SCIM full examples

Previous steps

Please note that the SCIM REST Web Service Add-on installed must be installed, please check this part in How to use SCIM in Soffid # Installation

Please note that a user with the authentication is required, please check this part in How to use SCIM in Soffid # Confirm authorization

Please note that is recommended to use a REST client, please see our example in Testing tool # RESTer

Please note that the correct header parameters must be used, please browse them in SCIM in Soffid # HTTP request


SCIM User examples

Operations

This page shows the operations that can be performed for the user object.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/User
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 64,
    "startIndex": 1,
    "Resources": [
        {
            "lastName": "Pig",
            "profileServer": "null",
            "createdByUser": "hrms",
            "fullName": "Dad Pig",
            "active": true,
            "userName": "1",
            "mailAlias": "",
            "mailServer": "null",
            "firstName": "Dad",
            "createdDate": "2021-02-16 13:38:26",
            "multiSession": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477909",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'1'+and+enabled+eq+true",
                    "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'1'+and+disabled+eq+false",
                    "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'1'"
                },
                "resourceType": "User"
            },
            "modifiedByUser": "admin",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.User"
            ],
            "modifiedDate": "2021-05-04 09:24:54",
            "attributes": {},
            "id": 1477909,
            "userType": "I",
            "homeServer": "null",
            "primaryGroupDescription": "World Original",
            "primaryGroup": "world"
        },
        {
            "lastName": "SUZY",
            "profileServer": "null",
            "createdByUser": "hrms",
            "fullName": "Suzy SUZY",
            "active": true,
            "userName": "10",
            "mailAlias": "",
            "mailServer": "null",
            "firstName": "Suzy",
            "createdDate": "2021-02-16 13:38:27",
            "multiSession": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477931",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'10'+and+enabled+eq+true",
                    "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'10'+and+disabled+eq+false",
                    "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'10'"
                },
                "resourceType": "User"
            },
            "modifiedByUser": "admin",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.User"
            ],
            "modifiedDate": "2021-05-05 14:11:37",
            "attributes": {},
            "id": 1477931,
            "userType": "I",
            "homeServer": "null",
            "primaryGroupDescription": "World Original",
            "primaryGroup": "world"
        },
        {
            "lastName": "Rabbit",
            "profileServer": "null",
            "createdByUser": "hrms",
            "fullName": "Ricchard Rabbit",
            "active": true,
            "userName": "11",
            "mailAlias": "",
            "mailServer": "null",
            "firstName": "Ricchard",
            "createdDate": "2021-02-16 13:38:27",
            "multiSession": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477953",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'11'+and+enabled+eq+true",
                    "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'11'+and+disabled+eq+false",
                    "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'11'"
                },
                "resourceType": "User"
            },
            "modifiedByUser": "admin",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.User"
            ],
            "modifiedDate": "2021-02-17 19:06:20",
            "attributes": {},
            "id": 1477953,
            "userType": "I",
            "homeServer": "null",
            "primaryGroupDescription": "World Original",
            "primaryGroup": "world"
        },
      .......
    ]
}

List by filter

List all users with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/User?filter=lastName co ada&sortOrder=descending&sortBy=userName
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 13,
    "startIndex": 1,
    "Resources": [
        {
            "lastName": "ADAMS",
            "comments": "Changed",
            "profileServer": "null",
            "createdByUser": "soffid.bubu.lab",
            "fullName": "Wally ADAMS",
            "active": true,
            "userName": "wally",
            "mailAlias": "",
            "mailServer": "null",
            "firstName": "Wally",
            "createdDate": "2020-12-11 11:23:58",
            "multiSession": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1002599",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'wally'+and+enabled+eq+true",
                    "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'wally'+and+disabled+eq+false",
                    "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'wally'"
                },
                "resourceType": "User"
            },
            "modifiedByUser": "admin",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.User"
            ],
            "modifiedDate": "2021-04-22 19:31:01",
            "attributes": {
                "RegisterServiceProvider": "anonymous",
                "manager": "admin",
                "PHONE": "2",
                "EMAIL": "wally5@test.com",
            },
            "id": 1002599,
            "userType": "I",
            "homeServer": "null",
            "primaryGroupDescription": "Enterprise",
            "primaryGroup": "enterprise"
        },
        {
            "lastName": "ADAMS",
            "comments": "Changed",
            "profileServer": "null",
            "createdByUser": "soffid.bubu.lab",
            "fullName": "Tina ADAMS",
            "active": true,
            "userName": "tina",
            "mailAlias": "",
            "mailServer": "null",
            "firstName": "Tina",
            "createdDate": "2020-12-11 12:22:07",
            "multiSession": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1004678",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'tina'+and+enabled+eq+true",
                    "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'tina'+and+disabled+eq+false",
                    "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'tina'"
                },
                "resourceType": "User"
            },
            "modifiedByUser": "admin",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.User"
            ],
            "modifiedDate": "2021-04-22 19:11:17",
            "attributes": {
                "RegisterServiceProvider": "anonymous",
                "manager": "admin",
                "PHONE": "1",
                "EMAIL": "tina11@test.com",
            },
            "id": 1004678,
            "userType": "I",
            "homeServer": "null",
            "primaryGroupDescription": "Enterprise",
            "primaryGroup": "enterprise"
        },
        {
            "lastName": "ADAMS",
            "comments": "Changed",
            "profileServer": "null",
            "createdByUser": "soffid.bubu.lab",
            "fullName": "Teodoro ADAMS",
            "active": true,
            "userName": "ted",
            "mailAlias": "",
            "mailServer": "null",
            "firstName": "Teodoro",
            "createdDate": "2020-12-11 09:18:42",
            "multiSession": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1000190",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'ted'+and+enabled+eq+true",
                    "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'ted'+and+disabled+eq+false",
                    "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'ted'"
                },
                "resourceType": "User"
            },
            "modifiedByUser": "admin",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.User"
            ],
            "modifiedDate": "2021-02-04 15:44:42",
            "attributes": {
                "RegisterServiceProvider": "anonymous",
                "manager": "admin",
                "EMAIL": "test3@gmail.com",
            },
            "id": 1000190,
            "userType": "I",
            "homeServer": "null",
            "primaryGroupDescription": "Enterprise",
            "primaryGroup": "enterprise"
        },
      .........
    ]
}

Query by id

Query a user by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/User/1057751
Response 200 OK
{
    "lastName": "Smith",
    "comments": "Changed",
    "createdByUser": "soffid.bubu.lab",
    "fullName": "John Smith",
    "active": true,
    "userName": "jsmith",
    "mailAlias": "",
    "firstName": "John",
    "createdDate": "2020-12-14 17:52:14",
    "multiSession": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1057751",
        "links": {
            "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'jsmith'+and+enabled+eq+true",
            "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'jsmith'+and+disabled+eq+false",
            "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'jsmith'"
        },
        "resourceType": "User"
    },
    "modifiedByUser": "admin",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.User"
    ],
    "modifiedDate": "2021-05-07 12:32:41",
    "attributes": {
        "RegisterServiceProvider": "anonymous",
        "manager": "admin",
        "EMAIL": "jsmith@test.com",
        "birthDate": "1970-05-26 00:00:00",
        "ActivationKey": "HPhl61lBlJ9fgcDtWyug0O15"
    },
    "id": 1057751,
    "userType": "I",
    "primaryGroupDescription": "Help desk support team",
    "primaryGroup": "it"
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/User

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.User"
    ],
    "userName": "ckelp",
    "firstName": "Cas",
    "lastName": "Kelp",
    "userType": "I",
    "primaryGroup": "world",
    "homeServer": "null",
    "mailServer": "null",
    "profileServer": "null",
    "active": true
}
Response 201 Created
{
    "lastName": "Kelp",
    "profileServer": "null",
    "createdByUser": "admin",
    "fullName": "Cas Kelp",
    "active": true,
    "userName": "ckelp",
    "mailAlias": "",
    "mailServer": "null",
    "firstName": "Cas",
    "createdDate": "2021-05-11 09:06:49",
    "multiSession": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User/1976665",
        "resourceType": "User"
    },
    "modifiedByUser": "admin",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.User"
    ],
    "modifiedDate": "2021-05-11 09:06:49",
    "attributes": {},
    "id": 1976665,
    "userType": "I",
    "homeServer": "null",
    "primaryGroupDescription": "World Original",
    "primaryGroup": "world"
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

If you want to add users to a group, please visit SCIM GroupUser examples page

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/User/1976665

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "lastName",
            "value": "Casey"
        },
        {
            "op": "replace",
            "path": "middleName",
            "value": "XX"
        }
    ]
}
Response 200 OK
{
    "lastName": "Casey",
    "profileServer": "null",
    "createdByUser": "admin",
    "fullName": "Casey Casey XX",
    "active": true,
    "userName": "ckelp",
    "mailAlias": "",
    "mailServer": "null",
    "firstName": "Casey",
    "createdDate": "2021-05-11 09:06:49",
    "multiSession": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User/1976665",
        "links": {
            "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'ckelp'+and+enabled+eq+true",
            "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'ckelp'+and+disabled+eq+false",
            "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'ckelp'"
        },
        "resourceType": "User"
    },
    "modifiedByUser": "admin",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.User"
    ],
    "modifiedDate": "2021-05-11 09:33:35",
    "middleName": "XX",
    "attributes": {},
    "id": 1976665,
    "userType": "I",
    "homeServer": "null",
    "primaryGroupDescription": "World Original",
    "primaryGroup": "world"
}

Update all

This operation replaces all values in the user.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/User/1976590

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.User"
    ],
    "id": 1976665,
    "userName": "ckelp",
    "firstName": "Casey",
    "lastName": "Kelp",
    "userType": "I",
    "primaryGroup": "world",
    "homeServer": "null",
    "mailServer": "null",
    "profileServer": "null",
    "active": true
}
Response 200 OK
{
    "lastName": "Kelp",
    "profileServer": "null",
    "createdByUser": "admin",
    "fullName": "Casey Kelp",
    "active": true,
    "userName": "ckelp",
    "mailAlias": "",
    "mailServer": "null",
    "firstName": "Casey",
    "createdDate": "2021-05-11 09:06:49",
    "multiSession": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1976665",
        "links": {
            "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'ckelp'+and+enabled+eq+true",
            "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'ckelp'+and+disabled+eq+false",
            "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'ckelp'"
        },
        "resourceType": "User"
    },
    "modifiedByUser": "admin",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.User"
    ],
    "modifiedDate": "2021-05-11 09:35:24",
    "attributes": {},
    "id": 1976665,
    "userType": "I",
    "homeServer": "null",
    "primaryGroupDescription": "World Original",
    "primaryGroup": "world"
}

Delete

Please note after this delete, the user has to be created again to use it in the following examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/User/1976665
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM Group examples

Operations

This page shows the operations that can be performed for the group object.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Group
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 7,
    "startIndex": 1,
    "Resources": [
        {
            "organizational": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/83",
                "links": {
                    "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'world'+or secondaryGroup.group.name+eq+'world'",
                    "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'world'"
                },
                "resourceType": "Group"
            },
            "quota": "0",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Group"
            ],
            "name": "world",
            "obsolete": false,
            "description": "World Original",
            "attributes": {},
            "id": 83
        },
        {
            "organizational": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/87",
                "links": {
                    "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'enterprise'+or secondaryGroup.group.name+eq+'enterprise'",
                    "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'enterprise'"
                },
                "resourceType": "Group"
            },
            "quota": "0",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Group"
            ],
            "name": "enterprise",
            "obsolete": false,
            "description": "Enterprise",
            "parentGroup": "world",
            "attributes": {},
            "id": 87
        },
      ......
    ]
}

List by filter

List all groups with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request


GET http://<your-domain>/soffid/webservice/scim2/v1/Group?filter=name co world
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 2,
    "startIndex": 1,
    "Resources": [
        {
            "organizational": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/83",
                "links": {
                    "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'world'+or secondaryGroup.group.name+eq+'world'",
                    "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'world'"
                },
                "resourceType": "Group"
            },
            "quota": "0",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Group"
            ],
            "name": "world",
            "obsolete": false,
            "description": "World Original",
            "attributes": {},
            "id": 83
        },
        {
            "organizational": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/485118",
                "links": {
                    "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'world2'+or secondaryGroup.group.name+eq+'world2'",
                    "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'world2'"
                },
                "resourceType": "Group"
            },
            "quota": "0",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Group"
            ],
            "name": "world2",
            "obsolete": false,
            "description": "World Modified",
            "attributes": {},
            "id": 485118
        }
    ]
}

Query by id

Retrieve a group by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Group/83
Response 200 OK
{
    "organizational": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/83",
        "links": {
            "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'world'+or secondaryGroup.group.name+eq+'world'",
            "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'world'"
        },
        "resourceType": "Group"
    },
    "quota": "0",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Group"
    ],
    "name": "world",
    "obsolete": false,
    "description": "World Original",
    "attributes": {},
    "id": 83
}

Create

Request
POST http://<your-domain>/soffid/webservice/scim2/v1/Group/

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Group"
    ],
    "name": "EngineeringTeam",
    "description": "Enterprise engineering team",
    "parentGroup": "world"
}
Response 201 Created
{
    "organizational": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/1976559",
        "resourceType": "Group"
    },
    "quota": "0",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Group"
    ],
    "name": "EngineeringTeam",
    "obsolete": false,
    "description": "Enterprise engineering team",
    "parentGroup": "world",
    "attributes": {},
    "id": 1976559
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

If you want to add users to a group, please visit SCIM GroupUser examples page

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/Group/1976559

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "description",
            "value": "Enterprise Engineering Group"
        },
        {
            "op": "replace",
            "path": "type",
            "value": "CC"
        }
    ]
}
Response 200 OK
{
    "organizational": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/1976559",
        "links": {
            "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'EngineeringTeam'+or secondaryGroup.group.name+eq+'EngineeringTeam'",
            "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'EngineeringTeam'"
        },
        "resourceType": "Group"
    },
    "quota": "0",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Group"
    ],
    "name": "EngineeringTeam",
    "obsolete": false,
    "description": "Enterprise Engineering Group",
    "parentGroup": "world",
    "attributes": {},
    "id": 1976559,
    "type": "CC"
}

Update all

This operation replaces all values in the group. 

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/Group/1976559

JSON

{
    "schemas": ["urn:soffid:com.soffid.iam.api.Group"],
    "id": 1976559,
    "name": "EngineeringTeam",
    "description": "Enterprise engineering team",
    "parentGroup": "world"
}
Response 200 OK
{
    "organizational": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/1976559",
        "links": {
            "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'EngineeringTeam'+or secondaryGroup.group.name+eq+'EngineeringTeam'",
            "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'EngineeringTeam'"
        },
        "resourceType": "Group"
    },
    "quota": "0",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Group"
    ],
    "name": "EngineeringTeam",
    "obsolete": false,
    "description": "Enterprise engineering team",
    "parentGroup": "world",
    "attributes": {},
    "id": 1976559
}

Delete

Please note that after this delete action, you will need to create again the group to use it in the next examples.

Request
DELETE http://<your-domain>/soffid/webservice/scim2/v1/Group/1976559
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM Account examples

Operations

This page shows the operations that can be performed for the account object

List all

List all accounts, disabled or not.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Account
Response 200 OK

For example, after the Soffid installation, these are the available account.

{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 1,
    "startIndex": 1,
    "Resources": [
        {
            "lastLogin": "2021-05-10 13:00:40",
            "grantedRoles": [],
            "description": "Soffid Administrator",
            "type": "U",
            "ownerGroups": [],
            "oldName": "admin",
            "loginName": "admin",
            "inheritNewPermissions": false,
            "disabled": false,
            "id": 103,
            "managerGroups": [],
            "grantedGroups": [],
            "lastPasswordSet": "2021-05-05 11:32:14",
            "passwordExpiration": "2022-05-05 00:00:00",
            "passwordPolicy": "I",
            "accessLevel": "O",
            "managerRoles": [],
            "created": "2020-02-13 23:01:44",
            "system": "soffid",
            "ownerRoles": [],
            "meta": {
                "location": "http://<your-domain>/webservice/scim2/v1/Account/103",
                "links": {
                    "roleAccounts": "http://<your-domain>/webservice/scim2/v1/RoleAccount?filter=account.id+eq+103+and+enabled+eq+true",
                    "users": "http://<your-domain>/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+103+or+accounts.account.id+eq+103"
                },
                "resourceType": "Account"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Account"
            ],
            "name": "admin",
            "managerUsers": [],
            "attributes": {},
            "status": "a",
            "ownerUsers": [
                "admin"
            ],
            "grantedUsers": []
        }
    ]
}

List by filter

List all accounts with a filter expression. 

