SCIM RoleAccount examples
Operations
This page shows the operations that can be performed for the object that establishes the relationship between roles and accounts. You can assign, revoke and or modify roles to an account.
List all
Request
GET http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount
Response 200 OK
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 3530,
"startIndex": 1,
"itemsPerPage": 100,
"Resources": [
{
"certificationDate": "2020-02-13 23:01:44",
"accountSystem": "soffid",
"accountName": "admin",
"userGroupCode": "admingroup",
"approvalPending": false,
"userFullName": "Soffid Administrator",
"bpmEnforced": "S",
"userCode": "admin",
"enabled": true,
"accountId": 103,
"informationSystemName": "Operation/Business 2/SOFFID",
"system": "soffid",
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/110",
"resourceType": "RoleAccount"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.RoleAccount"
],
"roleName": "SOFFID_ADMIN",
"removalPending": false,
"id": 110,
"roleDescription": "SOFFID Administrator",
"startDate": "2020-02-13 12:00:00"
},
{
"certificationDate": "2020-12-15 10:48:44",
"accountSystem": "soffid",
"accountName": "admin",
"userGroupCode": "admingroup",
"approvalPending": false,
"userFullName": "Soffid Administrator",
"bpmEnforced": "N",
"userCode": "admin",
"ruleDescription": "Grants soffid user role to everyone",
"enabled": true,
"accountId": 103,
"informationSystemName": "Operation/Business 2/SOFFID",
"system": "soffid",
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/1059370",
"resourceType": "RoleAccount"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.RoleAccount"
],
"roleName": "SOFFID_USER",
"removalPending": false,
"id": 1059370,
"ruleId": 1059365,
"roleDescription": "Soffid user",
"startDate": "2020-12-15 00:00:00"
},
................
]
}
List by filter
List all RoleAccounts with a filter expression.
It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information.
Request
GET http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount?filter=enabled eq true and system eq soffid
Response 200 OK
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 67,
"startIndex": 1,
"Resources": [
{
"certificationDate": "2020-02-13 23:01:44",
"accountSystem": "soffid",
"accountName": "admin",
"userGroupCode": "admingroup",
"approvalPending": false,
"userFullName": "Soffid Administrator",
"bpmEnforced": "S",
"userCode": "admin",
"enabled": true,
"accountId": 103,
"informationSystemName": "Operation/Business 2/SOFFID",
"system": "soffid",
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/110",
"resourceType": "RoleAccount"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.RoleAccount"
],
"roleName": "SOFFID_ADMIN",
"removalPending": false,
"id": 110,
"roleDescription": "SOFFID Administrator",
"startDate": "2020-02-13 12:00:00"
},
{
"certificationDate": "2020-12-13 19:30:51",
"accountSystem": "soffid",
"accountName": "gbuades",
"userGroupCode": "enterprise",
"approvalPending": false,
"userFullName": "Gabriel Buades ..",
"bpmEnforced": "S",
"userCode": "gbuades",
"enabled": true,
"accountId": 1039860,
"informationSystemName": "Operation/Business 2/SOFFID",
"system": "soffid",
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/1039866",
"resourceType": "RoleAccount"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.RoleAccount"
],
"roleName": "SOFFID_ADMIN",
"removalPending": false,
"id": 1039866,
"roleDescription": "SOFFID Administrator",
"startDate": "2020-12-13 12:00:00"
},
...................
]
}
Query by id
Query a RoleAccount by its id (primary key).
Request
GET http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount/110
Response 200 OK
{
"certificationDate": "2020-02-13 23:01:44",
"accountSystem": "soffid",
"accountName": "admin",
"userGroupCode": "admingroup",
"approvalPending": false,
"userFullName": "Soffid Administrator",
"bpmEnforced": "S",
"userCode": "admin",
"enabled": true,
"accountId": 103,
"informationSystemName": "Operation/Business 2/SOFFID",
"system": "soffid",
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/110",
"resourceType": "RoleAccount"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.RoleAccount"
],
"roleName": "SOFFID_ADMIN",
"removalPending": false,
"id": 110,
"roleDescription": "SOFFID Administrator",
"startDate": "2020-02-13 12:00:00"
}
Create
This option allows you to assign a role to a specific account.
Request
POST http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount
JSON
{
"schemas": [
"urn:soffid:com.soffid.iam.api.RoleAccount"
],
"accountName": "ckelp",
"userFullName": "Casey Kelp",
"informationSystemName": "Operation/Business 2/SOFFID",
"system": "soffid",
"roleName": "SOFFID_ADMIN",
"roleDescription": "SOFFID Administrator",
"bpmEnforced": "N",
"enabled": true,
"approvalPending": false,
"certificationDate": "2021-05-10 12:00:00",
"startDate": "2021-05-10 12:00:00"
}
Response 201 Created
{
"certificationDate": "2021-05-12 07:20:36",
"accountSystem": "soffid",
"accountName": "ckelp",
"userGroupCode": "it",
"approvalPending": false,
"userFullName": "Casey Kelp",
"bpmEnforced": "S",
"userCode": "ckelp",
"enabled": true,
"accountId": 1976677,
"informationSystemName": "Operation/Business 2/SOFFID",
"system": "soffid",
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/1976862",
"resourceType": "RoleAccount"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.RoleAccount"
],
"roleName": "SOFFID_ADMIN",
"removalPending": false,
"id": 1976862,
"roleDescription": "SOFFID Administrator",
"startDate": "2021-05-10 12:00:00"
}
Update partial
Only attributes with changes will be updated, the other will maintain the same value.
In this case, only attributes "startDate" and "endDate" can be modified.
Request
PATCH http://<your-domain>/soffid/webservice/scim2/v1/RoleAccount/1976862
JSON
{
"Operations": [
{
"op": "replace",
"path": "startDate",
"value": "2021-05-14 12:00:00"
}
]
}
Response 200 OK
{
"certificationDate": "2021-05-12 07:20:36",
"accountSystem": "soffid",
"accountName": "ckelp",
"userGroupCode": "it",
"approvalPending": false,
"userFullName": "Casey Kelp",
"bpmEnforced": "S",
"userCode": "ckelp",
"enabled": true,
"accountId": 1976677,
"informationSystemName": "Operation/Business 2/SOFFID",
"system": "soffid",
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount/1976862",
"resourceType": "RoleAccount"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.RoleAccount"
],
"roleName": "SOFFID_ADMIN",
"removalPending": false,
"id": 1976862,
"roleDescription": "SOFFID Administrator",
"startDate": "2021-05-14 12:00:00"
}
Delete
This option allows you to revoke a role to a specific account.
If you have installed the User snapshot backup addon when you delete a RoleAccount, it will be disabled, but never deleted from the database. If you don not have installed the User snapshot backup addon, when you delete the RoleAccount, it will be deleted from the database.
Please note after this delete, the RoleAccount has to be created again to use it in the next examples.
Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/RoleAccount/1976862
Response 204 No Content
204 No Content
Error response
For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response