Performs a cache invalidation operation for identity data in the PAAs related to the relevant Environment.
When to use this API
Use this API when identity-related data changes—such as group membership, attribute values, or source assignments—and you want to immediately clear outdated entries from the Identity cache.Example Use Case: Identity data is cached for each user during the first Authorization request and will be invalidated when the user logs off an Application. So during the next login to the Application, fresh data will be re-fetched for the current Authorization session.
Using this API
Authentication
A valid PlainID Platform JWT is required in the `Authorization` header. Refer to our [Get Access Token API](/apidocs/get-access-token) to retrieve a valid JWT for the Bearer Token.How to use this API
The Identity Template ID is always required.To invalidate all identity caches in Environment's PAAs, send a JSON object in the request body with the **Identity Template ID only**. The invalidation can be applied broadly for all Identity Source data and for all users, or scoped down using these **optional** parameters in the request body:
- Attribute Source ID: Limits invalidation to Identity data from a specific Identity Attribute source, which is defined as part of your Identity Template.
- If only the Attribute Source ID is provided, all cached identity data for that source will be invalidated across all users.
- Identity ID: Invalidates dentity data for a specific user, identified by the unique identifier (UID) as defined in the Identity template. This clears any cached data associated with that user.
- If only the Identity ID is provided, the user's identity data will be invalidated across all cached sources.
- If both parameters are provided, the identity data for the specified user and source will be invalidated.
Notice
When accessing the Authorization APIs, the URL base/prefix depends on your PlainID PDP location:For more information on which Asset Types to use with your PAA or Cloud PDP, refer to Managing Asset Types.
cURL Sample Guidelines
In order for the relevant parameters to appear in the cURL sample, you can input the values in the interactive API console on the right under the Try It\* or the Code Sample tabs. They will then appear in the cURL sample in the correct format to use in your API tool.
\*Try It function coming soon.
Important note about headers
Refer to the headers below to modify your cURL sample. Check if the following headers are in the sample—if not, ensure you add them before pasting into your API tool.
Headers
Header | Value | cURL Line |
---|---|---|
Accept | application/json |
'accept: application/json' |
Content-Type | application/json |
'content-type: application/json' |
X-Request-ID (optional) | UUID |
'X-Request-ID: {uuid}' |
Note: RequestID Header (optional): You may include an
X-Request-ID
header for traceability. If not provided, the system will generate one automatically. For more details about Administration API Authentication, check out the Authentication APIs documentation
Provide your bearer token in the Authorization header when making requests to protected resources.
Example: Authorization: Bearer 123
The Environment ID can be found under the Details tab in the Environment Settings.
The Identity Template ID is always required.
To invalidate all identity caches in Environment's PAAs, send a JSON object in the request body with the Identity Template ID only. The invalidation can be applied broadly for all Identity Source data and for all users, or scoped down using these optional parameters in the request body.
The Identity Template ID where the identity is defined. Required for locating the correct UID mapping. You can find this in your Identity Workspace Settings. For more information, refer to Identity Workspace Settings in the PlainID documentation.
The identifier of the Attribute Source to limit the invalidation to identities from a specific source. For information on the sourceID parameter and where to locate it, check out Managing Attribute Sources in the PlainID documentation.
The Identity UID to invalidate, as modeled and mapped in the Identity Template. Note: This is the same user ID that is used when sending an Authorization request with the entityId
parameter.
ok
missing required parameters
unauthorized
failed dependency