Skip to main content

Account resource data model

/Account

Dictionary table

The

diagranservice

Soffid

allows

It

to
AttributeTypeRequiredUpdatableDescriptionAdditional comment

id

Long

Yes

-

Primary keymodel of the accountobject: http://www.soffid.org/doc/console/2.9.0/uml/com/soffid/iam/api/Account.html

 

name

String

Yes

Yes

Name usedyou to identifyadd thecustomized account

 

description

String

-

Yes

Description of the account

 

type

AccountType

Yes

Yes

Acount Type. Values [ U | S | P | I ]

U=user, S=shared, P=privileged, I=Ignored

To create a user type account, a single user must be specified in ownerUsers attribute

system

String

-

Yes

System to assign access

Systems are managed in the IAM Console (Administration > Resources > Information Systems)

lastUpdated

Calendar

-

No

Last time the account has been updated

 

lastPasswordSet

Calendar

-

No

Last time the password of the account has been setted

 

passwordExpiration

Calendar

-

No

Expiration date of the password of the account

 

disabled

boolean

-

Yes

Account active (false) or disabled (true)

 

passwordPolicy

String

-

No

User type assigneddata to the accountgroup asobject. aYou user.can Bydo defaultthat "I"

New user types could be created in the IAM Console (Administration > Configure Soffid > Global Settings > User types)

vaultFolderId

Long

-

No

 

 

vaultFolder

String

-

No

 

 

inheritNewPermissions

boolean

-

No

 

 

loginUrl

String

-

No

 

 

attributes

Map<String, Object>

-

Yes

List of values of theon metadata attributes of the agente of the account

 

grantedGroups

Collection<Group>

-

Yes

List of groups assigned to an account

 

grantedUsers

Collection<User>

-

Yes

List of users assigned to an account

 

grantedRoles

Collection<Group>

-

Yes

List of roles assigned to an account

 

managerGroups

Collection<Role>

-

Yes

List of groups assigned to an account as managers

 

managerUsers

Collection<User>

-

Yes

List of users assigned to an account as managers

 

managerRoles

Collection<Role>

-

Yes

List of roles assigned to an account as a managers

 

ownerGroups

Collection<Group>

-

Yes

List of groups assigned to an account as owners

 

ownerUsers

Collection<User>

-

Yes

List of users assigned to an account as managers

 

ownerRoles

Collection<Role>

-

Yes

List of roles assigned to an account as managers

 

password

String

-

Yes

The password of the account

 

roles

List<Role>option:

  • idMain (Long)
  • Menu > Administration > Configure
  • roleNameSoffid > Global (String)
  • roleDescription (String)
  • informationSystemName (String)
  • domainValue (String)Settings > Metadata
is

-

allowed
consult

Yes

List<Role> → list ofall the rolesUser assigneddefinition tousing the accountSchema query:

  • id: id of the role
  • roleName: role name of the role
  • roleDescription: role description of the role
  • informationSystemName: application where the role is assigned
  • domainValue: domain value (if exists)

 

meta

ScimMeta

  • resourceType (String)
  • created (Date)
  • lastModified (Date)
  • location (String)

-

-

Additional information recommended in SCIM definition:

  • resourceType: Resource requested (in this case "Account")
  • created: user creation date
  • lastModified: last modification date of any user attributes
  • location: URL to the resource
    http://<your-domain>/webservice/scim/Account/<id>

These attributes are returned in the response

These attributes are not updatable

scim2/v1/Schemas/urn:soffid:com.soffid.iam.api.Account

Full JSON example

&&TODO&& Cambiar JSON

{
  "description": "Admin Admin",
  "type": "U",
  "inheritNewPermissions": false,
  "disabled": false,
  "id": 69,
  "roles": [
    {
      "role": 30
    }
  ],
  "grantedUsers": []
  "grantedGroups": [],
  "grantedRoles": [],
  "managerGroups": [],
  "managerRoles": [],
  "managerUsers": [],
  "ownerGroups": [],
  "ownerRoles": [],
  "ownerUsers": [],
  "passwordPolicy": "I",
  "system": "soffid",
  "meta": {
    "location": "http://<domain>/webservice/scim2/v1/Account/69",
    "resourceType": "Account"
  },
  "name": "admin",
  "attributes": {},
}