Skip to main content

SCIM Federation Members examples

Operations

This page shows the functions that can be performed for the Federation Member object.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/FederationMember
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 18,
    "startIndex": 1,
    "Resources": [
        {
            "classe": "S",
            "internal": false,
            "allowRecover": false,
            "disableSSL": false,
            "virtualIdentityProvider": [],
            "impersonations": [],
            "roles": [],
            "uidExpression": "userName",
            "entityGroup": {
                "metadataUrl": "test-2",
                "meta": {
                    "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683",
                    "resourceType": "EntityGroup"
                },
                "schemas": [
                    "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
                ],
                "name": "test-2",
                "id": 6780683
            },
            "keytabs": [],
            "metadades": "",
            "openidMechanism": [],
            "openidLogoutUrl": [],
            "meta": {
                "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6781666",
                "resourceType": "FederationMember"
            },
            "loginHintScript": "loginHint",
            "extendedAuthenticationMethods": [],
            "schemas": [
                "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember"
            ],
            "name": "Test-SAML-10",
            "openidUrl": [],
            "id": 6781666,
            "allowRegister": false,
            "publicId": "publicId-10",
            "serviceProviderType": "saml"
        },
        {
            "classe": "S",
            "internal": false,
            "allowRecover": false,
            "disableSSL": false,
            "virtualIdentityProvider": [],
            "impersonations": [],
            "roles": [],
            "entityGroup": {
                "metadataUrl": "test-2",
                "meta": {
                    "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683",
                    "resourceType": "EntityGroup"
                },
                "schemas": [
                    "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
                ],
                "name": "test-2",
                "id": 6780683
            },
            "keytabs": [],
            "openidMechanism": [],
            "openidLogoutUrl": [],
            "meta": {
                "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6781669",
                "resourceType": "FederationMember"
            },
            "loginHintScript": "loginHint",
            "extendedAuthenticationMethods": [],
            "schemas": [
                "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember"
            ],
            "name": "Test-SAML-11",
            "openidUrl": [],
            "id": 6781669,
            "allowRegister": false,
            "publicId": "publicId-11",
            "serviceProviderType": "saml"
        },
      ............
      ]
 }

List by filter

List all entity groups with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/FederationMember?filter=name co "Dynamic"
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 2,
    "startIndex": 1,
    "Resources": [
        {
            "internal": false,
            "allowRecover": false,
            "disableSSL": false,
            "virtualIdentityProvider": [],
            "impersonations": [],
            "roles": [
                "SOFFID_USER@soffid"
            ],
            "registrationTokenExpiration": "2023-11-09 07:57:20",
            "entityGroup": {
                "meta": {
                    "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/5462422",
                    "resourceType": "EntityGroup"
                },
                "schemas": [
                    "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
                ],
                "name": "test-demoIdP",
                "id": 5462422
            },
            "openidMechanism": [
                "PA",
                "AC"
            ],
            "loginHintScript": "loginHint",
            "id": 6617976,
            "maxRegistrations": 2,
            "serviceProviderType": "openid-dynamic-register",
            "classe": "S",
            "keytabs": [],
            "allowedScopes": [
                {
                    "meta": {
                        "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6617980",
                        "resourceType": "AllowedScope"
                    },
                    "scope": "openid",
                    "roles": [],
                    "schemas": [
                        "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope"
                    ],
                    "id": 6617980
                },
                {
                    "meta": {
                        "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6617977",
                        "resourceType": "AllowedScope"
                    },
                    "scope": "*",
                    "roles": [],
                    "schemas": [
                        "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope"
                    ],
                    "id": 6617977
                }
            ],
            "registrationToken": {
                "schemas": [
                    "urn:soffid:com.soffid.iam.addons.federation.api.Digest"
                ]
            },
            "openidLogoutUrl": [],
            "meta": {
                "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6617976",
                "resourceType": "FederationMember"
            },
            "extendedAuthenticationMethods": [],
            "schemas": [
                "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember"
            ],
            "name": "Dynamic Register SP",
            "openidUrl": [],
            "allowRegister": false,
            "publicId": "DR"
        },
        {
            "internal": false,
            "allowRecover": false,
            "disableSSL": false,
            "virtualIdentityProvider": [],
            "impersonations": [],
            "roles": [
                "SOFFID_USER@soffid"
            ],
            "registrationTokenExpiration": "2022-11-10 00:00:00",
            "entityGroup": {
                "meta": {
                    "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/5462422",
                    "resourceType": "EntityGroup"
                },
                "schemas": [
                    "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
                ],
                "name": "test-demoIdP",
                "id": 5462422
            },
            "openidMechanism": [],
            "loginHintScript": "loginHint",
            "id": 6622589,
            "maxRegistrations": 1,
            "serviceProviderType": "openid-dynamic-register",
            "classe": "S",
            "keytabs": [],
            "allowedScopes": [
                {
                    "meta": {
                        "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6622593",
                        "resourceType": "AllowedScope"
                    },
                    "scope": "*",
                    "roles": [],
                    "schemas": [
                        "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope"
                    ],
                    "id": 6622593
                },
                {
                    "meta": {
                        "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6622594",
                        "resourceType": "AllowedScope"
                    },
                    "scope": "openid",
                    "roles": [],
                    "schemas": [
                        "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope"
                    ],
                    "id": 6622594
                }
            ],
            "registrationToken": {
                "schemas": [
                    "urn:soffid:com.soffid.iam.addons.federation.api.Digest"
                ]
            },
            "openidLogoutUrl": [],
            "meta": {
                "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6622589",
                "resourceType": "FederationMember"
            },
            "extendedAuthenticationMethods": [],
            "schemas": [
                "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember"
            ],
            "name": "Dynamic Register SP 2",
            "openidUrl": [],
            "allowRegister": false,
            "publicId": "DR2"
        }
    ]
}

