Skip Headers
Oracle® Fusion Middleware Developer's Guide for Oracle Identity Manager
11g Release 1 (11.1.1)

Part Number E14309-08
Go to Documentation Home
Home
Go to Book List
Book List
Go to Table of Contents
Contents
Go to Index
Index
Go to Master Index
Master Index
Go to Feedback page
Contact Us

Go to previous page
Previous
Go to next page
Next
View PDF

C SPML Examples

This appendix provides the following SPML XSD examples:

C.1 SPML Example - Add User

The Request is as follows:

<addRequest xmlns="urn:oasis:names:tc:SPML:2:0" xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO" executionMode="asynchronous" locale="en" policyURI="http://www.sample.com/string/string" requestID="string" returnData="identifier" targetID="string">
<!--Zero or more repetitions:-->
<data>
<!--You have a CHOICE of the next 3 items at this level-->
<pso:identity>
<!--Optional:-->
<pso:attributes>
<!--Here, My Attribute is a UDF, with 'My Attribute' also added in CreateUserDataset.xml -->
<pso:attr name="My Attribute">
<pso:value>New Value</pso:value>
</pso:attr>
</pso:attributes>
<!--Optional:-->
<pso:activeEndDate>2009-06-12T16:00:00</pso:activeEndDate>
<!--Optional:-->
<pso:activeStartDate>2009-06-11T18:00:00</pso:activeStartDate>
<pso:commonName>
<pso:value>All Optional Values</pso:value>
</pso:commonName>
<!--Optional:-->
<pso:countryName>India</pso:countryName>
<!--Optional:-->
<pso:departmentNumber>
<!--1 or more repetitions:-->
<pso:value>123456</pso:value>
</pso:departmentNumber>
<!--Optional:-->
<pso:description>
<!--1 or more repetitions:-->
<pso:values>
<!--1 or more repetitions:-->
<pso:value>All Optional Fields Profile</pso:value>
</pso:values>
</pso:description>
<!--Optional:-->
<pso:displayName>
<!--1 or more repetitions:-->
<pso:value locale="en">All Optional Values</pso:value>
</pso:displayName>
<!--Optional:-->
<pso:employeeNumber>24073</pso:employeeNumber>
<!--Optional:-->
<pso:employeeType>
<!--1 or more repetitions:-->
<pso:values>
<!--1 or more repetitions:-->
<pso:value>Part-Time</pso:value>
</pso:values>
</pso:employeeType>
<!--Optional:-->
<pso:facsimileTelephoneNumber>
<!--1 or more repetitions:-->
<pso:number>08041085304</pso:number>
</pso:facsimileTelephoneNumber>
<!--Optional:-->
<pso:generationQualifier>
<!--1 or more repetitions:-->
<pso:value>II</pso:value>
</pso:generationQualifier>
<!--Optional:-->
<pso:givenName>
<!--1 or more repetitions:-->
<pso:value>OptionalGivenName</pso:value>
</pso:givenName>
<!--Optional:-->
<pso:hireDate>2009-06-11T16:00:00</pso:hireDate>
<!--Optional:-->
<pso:homePhone>
<!--1 or more repetitions:-->
<pso:number>9999999999</pso:number>
</pso:homePhone>
<!--Optional:-->
<pso:homePostalAddress>
<!--1 or more repetitions:-->
<pso:value>marathahalli</pso:value>
</pso:homePostalAddress>
<!--Optional:-->
<pso:initials>
<!--1 or more repetitions:-->
<pso:value>SJ</pso:value>
</pso:initials>
<!--Optional:-->
<pso:localityName>
<!--1 or more repetitions:-->
<pso:value>Munekolala</pso:value>
</pso:localityName>
<!--Optional:-->
<!--pso:mail>
<pso:value>jdong12@oracle.com</pso:value>
</pso:mail-->
<!--Optional:-->
<pso:middleName>MiddleName</pso:middleName>
<!--Optional:-->
<pso:mobile>
<!--1 or more repetitions:-->
<pso:number>9886078373</pso:number>
</pso:mobile>
<!--Optional:-->
<pso:organization>
<pso:value>2</pso:value>
</pso:organization>
<!--Optional:-->
<pso:organizationUnit>
<pso:value>Marketing</pso:value>
</pso:organizationUnit>
<!--Optional:-->
<pso:pager>
<!--1 or more repetitions:-->
<pso:number>7777</pso:number>
</pso:pager>
<!--Optional:-->
<pso:password>
<!--1 or more repetitions:-->
<pso:value>saijha</pso:value>
</pso:password>
<!--Optional:-->
<pso:postalAddress>
<!--1 or more repetitions:-->
<pso:value>Marathahalli</pso:value>
</pso:postalAddress>
<!--Optional:-->
<pso:postalCode>
<!--1 or more repetitions:-->
<pso:value>560037</pso:value>
</pso:postalCode>
<!--Optional:-->
<pso:postOfficeBox>
<!--1 or more repetitions:-->
<pso:value>999</pso:value>
</pso:postOfficeBox>
<!--Optional:-->
<pso:preferredLanguage>en</pso:preferredLanguage>
<!--Optional:-->
<pso:state>
<!--1 or more repetitions:-->
<pso:value>Karnataka</pso:value>
</pso:state>
<!--Optional:-->
<pso:street>
<!--1 or more repetitions:-->
<pso:value>Satyam Street</pso:value>
</pso:street>
<!--Optional:-->
<pso:surname>
<pso:values>
  <!--1 or more repetitions:-->
<pso:value>Jha</pso:value>
</pso:values>
</pso:surname>
<!--Optional:-->
<pso:telephoneNumber>
<!--1 or more repetitions:-->
<pso:number>08041085304</pso:number>
</pso:telephoneNumber>
<!--Optional:-->
<pso:title>
<pso:value>Mr</pso:value>
</pso:title>
<!--Optional:-->
<pso:username>
<!--1 or more repetitions:-->
<pso:value>jsmith</pso:value>
</pso:username>
<pso:manager>5</pso:manager>
</pso:identity>
</data>
</addRequest>

