Account resource data model
/Account
Dictionary table
The
diagran service Attribute |
Type |
Required |
Updatable |
Description |
Additional comment |
id
|
Long
|
Yes
|
-
|
Primary keymodel of the accountobject: http://www.soffid.org/doc/console/2.9.0/uml/com/soffid/iam/api/Account.html
| Soffid
| allows
name
|
String
|
Yes
|
Yes
|
Name usedyou to identifyadd thecustomized account
|
|
description
|
String
|
-
|
Yes
|
Description of the account
|
|
type
|
AccountType
|
Yes
|
Yes
|
Acount Type. Values [ U | S | P | I ]
|
U=user, S=shared, P=privileged, I=Ignored
To create a user type account, a single user must be specified in ownerUsers attribute
|
system
|
String
|
-
|
Yes
|
System to assign access
|
Systems are managed in the IAM Console (Administration > Resources > Information Systems)
|
lastUpdated
|
Calendar
|
-
|
No
|
Last time the account has been updated
|
|
lastPasswordSet
|
Calendar
|
-
|
No
|
Last time the password of the account has been setted
|
|
passwordExpiration
|
Calendar
|
-
|
No
|
Expiration date of the password of the account
|
|
disabled
|
boolean
|
-
|
Yes
|
Account active (false) or disabled (true)
|
|
passwordPolicy
|
String
|
-
|
No
|
User type assigneddata to the accountgroup asobject. aYou user.can Bydo defaultthat "I"
|
New user types could be created in the IAM Console (Administration > Configure Soffid > Global Settings > User types)
|
vaultFolderId
|
Long
|
-
|
No
|
|
|
vaultFolder
|
String
|
-
|
No
|
|
|
inheritNewPermissions
|
boolean
|
-
|
No
|
|
|
loginUrl
|
String
|
-
|
No
|
|
|
attributes
|
Map<String, Object>
|
-
|
Yes
|
List of values of theon metadata attributes of the agente of the account
|
|
grantedGroups
|
Collection<Group>
|
-
|
Yes
|
List of groups assigned to an account
|
|
grantedUsers
|
Collection<User>
|
-
|
Yes
|
List of users assigned to an account
|
|
grantedRoles
|
Collection<Group>
|
-
|
Yes
|
List of roles assigned to an account
|
|
managerGroups
|
Collection<Role>
|
-
|
Yes
|
List of groups assigned to an account as managers
|
|
managerUsers
|
Collection<User>
|
-
|
Yes
|
List of users assigned to an account as managers
|
|
managerRoles
|
Collection<Role>
|
-
|
Yes
|
List of roles assigned to an account as a managers
|
|
ownerGroups
|
Collection<Group>
|
-
|
Yes
|
List of groups assigned to an account as owners
|
|
ownerUsers
|
Collection<User>
|
-
|
Yes
|
List of users assigned to an account as managers
|
|
ownerRoles
|
Collection<Role>
|
-
|
Yes
|
List of roles assigned to an account as managers
|
|
password
|
String
|
-
|
Yes
|
The password of the account
|
|
roles
|
List<Role>option:
idMain (Long) Menu > Administration > Configure roleNameSoffid > Global (String)
roleDescription (String)
informationSystemName (String)
domainValue (String)Settings > Metadata
| It
is - allowed | to consult Yes
|
List<Role> → list ofall the rolesUser assigneddefinition tousing the accountSchema query:
id: id of the role
roleName: role name of the role
roleDescription: role description of the role
informationSystemName: application where the role is assigned
domainValue: domain value (if exists)
|
|
meta
|
ScimMeta
resourceType (String)
created (Date)
lastModified (Date)
location (String)
|
-
|
-
|
Additional information recommended in SCIM definition:
|
These attributes are returned in the response
These attributes are not updatable
|
scim2/v1/Schemas/urn:soffid:com.soffid.iam.api.Account
Full JSON example
&&TODO&& Cambiar JSON
{
"description": "Admin Admin",
"type": "U",
"inheritNewPermissions": false,
"disabled": false,
"id": 69,
"roles": [
{
"role": 30
}
],
"grantedUsers": []
"grantedGroups": [],
"grantedRoles": [],
"managerGroups": [],
"managerRoles": [],
"managerUsers": [],
"ownerGroups": [],
"ownerRoles": [],
"ownerUsers": [],
"passwordPolicy": "I",
"system": "soffid",
"meta": {
"location": "http://<domain>/webservice/scim2/v1/Account/69",
"resourceType": "Account"
},
"name": "admin",
"attributes": {},
}