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request


GET http://<your-domain>/soffid/webservice/scim2/v1/Account?filter=name co "adm" and passwordPolicy  pr
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 3,
    "startIndex": 1,
    "Resources": [
        {
            "lastLogin": "2021-05-10 13:05:15",
            "grantedRoles": [],
            "description": "Soffid Administrator",
            "type": "U",
            "ownerGroups": [],
            "oldName": "admin2",
            "loginName": "admin",
            "inheritNewPermissions": false,
            "disabled": false,
            "id": 103,
            "managerGroups": [],
            "grantedGroups": [],
            "lastPasswordSet": "2021-05-05 11:32:14",
            "passwordExpiration": "2022-05-05 00:00:00",
            "passwordPolicy": "I",
            "accessLevel": "O",
            "managerRoles": [],
            "created": "2020-02-13 23:01:44",
            "system": "soffid",
            "ownerRoles": [],
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/103",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+103+and+enabled+eq+true",
                    "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+103+or+accounts.account.id+eq+103"
                },
                "resourceType": "Account"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Account"
            ],
            "name": "admin",
            "managerUsers": [],
            "attributes": {},
            "status": "a",
            "ownerUsers": [
                "admin"
            ],
            "grantedUsers": []
        },
        {
            "passwordPolicy": "I",
            "grantedRoles": [],
            "accessLevel": "O",
            "managerRoles": [],
            "created": "2021-03-04 22:37:21",
            "description": "Soffid test account",
            "type": "I",
            "system": "soffid",
            "ownerGroups": [],
            "ownerRoles": [],
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1587766",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+1587766+and+enabled+eq+true",
                    "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+1587766+or+accounts.account.id+eq+1587766"
                },
                "resourceType": "Account"
            },
            "loginName": "admintest",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Account"
            ],
            "name": "admintest",
            "inheritNewPermissions": false,
            "managerUsers": [
                "dilbert",
                "dogbert"
            ],
            "disabled": false,
            "attributes": {},
            "id": 1587766,
            "managerGroups": [],
            "grantedGroups": [],
            "status": "a",
            "ownerUsers": [
                "admin"
            ],
            "grantedUsers": []
        },
        {
            "passwordPolicy": "I",
            "grantedRoles": [],
            "accessLevel": "O",
            "managerRoles": [],
            "created": "2021-03-04 22:44:06",
            "description": "Soffid test account 2",
            "type": "I",
            "system": "soffid",
            "ownerGroups": [],
            "ownerRoles": [],
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1587776",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+1587776+and+enabled+eq+true",
                    "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+1587776+or+accounts.account.id+eq+1587776"
                },
                "resourceType": "Account"
            },
            "loginName": "admintest2",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Account"
            ],
            "name": "admintest2",
            "inheritNewPermissions": false,
            "managerUsers": [
                "dilbert",
                "dogbert"
            ],
            "disabled": false,
            "attributes": {},
            "id": 1587776,
            "managerGroups": [],
            "grantedGroups": [],
            "status": "a",
            "ownerUsers": [
                "admin"
            ],
            "grantedUsers": []
        }
    ]
}

Query by id

Query an account by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Account/1057754
Response 200 OK
{
    "passwordPolicy": "I",
    "grantedRoles": [],
    "accessLevel": "-",
    "managerRoles": [],
    "created": "2020-12-14 17:52:14",
    "description": "John Smith",
    "type": "U",
    "system": "idp",
    "ownerGroups": [],
    "ownerRoles": [],
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1057754",
        "links": {
            "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+1057754+and+enabled+eq+true",
            "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+1057754+or+accounts.account.id+eq+1057754"
        },
        "resourceType": "Account"
    },
    "loginName": "jsmith",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Account"
    ],
    "name": "jsmith",
    "inheritNewPermissions": false,
    "managerUsers": [],
    "disabled": false,
    "attributes": {},
    "id": 1057754,
    "managerGroups": [],
    "grantedGroups": [],
    "status": "a",
    "ownerUsers": [
        "jsmith"
    ],
    "grantedUsers": []
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/Account

JSON

{ 
    "schemas": ["urn:soffid:com.soffid.iam.api.Account"],
    "name": "Guest",
    "type": "I",
    "system": "soffid",
    "passwordPolicy": "I",
    "description": "Guest user",
    "inheritNewPermissions": false,
    "disabled": false
}
Response 201 Created
{
    "passwordPolicy": "I",
    "grantedRoles": [],
    "managerRoles": [],
    "description": "Guest user",
    "type": "I",
    "system": "soffid",
    "ownerGroups": [],
    "ownerRoles": [],
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1976454",
        "resourceType": "Account"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Account"
    ],
    "name": "Guest",
    "inheritNewPermissions": false,
    "managerUsers": [],
    "disabled": false,
    "attributes": {},
    "id": 1976454,
    "managerGroups": [],
    "grantedGroups": [],
    "ownerUsers": [],
    "grantedUsers": []
}

Update partial

Only attributes with changes will be updated, the others will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/Account/15455

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Account"
    ],
    "Operations": [
        {
            "op": "replace",
            "path": "description",
            "value": "Guest User"
        },
        {
            "op": "replace",
            "path": "ownerUsers",
            "value": [
                "admin"
            ]
        }
    ]
}
Response 200 OK
{
    "passwordPolicy": "I",
    "grantedRoles": [],
    "accessLevel": "-",
    "managerRoles": [],
    "created": "2021-05-10 13:08:05",
    "description": "Guest User",
    "type": "I",
    "system": "soffid",
    "ownerGroups": [],
    "ownerRoles": [],
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1976454",
        "links": {
            "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+1976454+and+enabled+eq+true",
            "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+1976454+or+accounts.account.id+eq+1976454"
        },
        "resourceType": "Account"
    },
    "loginName": "Guest",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Account"
    ],
    "name": "Guest",
    "inheritNewPermissions": false,
    "managerUsers": [],
    "disabled": false,
    "attributes": {},
    "id": 1976454,
    "managerGroups": [],
    "grantedGroups": [],
    "status": "a",
    "ownerUsers": [
        "admin"
    ],
    "grantedUsers": []
}

Update partial (password update)

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/Account/15455

JSON

Option 1

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Account"
    ],
     "Operations": [
        {
            "op": "replace",
            "path": "password.value",
            "value": "123123"
        },
        {
            "op": "replace",
            "path": "password.expired",
            "value": false
        }
    ]
}

Option 2

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Account"
    ],
     "Operations": [
        {
            "op": "replace",
            "path": "password",
            "value": {
                "value" : "123123",
                "expired" : false
                }
        }
    ]
}
Response 200 OK
{
    "lastLogin": "2023-06-29 14:30:29",
    "grantedRoles": [],
    "description": "Frankaaa Sinatra",
    "type": "U",
    "ownerGroups": [],
    "loginName": "frank",
    "inheritNewPermissions": false,
    "disabled": false,
    "id": 5366314,
    "managerGroups": [],
    "grantedGroups": [],
    "lastPasswordSet": "2023-06-29 14:30:37",
    "passwordExpiration": "2023-07-24 00:00:00",
    "passwordPolicy": "I",
    "accessLevel": "-",
    "managerRoles": [],
    "created": "2022-04-21 10:11:12",
    "hasSnapshot": false,
    "system": "soffid",
    "ownerRoles": [],
    "meta": {
        "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/5366314",
        "links": {
            "briefAudit": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/Audit?filter=searchIndex+eq+'ACC%235366314'",
            "roleAccounts": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+5366314+and+enabled+eq+true",
            "users": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+5366314+or+accounts.account.id+eq+5366314"
        },
        "resourceType": "Account"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Account"
    ],
    "name": "frank",
    "managerUsers": [],
    "lastChange": "2023-06-05 15:05:16",
    "attributes": {},
    "status": "a",
    "ownerUsers": [
        "frank"
    ],
    "grantedUsers": []
}

Update all

This operation replaces all values in the account. For example, we will update the description.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/Account/1976454

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Account"
    ],
    "id": 1976454,
    "name": "Guest",
    "type": "I",
    "system": "soffid",
    "passwordPolicy": "I",
    "description": "Guest Guest",
    "inheritNewPermissions": false,
    "disabled": false
}
Response 200 OK
{
    "passwordPolicy": "I",
    "grantedRoles": [],
    "managerRoles": [],
    "description": "Guest Guest",
    "type": "I",
    "system": "soffid",
    "ownerGroups": [],
    "ownerRoles": [],
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1976454",
        "links": {
            "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+1976454+and+enabled+eq+true",
            "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+1976454+or+accounts.account.id+eq+1976454"
        },
        "resourceType": "Account"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Account"
    ],
    "name": "Guest",
    "inheritNewPermissions": false,
    "managerUsers": [],
    "disabled": false,
    "attributes": {},
    "id": 1976454,
    "managerGroups": [],
    "grantedGroups": [],
    "status": "a",
    "ownerUsers": [],
    "grantedUsers": []
}

Delete

Please note after this delete, the account has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/Account/1976454
Response 204 No Content
204 No Content

Note: use of roles with domain values

In case of granting roles with domain values, the optional attribute domain value contains the value for that domain. Here is a sample account with permissions for the role SOFFID_OU_DOMAIN and domains D2 and enterprise:

{
            "grantedRoles": [],
            "roles": [
                {
                    "informationSystemName": "SOFFID",
                    "roleName": "SOFFID_OU_MANAGER",
                    "id": 2236442,
                    "roleDescription": "Business unit manager",
                    "domainValue": "D2"
                },
                {
                    "informationSystemName": "SOFFID",
                    "roleName": "SOFFID_OU_MANAGER",
                    "id": 2236447,
                    "roleDescription": "Business unit manager",
                    "domainValue": "enterprise"
                }
            ],
            "description": "faith - faith MUYOYO",
            "type": {
                "value": "U"
            },
            "lastUpdated": "2019-07-16T10:35:01+02:00",
            "ownerGroups": [],
            "inheritNewPermissions": false,
            "disabled": false,
            "id": 1727122,
            "grantedGroups": [],
            "managerGroups": [],
            "passwordPolicy": "I",
            "managerRoles": [],
            "created": "2019-07-16T10:26:16+02:00",
            "system": "soffid",
            "ownerRoles": [],
            "meta": {
                "location": "http://bubu-thinkpad:8080/soffid/webservice/scim/Account/1727122",
                "resourceType": "Account"
            },
            "name": "faith",
            "managerUsers": [],
            "attributes": {},
            "grantedUsers": [],
            "ownerUsers": [
                {
                    "lastName": "Smith",
                    "createdByUser": "csv",
                    "mailServer": "null",
                    "nationalID": "",
                    "multiSession": false,
                    "modifiedByUser": "admin",
                    "id": 1727113,
                    "homeServer": "null",
                    "primaryGroupDescription": "Entrprise",
                    "primaryGroup": "enterprise",
                    "comments": "Loaded from CSV file on Mon Aug 05 22:00:00 CEST 2019",
                    "profileServer": "null",
                    "active": true,
                    "fullName": "faith MUYOYO",
                    "userName": "faith",
                    "mailAlias": "",
                    "firstName": "faith",
                    "createdDate": "2019-07-16T10:26:16+02:00",
                    "phoneNumber": "",
                    "modifiedDate": "2019-12-12T17:06:42+01:00",
                    "userType": "I"
                }
            ]
        }

Error response

For more infomation about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM Application examples

Operations

This page shows the operations that can be performed for the application object (Information Systems from a functional point of view)

List all

Request
GET http://<your-domain>/webservice/scim2/v1/Application
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 2,
    "startIndex": 1,
    "Resources": [
        {
            "parent": "Operation/Business 2",
            "relativeName": "SOFFID",
            "database": "",
            "bpmEnabled": true,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/41",
                "links": {
                    "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business 2/SOFFID'",
                    "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business 2/SOFFID'"
                },
                "resourceType": "Application"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Application"
            ],
            "name": "Operation/Business 2/SOFFID",
            "description": "SOFFID Identity Manager",
            "singleRole": false,
            "attributes": {},
            "id": 41,
            "type": "application"
        },
        {
            "parent": "Operation/Business process",
            "relativeName": "ad",
            "database": "ad",
            "bpmEnabled": true,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/391459",
                "links": {
                    "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business process/ad'",
                    "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business process/ad'"
                },
                "resourceType": "Application"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Application"
            ],
            "name": "Operation/Business process/ad",
            "description": "Active Directory",
            "singleRole": false,
            "attributes": {},
            "id": 391459,
            "type": "application"
        }
    ]
}

List by filter

List all application with a filter expression. 

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Application?filter=description co SOFFID
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 2,
    "startIndex": 1,
    "Resources": [
        {
            "parent": "Operation/Business 2",
            "relativeName": "SOFFID",
            "database": "",
            "bpmEnabled": true,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/41",
                "links": {
                    "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business 2/SOFFID'",
                    "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business 2/SOFFID'"
                },
                "resourceType": "Application"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Application"
            ],
            "name": "Operation/Business 2/SOFFID",
            "description": "SOFFID Identity Manager",
            "singleRole": false,
            "attributes": {},
            "id": 41,
            "type": "application"
        },
        {
            "parent": "Operation/Business 2",
            "relativeName": "iam.soffid.com",
            "database": "iam.soffid.com",
            "bpmEnabled": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/1836136",
                "links": {
                    "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business 2/iam.soffid.com'",
                    "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business 2/iam.soffid.com'"
                },
                "resourceType": "Application"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Application"
            ],
            "name": "Operation/Business 2/iam.soffid.com",
            "description": "Discovered host iam.soffid.com",
            "singleRole": false,
            "attributes": {},
            "id": 1836136,
            "type": "application"
        }
    ]
}

Query by id

Retrieve an application by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Application/391459
Response 200 OK
{
    "parent": "Operation/Business process",
    "relativeName": "ad",
    "database": "ad",
    "bpmEnabled": true,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/391459",
        "links": {
            "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business process/ad'",
            "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business process/ad'"
        },
        "resourceType": "Application"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Application"
    ],
    "name": "Operation/Business process/ad",
    "description": "Active Directory",
    "singleRole": false,
    "attributes": {},
    "id": 391459,
    "type": "application"
}

Create

To create an application (Information System).

Request
POST http://<your-domain>/soffid/webservice/scim2/v1/Application/

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Application"
    ],
    "parent": "Operation/Business 2",
    "relativeName": "appBilling",
    "database": "",
    "bpmEnabled": false,
    "name": "Operation/Business 2/App Billing",
    "description": "Billing application",
    "singleRole": false,
    "attributes": {},
    "type": "application"
}
Response 201 Created
{
    "parent": "Operation/Business 2",
    "relativeName": "App Billing",
    "database": "",
    "bpmEnabled": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/1976515",
        "resourceType": "Application"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Application"
    ],
    "name": "Operation/Business 2/App Billing",
    "description": "Billing application",
    "singleRole": false,
    "attributes": {},
    "id": 1976515,
    "type": "application"
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/Application/1976515

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Application"
    ],
    "Operations": [
        {
            "op": "replace",
            "path": "parent",
            "value": "Operation/Business process"
        },
        {
            "op": "replace",
            "path": "name",
            "value": "Operation/Business process/App Billing"
        },
        {
            "op": "replace",
            "path": "database",
            "value": "DDBBBilling"
        }
    ]
}
Response 200 OK
{
    "parent": "Operation/Business process",
    "relativeName": "App Billing",
    "database": "DDBBBilling",
    "bpmEnabled": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/1976515",
        "links": {
            "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business process/App Billing'",
            "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business process/App Billing'"
        },
        "resourceType": "Application"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Application"
    ],
    "name": "Operation/Business process/App Billing",
    "description": "Billing application",
    "singleRole": false,
    "attributes": {},
    "id": 1976515,
    "type": "application"
}

Update all

This operation replaces all values in the application.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/Application/1976515

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Application"
    ],
    "id": 1976515,
    "parent": "Operation/Business 2",
    "relativeName": "appBilling",
    "database": "",
    "bpmEnabled": false,
    "name": "Operation/Business 2/App Billing",
    "description": "Billing application",
    "singleRole": false,
    "attributes": {},
    "type": "application"
}
Response 200 OK
{
    "parent": "Operation/Business 2",
    "relativeName": "App Billing",
    "database": "",
    "bpmEnabled": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/1976515",
        "links": {
            "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business 2/App Billing'",
            "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business 2/App Billing'"
        },
        "resourceType": "Application"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Application"
    ],
    "name": "Operation/Business 2/App Billing",
    "description": "Billing application",
    "singleRole": false,
    "attributes": {},
    "id": 1976515,
    "type": "application"
}

Delete

Please note that after this delete action, you will need to create again the application to use it in the next examples.