Query by id

Query a federation member by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/FederationMember/6617976
Response 200 OK
{
    "internal": false,
    "allowRecover": false,
    "disableSSL": false,
    "virtualIdentityProvider": [],
    "impersonations": [],
    "roles": [
        "SOFFID_USER@soffid"
    ],
    "registrationTokenExpiration": "2023-11-09 07:57:20",
    "entityGroup": {
        "meta": {
            "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/5462422",
            "resourceType": "EntityGroup"
        },
        "schemas": [
            "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
        ],
        "name": "test-demoIdP",
        "id": 5462422
    },
    "openidMechanism": [
        "PA",
        "AC"
    ],
    "loginHintScript": "loginHint",
    "id": 6617976,
    "maxRegistrations": 2,
    "serviceProviderType": "openid-dynamic-register",
    "classe": "S",
    "keytabs": [],
    "allowedScopes": [
        {
            "meta": {
                "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6617980",
                "resourceType": "AllowedScope"
            },
            "scope": "openid",
            "roles": [],
            "schemas": [
                "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope"
            ],
            "id": 6617980
        },
        {
            "meta": {
                "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6617977",
                "resourceType": "AllowedScope"
            },
            "scope": "*",
            "roles": [],
            "schemas": [
                "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope"
            ],
            "id": 6617977
        }
    ],
    "registrationToken": {
        "schemas": [
            "urn:soffid:com.soffid.iam.addons.federation.api.Digest"
        ]
    },
    "openidLogoutUrl": [],
    "meta": {
        "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6617976",
        "resourceType": "FederationMember"
    },
    "extendedAuthenticationMethods": [],
    "schemas": [
        "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember"
    ],
    "name": "Dynamic Register SP",
    "openidUrl": [],
    "allowRegister": false,
    "publicId": "DR"
}

Create (SAML)

