Oracle® Identity Manager Tools Reference Release 9.1.0 Part Number E10366-02 |
|
|
View PDF |
This appendix lists some sample SOAP SPML messages that are supported by the SPML Web service. These SPML messages are embedded in a SOAP request.
Add Request
The following sample contains an Add Request operation to create a user with the user ID John Doe
and subscribe him to two groups, Groups 5 and Groups 6:
<addRequest returnData="everything" xmlns="urn:oasis:names:tc:SPML:2:0" xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core"> <data> <dsml:attr name="objectclass"> <dsml:value>Users</dsml:value> </dsml:attr> <dsml:attr name="Users.User ID"> <dsml:value>John Doe</dsml:value> </dsml:attr> <dsml:attr name="Users.First Name"> <dsml:value>John</dsml:value> </dsml:attr> <dsml:attr name="Users.Last Name"> <dsml:value>Doe</dsml:value> </dsml:attr> <dsml:attr name="Organizations.Organization Name"> <dsml:value>Xellerate Users</dsml:value> </dsml:attr> <dsml:attr name="Users.Xellerate Type"> <dsml:value>End-User</dsml:value> </dsml:attr> <dsml:attr name="Users.Role"> <dsml:value>Full-Time</dsml:value> </dsml:attr> <dsml:attr name="Users.Password"> <dsml:value>welcome</dsml:value> </dsml:attr> </data> <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true"> <reference typeOfReference="memberOf" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:5" /> </reference> <reference typeOfReference="memberOf" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:6" /> </reference> </capabilityData> </addRequest>
The following sample contains the success response for the preceding Add Request operation:
<addResponse status="success"> <pso> <psoID ID="Users:7"/> <data> <attr name="Users.User ID"> <value>John Doe</value> </attr> <attr name="Users.Key"> <value>7</value> </attr> <attr name="Users.Last Name"> <value>Doe</value> </attr> <attr name="Users.First Name"> <value>John</value> </attr> <attr name="Users.Xellerate Type"> <value>End-User</value> </attr> <attr name="Users.Creation Date"> <value>2007-08-28 12:42:32.147</value> </attr> <attr name="Users.Updated By"> <value>1</value> </attr> <attr name="Users.Update Date"> <value>2007-08-28 12:42:36.38</value> </attr> <attr name="Users.Status"> <value>Active</value> </attr> <attr name="Users.Disable User"> <value>0</value> </attr> <attr name="Users.Lock User"> <value>0</value> </attr> <attr name="Organizations.Key"> <value>1</value> </attr> <attr name="Users.Role"> <value>Full-Time</value> </attr> <attr name="Organizations.Organization Name"> <value>Xellerate Users</value> </attr> <attr name="Users.Provisioned Date"> <value>2007-08-28 12:42:32.147</value> </attr> <attr name="Users.Change Password At Next Logon"> <value>1</value> </attr> <attr name="objectclass"> <value>Users</value> </attr> </data> <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true"> <reference typeOfReference="memberOf"> <toPsoID ID="Groups:5"/> </reference> <reference typeOfReference="memberOf"> <toPsoID ID="Groups:6"/> </reference> </capabilityData> </pso> </addResponse>
The following sample contains the failure response for the Add Request operation in case the user with the user ID already exists:
<addResponse status="failure" error="alreadyExists"> <errorMessage> exception=tcDuplicateUserException;errorMessage=Duplicate_User </errorMessage> </addResponse>
The following sample contains an Add Request operation to create a group and subscribe it to two groups Groups:4 and Groups:5. The request is also to assign the group to two administrator groups Groups:7 and Groups:8.