Request
DELETE http://<your-domain>/webservice/scim2/v1/Application/2236428
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM Role examples

Operations

This page shows the operations that can be performed for the role object

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Role
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 4,
    "startIndex": 1,
    "Resources": [
        {
            "approvalEnd": "2021-02-26 13:19:36",
            "ownedRoles": [
                {
                    "informationSystem": "Operation/Business process/ad",
                    "ownerRole": 63,
                    "ownerRoleDescription": "SOFFID Administrator",
                    "roleId": 393195,
                    "mandatory": true,
                    "enabled": true,
                    "ownerSystem": "soffid",
                    "system": "ad",
                    "meta": {
                        "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleGrant/1563461",
                        "resourceType": "RoleGrant"
                    },
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.RoleGrant"
                    ],
                    "roleName": "AD role",
                    "hasDomain": false,
                    "id": 1563461,
                    "ownerRoleName": "SOFFID_ADMIN",
                    "roleDescription": "AD role",
                    "status": "A"
                },
                {
                    "informationSystem": "Operation/Business 2/SOFFID",
                    "ownerRole": 63,
                    "ownerRoleDescription": "SOFFID Administrator",
                    "roleId": 393447,
                    "mandatory": true,
                    "enabled": true,
                    "ownerSystem": "soffid",
                    "system": "ad",
                    "meta": {
                        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/501188",
                        "resourceType": "RoleGrant"
                    },
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.RoleGrant"
                    ],
                    "roleName": "accounting_mgr",
                    "hasDomain": false,
                    "id": 501188,
                    "ownerRoleName": "SOFFID_ADMIN",
                    "roleDescription": "Accounting Manager",
                    "status": "A"
                },
                {
                    "informationSystem": "Operation/Business process/ad",
                    "ownerRole": 63,
                    "ownerRoleDescription": "SOFFID Administrator",
                    "roleId": 391535,
                    "mandatory": true,
                    "enabled": true,
                    "ownerSystem": "soffid",
                    "system": "ad",
                    "meta": {
                        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/503759",
                        "resourceType": "RoleGrant"
                    },
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.RoleGrant"
                    ],
                    "roleName": "g100",
                    "hasDomain": false,
                    "id": 503759,
                    "ownerRoleName": "SOFFID_ADMIN",
                    "roleDescription": "Desarrollo Circuito",
                    "status": "A"
                },
                {
                    "informationSystem": "Operation/Business process/ad",
                    "ownerRole": 63,
                    "ownerRoleDescription": "SOFFID Administrator",
                    "roleId": 391480,
                    "mandatory": false,
                    "enabled": true,
                    "ownerSystem": "soffid",
                    "system": "ad",
                    "meta": {
                        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/501481",
                        "resourceType": "RoleGrant"
                    },
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.RoleGrant"
                    ],
                    "roleName": "Group Policy Creator Owners",
                    "hasDomain": false,
                    "id": 501481,
                    "ownerRoleName": "SOFFID_ADMIN",
                    "roleDescription": "Members in this group can modify group policy for the domain",
                    "status": "A"
                }
            ],
            "description": "SOFFID Administrator",
            "granteeGroups": [
                {
                    "system": "soffid",
                    "informationSystem": "Operation/Business 2/SOFFID",
                    "roleId": 63,
                    "meta": {
                        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/503848",
                        "resourceType": "RoleGrant"
                    },
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.RoleGrant"
                    ],
                    "roleName": "SOFFID_ADMIN",
                    "ownerGroup": "admingroup",
                    "hasDomain": false,
                    "id": 503848,
                    "roleDescription": "SOFFID Administrator",
                    "mandatory": true,
                    "enabled": true
                }
            ],
            "informationSystemName": "Operation/Business 2/SOFFID",
            "password": false,
            "system": "soffid",
            "ownerGroups": [
                {
                    "organizational": false,
                    "meta": {
                        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/91",
                        "resourceType": "Group"
                    },
                    "quota": "0",
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.Group"
                    ],
                    "name": "admingroup",
                    "obsolete": false,
                    "description": "Enterprise Administrators Group",
                    "parentGroup": "enterprise",
                    "attributes": {},
                    "id": 91
                }
            ],
            "ownerRoles": [
                {
                    "informationSystem": "Operation/Business 2/SOFFID",
                    "ownerRole": 392727,
                    "ownerRoleDescription": "Business Services",
                    "roleId": 63,
                    "mandatory": true,
                    "enabled": true,
                    "ownerSystem": "ad",
                    "system": "soffid",
                    "meta": {
                        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/501606",
                        "resourceType": "RoleGrant"
                    },
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.RoleGrant"
                    ],
                    "roleName": "SOFFID_ADMIN",
                    "hasDomain": false,
                    "id": 501606,
                    "ownerRoleName": "share-15000",
                    "roleDescription": "SOFFID Administrator",
                    "status": "A"
                }
            ],
            "bpmEnabled": true,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/63",
                "resourceType": "Role"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Role"
            ],
            "name": "SOFFID_ADMIN",
            "approvalStart": "2021-02-26 13:19:36",
            "attributes": {},
            "id": 63,
            "enableByDefault": true
        },
        {
            "ownedRoles": [],
            "description": "Soffid vault owner",
            "granteeGroups": [],
            "informationSystemName": "Operation/Business 2/SOFFID",
            "password": false,
            "system": "soffid",
            "ownerGroups": [],
            "ownerRoles": [],
            "bpmEnabled": true,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/790961",
                "resourceType": "Role"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Role"
            ],
            "name": "SOFFID_OWNER",
            "attributes": {},
            "id": 790961,
            "enableByDefault": false
        },
      .............
    ]
}

List by filter

List all roles with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Role?filter=ownerRoles.name eq SOFFID_ADMIN
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 4,
    "startIndex": 1,
    "Resources": [
        {
            "ownedRoles": [],
            "description": "Accounting Manager",
            "granteeGroups": [],
            "informationSystemName": "Operation/Business 2/SOFFID",
            "password": false,
            "system": "ad",
            "ownerGroups": [],
            "ownerRoles": [
                {
                    "informationSystem": "Operation/Business 2/SOFFID",
                    "ownerRole": 63,
                    "ownerRoleDescription": "SOFFID Administrator",
                    "roleId": 393447,
                    "mandatory": true,
                    "enabled": true,
                    "ownerSystem": "soffid",
                    "system": "ad",
                    "meta": {
                        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/501188",
                        "resourceType": "RoleGrant"
                    },
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.RoleGrant"
                    ],
                    "roleName": "accounting_mgr",
                    "hasDomain": false,
                    "id": 501188,
                    "ownerRoleName": "SOFFID_ADMIN",
                    "roleDescription": "Accounting Manager",
                    "status": "A"
                }
            ],
            "bpmEnabled": true,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/393447",
                "resourceType": "Role"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Role"
            ],
            "name": "accounting_mgr",
            "attributes": {},
            "id": 393447,
            "enableByDefault": false
        },
        {
            "ownedRoles": [],
            "description": "Members in this group can modify group policy for the domain",
            "granteeGroups": [],
            "informationSystemName": "Operation/Business process/ad",
            "password": false,
            "system": "ad",
            "ownerGroups": [],
            "ownerRoles": [
                {
                    "informationSystem": "Operation/Business process/ad",
                    "ownerRole": 63,
                    "ownerRoleDescription": "SOFFID Administrator",
                    "roleId": 391480,
                    "mandatory": false,
                    "enabled": true,
                    "ownerSystem": "soffid",
                    "system": "ad",
                    "meta": {
                        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/501481",
                        "resourceType": "RoleGrant"
                    },
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.RoleGrant"
                    ],
                    "roleName": "Group Policy Creator Owners",
                    "hasDomain": false,
                    "id": 501481,
                    "ownerRoleName": "SOFFID_ADMIN",
                    "roleDescription": "Members in this group can modify group policy for the domain",
                    "status": "A"
                }
            ],
            "bpmEnabled": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/391480",
                "resourceType": "Role"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Role"
            ],
            "name": "Group Policy Creator Owners",
            "attributes": {},
            "id": 391480,
            "enableByDefault": false
        },
      .............
    ]
}

Query by id

Query a role by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Role/393195
Response 200 OK
{
    "approvalEnd": "2021-02-04 15:39:05",
    "ownedRoles": [],
    "description": "AD role",
    "granteeGroups": [],
    "informationSystemName": "Operation/Business process/ad",
    "password": false,
    "system": "ad",
    "ownerGroups": [],
    "ownerRoles": [
        {
            "informationSystem": "Operation/Business process/ad",
            "ownerRole": 63,
            "ownerRoleDescription": "SOFFID Administrator",
            "roleId": 393195,
            "mandatory": true,
            "enabled": true,
            "ownerSystem": "soffid",
            "system": "ad",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/1563461",
                "resourceType": "RoleGrant"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.RoleGrant"
            ],
            "roleName": "AD role",
            "hasDomain": false,
            "id": 1563461,
            "ownerRoleName": "SOFFID_ADMIN",
            "roleDescription": "AD role",
            "status": "A"
        }
    ],
    "bpmEnabled": true,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/393195",
        "resourceType": "Role"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "name": "AD role",
    "approvalStart": "2021-02-04 15:39:05",
    "attributes": {},
    "id": 393195,
    "enableByDefault": false
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/Role

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "name": "App Billing Role",
    "description": "Role Admin for Billing application",
    "informationSystemName": "Operation/Business 2/App Billing",
    "system": "test",
    "password": false,
    "bpmEnabled": false,
    "enableByDefault": false,
    "granteeGroups": [],
    "ownedRoles": [],
    "ownerGroups": [],
    "ownerRoles": []
}
Response 201 Created
{
    "ownedRoles": [],
    "description": "Role Admin for Billing application",
    "granteeGroups": [],
    "informationSystemName": "Operation/Business 2/App Billing",
    "password": false,
    "system": "test",
    "ownerGroups": [],
    "ownerRoles": [],
    "bpmEnabled": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/1976590",
        "resourceType": "Role"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "name": "App Billing Role",
    "attributes": {},
    "id": 1976590,
    "enableByDefault": false
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/Role/1976590

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "Operations": [
        {
            "op": "replace",
            "path": "system",
            "value": "soffid"
        }
    ]
}
Response 200 OK
{
    "ownedRoles": [],
    "description": "Role Admin for Billing application",
    "granteeGroups": [],
    "informationSystemName": "Operation/Business 2/App Billing",
    "password": false,
    "system": "soffid",
    "ownerGroups": [],
    "ownerRoles": [],
    "bpmEnabled": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/1976590",
        "resourceType": "Role"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "name": "App Billing Role",
    "attributes": {},
    "id": 1976590,
    "enableByDefault": false
}

Update all

This operation replaces all values in the role.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/Role/1976590

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "id": 1976590,
    "name": "App Billing",
    "description": "Role Admin for Billing application",
    "informationSystemName": "Operation/Business 2/App Billing",
    "system": "test",
    "password": false,
    "bpmEnabled": false,
    "enableByDefault": false,
    "granteeGroups": [],
    "ownedRoles": [],
    "ownerGroups": [],
    "ownerRoles": []
}
Response 200 OK
{
    "ownedRoles": [],
    "description": "Role Admin for Billing application",
    "granteeGroups": [],
    "informationSystemName": "Operation/Business 2/App Billing",
    "password": false,
    "system": "test",
    "ownerGroups": [],
    "ownerRoles": [],
    "bpmEnabled": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/1976590",
        "resourceType": "Role"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "name": "App Billing",
    "attributes": {},
    "id": 1976590,
    "enableByDefault": false
}

Delete

Please note after this delete, the role has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/Role/1976590
Response 204 No Content
204 No Content


Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response

Notes

Note: use of roles with domain values

In case of granting roles with domain values, the optional attribute domain value contains the value for that domain. Here is a sample account with permissions for the role SOFFID_OU_DOMAIN and domains D2 and enterprise:

{
            "grantedRoles": [],
            "roles": [
                {
                    "informationSystemName": "SOFFID",
                    "roleName": "SOFFID_OU_MANAGER",
                    "id": 2236442,
                    "roleDescription": "Business unit manager",
                    "domainValue": "D2"
                },
                {
                    "informationSystemName": "SOFFID",
                    "roleName": "SOFFID_OU_MANAGER",
                    "id": 2236447,
                    "roleDescription": "Business unit manager",
                    "domainValue": "enterprise"
                }
            ],
            "description": "faith - faith MUYOYO",
            "type": {
                "value": "U"
            },
            "lastUpdated": "2019-07-16T10:35:01+02:00",
            "ownerGroups": [],
            "inheritNewPermissions": false,
            "disabled": false,
            "id": 1727122,
            "grantedGroups": [],
            "managerGroups": [],
            "passwordPolicy": "I",
            "managerRoles": [],
            "created": "2019-07-16T10:26:16+02:00",
            "system": "soffid",
            "ownerRoles": [],
            "meta": {
                "location": "http://bubu-thinkpad:8080/soffid/webservice/scim/Account/1727122",
                "resourceType": "Account"
            },
            "name": "faith",
            "managerUsers": [],
            "attributes": {},
            "grantedUsers": [],
            "ownerUsers": [
                {
                    "lastName": "Smith",
                    "createdByUser": "csv",
                    "mailServer": "null",
                    "nationalID": "",
                    "multiSession": false,
                    "modifiedByUser": "admin",
                    "id": 1727113,
                    "homeServer": "null",
                    "primaryGroupDescription": "Entrprise",
                    "primaryGroup": "enterprise",
                    "comments": "Loaded from CSV file on Mon Aug 05 22:00:00 CEST 2019",
                    "profileServer": "null",
                    "active": true,
                    "fullName": "faith MUYOYO",
                    "userName": "faith",
                    "mailAlias": "",
                    "firstName": "faith",
                    "createdDate": "2019-07-16T10:26:16+02:00",
                    "phoneNumber": "",
                    "modifiedDate": "2019-12-12T17:06:42+01:00",
                    "userType": "I"
                }
            ]
        }

Notes about role domains

By default, roles have no security domain (sometimes referred to as scope).  When a security domain is assigned to a role, each account-role object is tagged with the proper security domain value. It is allowed to assign one role multiple times to the same user, as long as each assignment is tagged with a different security domain value. For instance, one can create the SOFFID_OU_MANAGER role bound to the GROUPS security domain. Then, you can assign the role SOFFID_OU_MANAGER/Group1 to any user.

Four kind of security domains are available:

To set or modify the role domain for a role, one can use  the "domain" attribute. This attribute is a complex object composed of a name and a description. Only the name is mandatory.

