Skip to main content

SCIM User examples

Operations

List all

List all uses

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/User
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 64,
    "startIndex": 1,
    "Resources": [
        {
            "lastName": "Pig",
            "profileServer": "null",
            "createdByUser": "hrms",
            "fullName": "Dad Pig",
            "active": true,
            "userName": "1",
            "mailAlias": "",
            "mailServer": "null",
            "firstName": "Dad",
            "createdDate": "2021-02-16 13:38:26",
            "multiSession": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477909",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'1'+and+enabled+eq+true",
                    "groupUsers": "http://soffid.pat.lab:8080/webservice/scim2/v1/GroupUser?filter=user+eq+'1'+and+disabled+eq+false",
                    "accounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'1'"
                },
                "resourceType": "User"
            },
            "modifiedByUser": "admin",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.User"
            ],
            "modifiedDate": "2021-05-04 09:24:54",
            "attributes": {},
            "id": 1477909,
            "userType": "I",
            "homeServer": "null",
            "primaryGroupDescription": "World Original",
            "primaryGroup": "world"
        },
        {
            "lastName": "SUZY",
            "profileServer": "null",
            "createdByUser": "hrms",
            "fullName": "Suzy SUZY",
            "active": true,
            "userName": "10",
            "mailAlias": "",
            "mailServer": "null",
            "firstName": "Suzy",
            "createdDate": "2021-02-16 13:38:27",
            "multiSession": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477931",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'10'+and+enabled+eq+true",
                    "groupUsers": "http://soffid.pat.lab:8080/webservice/scim2/v1/GroupUser?filter=user+eq+'10'+and+disabled+eq+false",
                    "accounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'10'"
                },
                "resourceType": "User"
            },
            "modifiedByUser": "admin",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.User"
            ],
            "modifiedDate": "2021-05-05 14:11:37",
            "attributes": {},
            "id": 1477931,
            "userType": "I",
            "homeServer": "null",
            "primaryGroupDescription": "World Original",
            "primaryGroup": "world"
        },
        {
            "lastName": "Rabbit",
            "profileServer": "null",
            "createdByUser": "hrms",
            "fullName": "Ricchard Rabbit",
            "active": true,
            "userName": "11",
            "mailAlias": "",
            "mailServer": "null",
            "firstName": "Ricchard",
            "createdDate": "2021-02-16 13:38:27",
            "multiSession": false,
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477953",
                "links": {
                    "roleAccounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'11'+and+enabled+eq+true",
                    "groupUsers": "http://soffid.pat.lab:8080/webservice/scim2/v1/GroupUser?filter=user+eq+'11'+and+disabled+eq+false",
                    "accounts": "http://soffid.pat.lab:8080/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'11'"
                },
                "resourceType": "User"
            },
            "modifiedByUser": "admin",
            "schemas": [
                "urn:soffid:com.soffid.iam.api.User"
            ],
            "modifiedDate": "2021-02-17 19:06:20",
            "attributes": {},
            "id": 1477953,
            "userType": "I",
            "homeServer": "null",
            "primaryGroupDescription": "World Original",
            "primaryGroup": "world"
        },
      .......
    ]
}

List by filter

List all roles with a filter expression.

It is allowed to use pagination and sort the information, for more information visit SCIM Query parameters page.

Request

List all roles with a filter expression.

GET http://<your-domain>/soffid/webservice/scim2/v1/Role?filter=name eq "AD role"
Response 200 OK
{
    "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:ListResponse"
    ],
    "totalResults": 1,
    "startIndex": 1,
    "Resources": [
        {
            "approvalEnd": "2021-02-04 15:39:05",
            "ownedRoles": [],
            "description": "AD role",
            "granteeGroups": [],
            "informationSystemName": "Operation/Business process/ad",
            "password": false,
            "system": "ad",
            "ownerGroups": [],
            "ownerRoles": [
                {
                    "informationSystem": "Operation/Business process/ad",
                    "ownerRole": 63,
                    "ownerRoleDescription": "SOFFID Administrator",
                    "roleId": 393195,
                    "mandatory": true,
                    "enabled": true,
                    "ownerSystem": "soffid",
                    "system": "ad",
                    "meta": {
                        "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleGrant/1563461",
                        "resourceType": "RoleGrant"
                    },
                    "schemas": [
                        "urn:soffid:com.soffid.iam.api.RoleGrant"
                    ],
                    "roleName": "AD role",
                    "hasDomain": false,
                    "id": 1563461,
                    "ownerRoleName": "SOFFID_ADMIN",
                    "roleDescription": "AD role",
                    "status": "A"
                }
            ],
            "bpmEnabled": true,
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Role/393195",
                "resourceType": "Role"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.Role"
            ],
            "name": "AD role",
            "approvalStart": "2021-02-04 15:39:05",
            "attributes": {},
            "id": 393195,
            "enableByDefault": false
        }
    ]
}

Query by id

Query a role by its id (primary key). 