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/FederationMember

JSON

{
    "name": "App SAML Cloud" ,
    "publicId" : "http://<YOUR-SERVER>:8090/apps/user_saml/saml/metadata", 
    "classe": "S",
    "serviceProviderType": "saml",
    "entityGroup": {
        "meta": {
            "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683",
            "resourceType": "EntityGroup"
        },
        "schemas": [
            "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
        ],
       "name": "test-2",
       "id": 6780683
    } 
}
Response 201 Created
{
    "classe": "S",
    "internal": false,
    "allowRecover": false,
    "disableSSL": false,
    "virtualIdentityProvider": [],
    "impersonations": [],
    "roles": [],
    "idpType": "saml",
    "entityGroup": {
        "metadataUrl": "test-2",
        "meta": {
            "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683",
            "resourceType": "EntityGroup"
        },
        "schemas": [
            "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
        ],
        "name": "test-2",
        "id": 6780683
    },
    "keytabs": [],
    "allowedScopes": [
        {
            "scope": "*",
            "roles": [],
            "schemas": [
                "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope"
            ]
        },
        {
            "scope": "openid",
            "roles": [],
            "schemas": [
                "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope"
            ]
        }
    ],
    "openidMechanism": [],
    "openidLogoutUrl": [],
    "meta": {
        "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6783374",
        "resourceType": "FederationMember"
    },
    "loginHintScript": "loginHint",
    "extendedAuthenticationMethods": [],
    "schemas": [
        "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember"
    ],
    "name": "App SAML Cloud",
    "openidUrl": [],
    "id": 6783374,
    "allowRegister": false,
    "publicId": "http://<YOUR-SERVER>:8090/apps/user_saml/saml/metadata",
    "serviceProviderType": "saml"
}

Create (SAML API client)

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/FederationMember

JSON

{
    "name": "Test-IdP" ,
    "publicId" : "https://some.idp.com/identifier/", 
    "classe": "S",
    "serviceProviderType": "saml",
    "entityGroup": {
        "meta": {
            "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683",
            "resourceType": "EntityGroup"
        },
        "schemas": [
            "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
        ],
       "name": "test-2",
        "id": 6780683
    }
}
Response 201 Created
{
    "classe": "S",
    "internal": false,
    "allowRecover": false,
    "disableSSL": false,
    "virtualIdentityProvider": [],
    "impersonations": [],
    "roles": [],
    "entityGroup": {
        "metadataUrl": "test-2",
        "meta": {
            "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683",
            "resourceType": "EntityGroup"
        },
        "schemas": [
            "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
        ],
        "name": "test-2",
        "id": 6780683
    },
    "keytabs": [],
    "openidMechanism": [],
    "openidLogoutUrl": [],
    "meta": {
        "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6784752",
        "resourceType": "FederationMember"
    },
    "loginHintScript": "loginHint",
    "extendedAuthenticationMethods": [],
    "schemas": [
        "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember"
    ],
    "name": "Test-IdP",
    "openidUrl": [],
    "id": 6784752,
    "allowRegister": false,
    "publicId": "https://some.idp.com/identifier/",
    "serviceProviderType": "saml"
}

Create

 

Update partial

Only attributes with changes will be updated, the others will maintain the same value.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/EntityGroup/6780695

JSON

 {
    "Operations" : [
        {
            "op" : "replace",
            "path" : "name",
            "value": "SP Cloud"
        },
        {
            "op" : "replace",
            "path" : "metadataUrl",
            "value": "SP Cloud"
        }
    ]
}
Response 200 OK
{
    "metadataUrl": "SP Cloud",
    "meta": {
        "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780695",
        "resourceType": "EntityGroup"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
    ],
    "name": "SP Cloud",
    "id": 6780695
}

Update all

This operation replaces all values in the entity group.

  • Note that the attribute id is required to confirm that the resource "...EntityGroup/<id>" is the same that the JSON EntityGroup.
  • Note that all the attributes not included in the request will be cleared in the EntityGroup and their data will be lost.
  • Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information see the Resource data model page
Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/EntityGroup/1976590

JSON

{
    "metadataUrl": "SP Cloud Test",
    "schemas": [
        "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
    ],
    "name": "SP Cloud Test",
    "id": 6780695
}
Response 200 OK
{
    "metadataUrl": "SP Cloud Test",
    "meta": {
        "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780695",
        "resourceType": "EntityGroup"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup"
    ],
    "name": "SP Cloud Test",
    "id": 6780695
}

Delete

Please note, after this deletion, the entity group has to be created again to use it in the following examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/EntityGroup/6780695
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response