Notes about role inheritance

Role inheritance is driven by the ownedRoles, ownerRoles and ownedGroups. Each of these attributes is an array of grants. Each grant has the following attributes:

The role inheritance can vary slightly depending on whether the owned role and the owner role are in the same domain or not:

Resulting domain value
Owner role has no domain
Owner role has a different domain
Same domain
Domain value not specified Blank Blank Owner role domain value
Domain value specified Specified value Specified value Specified value


SCIM Group type examples

Operations

This page shows the operations that can be performed for the Group Type object

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/OUType
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 2,
    "startIndex": 1,
    "Resources": [
        {
            "roleHolder": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OUType/504761",
                "resourceType": "OUType"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.OUType"
            ],
            "name": "CC",
            "description": "Cost Center",
            "id": 504761
        },
        {
            "roleHolder": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OUType/504762",
                "resourceType": "OUType"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.OUType"
            ],
            "name": "PC",
            "description": "Productive center",
            "id": 504762
        }
    ]
}

List by filter

List all group types with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/OUType?filter=description co Cost
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 1,
    "startIndex": 1,
    "Resources": [
        {
            "roleHolder": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OUType/504761",
                "resourceType": "OUType"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.OUType"
            ],
            "name": "CC",
            "description": "Cost Center",
            "id": 504761
        }
    ]
}

Query by id

Query a group type by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/OUType/504761
Response 200 OK
{
    "roleHolder": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OUType/504761",
        "resourceType": "OUType"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.OUType"
    ],
    "name": "CC",
    "description": "Cost Center",
    "id": 504761
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/OUType

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "name": "App Billing Role",
    "description": "Role Admin for Billing application",
    "informationSystemName": "Operation/Business 2/App Billing",
    "system": "test",
    "password": false,
    "bpmEnabled": false,
    "enableByDefault": false,
    "granteeGroups": [],
    "ownedRoles": [],
    "ownerGroups": [],
    "ownerRoles": []
}
Response 201 Created
{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.OUType"
    ],
    "name": "NewOU",
    "description": "New OU"
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/OUType/1976710

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "name",
            "value": "OU"
        }
    ]
}
Response 200 OK
{
    "roleHolder": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OUType/1976710",
        "resourceType": "OUType"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.OUType"
    ],
    "name": "OU",
    "description": "New OU",
    "id": 1976710
}

Update all

This operation replaces all values in the group type.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/Role/1976590

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.OUType"
    ],
    "id": 1976710,
    "name": "ChangeOU"
}
Response 200 OK
{
    "roleHolder": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OUType/1976710",
        "resourceType": "OUType"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.OUType"
    ],
    "name": "ChangeOU",
    "id": 1976710
}

Delete

Please note after this delete, the group type has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/OUType/1976710
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM User type examples

Operations

This page shows the operations that can be performed for the user type object

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/UserType
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 3,
    "startIndex": 1,
    "Resources": [
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/29",
                "resourceType": "UserType"
            },
            "unmanaged": false,
            "schemas": [
                "urn:soffid:com.soffid.iam.api.UserType"
            ],
            "name": "S",
            "description": "SSO account (USE IT)",
            "id": 29
        },
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/31",
                "resourceType": "UserType"
            },
            "unmanaged": false,
            "schemas": [
                "urn:soffid:com.soffid.iam.api.UserType"
            ],
            "name": "E",
            "description": "External user",
            "id": 31
        },
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/33",
                "resourceType": "UserType"
            },
            "unmanaged": false,
            "schemas": [
                "urn:soffid:com.soffid.iam.api.UserType"
            ],
            "name": "I",
            "description": "Internal user",
            "id": 33
        }
    ]
}

List by filter

List all user types with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/UserType?filter=description co sso
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 1,
    "startIndex": 1,
    "Resources": [
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/29",
                "resourceType": "UserType"
            },
            "unmanaged": false,
            "schemas": [
                "urn:soffid:com.soffid.iam.api.UserType"
            ],
            "name": "S",
            "description": "SSO account (USE IT)",
            "id": 29
        }
    ]
}

Query by id

Query a user type by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/UserType/33
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/33",
        "resourceType": "UserType"
    },
    "unmanaged": false,
    "schemas": [
        "urn:soffid:com.soffid.iam.api.UserType"
    ],
    "name": "I",
    "description": "Internal user",
    "id": 33
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/UserType

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.UserType"
    ],
    "name": "O",
    "description": "Other user",
    "unmanaged": false
}
Response 201 Created
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/1976718",
        "resourceType": "UserType"
    },
    "unmanaged": false,
    "schemas": [
        "urn:soffid:com.soffid.iam.api.UserType"
    ],
    "name": "O",
    "description": "Other user",
    "id": 1976718
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/UserType/1976718

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "name",
            "value": "OT"
        }
    ]
}
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/1976718",
        "resourceType": "UserType"
    },
    "unmanaged": false,
    "schemas": [
        "urn:soffid:com.soffid.iam.api.UserType"
    ],
    "name": "OT",
    "description": "Other user",
    "id": 1976718
}

Update all

This operation replaces all values in the roole.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/UserType/1976718

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.OUType"
    ],
    "id": 1975535,
    "name": "OY"
}
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/1976718",
        "resourceType": "UserType"
    },
    "unmanaged": false,
    "schemas": [
        "urn:soffid:com.soffid.iam.api.UserType"
    ],
    "name": "OY",
    "id": 1976718
}

Delete

Please note after this delete, the user type has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/UserType/1976718
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM GroupUser examples

Operations

This page shows the operations that can be performed for the object that establishes the relationship between groups and users. You can add, delete and or modify users in a group.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/GroupUser
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 25,
    "startIndex": 1,
    "Resources": [
        {
            "groupDescription": "Enterprise",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser/480412",
                "resourceType": "GroupUser"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.GroupUser"
            ],
            "start": "2020-07-02 12:14:48",
            "fullName": "test User",
            "disabled": false,
            "attributes": {},
            "id": 480412,
            "user": "test2",
            "primaryGroup": false,
            "group": "enterprise"
        },
        {
            "groupDescription": "World Modified",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser/503629",
                "resourceType": "GroupUser"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.GroupUser"
            ],
            "start": "2020-08-06 15:52:12",
            "fullName": "test User",
            "end": "2021-02-26 13:05:44",
            "disabled": true,
            "attributes": {},
            "id": 503629,
            "user": "test2",
            "primaryGroup": false,
            "group": "world2"
        },
        {
            "groupDescription": "Enterprise Administrators Group",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser/1182887",
                "resourceType": "GroupUser"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.GroupUser"
            ],
            "start": "2020-12-31 16:48:58",
            "fullName": "John Smith",
            "disabled": false,
            "attributes": {
                "comments": "This is a test",
                "startDate": "2021-01-01 00:00:00"
            },
            "id": 1182887,
            "user": "jsmith",
            "primaryGroup": false,
            "group": "admingroup"
        },
      ...........
    ]
}

List by filter

List all GroupUsers with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/GroupUser?filter=groupDescription eq  "Help desk support team"
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 15,
    "startIndex": 1,
    "Resources": [
        {
            "groupDescription": "Help desk support team",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser/1519688",
                "resourceType": "GroupUser"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.GroupUser"
            ],
            "start": "2021-02-20 17:59:15",
            "fullName": "Dilbert ADAMS .",
            "end": "2021-03-12 10:38:42",
            "disabled": true,
            "attributes": {
                "comments": "Comments",
                "startDate": "2021-02-20 00:00:00"
            },
            "id": 1519688,
            "user": "dilbert",
            "primaryGroup": false,
            "group": "it"
        },
        {
            "groupDescription": "Help desk support team",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser/1974296",
                "resourceType": "GroupUser"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.GroupUser"
            ],
            "start": "2021-05-05 12:49:51",
            "fullName": "John Smith",
            "disabled": false,
            "attributes": {
                "startDate": "2021-05-04 00:00:00"
            },
            "id": 1974296,
            "user": "jsmith",
            "primaryGroup": false,
            "group": "it"
        },
      ...............
    ]
}

Query by id

Query a GroupUser by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/GroupUser/1974296
Response 200 OK
{
    "groupDescription": "Help desk support team",
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser/1974296",
        "resourceType": "GroupUser"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.GroupUser"
    ],
    "start": "2021-05-05 12:49:51",
    "fullName": "John Smith",
    "disabled": false,
    "attributes": {
        "startDate": "2021-05-04 00:00:00"
    },
    "id": 1974296,
    "user": "jsmith",
    "primaryGroup": false,
    "group": "it"
}

Create

This option allows you to add a user to a specific group.

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/GroupUser

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.GroupUser"
    ],
    "group": "it",
    "groupDescription": "Help desk support team",
    "user": "ckelp",
    "fullName": "Casey Kelp",
    "primaryGroup": true,
    "attributes": {}
}
Response 201 Created
{
    "groupDescription": "Help desk support team",
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser/1976741",
        "resourceType": "GroupUser"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.GroupUser"
    ],
    "start": "2021-05-11 10:39:23",
    "fullName": "Casey Kelp",
    "disabled": false,
    "attributes": {},
    "id": 1976741,
    "user": "ckelp",
    "primaryGroup": true,
    "group": "it"
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/GroupUser/1976741

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "groupDescription",
            "value": "Enterprise engineering team"
        },
        {
            "op": "replace",
            "path": "group",
            "value": "EngineeringTeam"
        }
    ]
}
Response 200 OK
{
    "groupDescription": "Enterprise engineering team",
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser/1976741",
        "resourceType": "GroupUser"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.GroupUser"
    ],
    "start": "2021-05-11 10:39:23",
    "fullName": "Casey Kelp",
    "disabled": false,
    "attributes": {},
    "id": 1976741,
    "user": "ckelp",
    "primaryGroup": true,
    "group": "EngineeringTeam"
}

Update all

This operation replaces all values in the GroupUser.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/GroupUser/1976741

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.GroupUser"
    ],
    "id": 1976741,
    "group": "it",
    "groupDescription": "Help desk support team",
     "user": "ckelp",
    "fullName": "Casey Kelp",
    "primaryGroup": true,
    "attributes": {}
}
Response 200 OK
{
    "groupDescription": "Help desk support team",
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser/1976741",
        "resourceType": "GroupUser"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.GroupUser"
    ],
    "fullName": "Casey Kelp",
    "disabled": false,
    "attributes": {},
    "id": 1976741,
    "user": "ckelp",
    "primaryGroup": true,
    "group": "it"
}

Delete

This option allows you to remove a user from a specific group.

Please note after this delete, the group user has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/GroupUser/1976741
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM RoleAccount examples

Operations

This page shows the operations that can be performed for the object that establishes the relationship between roles and accounts. You can assign, revoke and or modify roles to an account.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 3530,
    "startIndex": 1,
    "itemsPerPage": 100,
    "Resources": [
        {
            "certificationDate": "2020-02-13 23:01:44",
            "accountSystem": "soffid",
            "accountName": "admin",
            "userGroupCode": "admingroup",
            "approvalPending": false,
            "userFullName": "Soffid Administrator",
            "bpmEnforced": "S",
            "userCode": "admin",
            "enabled": true,
            "accountId": 103,
            "informationSystemName": "Operation/Business 2/SOFFID",
            "system": "soffid",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount/110",
                "resourceType": "RoleAccount"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.RoleAccount"
            ],
            "roleName": "SOFFID_ADMIN",
            "removalPending": false,
            "id": 110,
            "roleDescription": "SOFFID Administrator",
            "startDate": "2020-02-13 12:00:00"
        },
        {
            "certificationDate": "2020-12-15 10:48:44",
            "accountSystem": "soffid",
            "accountName": "admin",
            "userGroupCode": "admingroup",
            "approvalPending": false,
            "userFullName": "Soffid Administrator",
            "bpmEnforced": "N",
            "userCode": "admin",
            "ruleDescription": "Grants soffid user role to everyone",
            "enabled": true,
            "accountId": 103,
            "informationSystemName": "Operation/Business 2/SOFFID",
            "system": "soffid",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount/1059370",
                "resourceType": "RoleAccount"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.RoleAccount"
            ],
            "roleName": "SOFFID_USER",
            "removalPending": false,
            "id": 1059370,
            "ruleId": 1059365,
            "roleDescription": "Soffid user",
            "startDate": "2020-12-15 00:00:00"
        },
      ................
    ]
}

List by filter

List all RoleAccounts with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/soffid/webservice/scim2/v1/RoleAccount?filter=enabled eq true  and system eq soffid
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 67,
    "startIndex": 1,
    "Resources": [
        {
            "certificationDate": "2020-02-13 23:01:44",
            "accountSystem": "soffid",
            "accountName": "admin",
            "userGroupCode": "admingroup",
            "approvalPending": false,
            "userFullName": "Soffid Administrator",
            "bpmEnforced": "S",
            "userCode": "admin",
            "enabled": true,
            "accountId": 103,
            "informationSystemName": "Operation/Business 2/SOFFID",
            "system": "soffid",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount/110",
                "resourceType": "RoleAccount"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.RoleAccount"
            ],
            "roleName": "SOFFID_ADMIN",
            "removalPending": false,
            "id": 110,
            "roleDescription": "SOFFID Administrator",
            "startDate": "2020-02-13 12:00:00"
        },
        {
            "certificationDate": "2020-12-13 19:30:51",
            "accountSystem": "soffid",
            "accountName": "gbuades",
            "userGroupCode": "enterprise",
            "approvalPending": false,
            "userFullName": "Gabriel Buades ..",
            "bpmEnforced": "S",
            "userCode": "gbuades",
            "enabled": true,
            "accountId": 1039860,
            "informationSystemName": "Operation/Business 2/SOFFID",
            "system": "soffid",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount/1039866",
                "resourceType": "RoleAccount"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.RoleAccount"
            ],
            "roleName": "SOFFID_ADMIN",
            "removalPending": false,
            "id": 1039866,
            "roleDescription": "SOFFID Administrator",
            "startDate": "2020-12-13 12:00:00"
        },
      ...................
    ]
}

Query by id

Query a RoleAccount by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount/110
Response 200 OK
{
    "certificationDate": "2020-02-13 23:01:44",
    "accountSystem": "soffid",
    "accountName": "admin",
    "userGroupCode": "admingroup",
    "approvalPending": false,
    "userFullName": "Soffid Administrator",
    "bpmEnforced": "S",
    "userCode": "admin",
    "enabled": true,
    "accountId": 103,
    "informationSystemName": "Operation/Business 2/SOFFID",
    "system": "soffid",
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount/110",
        "resourceType": "RoleAccount"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.RoleAccount"
    ],
    "roleName": "SOFFID_ADMIN",
    "removalPending": false,
    "id": 110,
    "roleDescription": "SOFFID Administrator",
    "startDate": "2020-02-13 12:00:00"
}

Create

This option allows you to assign a role to a specific account.

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.RoleAccount"
    ],
    "accountName": "ckelp",
    "userFullName": "Casey Kelp",
    "informationSystemName": "Operation/Business 2/SOFFID",
    "system": "soffid",
    "roleName": "SOFFID_ADMIN",
    "roleDescription": "SOFFID Administrator",
    "bpmEnforced": "N",
    "enabled": true,
    "approvalPending": false,
    "certificationDate": "2021-05-10 12:00:00",
    "startDate": "2021-05-10 12:00:00"
}
Response 201 Created
{
    "certificationDate": "2021-05-12 07:20:36",
    "accountSystem": "soffid",
    "accountName": "ckelp",
    "userGroupCode": "it",
    "approvalPending": false,
    "userFullName": "Casey Kelp",
    "bpmEnforced": "S",
    "userCode": "ckelp",
    "enabled": true,
    "accountId": 1976677,
    "informationSystemName": "Operation/Business 2/SOFFID",
    "system": "soffid",
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount/1976862",
        "resourceType": "RoleAccount"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.RoleAccount"
    ],
    "roleName": "SOFFID_ADMIN",
    "removalPending": false,
    "id": 1976862,
    "roleDescription": "SOFFID Administrator",
    "startDate": "2021-05-10 12:00:00"
}

Delete

This option allows you to revoke a role to a specific account.

If you have installed the User snapshot backup addon when you delete a RoleAccount, it will be disabled, but never deleted from the database. If you don not have installed the User snapshot backup addon, when you delete the RoleAccount, it will be deleted from the database.

