Account resource data model

/Account

Dictionary table

Attribute	Type	Required	Updatable	Description	Additional comment
id	Long	Yes	-	Primary key of the account
name	String	Yes	Yes	Name used to identify the account
description	String	-	Yes	Description of the account
type	AccountType	Yes	Yes	Acount Type. Values [ U \| S \| P \| I ]	U=user, S=shared, P=privileged, I=Ignored To create a user type account, a single user must be specified in ownerUsers attribute
system	String	-	Yes	System to assign access	Systems are managed in the IAM Console (Administration > Resources > Information Systems)
lastUpdated	Calendar	-	No	Last time the account has been updated
lastPasswordSet	Calendar	-	No	Last time the password of the account has been setted
passwordExpiration	Calendar	-	No	Expiration date of the password of the account
disabled	boolean	-	Yes	Account active (false) or disabled (true)
passwordPolicy	String	-	No	User type assigned to the account as a user. By default "I"	New user types could be created in the IAM Console (Administration > Configure Soffid > Global Settings > User types)
vaultFolderId	Long	-	No
vaultFolder	String	-	No
inheritNewPermissions	boolean	-	No
loginUrl	String	-	No
attributes	Map<String, Object>	-	Yes	List of values of the metadata attributes of the agente of the account
grantedGroups	Collection<Group>	-	Yes	List of groups assigned to an account
grantedUsers	Collection<User>	-	Yes	List of users assigned to an account
grantedRoles	Collection<Group>	-	Yes	List of roles assigned to an account
managerGroups	Collection<Role>	-	Yes	List of groups assigned to an account as managers
managerUsers	Collection<User>	-	Yes	List of users assigned to an account as managers
managerRoles	Collection<Role>	-	Yes	List of roles assigned to an account as a managers
ownerGroups	Collection<Group>	-	Yes	List of groups assigned to an account as owners
ownerUsers	Collection<User>	-	Yes	List of users assigned to an account as managers
ownerRoles	Collection<Role>	-	Yes	List of roles assigned to an account as managers
password	String	-	Yes	The password of the account
roles	List<Role> id (Long) roleName (String) roleDescription (String) informationSystemName (String) domainValue (String)	-	Yes	List<Role> → list of the roles assigned to the account id: id of the role roleName: role name of the role roleDescription: role description of the role informationSystemName: application where the role is assigned domainValue: domain value (if exists)
meta	ScimMeta resourceType (String) created (Date) lastModified (Date) location (String)	-	-	Additional information recommended in SCIM definition: resourceType: Resource requested (in this case "Account") created: user creation date lastModified: last modification date of any user attributes location: URL to the resource <domain>/webservice/scim/Account/<id>	These attributes are returned in the response These attributes are not updatable

Full JSON example

{
  "description": "Admin Admin",
  "type": "U",
  "inheritNewPermissions": false,
  "disabled": false,
  "id": 69,
  "roles": [
    {
      "role": 30
    }
  ],
  "grantedUsers": []
  "grantedGroups": [],
  "grantedRoles": [],
  "managerGroups": [],
  "managerRoles": [],
  "managerUsers": [],
  "ownerGroups": [],
  "ownerRoles": [],
  "ownerUsers": [],
  "passwordPolicy": "I",
  "system": "soffid",
  "meta": {
    "location": "http://<domain>/webservice/scim2/v1/Account/69",
    "resourceType": "Account"
  },
  "name": "admin",
  "attributes": {},
}