Skip to main content

SCIM RoleAccount examples

Operations

This page shows the operations that can be performed for the object that establishes the relationship between roles and accounts. You can assign, revoke and or modify roles to an account.

List all

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 3530,
    "startIndex": 1,
    "itemsPerPage": 100,
    "Resources": [
        {
            "certificationDate": "2020-02-13 23:01:44",
            "accountSystem": "soffid",
            "accountName": "admin",
            "userGroupCode": "admingroup",
            "approvalPending": false,
            "userFullName": "Soffid Administrator",
            "bpmEnforced": "S",
            "userCode": "admin",
            "enabled": true,
            "accountId": 103,
            "informationSystemName": "Operation/Business 2/SOFFID",
            "system": "soffid",
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/110",
                "resourceType": "RoleAccount"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.RoleAccount"
            ],
            "roleName": "SOFFID_ADMIN",
            "removalPending": false,
            "id": 110,
            "roleDescription": "SOFFID Administrator",
            "startDate": "2020-02-13 12:00:00"
        },
        {
            "certificationDate": "2020-12-15 10:48:44",
            "accountSystem": "soffid",
            "accountName": "admin",
            "userGroupCode": "admingroup",
            "approvalPending": false,
            "userFullName": "Soffid Administrator",
            "bpmEnforced": "N",
            "userCode": "admin",
            "ruleDescription": "Grants soffid user role to everyone",
            "enabled": true,
            "accountId": 103,
            "informationSystemName": "Operation/Business 2/SOFFID",
            "system": "soffid",
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/1059370",
                "resourceType": "RoleAccount"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.RoleAccount"
            ],
            "roleName": "SOFFID_USER",
            "removalPending": false,
            "id": 1059370,
            "ruleId": 1059365,
            "roleDescription": "Soffid user",
            "startDate": "2020-12-15 00:00:00"
        },
      ................
    ]
}

List by filter

List all RoleAccounts with a filter expression.

It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount?filter=enabled eq true  and system eq soffid
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 67,
    "startIndex": 1,
    "Resources": [
        {
            "certificationDate": "2020-02-13 23:01:44",
            "accountSystem": "soffid",
            "accountName": "admin",
            "userGroupCode": "admingroup",
            "approvalPending": false,
            "userFullName": "Soffid Administrator",
            "bpmEnforced": "S",
            "userCode": "admin",
            "enabled": true,
            "accountId": 103,
            "informationSystemName": "Operation/Business 2/SOFFID",
            "system": "soffid",
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/110",
                "resourceType": "RoleAccount"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.RoleAccount"
            ],
            "roleName": "SOFFID_ADMIN",
            "removalPending": false,
            "id": 110,
            "roleDescription": "SOFFID Administrator",
            "startDate": "2020-02-13 12:00:00"
        },
        {
            "certificationDate": "2020-12-13 19:30:51",
            "accountSystem": "soffid",
            "accountName": "gbuades",
            "userGroupCode": "enterprise",
            "approvalPending": false,
            "userFullName": "Gabriel Buades ..",
            "bpmEnforced": "S",
            "userCode": "gbuades",
            "enabled": true,
            "accountId": 1039860,
            "informationSystemName": "Operation/Business 2/SOFFID",
            "system": "soffid",
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/1039866",
                "resourceType": "RoleAccount"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.RoleAccount"
            ],
            "roleName": "SOFFID_ADMIN",
            "removalPending": false,
            "id": 1039866,
            "roleDescription": "SOFFID Administrator",
            "startDate": "2020-12-13 12:00:00"
        },
      ...................
    ]
}

Query by id

Query a RoleAccount by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount/110
Response 200 OK
{
    "certificationDate": "2020-02-13 23:01:44",
    "accountSystem": "soffid",
    "accountName": "admin",
    "userGroupCode": "admingroup",
    "approvalPending": false,
    "userFullName": "Soffid Administrator",
    "bpmEnforced": "S",
    "userCode": "admin",
    "enabled": true,
    "accountId": 103,
    "informationSystemName": "Operation/Business 2/SOFFID",
    "system": "soffid",
    "meta": {
        "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/110",
        "resourceType": "RoleAccount"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.RoleAccount"
    ],
    "roleName": "SOFFID_ADMIN",
    "removalPending": false,
    "id": 110,
    "roleDescription": "SOFFID Administrator",
    "startDate": "2020-02-13 12:00:00"
}

Create

This option allows you to assign a role to a specific account.

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.RoleAccount"
    ],
    "accountName": "ckelp",
    "userFullName": "Casey Kelp",
    "informationSystemName": "Operation/Business 2/SOFFID",
    "system": "soffid",
    "roleName": "SOFFID_ADMIN",
    "roleDescription": "SOFFID Administrator",
    "bpmEnforced": "N",
    "enabled": true,
    "approvalPending": false,
    "certificationDate": "2021-05-10 12:00:00",
    "startDate": "2021-05-10 12:00:00"
}
Response 201 Created
{
    "certificationDate": "2021-05-12 07:20:36",
    "accountSystem": "soffid",
    "accountName": "ckelp",
    "userGroupCode": "it",
    "approvalPending": false,
    "userFullName": "Casey Kelp",
    "bpmEnforced": "S",
    "userCode": "ckelp",
    "enabled": true,
    "accountId": 1976677,
    "informationSystemName": "Operation/Business 2/SOFFID",
    "system": "soffid",
    "meta": {
        "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/1976862",
        "resourceType": "RoleAccount"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.RoleAccount"
    ],
    "roleName": "SOFFID_ADMIN",
    "removalPending": false,
    "id": 1976862,
    "roleDescription": "SOFFID Administrator",
    "startDate": "2021-05-10 12:00:00"
}

Update partial 

Only attributes with changes will be updated, the other will maintain the same value.

In this case, only attributes "startDate" and "endDate" can be modified.

Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount/1976862

JSON

{
    "Operations": [
        {
            "op": "replace",
            "path": "startDate",
            "value": "2021-05-14 12:00:00"
        }
    ]
}
Response 200 OK
{
    "certificationDate": "2021-05-12 07:20:36",
    "accountSystem": "soffid",
    "accountName": "ckelp",
    "userGroupCode": "it",
    "approvalPending": false,
    "userFullName": "Casey Kelp",
    "bpmEnforced": "S",
    "userCode": "ckelp",
    "enabled": true,
    "accountId": 1976677,
    "informationSystemName": "Operation/Business 2/SOFFID",
    "system": "soffid",
    "meta": {
        "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/1976862",
        "resourceType": "RoleAccount"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.RoleAccount"
    ],
    "roleName": "SOFFID_ADMIN",
    "removalPending": false,
    "id": 1976862,
    "roleDescription": "SOFFID Administrator",
    "startDate": "2021-05-14 12:00:00"
}

Delete

This option allows you to revoke a role to a specific account.

If you have installed the User snapshot backup addon when you delete a RoleAccount, it will be disabled, but never deleted from the database. If you don not have installed the User snapshot backup addon, when you delete the RoleAccount, it will be deleted from the database.

Please note after this delete, the RoleAccount has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/RoleAccount/1976862
Response 204 No Content
204 No Content

Error response

For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response