Please note after this delete, the RoleAccount has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/RoleAccount/1976862
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM Host examples

Operations

This page shows the operations that can be performed for the host object.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Host
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 12,
    "startIndex": 1,
    "Resources": [
        {
            "serialNumber": "soffid.bubu.lab:192.168.133.1",
            "os": "ALT",
            "mail": false,
            "ip": "192.168.133.1",
            "dynamicIp": true,
            "description": "Autocreated on  12/13/20 6:49:34 PM",
            "office": false,
            "lastSeen": "2020-12-13 18:49:34",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1039055",
                "resourceType": "Host"
            },
            "networkCode": "internal",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Host"
            ],
            "name": "soffid.bubu.lab",
            "id": 1039055,
            "hostAlias": [],
            "printersServer": false
        },
        {
            "os": "ALT",
            "mail": false,
            "ip": "10.129.120.4",
            "dynamicIp": false,
            "description": "Discovered host iam.soffid.com",
            "office": false,
            "lastSeen": "2021-04-05 20:06:19",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1793093",
                "resourceType": "Host"
            },
            "networkCode": "lab1",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Host"
            ],
            "name": "iam.soffid.com",
            "id": 1793093,
            "hostAlias": [],
            "printersServer": false
        },
      ........
    ]
}

List by filter

List all Hosts with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Host?filter=os eq LIN and name co archiva
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 1,
    "startIndex": 1,
    "Resources": [
        {
            "os": "LIN",
            "mail": false,
            "ip": "10.129.120.2",
            "dynamicIp": false,
            "description": "Discovered host archiva.dev.lab",
            "office": false,
            "lastSeen": "2021-04-05 20:04:49",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1793026",
                "resourceType": "Host"
            },
            "networkCode": "lab1",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Host"
            ],
            "name": "archiva.dev.lab",
            "id": 1793026,
            "hostAlias": [],
            "printersServer": false
        }
    ]
}

Query by id

Query a Host by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Host/1793093
Response 200 OK
{
    "os": "ALT",
    "mail": false,
    "ip": "10.129.120.4",
    "dynamicIp": false,
    "description": "Discovered host iam.soffid.com",
    "office": false,
    "lastSeen": "2021-04-05 20:06:19",
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1793093",
        "resourceType": "Host"
    },
    "networkCode": "lab1",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Host"
    ],
    "name": "iam.soffid.com",
    "id": 1793093,
    "hostAlias": [],
    "printersServer": false
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/Host

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Host"
    ],
    "name": "billing.dev.lab",
    "description": "Host billing.dev.lab",
    "os": "LIN",
    "mail": false,
    "dynamicIp": false,
    "networkCode": "internal",
    "hostAlias": [
        "aliasHost_1",
        "aliasHost_2"
    ],
    "serialNumber": "123456789",
    "printersServer": false
}
Response 201 Created
{
    "serialNumber": "123456789",
    "os": "LIN",
    "mail": false,
    "dynamicIp": false,
    "description": "Host billing.dev.lab",
    "office": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1976899",
        "resourceType": "Host"
    },
    "networkCode": "internal",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Host"
    ],
    "name": "billing.dev.lab",
    "id": 1976899,
    "hostAlias": [
      "aliasHost_1",
      "aliasHost_2"
    ],
    "printersServer": false
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/Host/1976899

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "networkCode",
            "value": "Lab1"
        },
        {
            "op": "add",
            "path": "hostAlias",
            "value": [
                "aliasHost_3",
                "aliasHost_4"
            ]
        }
    ]
}
Response 200 OK
{
    "serialNumber": "123456789",
    "os": "LIN",
    "mail": false,
    "dynamicIp": false,
    "description": "Host billing.dev.lab",
    "office": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1976899",
        "resourceType": "Host"
    },
    "networkCode": "Lab1",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Host"
    ],
    "name": "billing.dev.lab",
    "id": 1976899,
    "hostAlias": [
        "aliasHost_1",
        "aliasHost_2",
        "aliasHost_3",
        "aliasHost_4"
    ],
    "printersServer": false
}

Update all

This operation replaces all values in the Hosts.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/Host/1976899

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Host"
    ],
    "id": 1976899,
    "name": "billing.dev.lab",
    "description": "Host billing.dev.lab",
    "os": "LIN",
    "mail": false,
    "dynamicIp": false,
    "networkCode": "internal",   
    "printersServer": false
}
Response 200 OK
{
    "os": "LIN",
    "mail": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1976899",
        "resourceType": "Host"
    },
    "networkCode": "internal",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Host"
    ],
    "name": "billing.dev.lab",
    "dynamicIp": false,
    "description": "Host billing.dev.lab",
    "id": 1976899,
    "hostAlias": [],
    "printersServer": false
}

Delete

Please note after this delete, the host has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/Host/1976899
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM MailDomain examples

Operations

This page shows the operations that can be performed for the MailDomain object.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/MailDomain
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 2,
    "startIndex": 1,
    "Resources": [
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/523263",
                "resourceType": "MailDomain"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.MailDomain"
            ],
            "name": "soffid.com",
            "obsolete": false,
            "description": "Soffid",
            "id": 523263
        },
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/523265",
                "resourceType": "MailDomain"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.MailDomain"
            ],
            "name": "soffid.org",
            "obsolete": false,
            "description": "Old Domain",
            "id": 523265
        }
    ]
}

List by filter

List all Mail domain with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/MailDomain?filter=obsolete eq false and description co old
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 1,
    "startIndex": 1,
    "Resources": [
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/523265",
                "resourceType": "MailDomain"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.MailDomain"
            ],
            "name": "soffid.org",
            "obsolete": false,
            "description": "Old Domain",
            "id": 523265
        }
    ]
}

Query by id

Query a Mail Domain by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/MailDomain/523263
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/523263",
        "resourceType": "MailDomain"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailDomain"
    ],
    "name": "soffid.com",
    "obsolete": false,
    "description": "Soffid",
    "id": 523263
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/MailDomain

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailDomain"
    ],
    "name": "newdomain.com",
    "obsolete": false,
    "description": "New Domain"
}
Response 201 Created
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/1976941",
        "resourceType": "MailDomain"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailDomain"
    ],
    "name": "newdomain.com",
    "obsolete": false,
    "description": "New Domain",
    "id": 1976941
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/MailDomain/1976941

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "description",
            "value": "New domain (xxx)"
        },
        {
            "op": "replace",
            "path": "obsolete",
            "value": "true"
        }
    ]
}
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/1976941",
        "resourceType": "MailDomain"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailDomain"
    ],
    "name": "newdomain.com",
    "obsolete": true,
    "description": "New domain (xxx)",
    "id": 1976941
}

Update all

This operation replaces all values in the Mail Domain.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/MailDomain/1976941

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailDomain"
    ],
    "id": 1976941,
    "name": "newdomain.com",
    "obsolete": false,
    "description": "New Domain"
}
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/1976941",
        "resourceType": "MailDomain"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailDomain"
    ],
    "name": "newdomain.com",
    "obsolete": false,
    "description": "New Domain",
    "id": 1976941
}

Delete

Please note after this delete, the mail domain has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/MailDomain/1976941
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM MailList examples

Operations

This page shows the operations that can be performed for the MailList object.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/MailList
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 3,
    "startIndex": 1,
    "Resources": [
        {
            "groupMembers": [],
            "usersList": [
                "admin",
                "test2"
            ],
            "description": "Test email",
            "externalList": [],
            "explodedUsersList": [
                "test2",
                "admin"
            ],
            "roleMembers": [],
            "lists": [
                "test@soffid.com"
            ],
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/524071",
                "resourceType": "MailList"
            },
            "domainName": "soffid.com",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.MailList"
            ],
            "name": "test",
            "attributes": {},
            "id": 524071,
            "listsBelong": "test@soffid.com"
        },
        {
            "groupMembers": [],
            "usersList": [],
            "externalList": [],
            "explodedUsersList": [],
            "roleMembers": [],
            "lists": [],
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/1976100",
                "resourceType": "MailList"
            },
            "domainName": "soffid.org",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.MailList"
            ],
            "name": "mailList",
            "attributes": {},
            "id": 1976100,
            "listsBelong": ""
        },
       ......
    ]
}

List by filter

List all MailList with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/MailList?filter=description co test
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 2,
    "startIndex": 1,
    "Resources": [
        {
            "groupMembers": [],
            "usersList": [
                "admin",
                "test2"
            ],
            "description": "Test email",
            "externalList": [],
            "explodedUsersList": [
                "test2",
                "admin"
            ],
            "roleMembers": [],
            "lists": [
                "test@soffid.com"
            ],
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/524071",
                "resourceType": "MailList"
            },
            "domainName": "soffid.com",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.MailList"
            ],
            "name": "test",
            "attributes": {},
            "id": 524071,
            "listsBelong": "test@soffid.com"
        },
        {
            "groupMembers": [],
            "usersList": [
                "dilbert",
                "admin"
            ],
            "description": "Test email mailList",
            "externalList": [],
            "explodedUsersList": [
                "dilbert",
                "admin"
            ],
            "roleMembers": [],
            "lists": [],
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/1976181",
                "resourceType": "MailList"
            },
            "domainName": "soffid.com",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.MailList"
            ],
            "name": "mailList2",
            "attributes": {},
            "id": 1976181,
            "listsBelong": ""
        }
    ]
}

Query by id

Query a MailList by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/MailList/524071
Response 200 OK
{
    "groupMembers": [],
    "usersList": [
        "admin",
        "test2"
    ],
    "description": "Test email",
    "externalList": [],
    "explodedUsersList": [
        "test2",
        "admin"
    ],
    "roleMembers": [],
    "lists": [
        "test@soffid.com"
    ],
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/524071",
        "resourceType": "MailList"
    },
    "domainName": "soffid.com",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailList"
    ],
    "name": "test",
    "attributes": {},
    "id": 524071,
    "listsBelong": "test@soffid.com"
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/MailList

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailList"
    ],
    "name": "billingMailList",
    "domainName": "newdomain.com",
    "description": "Test email mailList",
    "usersList": [
        "admin",
        "dilbert"
    ]
}
Response 201 Created
{
    "groupMembers": [],
    "usersList": [
        "dilbert",
        "admin"
    ],
    "description": "Test email mailList",
    "externalList": [],
    "explodedUsersList": [
        "dilbert",
        "admin"
    ],
    "roleMembers": [],
    "lists": [],
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/1976957",
        "resourceType": "MailList"
    },
    "domainName": "newdomain.com",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailList"
    ],
    "name": "billingMailList",
    "attributes": {},
    "id": 1976957,
    "listsBelong": ""
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/GroupUser/1976741

JSON

{
    "Operations": [
        {
            "op": "remove",
            "path": "usersList",
            "value": [
                "admin",
                "dilbert"
            ]
        }
    ]
}
Response 200 OK
{
    "groupMembers": [],
    "description": "Test email mailList",
    "externalList": [],
    "explodedUsersList": [
        "dilbert",
        "admin"
    ],
    "roleMembers": [],
    "lists": [],
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/1976957",
        "resourceType": "MailList"
    },
    "domainName": "newdomain.com",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailList"
    ],
    "name": "billingMailList",
    "attributes": {},
    "id": 1976957,
    "listsBelong": ""
}

Update all

This operation replaces all values in the MailList.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/MailList/1976957

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailList"
    ],
    "id": 1976957,
    "name": "mailList",
    "domainName": "newdomain.com"
}
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/1976957",
        "resourceType": "MailList"
    },
    "domainName": "newdomain.com",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.MailList"
    ],
    "name": "mailList",
    "attributes": {},
    "id": 1976957
}

Delete

Please note after this delete, the mail list has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/MailList/1976957
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM Network examples

Operations

This page shows the operations that can be performed for the Network object.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Network
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 6,
    "startIndex": 1,
    "Resources": [
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/67",
                "resourceType": "Network"
            },
            "ip": "127.0.0.0",
            "lanAccess": false,
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Network"
            ],
            "name": "loopback",
            "description": "Description",
            "id": 67,
            "mask": "255.255.255.128",
            "dhcpSupport": false
        },
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/505167",
                "resourceType": "Network"
            },
            "ip": "172.0.0.0",
            "lanAccess": false,
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Network"
            ],
            "name": "int1",
            "description": "Internal network 1",
            "id": 505167,
            "mask": "255.240.0.0",
            "dhcpSupport": false
        },
      ...............
    ]
}

List by filter

List all Networks with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Network?filter=description co labora
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 3,
    "startIndex": 1,
    "Resources": [
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1790267",
                "resourceType": "Network"
            },
            "ip": "10.129.120.0",
            "lanAccess": false,
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Network"
            ],
            "name": "lab1",
            "description": "Laboratory network 1",
            "id": 1790267,
            "mask": "255.255.255.0",
            "dhcpSupport": false
        },
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1790319",
                "resourceType": "Network"
            },
            "ip": "10.129.121.0",
            "lanAccess": false,
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Network"
            ],
            "name": "lab2",
            "description": "Laboratory network 2",
            "id": 1790319,
            "mask": "255.255.255.0",
            "dhcpSupport": false
        },
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1858961",
                "resourceType": "Network"
            },
            "ip": "10.129.122.0",
            "lanAccess": true,
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Network"
            ],
            "name": "lab3",
            "description": "Laboratory network",
            "id": 1858961,
            "mask": "255.255.255.0",
            "dhcpSupport": false
        }
    ]
}

Query by id

Query a Network by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Network/1038187
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1038187",
        "resourceType": "Network"
    },
    "ip": "192.168.133.0",
    "lanAccess": true,
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Network"
    ],
    "name": "internal",
    "description": "Internal Network",
    "loginRestriction": false,
    "id": 1038187,
    "mask": "255.255.255.0",
    "dhcpSupport": true
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/Network

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Network"
    ],
    "name": "Laboratory",
    "description": "Laboratory Network",
    "ip": "192.168.123.0",
    "mask": "255.255.255.0",
    "loginRestriction": false,
    "lanAccess": true,
    "dhcpSupport": true
}
Response 201 Created
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1977114",
        "resourceType": "Network"
    },
    "ip": "192.168.123.0",
    "lanAccess": true,
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Network"
    ],
    "name": "Laboratory",
    "description": "Laboratory Network",
    "loginRestriction": false,
    "id": 1977114,
    "mask": "255.255.255.0",
    "dhcpSupport": true
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/Network/1977114

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "ip",
            "value": "192.168.125.0"
        }
    ]
}
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1977114",
        "resourceType": "Network"
    },
    "ip": "192.168.123.0",
    "lanAccess": true,
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Network"
    ],
    "name": "Laboratory",
    "description": "Laboratory Network",
    "loginRestriction": false,
    "id": 1977114,
    "mask": "255.255.255.0",
    "dhcpSupport": true
}

Update all

This operation replaces all values in the Network.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/Network/1977114

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Network"
    ],
    "id": 1977114,
    "name": "Laboratory",
    "ip": "192.168.123.0",
    "mask": "255.255.255.0"
}
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1977114",
        "resourceType": "Network"
    },
    "ip": "192.168.123.0",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Network"
    ],
    "name": "Laboratory",
    "id": 1977114,
    "mask": "255.255.255.0",
    "dhcpSupport": false
}

Delete

Please note after this delete, the network has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/Network/1977114
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM DomainValue examples

Operations

This page shows the operations that can be performed for the DomainValue object. The DomainValue is related to Information Systems.