The Add User Response sample if user login already exists is as follows:

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/>
<env:Body>
<ns3:addResponse xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO" xmlns:ns3="urn:oasis:names:tc:SPML:2:0" xmlns:ns4="urn:oasis:names:tc:SPML:2:0:suspend" xmlns:ns5="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username" xmlns:ns6="urn:oasis:names:tc:SPML:2:0:password" xmlns:ns7="urn:oasis:names:tc:SPML:2:0:reference" xmlns:ns8="urn:oasis:names:tc:SPML:2:0:async" xmlns:ns9="urn:names:spml:ws:header" status="failure" error="malformedRequest" extendedError="IAM-3076048">
<ns3:errorMessage>username jsmith already exists.</ns3:errorMessage>
</ns3:addResponse>
</env:Body>
</env:Envelope>

The Add User Response sample if multiple values are passed for attributes that accept only single value:

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header/>
<env:Body>
<ns3:addResponse xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO" xmlns:ns3="urn:oasis:names:tc:SPML:2:0" xmlns:ns4="urn:oasis:names:tc:SPML:2:0:suspend" xmlns:ns5="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username" xmlns:ns6="urn:oasis:names:tc:SPML:2:0:password" xmlns:ns7="urn:oasis:names:tc:SPML:2:0:reference" xmlns:ns8="urn:oasis:names:tc:SPML:2:0:async" xmlns:ns9="urn:names:spml:ws:header" status="pending" requestID="5" error="malformedRequest" extendedError="IAM-3071022"><ns3:errorMessage>The attribute commonName is not multi-language enabled in OIM. Only the value John Smith will be saved.</ns3:errorMessage>
<ns3:errorMessage>The attribute organization is not multi-language enabled in OIM. Only the value 1 will be saved.
</ns3:errorMessage>
</ns3:addResponse>
</env:Body>
</env:Envelope>

Note:

  • To find the status of the add user request, see "SPML Example - Status Request".

  • The displayName attribute has Multiple Language Support (MLS), and language values can be specified as "en", "fr", and so on.

C.2 SPML Example - Delete User

The Request is as follows:

<deleteRequest xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO" executionMode="asynchronous"
locale="en" policyURI="http://www.sample.com/string/string"
requestID="string" returnData="identifier" targetID="string">
<psoID ID="identity:6C9B96E99FC8DC32E040E50A3D5252F5" />
</deleteRequest>

The Response is as follows:

<ns9:ResponseType xmlns="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns2="urn:oasis:names:tc:SPML:2:0"
xmlns:ns3="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns5="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns6="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns7="urn:names:spml:ws:header" xmlns:ns8="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns9="oasis:names:tc:SPML:2:0" requestID="19" status="pending"/>

C.3 SPML Example - Modify User

The Request is as follows:

