SCIM User examples
Operations
List all
List all uses
Request
GET http://<your-domain>/soffid/webservice/scim2/v1/User
Response 200 OK
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 64,
"startIndex": 1,
"Resources": [
{
"lastName": "Pig",
"profileServer": "null",
"createdByUser": "hrms",
"fullName": "Dad Pig",
"active": true,
"userName": "1",
"mailAlias": "",
"mailServer": "null",
"firstName": "Dad",
"createdDate": "2021-02-16 13:38:26",
"multiSession": false,
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477909",
"links": {
"roleAccounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'1'+and+enabled+eq+true",
"groupUsers": "http://soffid.pat.lab:8080/webservice/scim2/v1/GroupUser?filter=user+eq+'1'+and+disabled+eq+false",
"accounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'1'"
},
"resourceType": "User"
},
"modifiedByUser": "admin",
"schemas": [
"urn:soffid:com.soffid.iam.api.User"
],
"modifiedDate": "2021-05-04 09:24:54",
"attributes": {},
"id": 1477909,
"userType": "I",
"homeServer": "null",
"primaryGroupDescription": "World Original",
"primaryGroup": "world"
},
{
"lastName": "SUZY",
"profileServer": "null",
"createdByUser": "hrms",
"fullName": "Suzy SUZY",
"active": true,
"userName": "10",
"mailAlias": "",
"mailServer": "null",
"firstName": "Suzy",
"createdDate": "2021-02-16 13:38:27",
"multiSession": false,
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477931",
"links": {
"roleAccounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'10'+and+enabled+eq+true",
"groupUsers": "http://soffid.pat.lab:8080/webservice/scim2/v1/GroupUser?filter=user+eq+'10'+and+disabled+eq+false",
"accounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'10'"
},
"resourceType": "User"
},
"modifiedByUser": "admin",
"schemas": [
"urn:soffid:com.soffid.iam.api.User"
],
"modifiedDate": "2021-05-05 14:11:37",
"attributes": {},
"id": 1477931,
"userType": "I",
"homeServer": "null",
"primaryGroupDescription": "World Original",
"primaryGroup": "world"
},
{
"lastName": "Rabbit",
"profileServer": "null",
"createdByUser": "hrms",
"fullName": "Ricchard Rabbit",
"active": true,
"userName": "11",
"mailAlias": "",
"mailServer": "null",
"firstName": "Ricchard",
"createdDate": "2021-02-16 13:38:27",
"multiSession": false,
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477953",
"links": {
"roleAccounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'11'+and+enabled+eq+true",
"groupUsers": "http://soffid.pat.lab:8080/webservice/scim2/v1/GroupUser?filter=user+eq+'11'+and+disabled+eq+false",
"accounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'11'"
},
"resourceType": "User"
},
"modifiedByUser": "admin",
"schemas": [
"urn:soffid:com.soffid.iam.api.User"
],
"modifiedDate": "2021-02-17 19:06:20",
"attributes": {},
"id": 1477953,
"userType": "I",
"homeServer": "null",
"primaryGroupDescription": "World Original",
"primaryGroup": "world"
},
.......
]
}
List by filter
List all roles with a filter expression.
It is allowed to use pagination and sort the information, for more information visit SCIM Query parameters page.
Request
List all roles with a filter expression.
GET http://<your-domain>/soffid/webservice/scim2/v1/Role?filter=name eq "AD role"
Response 200 OK
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 1,
"startIndex": 1,
"Resources": [
{
"approvalEnd": "2021-02-04 15:39:05",
"ownedRoles": [],
"description": "AD role",
"granteeGroups": [],
"informationSystemName": "Operation/Business process/ad",
"password": false,
"system": "ad",
"ownerGroups": [],
"ownerRoles": [
{
"informationSystem": "Operation/Business process/ad",
"ownerRole": 63,
"ownerRoleDescription": "SOFFID Administrator",
"roleId": 393195,
"mandatory": true,
"enabled": true,
"ownerSystem": "soffid",
"system": "ad",
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleGrant/1563461",
"resourceType": "RoleGrant"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.RoleGrant"
],
"roleName": "AD role",
"hasDomain": false,
"id": 1563461,
"ownerRoleName": "SOFFID_ADMIN",
"roleDescription": "AD role",
"status": "A"
}
],
"bpmEnabled": true,
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Role/393195",
"resourceType": "Role"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.Role"
],
"name": "AD role",
"approvalStart": "2021-02-04 15:39:05",
"attributes": {},
"id": 393195,
"enableByDefault": false
}
]
}
Query by id
Query a role by its id (primary key).
Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Role/393195
Response 200 OK
{
"approvalEnd": "2021-02-04 15:39:05",
"ownedRoles": [],
"description": "AD role",
"granteeGroups": [],
"informationSystemName": "Operation/Business process/ad",
"password": false,
"system": "ad",
"ownerGroups": [],
"ownerRoles": [
{
"informationSystem": "Operation/Business process/ad",
"ownerRole": 63,
"ownerRoleDescription": "SOFFID Administrator",
"roleId": 393195,
"mandatory": true,
"enabled": true,
"ownerSystem": "soffid",
"system": "ad",
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleGrant/1563461",
"resourceType": "RoleGrant"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.RoleGrant"
],
"roleName": "AD role",
"hasDomain": false,
"id": 1563461,
"ownerRoleName": "SOFFID_ADMIN",
"roleDescription": "AD role",
"status": "A"
}
],
"bpmEnabled": true,
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Role/393195",
"resourceType": "Role"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.Role"
],
"name": "AD role",
"approvalStart": "2021-02-04 15:39:05",
"attributes": {},
"id": 393195,
"enableByDefault": false
}
Create
To create a role .
Request
POST http://<your-domain>/soffid/webservice/scim2/v1/Role
JSON
{
"schemas": [
"urn:soffid:com.soffid.iam.api.Role"
],
"name": "App Billing Role",
"description": "Role Admin for Billing application",
"informationSystemName": "Operation/Business 2/App Billing",
"system": "test",
"password": false,
"bpmEnabled": false,
"enableByDefault": false,
"granteeGroups": [],
"ownedRoles": [],
"ownerGroups": [],
"ownerRoles": []
}
Response 201 Created
{
"ownedRoles": [],
"description": "Role Admin for Billing application",
"granteeGroups": [],
"informationSystemName": "Operation/Business 2/App Billing",
"password": false,
"system": "test",
"ownerGroups": [],
"ownerRoles": [],
"bpmEnabled": false,
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Role/1976590",
"resourceType": "Role"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.Role"
],
"name": "App Billing Role",
"attributes": {},
"id": 1976590,
"enableByDefault": false
}
Update partial
Update only of the attributes with changes, only these atrributes will be updated, the rest will maintain the same value.
Request
For example we will update the description and the owner users.
PATCH http://<your-domain>/soffid/webservice/scim2/v1/Role/1976590
JSON
{
"schemas": [
"urn:soffid:com.soffid.iam.api.Role"
],
"Operations": [
{
"op": "replace",
"path": "system",
"value": "soffid"
}
]
}
Response 200 OK
{
"ownedRoles": [],
"description": "Role Admin for Billing application",
"granteeGroups": [],
"informationSystemName": "Operation/Business 2/App Billing",
"password": false,
"system": "soffid",
"ownerGroups": [],
"ownerRoles": [],
"bpmEnabled": false,
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Role/1976590",
"resourceType": "Role"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.Role"
],
"name": "App Billing Role",
"attributes": {},
"id": 1976590,
"enableByDefault": false
}
Update all
This operation replace all values in the roole.
- Note that the attribute id is required to confirm that the resource "...Role/<id>" is the same that the JSON role.
- Note that all the attributes not included in the request will be cleared in the role and their data will be lost.
- Note that not all the attributes are updatable, for example tag meta, avoid these tags. For more information see Resource data model page
Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/Role/1976590
JSON
{
"schemas": [
"urn:soffid:com.soffid.iam.api.Role"
],
"id": 1976590,
"name": "App Billing",
"description": "Role Admin for Billing application",
"informationSystemName": "Operation/Business 2/App Billing",
"system": "test",
"password": false,
"bpmEnabled": false,
"enableByDefault": false,
"granteeGroups": [],
"ownedRoles": [],
"ownerGroups": [],
"ownerRoles": []
}
Response 200 OK
{
"ownedRoles": [],
"description": "Role Admin for Billing application",
"granteeGroups": [],
"informationSystemName": "Operation/Business 2/App Billing",
"password": false,
"system": "test",
"ownerGroups": [],
"ownerRoles": [],
"bpmEnabled": false,
"meta": {
"location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Role/1976590",
"resourceType": "Role"
},
"schemas": [
"urn:soffid:com.soffid.iam.api.Role"
],
"name": "App Billing",
"attributes": {},
"id": 1976590,
"enableByDefault": false
}
Delete
Delete a role.
Please note after this delete, the account has to be created again to use it in the next examples.
Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/Role/1976590
Response 204 No Content
204 No Content