Role scope or domains are properties that can be assigned to some entitlements, limiting the scope of that entitlement. This can be used to limit, for instance, the maximum amount allowed for a money transfer, or the commercial zones to manage.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/DomainValue
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 4,
    "startIndex": 1,
    "Resources": [
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/499623",
                "resourceType": "DomainValue"
            },
            "domainName": "Zone",
            "externalCodeDomain": "Operation",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.DomainValue"
            ],
            "description": "Twenty",
            "id": 499623,
            "value": "20"
        },
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/499629",
                "resourceType": "DomainValue"
            },
            "domainName": "Zone",
            "externalCodeDomain": "Operation",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.DomainValue"
            ],
            "description": "Eleven",
            "id": 499629,
            "value": "10"
        },
      .............
    ]
}

List by filter

List all DomainValues with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request


GET http://<your-domain>/soffid/webservice/scim2/v1/DomainValue?filter=description co Tw
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 1,
    "startIndex": 1,
    "Resources": [
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/499623",
                "resourceType": "DomainValue"
            },
            "domainName": "Zone",
            "externalCodeDomain": "Operation",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.DomainValue"
            ],
            "description": "Twenty",
            "id": 499623,
            "value": "20"
        }
    ]
}

Query by id

Query a DomainValue by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/DomainValue/802012
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/802012",
        "resourceType": "DomainValue"
    },
    "domainName": "Company",
    "externalCodeDomain": "Operation/Business 2/SOFFID",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.DomainValue"
    ],
    "description": "Soffid",
    "id": 802012,
    "value": "Soffid"
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/DomainValue

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.DomainValue"
    ],
    "domainName": "Company",
    "externalCodeDomain": "Operation/Business 2/SOFFID",
    "description": "bubble",
    "value": "bubble"
}
Response 201 Created
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/1977131",
        "resourceType": "DomainValue"
    },
    "domainName": "Company",
    "externalCodeDomain": "Operation/Business 2/SOFFID",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.DomainValue"
    ],
    "description": "bubble",
    "id": 1977131,
    "value": "bubble"
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/GroupUser/1976741

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "description",
            "value": "Bubble description"
        }
    ]
}
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/1977131",
        "resourceType": "DomainValue"
    },
    "domainName": "Company",
    "externalCodeDomain": "Operation/Business 2/SOFFID",
    "schemas": [
        "urn:soffid:com.soffid.iam.api.DomainValue"
    ],
    "description": "Bubble description",
    "id": 1977131,
    "value": "bubble"
}

Update all

This operation replaces all values in the DomainValue.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/DomainValue/1977131

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.GroupUser"
    ],
    "id": 1976741,
    "group": "it",
    "groupDescription": "Help desk support team",
    "user": "ckelp",
    "fullName": "Casey Kelp",
    "primaryGroup": true,
    "attributes": {}
}
Response 200 OK
{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.DomainValue"
    ],
    "id": 1977131,
    "domainName": "Company",
    "externalCodeDomain": "Operation/Business 2/SOFFID",
    "description": "New bubble",
    "value": "Newbubble"
}

Delete

Please note after this delete, the DomainValue has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/DomainValue/1977131
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM VaultFolder examples

Operations

This page shows the operations that can be performed for the VaultFolder object

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/VaultFolder/
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 4,
    "startIndex": 1,
    "Resources": [
        {
            "grantedRoles": [],
            "accessLevel": "O",
            "managerRoles": [],
            "navigateUsers": [],
            "navigateRoles": [],
            "description": "Accounts that won't be shared",
            "personal": true,
            "ownerGroups": [],
            "ownerRoles": [],
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/368461",
                "resourceType": "VaultFolder"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.VaultFolder"
            ],
            "name": "Personal accounts",
            "managerUsers": [],
            "navigateGroups": [],
            "id": 368461,
            "grantedGroups": [],
            "managerGroups": [],
            "grantedUsers": [],
            "ownerUsers": [
                "admin"
            ]
        },
        {
            "grantedRoles": [],
            "accessLevel": "O",
            "managerRoles": [],
            "navigateUsers": [
                "test2",
                "admin"
            ],
            "navigateRoles": [],
            "description": "Password vault",
            "personal": false,
            "ownerGroups": [],
            "ownerRoles": [],
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/515461",
                "resourceType": "VaultFolder"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.VaultFolder"
            ],
            "name": "vault",
            "managerUsers": [],
            "navigateGroups": [],
            "id": 515461,
            "grantedGroups": [],
            "managerGroups": [],
            "grantedUsers": [],
            "ownerUsers": [
                "admin"
            ]
        },
      ............
    ]
}

List by filter

List all VaultFolders with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/VaultFolder/?filter=personal eq true
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 1,
    "startIndex": 1,
    "Resources": [
        {
            "grantedRoles": [],
            "accessLevel": "O",
            "managerRoles": [],
            "navigateUsers": [],
            "navigateRoles": [],
            "description": "Accounts that won't be shared",
            "personal": true,
            "ownerGroups": [],
            "ownerRoles": [],
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/368461",
                "resourceType": "VaultFolder"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.VaultFolder"
            ],
            "name": "Personal accounts",
            "managerUsers": [],
            "navigateGroups": [],
            "id": 368461,
            "grantedGroups": [],
            "managerGroups": [],
            "grantedUsers": [],
            "ownerUsers": [
                "admin"
            ]
        }
    ]
}

Query by id

Query a VaultFolder by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/VaultFolder/515461
Response 200 OK
{
    "grantedRoles": [],
    "accessLevel": "O",
    "managerRoles": [],
    "navigateUsers": [
        "test2",
        "admin"
    ],
    "navigateRoles": [],
    "description": "Password vault",
    "personal": false,
    "ownerGroups": [],
    "ownerRoles": [],
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/515461",
        "resourceType": "VaultFolder"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.VaultFolder"
    ],
    "name": "vault",
    "managerUsers": [],
    "navigateGroups": [],
    "id": 515461,
    "grantedGroups": [],
    "managerGroups": [],
    "grantedUsers": [],
    "ownerUsers": [
        "admin"
    ]
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/VaultFolder

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.VaultFolder"
    ],
    "name": "Folder Billing",
    "description": "Folder Billing",
    "parentFolder": "vault",
    "parentId": 515461,
    "personal": false,
    "accessLevel": "M",
    "ownerUsers": [
        "admin"
    ],
    "navigateUsers": [
        "admin"
    ]
}
Response 201 Created
{
    "grantedRoles": [],
    "accessLevel": "O",
    "managerRoles": [],
    "navigateUsers": [
        "admin"
    ],
    "navigateRoles": [],
    "description": "Folder Billing",
    "personal": false,
    "parentId": 515461,
    "parentFolder": "vault",
    "ownerGroups": [],
    "ownerRoles": [],
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/1977703",
        "resourceType": "VaultFolder"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.VaultFolder"
    ],
    "name": "Folder Billing",
    "managerUsers": [],
    "navigateGroups": [],
    "id": 1977703,
    "grantedGroups": [],
    "managerGroups": [],
    "grantedUsers": [],
    "ownerUsers": [
        "admin"
    ]
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/VaultFolder/1977703

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "description",
            "value": "Vault folder billing"
        },
        {
            "op": "add",
            "path": "navigateUsers",
            "value": [
                "dilbert",
                "asea"
            ]
        }
    ]
}
Response 200 OK
{
    "grantedRoles": [],
    "accessLevel": "O",
    "managerRoles": [],
    "navigateUsers": [
        "asea",
        "dilbert",
        "admin"
    ],
    "navigateRoles": [],
    "description": "Vault folder billing",
    "personal": false,
    "parentId": 515461,
    "parentFolder": "vault",
    "ownerGroups": [],
    "ownerRoles": [],
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/1977703",
        "resourceType": "VaultFolder"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.VaultFolder"
    ],
    "name": "Folder Billing",
    "managerUsers": [],
    "navigateGroups": [],
    "id": 1977703,
    "grantedGroups": [],
    "managerGroups": [],
    "grantedUsers": [],
    "ownerUsers": [
        "admin"
    ]
}

Update all

This operation replaces all values in the VaultFolder.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/VaultFolder/1977703

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.VaultFolder"
    ],
    "id": 1977703,
    "name": "Folder Billing",
    "description": "Folder Billing",
    "parentFolder": "vault",
    "parentId": 515461,
    "personal": false,
    "accessLevel": "M",
    "ownerUsers": [
        "admin"
    ]
}
Response 200 OK
{
    "grantedRoles": [],
    "accessLevel": "O",
    "managerRoles": [],
    "navigateUsers": [],
    "navigateRoles": [],
    "description": "Folder Billing",
    "personal": false,
    "parentId": 515461,
    "parentFolder": "vault",
    "ownerGroups": [],
    "ownerRoles": [],
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/1977703",
        "resourceType": "VaultFolder"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.VaultFolder"
    ],
    "name": "Folder Billing",
    "managerUsers": [],
    "navigateGroups": [],
    "id": 1977703,
    "grantedGroups": [],
    "managerGroups": [],
    "grantedUsers": [],
    "ownerUsers": [
        "admin"
    ]
}

Delete

Please note after this delete, the VaultFolder has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/VaultFolder/1977703
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM System examples

Operations

This page shows the operations that can be performed for the Systems object (Agents).

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/System
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 16,
    "startIndex": 1,
    "Resources": [
        {
            "accessControl": false,
            "usersDomain": "DEFAULT",
            "fullReconciliation": false,
            "authoritative": false,
            "description": "Soffid system",
            "groups": "",
            "threads": 1,
            "className": "- no class -",
            "userTypes": "I",
            "groupsList": [],
            "readOnly": false,
            "passwordsDomain": "DEFAULT",
            "timeStamp": "2020-04-18 19:32:37",
            "rolebased": true,
            "trusted": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/44",
                "resourceType": "System"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.System"
            ],
            "name": "soffid",
            "id": 44,
            "passwordsDomainId": 27,
            "tenant": "master",
            "generateTasksOnLoad": true
        },
        {
            "accessControl": false,
            "usersDomain": "DEFAULT",
            "fullReconciliation": false,
            "authoritative": false,
            "description": "External SSO accounts",
            "groups": "admingroup,enterprise",
            "threads": 1,
            "className": "com.soffid.iam.sync.sso.agent.SSOAgent",
            "userTypes": "S,I",
            "groupsList": [
                "admingroup",
                "enterprise"
            ],
            "readOnly": false,
            "url": "local",
            "passwordsDomain": "DEFAULT",
            "timeStamp": "2020-09-21 10:17:38",
            "rolebased": false,
            "trusted": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/47",
                "resourceType": "System"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.System"
            ],
            "name": "SSO",
            "id": 47,
            "manualAccountCreation": true,
            "passwordsDomainId": 27,
            "tenant": "master",
            "generateTasksOnLoad": true
        },
      ................
    ]
}

List by filter

List all Systems with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/System?filter=description co 10.129.
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 2,
    "startIndex": 1,
    "Resources": [
        {
            "accessControl": false,
            "description": "Discovered host 10.129.122.22",
            "className": "com.soffid.iam.sync.agent.SimpleSSHAgent",
            "userTypes": "",
            "passwordsDomain": "DEFAULT",
            "rolebased": false,
            "id": 1885153,
            "manualAccountCreation": true,
            "tenant": "master",
            "generateTasksOnLoad": false,
            "param7": "false",
            "usersDomain": "DEFAULT",
            "param6": "UTF-8",
            "fullReconciliation": true,
            "authoritative": false,
            "sharedDispatcher": true,
            "param0": "soffid",
            "groups": "",
            "threads": 1,
            "groupsList": [],
            "readOnly": false,
            "param3": "10.129.122.22",
            "param4": "true",
            "url": "local",
            "param2": "517y1hF40k4=",
            "timeStamp": "2021-04-23 12:23:15",
            "trusted": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/1885153",
                "resourceType": "System"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.System"
            ],
            "name": "10.129.122.22",
            "passwordsDomainId": 27
        },
        {
            "accessControl": false,
            "description": "Discovered host 10.129.122.25",
            "className": "com.soffid.iam.sync.agent.SimpleWindowsAgent",
            "userTypes": "",
            "passwordsDomain": "DEFAULT",
            "rolebased": false,
            "id": 1890334,
            "manualAccountCreation": true,
            "tenant": "master",
            "generateTasksOnLoad": false,
            "param7": "false",
            "usersDomain": "DEFAULT",
            "fullReconciliation": true,
            "authoritative": false,
            "sharedDispatcher": true,
            "param0": "Administrador",
            "groups": "",
            "threads": 1,
            "groupsList": [],
            "readOnly": false,
            "param3": "10.129.122.25",
            "param4": "true",
            "url": "local",
            "param2": "VFJV1pSRfE7s",
            "timeStamp": "2021-04-23 20:00:34",
            "trusted": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/1890334",
                "resourceType": "System"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.System"
            ],
            "name": "10.129.122.25",
            "passwordsDomainId": 27
        }
    ]
}

Query by id

Query a System by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/System/389082
Response 200 OK
{
    "accessControl": true,
    "description": "Active Directory.",
    "className": "com.soffid.iam.sync.agent2.CustomizableActiveDirectoryAgent",
    "userTypes": "I",
    "passwordsDomain": "DEFAULT",
    "rolebased": true,
    "id": 389082,
    "manualAccountCreation": false,
    "tenant": "master",
    "generateTasksOnLoad": true,
    "param7": "true",
    "param8": "true",
    "usersDomain": "DEFAULT",
    "fullReconciliation": false,
    "authoritative": true,
    "sharedDispatcher": false,
    "param0": "ad.bubu.lab",
    "groups": "",
    "threads": 1,
    "groupsList": [],
    "readOnly": false,
    "param3": "C27Nv4vjbIsI",
    "url": "https://soffid.bubu.lab:1760/",
    "param1": "dc=ad,dc=bubu,dc=lab",
    "param2": "ad\\Administrator",
    "timeStamp": "2021-04-07 09:31:59",
    "trusted": true,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/389082",
        "resourceType": "System"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.System"
    ],
    "name": "ad",
    "passwordsDomainId": 27
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/System

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.System"
    ],
    "name": "SQLRRHH",
    "description": "SQL RRHH test",
    "className": "com.soffid.iam.sync.agent.SQLAgent2",
    "userTypes": "E,I",
    "passwordsDomain": "DEFAULT",
    "usersDomain": "DEFAULT"
}
Response 201 Created
{
    "accessControl": false,
    "usersDomain": "DEFAULT",
    "fullReconciliation": false,
    "authoritative": false,
    "description": "SQL RRHH test",
    "groups": "",
    "threads": 1,
    "className": "com.soffid.iam.sync.agent.SQLAgent2",
    "userTypes": "I,E",
    "groupsList": [],
    "readOnly": false,
    "passwordsDomain": "DEFAULT",
    "timeStamp": "2021-05-12 10:58:35",
    "rolebased": false,
    "trusted": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/1977157",
        "resourceType": "System"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.System"
    ],
    "name": "SQLRRHH",
    "id": 1977157,
    "passwordsDomainId": 27,
    "tenant": "master",
    "generateTasksOnLoad": false
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/System/1977157

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "param0",
            "value": "user"
        },
        {
            "op": "replace",
            "path": "param1",
            "value": "password"
        },
        {
            "op": "replace",
            "path": "param2",
            "value": "jdbc:mysql://localhost/personal"
        }
    ]
}
Response 200 OK
{
    "accessControl": false,
    "description": "SQL RRHH test",
    "className": "com.soffid.iam.sync.agent.SQLAgent2",
    "userTypes": "I,E",
    "passwordsDomain": "DEFAULT",
    "rolebased": false,
    "id": 1977157,
    "tenant": "master",
    "generateTasksOnLoad": false,
    "usersDomain": "DEFAULT",
    "fullReconciliation": false,
    "authoritative": false,
    "param0": "user",
    "groups": "",
    "threads": 1,
    "groupsList": [],
    "readOnly": false,
    "param1": "password",
    "param2": "jdbc:mysql://localhost/personal",
    "timeStamp": "2021-05-12 10:59:44",
    "trusted": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/1977157",
        "resourceType": "System"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.System"
    ],
    "name": "SQLRRHH",
    "passwordsDomainId": 27
}

Update all

This operation replace all values in the System.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/System/1977157

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.System"
    ],
    "id": 1977157,
    "name": "SQLRRHH",
    "description": "SQL RRHH test",
    "className": "com.soffid.iam.sync.agent.SQLAgent2",
    "userTypes": "E,I",
    "passwordsDomain": "DEFAULT",
    "usersDomain": "DEFAULT"
}
Response 200 OK
{
    "accessControl": false,
    "usersDomain": "DEFAULT",
    "fullReconciliation": false,
    "authoritative": false,
    "description": "SQL RRHH test",
    "groups": "",
    "threads": 1,
    "className": "com.soffid.iam.sync.agent.SQLAgent2",
    "userTypes": "I,E",
    "groupsList": [],
    "readOnly": false,
    "passwordsDomain": "DEFAULT",
    "timeStamp": "2021-05-12 11:02:49",
    "rolebased": false,
    "trusted": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/1977157",
        "resourceType": "System"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.System"
    ],
    "name": "SQLRRHH",
    "id": 1977157,
    "passwordsDomainId": 27,
    "tenant": "master",
    "generateTasksOnLoad": false
}

Delete

Please note after this delete, the System has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/System/1977157
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM CustomObject examples

Operations

This page shows the operations that can be performed for the CustomObjects object

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/CustomObject
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 6,
    "startIndex": 1,
    "Resources": [
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/CustomObject/848157",
                "resourceType": "CustomObject"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.CustomObject"
            ],
            "name": "aa",
            "description": "aaa",
            "attributes": {
                "address": "2"
            },
            "id": 848157,
            "type": "building"
        },
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/1510208",
                "resourceType": "CustomObject"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.CustomObject"
            ],
            "name": "ES",
            "description": "Spain",
            "attributes": {
                "language": "English"
            },
            "id": 1510208,
            "type": "country"
        },
      ..........
    ]
}