<addRequest returnData="everything" xmlns="urn:oasis:names:tc:SPML:2:0" xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core"> <data> <dsml:attr name="objectclass"> <dsml:value>Groups</dsml:value> </dsml:attr> <dsml:attr name="Groups.Group Name"> <dsml:value>Add Group40</dsml:value> </dsml:attr> </data> <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true"> <reference typeOfReference="memberOf" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:4" /> </reference> <reference typeOfReference="memberOf" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:5" /> </reference> <reference typeOfReference="administrator" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:7" /> </reference> <reference typeOfReference="administrator" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:8" /> </reference> </capabilityData> </addRequest>
The following sample contains the success response for the preceding Add Request operation to create a group:
<addResponse status="success"> <pso> <psoID ID="Groups:11"/> <data> <attr name="Groups.Key"> <value>11</value> </attr> <attr name="Groups.Group Name"> <value>Add Group40</value> </attr> <attr name="Groups.Updated By"> <value>1</value> </attr> <attr name="Groups.Update Date"> <value>2007-08-28 15:22:04.953</value> </attr> <attr name="Groups.Creation Date"> <value>2007-08-28 15:22:04.953</value> </attr> <attr name="Groups.Created By"> <value>1</value> </attr> <attr name="objectclass"> <value>Groups</value> </attr> </data> <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true"> <reference typeOfReference="memberOf"> <toPsoID ID="Groups:4"/> </reference> <reference typeOfReference="memberOf"> <toPsoID ID="Groups:5"/> </reference> <reference typeOfReference="administrator"> <toPsoID ID="Groups:1"/> </reference> <reference typeOfReference="administrator"> <toPsoID ID="Groups:7"/> </reference> <reference typeOfReference="administrator"> <toPsoID ID="Groups:8"/> </reference> </capabilityData> </pso> </addResponse>
The following sample contains the failure response for the preceding operation in case the group already exists:
<addResponse status="failure" error="alreadyExists"> <errorMessage>exception=Duplicate_Group</errorMessage> </addResponse>
Modify Request
The following sample contains a Modify Request operation to unsubscribe a user from two groups and subscribe him to two new groups, Groups:4 and Groups:5:
<modifyRequest returnData="everything" xmlns="urn:oasis:names:tc:SPML:2:0" xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core"> <psoID ID="Users:31"></psoID> <modification modificationMode="add"> <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true"> <reference typeOfReference="memberOf" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:4" /> </reference> <reference typeOfReference="memberOf" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:5"/> </reference> </capabilityData> </modification> <modification modificationMode="delete"> <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true"> <reference typeOfReference="memberOf" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:6"/> </reference> <reference typeOfReference="memberOf" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:7"/> </reference> </capabilityData> </modification> </modifyRequest>
The following sample contains the success response for the preceding Modify Request operation:
<modifyResponse status="success"> <pso> <psoID ID="Users:31"/> <data> <attr name="Users.User ID"> <value>John Doe</value> </attr> <attr name="Users.Key"> <value>7</value> </attr> <attr name="Users.Last Name"> <value>Doe</value> </attr> <attr name="Users.First Name"> <value>John</value> </attr> <attr name="Users.Xellerate Type"> <value>End-User</value> </attr> <attr name="Users.Creation Date"> <value>2007-08-28 12:42:32.147</value> </attr> <attr name="Users.Updated By"> <value>1</value> </attr> <attr name="Users.Update Date"> <value>2007-08-28 12:42:36.38</value> </attr> <attr name="Users.Status"> <value>Active</value> </attr> <attr name="Users.Disable User"> <value>0</value> </attr> <attr name="Users.Lock User"> <value>0</value> </attr> <attr name="Organizations.Key"> <value>1</value> </attr> <attr name="Users.Role"> <value>Full-Time</value> </attr> <attr name="Organizations.Organization Name"> <value>Xellerate Users</value> </attr> <attr name="Users.Provisioned Date"> <value>2007-08-28 12:42:32.147</value> </attr> <attr name="Users.Change Password At Next Logon"> <value>1</value> </attr> </data> <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true"> <reference typeOfReference="memberOf"> <toPsoID ID="Groups:3"/> </reference> <reference typeOfReference="memberOf"> <toPsoID ID="Groups:4"/> </reference> <reference typeOfReference="memberOf"> <toPsoID ID="Groups:5"/> </reference> </capabilityData> </pso> </modifyResponse>
The following sample contains the failure response for the preceding operation in case the user is not available:
<modifyResponse status="failure" error="noSuchIdentifier"> <errorMessage> exception=OIMSpmlException;errorMessage=NO_USER_ID_DEFINED </errorMessage> </modifyResponse>
The following sample contains a Modify Request operation that modifies the group Groups:36 and its group references by adding two more group membership (Groups:7 and Groups:8) and a group administrator (Groups:9). It also deletes an existing group membership (Groups:10) and an administrator reference (Groups:11).
<modifyRequest returnData="everything" xmlns="urn:oasis:names:tc:SPML:2:0" xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core"> <psoID ID="Groups:36"></psoID> <modification> <dsml:modification name="Groups.Group Name" operation="add"> <dsml:value>Changed</dsml:value> </dsml:modification> </modification> <modification modificationMode="add"> <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true"> <reference typeOfReference="memberOf" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:7"/> </reference> <reference typeOfReference="memberOf" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:8"/> </reference> <reference typeOfReference="administrator" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:9"/> </reference> </capabilityData> </modification> <modification modificationMode="delete"> <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true"> <reference typeOfReference="administrator" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:10"/> </reference> <reference typeOfReference="memberOf" xmlns="urn:oasis:names:tc:SPML:2:0:reference"> <toPsoID ID="Groups:11"/> </reference> </capabilityData> </modification> </modifyRequest>
The following sample contains the success response for the preceding Modify Request operation:
<modifyResponse status="success"> <pso> <psoID ID="Groups:36"/> <data> <attr name="Groups.Key"> <value>36</value> </attr> <attr name="Groups.Group Name"> <value>Changed</value> </attr> <attr name="Groups.Updated By"> <value>1</value> </attr> <attr name="Groups.Update Date"> <value>2007-08-29 21:00:51.657</value> </attr> <attr name="Groups.Creation Date"> <value>2007-08-27 15:22:43.97</value> </attr> <attr name="Groups.Created By"> <value>1</value> </attr> </data> <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true"> <reference typeOfReference="memberOf"> <toPsoID ID="Groups:7"/> </reference> <reference typeOfReference="memberOf"> <toPsoID ID="Groups:8"/> </reference> <reference typeOfReference="administrator"> <toPsoID ID="Groups:1"/> </reference> <reference typeOfReference="administrator"> <toPsoID ID="Groups:9"/> </reference> </capabilityData> </pso> </modifyResponse>
The following sample contains the failure response for the preceding operation in case the group ID is missing:
<modifyResponse status="failure" error="noSuchIdentifier"> <errorMessage> exception=OIMSpmlException;errorMessage=GROUP_NOT_FOUND </errorMessage> </modifyResponse>
Add Request With Date Format
The following sample Add Request operation adds a user by assigning some start date and end date attribute. The date format should assume the format- yyyy-mm-dd HH:MM:SS.sss.
