Redeeming Entitlements

Entitlements API for redeeming user entitlements

A federated user must be registered with the Sudo Platform entitlements service before they can access other entitled services in their environment. This process is called redeeming entitlements.

Entitlement redemption must occur the first time a federated user signs in to the Sudo Platform. However, it is an idempotent operation and subsequent calls will have no effect.

The redemption operation uses information in the user's identity token and takes no parameters.

  do {
    let redeemed = try await entitlementsClient.redeemEntitlements()
    // Handle success
  }
  catch(let error) {
    // Handle error
  }

The redeemEntitlements method returns the user's entitlements. See the API Reference for details of the returned structure.

Errors

The redeemEntitlements API will throw errors in the the following circumstances:

Condition

Action

.notSignedIn

User was not signed in when redeemEntitlements was invoked.

Ensure user is signed in prior to invoking redeemEntitlements

.ambiguousEntitlements

User has been configured to match more than one entitlements set.

Ensure your identity provider has been set up to include claims that in the user's token that will map to exactly one entitlements set.

.invalidToken

The user's token does not contain a claim that can be mapped to an entitlements set, or has the user been pre-configured with initial entitlements.

Ensure your identity provider has been set up to include an expected claim when federating sign-on or pre-configure the user with entitlements.

.serviceError

A transient error occurred in the service while redeeming entitlements.

Last updated