List by filter

List all CustomObjects with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/CustomObject?filter=description eq Spain
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 1,
    "startIndex": 1,
    "Resources": [
        {
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/1510208",
                "resourceType": "CustomObject"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.CustomObject"
            ],
            "name": "ES",
            "description": "Spain",
            "attributes": {
                "language": "English"
            },
            "id": 1510208,
            "type": "country"
        }
    ]
}

Query by id

Query a CustomObject by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/CustomObject/848062
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/848062",
        "resourceType": "CustomObject"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.CustomObject"
    ],
    "name": "HQ",
    "description": "Headquarters",
    "attributes": {
        "address": "1"
    },
    "id": 848062,
    "type": "building"
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/CustomObject

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.CustomObject"
    ],
    "name": "IT",
    "description": "Italy",
    "type": "country",
    "attributes": {
        "language": "English"
    }
}
Response 201 Created
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/1977187",
        "resourceType": "CustomObject"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.CustomObject"
    ],
    "name": "IT",
    "description": "Italy",
    "attributes": {
        "language": "English"
    },
    "id": 1977187,
    "type": "country"
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/CustomObject/1977187

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "attributes",
            "value": {
                "language": "German"
            }
        }
    ]
}
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/1977187",
        "resourceType": "CustomObject"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.CustomObject"
    ],
    "name": "IT",
    "description": "Italy",
    "attributes": {
        "language": "German"
    },
    "id": 1977187,
    "type": "country"
}

Update all

This operation replaces all values in the CustomObject.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/CustomObject/1977187

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.CustomObject"
    ],
    "id": 1977187,
    "name": "IT",
    "description": "Italy",
    "type": "country",
    "attributes": {
        "language": "English"
    }
}
Response 200 OK
{
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/1977187",
        "resourceType": "CustomObject"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.CustomObject"
    ],
    "name": "IT",
    "description": "Italy",
    "attributes": {
        "language": "English"
    },
    "id": 1977187,
    "type": "country"
}

Delete

Please note after this delete, the CustomObject has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/CustomObject/1977187
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM ProcessDefinition examples

Operations

This page shows the operations that can be performed for the ProcessDefinitions object

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/ProcessDefinition
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 8,
    "startIndex": 1,
    "Resources": [
        {
            "author": "admin",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessDefinition/1474063",
                "resourceType": "ProcessDefinition"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition"
            ],
            "name": "User registration",
            "deployed": "2021-02-11 16:42:08",
            "tag": "27",
            "id": 1474063,
            "version": 27,
            "enabled": true
        },
        {
            "author": "admin",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessDefinition/1857694",
                "resourceType": "ProcessDefinition"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition"
            ],
            "name": "User request",
            "deployed": "2021-04-15 16:10:11",
            "tag": "19",
            "id": 1857694,
            "version": 19,
            "enabled": true
        },
      .............
    ]
}

List by filter

List all ProcessDefinitions with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/ProcessDefinition?filter=name co request
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 2,
    "startIndex": 1,
    "Resources": [
        {
            "author": "admin",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessDefinition/1946303",
                "resourceType": "ProcessDefinition"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition"
            ],
            "name": "Permissions request",
            "deployed": "2021-04-30 08:48:58",
            "tag": "23",
            "id": 1946303,
            "type": "RoleApproval",
            "version": 23,
            "enabled": true
        },
        {
            "author": "admin",
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessDefinition/1857694",
                "resourceType": "ProcessDefinition"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition"
            ],
            "name": "User request",
            "deployed": "2021-04-15 16:10:11",
            "tag": "19",
            "id": 1857694,
            "version": 19,
            "enabled": true
        }
    ]
}

Query by id

Query a ProcessDefinition by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/ProcessDefinition/1857694
Response 200 OK
{
    "author": "admin",
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessDefinition/1857694",
        "resourceType": "ProcessDefinition"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition"
    ],
    "name": "User request",
    "deployed": "2021-04-15 16:10:11",
    "tag": "19",
    "id": 1857694,
    "version": 19,
    "enabled": true
}

Create

This operation is not allowed.

Update partial

This operation is not allowed.

Update all

This operation is not allowed.

Delete

This operation is not allowed.

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response

 

SCIM ProcessInstance examples

Operations

This page shows the operations that can be performed for the ProcessInstances object.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/ProcessInstance
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 311,
    "startIndex": 1,
    "Resources": [
        {
            "dummyProcess": false,
            "variables": {},
            "comments": [
                {
                    "actor": "admin Soffid Administrator",
                    "schemas": [
                        "urn:soffid:com.soffid.iam.bpm.api.Comment"
                    ],
                    "time": "2020-09-30 09:57:15",
                    "message": "Comentario"
                }
            ],
            "processDefinition": 628635,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/626161",
                "resourceType": "ProcessInstance"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance"
            ],
            "start": "2020-09-29 20:34:46",
            "currentTask": "Entrada de la consulta",
            "description": "Consultar la base de datos",
            "end": "2020-11-11 15:05:48",
            "id": 626161
        },
        {
            "dummyProcess": false,
            "variables": {},
            "comments": [],
            "processDefinition": 628635,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/626179",
                "resourceType": "ProcessInstance"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance"
            ],
            "start": "2020-09-29 20:35:22",
            "currentTask": "Entrada de la consulta",
            "description": "Consultar la base de datos",
            "end": "2020-11-11 15:05:44",
            "id": 626179
        },
      ..........
    ]
}

List by filter

List all ProcessInstances with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/ProcessInstance?filter=description co Permission and currentTask eq Start
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 8,
    "startIndex": 1,
    "Resources": [
        {
            "dummyProcess": false,
            "variables": {
                "requester": "admin",
                "grants": [],
                "requesterName": "Soffid Administrator"
            },
            "comments": [],
            "processDefinition": 1054785,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1053984",
                "resourceType": "ProcessInstance"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance"
            ],
            "start": "2020-12-14 14:49:20",
            "currentTask": "Start",
            "description": "Permissions request",
            "end": "2021-01-29 08:25:28",
            "id": 1053984
        },
        {
            "dummyProcess": false,
            "variables": {
                "requester": "admin",
                "grants": [],
                "requesterName": "Soffid Administrator"
            },
            "comments": [],
            "processDefinition": 1946303,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1378380",
                "resourceType": "ProcessInstance"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance"
            ],
            "start": "2021-01-29 08:26:30",
            "currentTask": "Start",
            "description": "Permissions request",
            "id": 1378380
        },
        ...........
    ]
}
      

Query by id

Query a ProcessInstance by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/ProcessInstance/1378380
Response 200 OK
{
    "dummyProcess": false,
    "variables": {
        "requester": "admin",
        "grants": [],
        "requesterName": "Soffid Administrator"
    },
    "comments": [],
    "processDefinition": 1946303,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1378380",
        "resourceType": "ProcessInstance"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance"
    ],
    "start": "2021-01-29 08:26:30",
    "currentTask": "Start",
    "description": "Permissions request",
    "id": 1378380
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/ProcessInstance

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance"
    ],
    "dummyProcess": false,
    "variables": {
        "requester": "ckelp",
        "grants": [],
        "requesterName": "Casey Kelp"
    },
    "comments": [],
    "processDefinition": 1946303,
    "description": "Permissions request"
}
Response 201 Created
{
    "dummyProcess": false,
    "variables": {
        "requester": "ckelp",
        "grants": [],
        "requesterName": "Casey Kelp"
    },
    "comments": [],
    "processDefinition": 1946303,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1378380",
        "resourceType": "ProcessInstance"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance"
    ],
    "start": "2021-01-29 08:26:30",
    "currentTask": "Start",
    "description": "Permissions request",
    "id": 1378380
}

Update partial

Only attributes with changes will be updated, the other will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/GroupUser/1976741

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "start",
            "value": "2021-05-14 00:00:00"
        }
    ]
}
Response 200 OK
{
    "dummyProcess": false,
    "variables": {
        "requester": "admin",
        "grants": [],
        "requesterName": "Soffid Administrator"
    },
    "comments": [],
    "processDefinition": 1946303,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1378380",
        "resourceType": "ProcessInstance"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance"
    ],
    "start": "2021-05-14 00:00:00",
    "currentTask": "Start",
    "description": "Permissions request",
    "id": 1378380
}

Update all

This operation replaces all values in the ProcessInstance.

Request
PUT - http://<your-domain>/soffid/webservice/scim2/v1/ProcessInstance/1474138

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance"
    ],
    "id": 1378380,
    "dummyProcess": false,
    "variables": {
        "requester": "ckelp",
        "grants": [],
        "requesterName": "Casey Kelp"
    },
    "comments": ["comments"],
    "processDefinition": 1946303,
    "start": "2021-05-14 00:00:00",
    "currentTask": "Start",
    "description": "Permissions request"
    
}
Response 200 OK
{
    "dummyProcess": false,
    "variables": {
        "requester": "ckelp",
        "grants": [],
        "requesterName": "Casey Kelp"
    },
    "comments": [
        "comments"
    ],
    "processDefinition": 1946303,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1378380",
        "resourceType": "ProcessInstance"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance"
    ],
    "start": "2021-05-14 00:00:00",
    "currentTask": "Start",
    "description": "Permissions request",
    "id": 1378380
}

Delete

When you delete a ProcessInstance, it will be disabled, but never deleted from the database, this ProcessInstance will have an end date.

Please note after this delete, the ProcessInstance has to be created again to use it in the next examples.

Request
DELETE - http://<your-domain>/webservice/scim2/v1/ProcessInstance/1977873
Response 204 No Content
204 No Content

Error response

For more infomation about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM TaskInstance examples

Operations

This page shows the operations that can be performed for the TaskInstances object.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/TaskInstance
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 6,
    "startIndex": 1,
    "Resources": [
        {
            "variables": {
                "requester": "admin",
                "grants": [
                    {
                        "ownersString": "SOFFID_ADMIN ",
                        "comments": "",
                        "roleId": 393447,
                        "userFullName": "Soffid Administrator",
                        "owners": [
                            "SOFFID_ADMIN"
                        ],
                        "userName": "admin",
                        "approved": false,
                        "applicationDescription": "SOFFID Identity Manager",
                        "taskInstance": 1762656,
                        "schemas": [
                            "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo"
                        ],
                        "denied": false,
                        "roleDescription": "Accounting Manager",
                        "applicationName": "Container/Business 2/SOFFID"
                    }
                ],
                "requesterName": "Soffid Administrator"
            },
            "processDefinition": 1762352,
            "description": "Approve ",
            "pooledActors": [
                "SOFFID_ADMIN"
            ],
            "priority": 3,
            "transitions": [
                "Rechazar",
                "Aceptar"
            ],
            "dummyTask": false,
            "processName": "Modificar permisos",
            "processId": 1762544,
            "blocking": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1762656",
                "resourceType": "TaskInstance"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.TaskInstance"
            ],
            "name": "Approve",
            "create": "2021-03-30 19:57:35",
            "cancelled": false,
            "id": 1762656,
            "open": true,
            "signalling": true
        },
        {
            "variables": {
                "requester": "admin",
                "grants": [
                    {
                        "ownersString": "admin ",
                        "comments": "",
                        "roleId": 393447,
                        "userFullName": "Soffid Administrator",
                        "owners": [
                            "admin"
                        ],
                        "userName": "admin",
                        "approved": false,
                        "applicationDescription": "SOFFID Identity Manager",
                        "taskInstance": 1861549,
                        "schemas": [
                            "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo"
                        ],
                        "denied": false,
                        "roleDescription": "Accounting Manager",
                        "applicationName": "Operation/Business 2/SOFFID"
                    }
                ],
                "requesterName": "Soffid Administrator"
            },
            "processDefinition": 1946303,
            "description": "Approve pending permissions",
            "pooledActors": [
                "admin"
            ],
            "priority": 3,
            "transitions": [
                "Reject",
                "Approve"
            ],
            "dummyTask": false,
            "processName": "Permissions request",
            "processId": 1861537,
            "blocking": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1861549",
                "resourceType": "TaskInstance"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.TaskInstance"
            ],
            "name": "Approve",
            "create": "2021-04-17 21:00:46",
            "cancelled": false,
            "id": 1861549,
            "open": true,
            "signalling": true
        },
      ....................
    ]
}

List by filter

List all TaskInstances with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/TaskInstance?count=2&filter=processName eq "Permissions request" and name eq Approve
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 4,
    "startIndex": 1,
    "Resources": [
        {
            "variables": {
                "requester": "admin",
                "grants": [
                    {
                        "ownersString": "admin ",
                        "comments": "",
                        "roleId": 393447,
                        "userFullName": "Soffid Administrator",
                        "owners": [
                            "admin"
                        ],
                        "userName": "admin",
                        "approved": false,
                        "applicationDescription": "SOFFID Identity Manager",
                        "taskInstance": 1861549,
                        "schemas": [
                            "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo"
                        ],
                        "denied": false,
                        "roleDescription": "Accounting Manager",
                        "applicationName": "Operation/Business 2/SOFFID"
                    }
                ],
                "requesterName": "Soffid Administrator"
            },
            "processDefinition": 1946303,
            "description": "Approve pending permissions",
            "pooledActors": [
                "admin"
            ],
            "priority": 3,
            "transitions": [
                "Reject",
                "Approve"
            ],
            "dummyTask": false,
            "processName": "Permissions request",
            "processId": 1861537,
            "blocking": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1861549",
                "resourceType": "TaskInstance"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.TaskInstance"
            ],
            "name": "Approve",
            "create": "2021-04-17 21:00:46",
            "cancelled": false,
            "id": 1861549,
            "open": true,
            "signalling": true
        },
        {
            "variables": {
                "requester": "admin",
                "grants": [
                    {
                        "ownersString": "admin ",
                        "comments": "",
                        "roleId": 393103,
                        "userFullName": "Soffid Administrator",
                        "owners": [
                            "admin"
                        ],
                        "userName": "admin",
                        "approved": false,
                        "applicationDescription": "Active Directory",
                        "taskInstance": 1638273,
                        "schemas": [
                            "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo"
                        ],
                        "denied": false,
                        "roleDescription": "Enterprise Administrators",
                        "applicationName": "Container/Business process/ad"
                    }
                ],
                "requesterName": "Soffid Administrator"
            },
            "processDefinition": 1946303,
            "start": "2021-05-10 12:57:31",
            "description": "Approve pending permissions",
            "pooledActors": [
                "admin"
            ],
            "priority": 3,
            "transitions": [
                "Reject",
                "Approve"
            ],
            "dummyTask": false,
            "actorId": "admin",
            "processName": "Permissions request",
            "processId": 1638261,
            "blocking": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1638273",
                "resourceType": "TaskInstance"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.bpm.api.TaskInstance"
            ],
            "name": "Approve",
            "create": "2021-03-11 16:33:41",
            "cancelled": false,
            "id": 1638273,
            "open": true,
            "signalling": true
        },
      ..............
    ]
}

Query by id

Query a TaskInstance by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/TaskInstance/1861549
Response 200 OK
{
    "variables": {
        "requester": "admin",
        "grants": [
            {
                "ownersString": "admin ",
                "comments": "",
                "roleId": 393447,
                "userFullName": "Soffid Administrator",
                "owners": [
                    "admin"
                ],
                "userName": "admin",
                "approved": false,
                "applicationDescription": "SOFFID Identity Manager",
                "taskInstance": 1861549,
                "schemas": [
                    "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo"
                ],
                "denied": false,
                "roleDescription": "Accounting Manager",
                "applicationName": "Operation/Business 2/SOFFID"
            }
        ],
        "requesterName": "Soffid Administrator"
    },
    "processDefinition": 1946303,
    "description": "Approve pending permissions",
    "pooledActors": [
        "admin"
    ],
    "priority": 3,
    "transitions": [
        "Reject",
        "Approve"
    ],
    "dummyTask": false,
    "processName": "Permissions request",
    "processId": 1861537,
    "blocking": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1861549",
        "resourceType": "TaskInstance"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.bpm.api.TaskInstance"
    ],
    "name": "Approve",
    "create": "2021-04-17 21:00:46",
    "cancelled": false,
    "id": 1861549,
    "open": true,
    "signalling": true
}

Create

This operation is not allowed.