<addRequest returnData="everything" xmlns="urn:oasis:names:tc:SPML:2:0" xmlns:dsml="urn:oasis:names:tc:DSML:2:0:core"> <data> <dsml:attr name="objectclass"> <dsml:value>Users</dsml:value> </dsml:attr> <dsml:attr name="Users.User ID"> <dsml:value>John Doe</dsml:value> </dsml:attr> <dsml:attr name="Users.First Name"> <dsml:value>John</dsml:value> </dsml:attr> <dsml:attr name="Users.Last Name"> <dsml:value>Doe</dsml:value> </dsml:attr> <dsml:attr name="Organizations.Organization Name"> <dsml:value>Xellerate Users</dsml:value> </dsml:attr> <dsml:attr name="Users.Xellerate Type"> <dsml:value>End-User</dsml:value> </dsml:attr> <dsml:attr name="Users.Manager Login"> <dsml:value>Jane Doe</dsml:value> </dsml:attr> <dsml:attr name="Users.Role"> <dsml:value>Full-Time</dsml:value> </dsml:attr> <dsml:attr name="Users.Password"> <dsml:value>welcome</dsml:value> </dsml:attr> <dsml:attr name="Users.Start Date"> <dsml:value>2007-06-18 00:00:00.000</dsml:value> </dsml:attr> <dsml:attr name="Users.End Date"> <dsml:value>2017-06-18 00:00:00.000</dsml:value> </dsml:attr> </data> </addRequest>
The following sample contains the success response for the preceding Add Request operation:
<addResponse status="success"> <pso> <psoID ID="Users:8"/> <data> <attr name="Users.User ID"> <value>John Doe</value> </attr> <attr name="Users.Key"> <value>8</value> </attr> <attr name="Users.Last Name"> <value>Doe</value> </attr> <attr name="Users.First Name"> <value>John</value> </attr> <attr name="Users.Manager Key"> <value>4</value> </attr> <attr name="Users.Manager Login"> <value>John</value> </attr> <attr name="Users.Manager First Name"> <value>John</value> </attr> <attr name="Users.Manager Last Name"> <value>Doe</value> </attr> <attr name="Users.Xellerate Type"> <value>End-User</value> </attr> <attr name="Users.Creation Date"> <value>2007-08-29 21:27:03.39</value> </attr> <attr name="Users.Updated By"> <value>1</value> </attr> <attr name="Users.Update Date"> <value>2007-08-29 21:27:06.937</value> </attr> <attr name="Users.Status"> <value>Active</value> </attr> <attr name="Users.Disable User"> <value>0</value> </attr> <attr name="Users.Lock User"> <value>0</value> </attr> <attr name="Organizations.Key"> <value>1</value> </attr> <attr name="Users.Role"> <value>Full-Time</value> </attr> <attr name="Organizations.Organization Name"> <value>Xellerate Users</value> </attr> <attr name="Users.Start Date"> <value>2007-06-18 00:00:00.0</value> </attr> <attr name="Users.End Date"> <value>2017-06-18 00:00:00.0</value> </attr> <attr name="Users.Provisioning Date"> <value>2007-06-18 00:00:00.0</value> </attr> <attr name="Users.Provisioned Date"> <value>2007-08-29 21:27:03.39</value> </attr> <attr name="Users.Change Password At Next Logon"> <value>1</value> </attr> <attr name="objectclass"> <value>Users</value> </attr> </data> <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true"> <reference typeOfReference="memberOf"> <toPsoID ID="Groups:3"/> </reference> </capabilityData> </pso> </addResponse>
The following sample contains the failure response for the preceding operation in case the user already exists:
<addResponse status="failure" error="alreadyExists"> <errorMessage> exception=tcDuplicateUserException;errorMessage=Duplicate_User </errorMessage> </addResponse>