06-21T04:04:53Z", "email":"cld-4@example.com", "currency":"USD", "timezone":"America/Los_Angeles", "country":"US", "city":"Los Angeles" } ] }
> Retrieve a specific customer
# Request curl -u <my-app-id>:<my-app-secret> \ -H "Accept: application/json" \ https://maestrano.com/api/v1/account/groups/cld-4 # Response { "success":true, "errors":{}, "data": { "object":"account_group", "id":"cld-4", "created_at":"2014-05-21T04:04:53Z", "updated_at":"2014-05-21T04:04:53Z", "has_credit_card":true, "status":"running", "name":"Logistics Department - Sales", "free_trial_end_at":"2014-06-21T04:04:53Z", "email":"cld-4@example.com", "currency":"USD", "timezone":"America/Los_Angeles", "country":"US", "city":"Los Angeles" } }
Users API
> Retrieve the list of users with access to your application
# Request curl -u <my-app-id>:<my-app-secret> \ -H "Accept: application/json" \ https://maestrano.com/api/v1/account/users # Response { "success":true, "errors":{}, "data":[ { "object":"account_user", "id":"usr-2", "name":"John", "surname":"Doe", "email":"john.doe@gmail.com", "country":"AU", "sso_session":"d7kp1b5esnfgtz6xhiv9qwlja34yu8crm2o0", "created_at":"2014-05-21T00:37:34Z", "updated_at":"2015-03-09T06:37:28Z" } ] }
> Retrieve a specific user
# Request curl -u <my-app-id>:<my-app-secret> \ -H "Accept: application/json" \ https://maestrano.com/api/v1/account/users/usr-2 # Response { "success":true, "errors":{}, "data": { "object":"account_user", "id":"usr-2", "name":"John", "surname":"Doe", "email":"john.doe@gmail.com", "country":"AU", "sso_session":"d7kp1b5esnfgtz6xhiv9qwlja34yu8crm2o0", "created_at":"2014-05-21T00:37:34Z", "updated_at":"2015-03-09T06:37:28Z" } }
Groups Webhook - getting notified a of Group cancelling their subscription to your service
When a business decides to stop using your service Maestrano will issue a DELETE request to the webhook.account.groups_path endpoint on your side (e.g.: /webhooks/maestrano/groups/:id - see the metadata section above). The call is authenticated via HTTP Basic authentication using your own API credentials (shared secret).
The call is equivalent to issuing to the following cURL request on your service:
curl -u <my-app-id>:<my-app-secret> \ -X "DELETE" \ -H "Accept: application/json" \ https://my-cloud-application.com/webhooks/maestrano/groups/cld-4
Group > Users Webhook - getting notified a of user leaving a group
When a user is removed from a group, access should be disabled for that specific user. In such case Maestrano will issue a DELETE request to the webhook.account.group_users_path endpoint on your side (e.g.: /webhooks/maestrano/groups/:group_id/users/:id - see the metadata section above). The call is authenticated via HTTP Basic authentication using your own API credentials (shared secret).
The call is equivalent to issuing to the following cURL request on your service:
curl -u <my-app-id>:<my-app-secret> \ -X "DELETE" \ -H "Accept: application/json" \ https://my-cloud-application.com/webhooks/maestrano/groups/cld-4/users/usr-2
2.2 - Billing Management