Update partial

Only attributes with changes will be updated, the other will mantain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/TaskInstance/1762656

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "blocking",
            "value": true
        }
    ]
}
Response 200 OK
{
    "variables": {
        "requester": "admin",
        "grants": [
            {
                "ownersString": "SOFFID_ADMIN ",
                "comments": "",
                "roleId": 393447,
                "userFullName": "Soffid Administrator",
                "owners": [
                    "SOFFID_ADMIN"
                ],
                "userName": "admin",
                "approved": false,
                "applicationDescription": "SOFFID Identity Manager",
                "taskInstance": 1762656,
                "schemas": [
                    "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo"
                ],
                "denied": false,
                "roleDescription": "Accounting Manager",
                "applicationName": "Container/Business 2/SOFFID"
            }
        ],
        "requesterName": "Soffid Administrator"
    },
    "processDefinition": 1762352,
    "description": "Approve ",
    "pooledActors": [
        "SOFFID_ADMIN"
    ],
    "priority": 3,
    "transitions": [
        "Rechazar",
        "Aceptar"
    ],
    "dummyTask": false,
    "processName": "Modificar permisos",
    "processId": 1762544,
    "blocking": true,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1762656",
        "resourceType": "TaskInstance"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.bpm.api.TaskInstance"
    ],
    "name": "Approve",
    "create": "2021-03-30 19:57:35",
    "cancelled": false,
    "id": 1762656,
    "open": true,
    "signalling": true
}

Update all

This operation replaces all values in the GroupUser.

Request
PUT http://<your-domain>/webservice/scim2/v1/TaskInstance/1762656

JSON

{
    "variables": {
        "requester": "admin",
        "grants": [
            {
                "ownersString": "SOFFID_ADMIN ",
                "comments": "",
                "roleId": 393447,
                "userFullName": "Soffid Administrator",
                "owners": [
                    "SOFFID_ADMIN"
                ],
                "userName": "admin",
                "approved": false,
                "applicationDescription": "SOFFID Identity Manager",
                "taskInstance": 1762656,
                "schemas": [
                    "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo"
                ],
                "denied": false,
                "roleDescription": "Accounting Manager",
                "applicationName": "Container/Business 2/SOFFID"
            }
        ],
        "requesterName": "Soffid Administrator"
    },
    "processDefinition": 1762352,
    "description": "Approve ",
    "pooledActors": [
        "SOFFID_ADMIN"
    ],
    "priority": 3,
    "transitions": [
        "Rechazar",
        "Aceptar"
    ],
    "dummyTask": false,
    "processName": "Modificar permisos",
    "processId": 1762544,
    "blocking": true,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1762656",
        "resourceType": "TaskInstance"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.bpm.api.TaskInstance"
    ],
    "name": "Approve",
    "create": "2021-03-30 19:57:35",
    "cancelled": false,
    "id": 1762656,
    "open": true,
    "signalling": true
}
Response 200 OK
{
    "variables": {
        "requester": "admin",
        "grants": [
            {
                "ownersString": "SOFFID_ADMIN ",
                "comments": "",
                "roleId": 393447,
                "userFullName": "Soffid Administrator",
                "owners": [
                    "SOFFID_ADMIN"
                ],
                "userName": "admin",
                "approved": false,
                "applicationDescription": "SOFFID Identity Manager",
                "taskInstance": 1762656,
                "schemas": [
                    "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo"
                ],
                "denied": false,
                "roleDescription": "Accounting Manager",
                "applicationName": "Container/Business 2/SOFFID"
            }
        ],
        "requesterName": "Soffid Administrator"
    },
    "processDefinition": 1762352,
    "description": "Approve ",
    "pooledActors": [
        "SOFFID_ADMIN"
    ],
    "priority": 3,
    "transitions": [
        "Rechazar",
        "Aceptar"
    ],
    "dummyTask": false,
    "processName": "Modificar permisos",
    "processId": 1762544,
    "blocking": true,
    "meta": {
        "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1762656",
        "resourceType": "TaskInstance"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.bpm.api.TaskInstance"
    ],
    "name": "Approve",
    "create": "2021-03-30 19:57:35",
    "cancelled": false,
    "id": 1762656,
    "open": true,
    "signalling": true
}

Delete

In this case, delete operation will cancel the TaskInstace, but does not be deleted form database.

Please note after this delete, the account has to be created again to use it in the next examples.

Request
DELETE - http://<your-domain>/soffid/webservice/scim2/v1/TaskInstance/1762656
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response


SCIM Issue examples

Operations

This page shows the operations that can be performed for the issue object.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Issue
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 4,
    "startIndex": 1,
    "Resources": [
        {
            "performedActions": "2023-06-09 07:17:25 admin Created\n2023-06-09 09:46:54 admin Acknowledged\n",
            "acknowledged": "2023-06-09 09:46:54",
            "created": "2023-06-09 07:17:25",
            "hosts": [],
            "meta": {
                "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/44656",
                "resourceType": "Issue"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Issue"
            ],
            "description": "Duplicated user bob bobm",
            "id": 44656,
            "type": "duplicated-user",
            "users": [
                {
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.IssueUser"
                    ],
                    "userName": "bob",
                    "userId": 3941
                },
                {
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.IssueUser"
                    ],
                    "userName": "bobm",
                    "userId": 3971
                }
            ],
            "status": "A"
        },
        {
            "acknowledged": "2023-06-09 08:55:49",
            "created": "2023-06-09 07:29:25",
            "hosts": [],
            "description": "Account etaylor@soffid has been locked",
            "solved": "2023-06-09 08:56:09",
            "type": "locked-account",
            "users": [
                {
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.IssueUser"
                    ],
                    "userName": "etaylor",
                    "userId": 3821
                }
            ],
            "performedActions": "2023-06-09 07:29:25 $$INTERNAL$$ Created\n2023-06-09 08:49:49 admin User etaylor is disabled\n2023-06-09 08:55:09 admin The account etaylor has been locked\n2023-06-09 08:55:41 admin Notify pgarcia@soffid.com\n2023-06-09 08:55:49 admin Acknowledged\n2023-06-09 08:55:53 admin The account etaylor has been unlocked\n2023-06-09 08:56:09 admin Solved\n",
            "meta": {
                "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/44672",
                "resourceType": "Issue"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Issue"
            ],
            "id": 44672,
            "account": {
                "lastLogin": "2023-06-09 07:28:11",
                "grantedRoles": [],
                "description": "Elizabeth Taylor",
                "type": "U",
                "lastUpdated": "2023-06-09 08:56:07",
                "ownerGroups": [],
                "loginName": "etaylor",
                "inheritNewPermissions": false,
                "disabled": false,
                "id": 4994,
                "managerGroups": [],
                "grantedGroups": [],
                "lastPasswordSet": "2023-06-09 07:28:14",
                "passwordExpiration": "2024-06-08 07:28:14",
                "passwordPolicy": "I",
                "accessLevel": "-",
                "managerRoles": [],
                "created": "2023-06-02 09:14:36",
                "hasSnapshot": false,
                "system": "soffid",
                "ownerRoles": [],
                "meta": {
                    "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account/4994",
                    "resourceType": "Account"
                },
                "schemas": [
                    "urn:soffid:com.soffid.iam.api.Account"
                ],
                "name": "etaylor",
                "managerUsers": [],
                "lastChange": "2023-06-09 08:55:53",
                "attributes": {},
                "status": "a",
                "ownerUsers": [
                    "etaylor"
                ],
                "grantedUsers": []
            },
            "status": "S"
        },
        {
            "performedActions": "2023-06-14 06:56:42 admin Created\n",
            "created": "2023-06-14 06:56:42",
            "hosts": [],
            "meta": {
                "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/56710",
                "resourceType": "Issue"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Issue"
            ],
            "description": "Duplicated user cdarwin cmartin etaylor",
            "id": 56710,
            "type": "duplicated-user",
            "users": [
                {
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.IssueUser"
                    ],
                    "userName": "cdarwin",
                    "userId": 4037
                },
                {
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.IssueUser"
                    ],
                    "userName": "cmartin",
                    "userId": 3890
                },
                {
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.IssueUser"
                    ],
                    "userName": "etaylor",
                    "userId": 3821
                }
            ],
            "status": "N"
        },
        {
            "performedActions": "2023-06-14 07:02:55 admin Created\n",
            "created": "2023-06-14 07:02:55",
            "hosts": [],
            "meta": {
                "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/56728",
                "resourceType": "Issue"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Issue"
            ],
            "description": "Duplicated user cdarwin cmartin etaylor",
            "id": 56728,
            "type": "duplicated-user",
            "users": [
                {
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.IssueUser"
                    ],
                    "userName": "cdarwin",
                    "userId": 4037
                },
                {
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.IssueUser"
                    ],
                    "userName": "cmartin",
                    "userId": 3890
                },
                {
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.IssueUser"
                    ],
                    "userName": "etaylor",
                    "userId": 3821
                }
            ],
            "status": "N"
        }
    ]
}

List by filter

List all Issues with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Issue?filter=type co "locked"
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 1,
    "startIndex": 1,
    "Resources": [
        {
            "acknowledged": "2023-06-09 08:55:49",
            "created": "2023-06-09 07:29:25",
            "hosts": [],
            "description": "Account etaylor@soffid has been locked",
            "solved": "2023-06-09 08:56:09",
            "type": "locked-account",
            "users": [
                {
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.IssueUser"
                    ],
                    "userName": "etaylor",
                    "userId": 3821
                }
            ],
            "performedActions": "2023-06-09 07:29:25 $$INTERNAL$$ Created\n2023-06-09 08:49:49 admin User etaylor is disabled\n2023-06-09 08:55:09 admin The account etaylor has been locked\n2023-06-09 08:55:41 admin Notify pgarcia@soffid.com\n2023-06-09 08:55:49 admin Acknowledged\n2023-06-09 08:55:53 admin The account etaylor has been unlocked\n2023-06-09 08:56:09 admin Solved\n",
            "meta": {
                "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/44672",
                "resourceType": "Issue"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Issue"
            ],
            "id": 44672,
            "account": {
                "lastLogin": "2023-06-09 07:28:11",
                "grantedRoles": [],
                "description": "Elizabeth Taylor",
                "type": "U",
                "lastUpdated": "2023-06-09 08:56:07",
                "ownerGroups": [],
                "loginName": "etaylor",
                "inheritNewPermissions": false,
                "disabled": false,
                "id": 4994,
                "managerGroups": [],
                "grantedGroups": [],
                "lastPasswordSet": "2023-06-09 07:28:14",
                "passwordExpiration": "2024-06-08 07:28:14",
                "passwordPolicy": "I",
                "accessLevel": "-",
                "managerRoles": [],
                "created": "2023-06-02 09:14:36",
                "hasSnapshot": false,
                "system": "soffid",
                "ownerRoles": [],
                "meta": {
                    "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account/4994",
                    "resourceType": "Account"
                },
                "schemas": [
                    "urn:soffid:com.soffid.iam.api.Account"
                ],
                "name": "etaylor",
                "managerUsers": [],
                "lastChange": "2023-06-09 08:55:53",
                "attributes": {},
                "status": "a",
                "ownerUsers": [
                    "etaylor"
                ],
                "grantedUsers": []
            },
            "status": "S"
        }
    ]
}

Query by id

Query an Issue by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Issue/44656
Response 200 OK
{
    "performedActions": "2023-06-09 07:17:25 admin Created\n2023-06-09 09:46:54 admin Acknowledged\n",
    "acknowledged": "2023-06-09 09:46:54",
    "created": "2023-06-09 07:17:25",
    "hosts": [],
    "meta": {
        "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/44656",
        "resourceType": "Issue"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Issue"
    ],
    "description": "Duplicated user bob bobm",
    "id": 44656,
    "type": "duplicated-user",
    "users": [
        {
            "schemas": [
                "urn:soffid:com.soffid.iam.api.IssueUser"
            ],
            "userName": "bob",
            "userId": 3941
        },
        {
            "schemas": [
                "urn:soffid:com.soffid.iam.api.IssueUser"
            ],
            "userName": "bobm",
            "userId": 3971
        }
    ],
    "status": "A"
}

Create

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/Issue

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Issue"
    ],
    "type" : "duplicated-user",
    "status" : "N",
    "created" : "2023-06-19 15:30:00",
    "users" : [{
                "schemas": [
                    "urn:soffid:com.soffid.iam.api.IssueUser"
                ],
                "userName": "bob",
                "userId": 3941
            },
            {
                "schemas": [
                    "urn:soffid:com.soffid.iam.api.IssueUser"
                ],
                "userName": "bobm",
                "userId": 3971
            }]
}
Response 201 Created
{
    "actor": "SOFFID_ADMIN@soffid",
    "performedActions": "2023-06-21 08:49:22 admin Created\n2023-06-21 08:49:22 admin Executed automatic task start-workflow\n2023-06-21 08:49:22 admin Executed automatic task run-script\n2023-06-21 08:49:22 admin Executed automatic task send-email\n",
    "created": "2023-06-21 08:49:22.516",
    "hosts": [],
    "meta": {
        "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/167879",
        "resourceType": "Issue"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Issue"
    ],
    "description": "Duplicated user bob bobm",
    "id": 169336,
    "type": "duplicated-user",
    "users": [
        {
            "schemas": [
                "urn:soffid:com.soffid.iam.api.IssueUser"
            ],
            "userName": "bob",
            "userId": 3941
        },
        {
            "schemas": [
                "urn:soffid:com.soffid.iam.api.IssueUser"
            ],
            "userName": "bobm",
            "userId": 3971
        }
    ],
    "status": "N"
}

Update partial

Only attributes with changes will be updated, the others will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/Issue/169336

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "status",
            "value": "A"
        }
    ]
}
Response 200 OK
{
    "performedActions": "2023-06-21 08:54:04 admin Created\n2023-06-21 08:58:59 admin Acknowledged\n",
    "acknowledged": "2023-06-21 08:58:59.605",
    "created": "2023-06-21 08:54:04",
    "hosts": [],
    "meta": {
        "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/169336",
        "resourceType": "Issue"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Issue"
    ],
    "description": "Duplicated user bobm bob",
    "id": 169336,
    "type": "duplicated-user",
    "users": [
        {
            "schemas": [
                "urn:soffid:com.soffid.iam.api.IssueUser"
            ],
            "userName": "bobm",
            "userId": 3971
        },
        {
            "schemas": [
                "urn:soffid:com.soffid.iam.api.IssueUser"
            ],
            "userName": "bob",
            "userId": 3941
        }
    ],
    "status": "A"
}

Update all

This operation replaces all values in the Issues.

Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/Issue/169336

JSON

{
    "performedActions": "2023-06-21 08:54:04 admin Created\n2023-06-21 08:58:59 admin Acknowledged\n",
    "acknowledged": "2023-06-21 08:58:59.605",
    "created": "2023-06-21 08:54:04",
    "hosts": [],
    "meta": {
        "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/169336",
        "resourceType": "Issue"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Issue"
    ],
    "description": "Duplicated user bobm bob",
    "id": 169336,
    "type": "duplicated-user",
    "users": [
        {
            "schemas": [
                "urn:soffid:com.soffid.iam.api.IssueUser"
            ],
            "userName": "bobm",
            "userId": 3971
        },
        {
            "schemas": [
                "urn:soffid:com.soffid.iam.api.IssueUser"
            ],
            "userName": "bob",
            "userId": 3941
        }
    ],
    "status": "S"
}
Response 200 OK
{
    "performedActions": "2023-06-21 08:54:04 admin Created\n2023-06-21 08:58:59 admin Acknowledged\n",
    "acknowledged": "2023-06-21 08:58:59",
    "created": "2023-06-21 08:54:04",
    "hosts": [],
    "meta": {
        "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/169336",
        "resourceType": "Issue"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Issue"
    ],
    "description": "Duplicated user bobm bob",
    "id": 169336,
    "type": "duplicated-user",
    "users": [
        {
            "schemas": [
                "urn:soffid:com.soffid.iam.api.IssueUser"
            ],
            "userName": "bobm",
            "userId": 3971
        },
        {
            "schemas": [
                "urn:soffid:com.soffid.iam.api.IssueUser"
            ],
            "userName": "bob",
            "userId": 3941
        }
    ],
    "status": "S"
}

Delete

This operation is not allowed.

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response