Request
GET http://<your-domain>/soffid/webservice/scim2/v1/Role/393195
Response 200 OK
{
    "approvalEnd": "2021-02-04 15:39:05",
    "ownedRoles": [],
    "description": "AD role",
    "granteeGroups": [],
    "informationSystemName": "Operation/Business process/ad",
    "password": false,
    "system": "ad",
    "ownerGroups": [],
    "ownerRoles": [
        {
            "informationSystem": "Operation/Business process/ad",
            "ownerRole": 63,
            "ownerRoleDescription": "SOFFID Administrator",
            "roleId": 393195,
            "mandatory": true,
            "enabled": true,
            "ownerSystem": "soffid",
            "system": "ad",
            "meta": {
                "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleGrant/1563461",
                "resourceType": "RoleGrant"
            },
            "schemas": [
                "urn:soffid:com.soffid.iam.api.RoleGrant"
            ],
            "roleName": "AD role",
            "hasDomain": false,
            "id": 1563461,
            "ownerRoleName": "SOFFID_ADMIN",
            "roleDescription": "AD role",
            "status": "A"
        }
    ],
    "bpmEnabled": true,
    "meta": {
        "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Role/393195",
        "resourceType": "Role"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "name": "AD role",
    "approvalStart": "2021-02-04 15:39:05",
    "attributes": {},
    "id": 393195,
    "enableByDefault": false
}

Create

To create a role .

Request

POST http://<your-domain>/soffid/webservice/scim2/v1/Role

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "name": "App Billing Role",
    "description": "Role Admin for Billing application",
    "informationSystemName": "Operation/Business 2/App Billing",
    "system": "test",
    "password": false,
    "bpmEnabled": false,
    "enableByDefault": false,
    "granteeGroups": [],
    "ownedRoles": [],
    "ownerGroups": [],
    "ownerRoles": []
}
Response 201 Created
{
    "ownedRoles": [],
    "description": "Role Admin for Billing application",
    "granteeGroups": [],
    "informationSystemName": "Operation/Business 2/App Billing",
    "password": false,
    "system": "test",
    "ownerGroups": [],
    "ownerRoles": [],
    "bpmEnabled": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Role/1976590",
        "resourceType": "Role"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "name": "App Billing Role",
    "attributes": {},
    "id": 1976590,
    "enableByDefault": false
}

Update partial

Update only of the attributes with changes, only these atrributes will be updated, the rest will maintain the same value.

Request

For example we will update the description and the owner users.

PATCH http://<your-domain>/soffid/webservice/scim2/v1/Role/1976590

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "Operations": [
        {
            "op": "replace",
            "path": "system",
            "value": "soffid"
        }
    ]
}
Response 200 OK
{
    "ownedRoles": [],
    "description": "Role Admin for Billing application",
    "granteeGroups": [],
    "informationSystemName": "Operation/Business 2/App Billing",
    "password": false,
    "system": "soffid",
    "ownerGroups": [],
    "ownerRoles": [],
    "bpmEnabled": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Role/1976590",
        "resourceType": "Role"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "name": "App Billing Role",
    "attributes": {},
    "id": 1976590,
    "enableByDefault": false
}

Update all

This operation replace all values in the roole.

  • Note that the attribute id is required to confirm that the resource "...Role/<id>" is the same that the JSON role.
  • Note that all the attributes not included in the request will be cleared in the role and their data will be lost.
  • Note that not all the attributes are updatable, for example tag meta, avoid these tags. For more information see Resource data model page
Request
PUT http://<your-domain>/soffid/webservice/scim2/v1/Role/1976590

JSON

{
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "id": 1976590,
    "name": "App Billing",
    "description": "Role Admin for Billing application",
    "informationSystemName": "Operation/Business 2/App Billing",
    "system": "test",
    "password": false,
    "bpmEnabled": false,
    "enableByDefault": false,
    "granteeGroups": [],
    "ownedRoles": [],
    "ownerGroups": [],
    "ownerRoles": []
}
Response 200 OK
{
    "ownedRoles": [],
    "description": "Role Admin for Billing application",
    "granteeGroups": [],
    "informationSystemName": "Operation/Business 2/App Billing",
    "password": false,
    "system": "test",
    "ownerGroups": [],
    "ownerRoles": [],
    "bpmEnabled": false,
    "meta": {
        "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Role/1976590",
        "resourceType": "Role"
    },
    "schemas": [
        "urn:soffid:com.soffid.iam.api.Role"
    ],
    "name": "App Billing",
    "attributes": {},
    "id": 1976590,
    "enableByDefault": false
}

Delete

Delete a role.

Please note after this delete, the account has to be created again to use it in the next examples.

Request
DELETE http://<your-omain>/soffid/webservice/scim2/v1/Role/1976590
Response 204 No Content
204 No Content