<modifyRequest xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO" executionMode="asynchronous"
locale="string" policyURI="http://www.sample.com/string/string"
requestID="string" returnData="identifier">
<capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference"
mustUnderstand="true" />
<psoID ID="identity:6C9B96E99FC8DC32E040E50A3D5252F5" />
<modification modificationMode="add">
<component path="/identity" namespaceURI="http://www.w3.org/TR/xpath20" />
<data>
<pso:identity>
<pso:initials>
<!--1 or more repetitions:-->
<pso:value>J S</pso:value>
</pso:initials>
                                        </pso:identity>
                                </data>
                        </modification>
                        <modification modificationMode="replace">
                                <component path="/identity" namespaceURI="http://www.w3.org/TR/xpath20" />
                                <data>
                                        <pso:identity>
                                                <pso:localityName>
                                                        <!--1 or more repetitions:-->
                                                        <pso:value>new_locality</pso:value>
                                                </pso:localityName>
                                                <pso:homePhone>
                                                        <!--1 or more repetitions:-->
                                                        <pso:number>0123456789</pso:number>
                                                </pso:homePhone>
                                                <pso:commonName>
                                                        <!--1 or more repetitions:-->
                                                        <pso:values>
                                                                <!--1 or more repetitions:-->
                                                                <pso:value>FR Alice Krug1</pso:value>
                                                        </pso:values>
                                                </pso:commonName>
                                        </pso:identity>
                                </data>
                        </modification>
                        <modification modificationMode="delete">
                                <component path="/identity" namespaceURI="http://www.w3.org/TR/xpath20" />
                                <data>
                                        <pso:identity>
                                                <pso:pager>
                                                        <!--1 or more repetitions:-->
                                                        <pso:number>333</pso:number>
                                                </pso:pager>
                                        </pso:identity>
                                </data>
                        </modification>
                </modifyRequest>

The Response is as follows:

<ns9:ModifyResponseType xmlns="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns2="urn:oasis:names:tc:SPML:2:0"
xmlns:ns3="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns5="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns6="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns7="urn:names:spml:ws:header" xmlns:ns8="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns9="oasis:names:tc:SPML:2:0" requestID="15" status="pending"/>

C.4 SPML Example - Resume User

The Request is as follows:

<resumeRequest xmlns="urn:oasis:names:tc:SPML:2:0:suspend"
requestID="120">
<psoID ID="6C9B96E99FC8DC32E040E50A3D5252F5" />
</resumeRequest>

The Response is as follows:

<ns9:ResponseType xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns3="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns5="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns6="urn:names:spml:ws:header" xmlns:ns7="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns8="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns9="oasis:names:tc:SPML:2:0" requestID="120" status="pending"/>

C.5 SPML Example - Suggest User Name

The Request is as follows:

<ns4:suggestUsernameRequest
                        xmlns:ns4="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
                        xmlns="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
                        xmlns:ns2="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
                        xmlns:ns3="http://xmlns.oracle.com/idm/identity/PSO">
                        <ns2:identity>
                                <ns3:givenName>
                                        <ns3:value>testfn</ns3:value>
                                </ns3:givenName>
                                <ns3:surname>
                                        <ns3:values>
                                                <ns3:value>testln</ns3:value>
                                        </ns3:values>
                                </ns3:surname>
                        </ns2:identity>
                </ns4:suggestUsernameRequest>

The Response is as follows:

<ns9:SuggestUsernameResponseType xmlns="urn:oasis:names:tc:SPML:2:0"
        xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO"
        xmlns:ns3="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
        xmlns:ns4="urn:oasis:names:tc:SPML:2:0:reference"
        xmlns:ns5="urn:oasis:names:tc:SPML:2:0:async"
        xmlns:ns6="urn:oasis:names:tc:SPML:2:0:password"
        xmlns:ns7="urn:names:spml:ws:header"
        xmlns:ns8="urn:oasis:names:tc:SPML:2:0:suspend"
        xmlns:ns9="oasis:names:tc:SPML:2:0" status="success">
        <ns3:username>testfn.testln@oracle.com</ns3:username>
</ns9:SuggestUsernameResponseType>

C.6 SPML Example - Suspend User

The Request is as follows:

<suspendRequest xmlns="urn:oasis:names:tc:SPML:2:0:suspend"
requestID="139">
<psoID ID="6C9B96E99FC8DC32E040E50A3D5252F5"/>
</suspendRequest>

The Response is as follows:

<ns9:ResponseType xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns3="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns5="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns6="urn:names:spml:ws:header" xmlns:ns7="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns8="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns9="oasis:names:tc:SPML:2:0" requestID="28"
status="pending"/><ns9:ResponseType xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns3="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns5="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns6="urn:names:spml:ws:header" xmlns:ns7="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns8="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns9="oasis:names:tc:SPML:2:0" requestID="139" status="pending"/>

C.7 SPML Example - Validate User Name

The Request is as follows:

<validateUsernameRequest
xmlns="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username">
<username>testfn.testln</username>
</validateUsernameRequest>

The Response is as follows:

<ns9:ValidateUsernameResponseType xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns3="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns5="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns6="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns7="urn:names:spml:ws:header"
xmlns:ns8="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns9="oasis:names:tc:SPML:2:0" valid="true" status="success"/>

C.8 SPML Example - Check If User is Active

The request is as follows:

<activeRequest xmlns="urn:oasis:names:tc:SPML:2:0:suspend" requestID="143">
<psoID ID="5" targetID="string"/>
</activeRequest>

The Response is as follows:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns4:ResponseType xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:ns2="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns3="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns4="oasis:names:tc:SPML:2:0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="ns2:ActiveResponseType" active="true" requestID="143"
status="success" />

C.9 SPML Example - Lookup Username Policy

The Request is as follows:

<lookupUsernamePolicyRequest
xmlns="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username">
</lookupUsernamePolicyRequest>

The Response is as follows:

<ns9:LookupUsernamePolicyResponseType
xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns3="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns5="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns6="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns7="urn:names:spml:ws:header"
xmlns:ns8="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns9="oasis:names:tc:SPML:2:0" status="success"
<ns3:description>Generates user name based on email id if it is available, else generate based on first name and last name appended with domain name.</ns3:description>
>

Note:

To view policy description in a specific locale, you can set locale attribute in the payload. If this locale is not supported, then by is displayed in the server locale by default, as shown:

<lookupUsernamePolicyRequest locale="th"
xmlns="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username">
</lookupUsernamePolicyRequest>

C.10 SPML Example – Add User with Role Assignment

The Request to create user (identity) is as follows:

Note:

  • There can only be one toPsoID element under a reference element. For multiple roles, individual reference element must be used.

  • The GUID must be of 32 characters for all requests.

<addRequest 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns="urn:oasis:names:tc:SPML:2:0"
    xmlns:spml="urn:oasis:names:tc:SPML:2:0" 
    executionMode="asynchronous" 
    policyURI="create_identity_policy_prc02.xml">
        <spml:data xsi:type="spml:PSOType">
           <identity
             xmlns="http://xmlns.oracle.com/idm/identity/PSO"
             xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO">
            <pso:commonName>
              <pso:values>
                <pso:value>John Doe</pso:value>
              </pso:values>
            </pso:commonName>
            <pso:displayName>
              <pso:value>John Doe</pso:value>
            </pso:displayName>
            <pso:givenName>
              <pso:value>John</pso:value>
            </pso:givenName>
            <pso:mail>
               <pso:value>john.doe@acme.com</pso:value>
            </pso:mail>
            <pso:middleName/>
            <pso:organization>
              <pso:values>
                <pso:value>ACME, Inc.</pso:value>
              </pso:values>
            </pso:organization>
             <pso:password>
              <pso:value>qwert</pso:value>
             </pso:password>
            <pso:surname>
              <pso:values>
                <pso:value>Doe</pso:value>
              </pso:values>
            </pso:surname>
            <pso:username>
               <pso:value>jdoe</pso:value>
            </pso:username>
          </identity>
        </spml:data>
        <spml:capabilityData
           capabilityURI="urn:oasis:names:tc:SPML:2:0:reference"
           mustUnderstand="true" >
           <reference xmlns="urn:oasis:names:tc:SPML:2:0:reference"
              typeOfReference="memberOf">
              <toPsoID ID="15"/>
 <!--To make the user a member of a default role-->
            </reference>       
           
 
           <reference xmlns="urn:oasis:names:tc:SPML:2:0:reference"
              typeOfReference="memberOf">
              <toPsoID ID="6C9B96E99FC8DC32E040E50A3D5252F5"/>
            </reference>       
      </spml:capabilityData>        
</addRequest>

The Response is as follows:

<spml:addResponse
    xmlns:spml="urn:oasis:names:tc:SPML:2:0"
    status="pending"
    requestID="10821"/>

The Add User with Role Assignment response sample containing partial invalid roles is as follows:

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header/>
<env:Body>
<ns3:addResponse xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO" xmlns:ns3="urn:oasis:names:tc:SPML:2:0" xmlns:ns4="urn:oasis:names:tc:SPML:2:0:suspend" xmlns:ns5="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username" xmlns:ns6="urn:oasis:names:tc:SPML:2:0:password" xmlns:ns7="urn:oasis:names:tc:SPML:2:0:reference" xmlns:ns8="urn:oasis:names:tc:SPML:2:0:async" xmlns:ns9="urn:names:spml:ws:header" status="pending" requestID="5" error="malformedRequest" extendedError="IAM-3071022">
<ns3:errorMessage>Request contains an invalid Id/Guid identifier - xyzxyzxyz.</ns3:errorMessage>
</ns3:addResponse>
</env:Body>
</env:Envelope>

C.11 SPML Example - Assign Role Membership

The Request example is as follows:

<modifyRequest
xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO"
executionMode="asynchronous"
locale="en"
policyURI="gant_role_01">
<psoID ID="identity:6C9B96E99FC8DC32E040E50A3D5252F5" />
<modification modificationMode="add">
<capabilityData
                  capabilityURI="urn:oasis:names:tc:SPML:2:0:reference"
mustUnderstand="true">
<reference
                        xmlns="urn:oasis:names:tc:SPML:2:0:reference"
typeOfReference="memberOf">
<toPsoID ID="6C9B96E99FC8DC32E040E50A3D5252F5" />
</reference>
</capabilityData>
</modification>
</modifyRequest>

The Response example is as follows:

<spml:modifyResponse
    xmlns:spml="urn:oasis:names:tc:SPML:2:0"
    status="pending"
    requestID="10822"/>

C.12 SPML Example – Revoke Role Membership

The Request is as follows:

<modifyRequest
xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO"
executionMode="asynchronous"
locale="en"
policyURI="revoke_role_01">
<psoID ID="identity:6C9B96E99FC8DC32E040E50A3D5252F5" />
<modification modificationMode="delete">
<capabilityData
                  capabilityURI="urn:oasis:names:tc:SPML:2:0:reference"
mustUnderstand="true">
<reference
                        xmlns="urn:oasis:names:tc:SPML:2:0:reference"
typeOfReference="memberOf">
<toPsoID ID="6C9B96E99FC8DC32E040E50A3D5252F5" />
</reference>
</capabilityData>
</modification>
</modifyRequest>

The Response is as follows:

<spml:modifyResponse
    xmlns:spml="urn:oasis:names:tc:SPML:2:0"
    status="pending"
    requestID="10826"/>

C.13 SPML Example - Add Role

The Request is as follows:

<addRequest xmlns="urn:oasis:names:tc:SPML:2:0" xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO" executionMode="asynchronous" locale="en_us" policyURI="Role Creation" requestID="string"  returnData="identifier" targetID="string">
    <!--Zero or more repetitions:-->
    <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference"  mustUnderstand="true" />
    <data>
        <!--You have a CHOICE of the next 3 items at this level-->
        <pso:role>
            <pso:attributes>
                <pso:attr name="Role Category Name">
                    <!-- pso:value>OIM Roles</pso:value-->
                    <pso:value>Default</pso:value>
                </pso:attr>
            </pso:attributes>
            <pso:commonName>
                <!--1 or more repetitions:-->
                <pso:values>
                    <!--1 or more repetitions:-->
                    <pso:value>TempAdmin</pso:value>
                </pso:values>
            </pso:commonName>
            <pso:description>
                <!--1 or more repetitions:-->
                <pso:values>
                    <!--1 or more repetitions:-->
                    <pso:value>Temporary Administrator</pso:value>
                </pso:values>
            </pso:description>
            <pso:displayName>
                <!--pso:value locale="en">Alice Krug_en_US</pso:value-->
                <!--pso:value locale="fr">Alice Kru_fr</pso:value-->
                <pso:value locale="base">Alice Kru_base</pso:value>
            </pso:displayName>
        </pso:role>
    </data>
</addRequest>

The Response is as follows:

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header/>
<env:Body>
<ns3:addResponse xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO" xmlns:ns3="urn:oasis:names:tc:SPML:2:0"    xmlns:ns4="urn:oasis:names:tc:SPML:2:0:suspend" xmlns:ns5="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username" xmlns:ns6="urn:oasis:names:tc:SPML:2:0:password" xmlns:ns7="urn:oasis:names:tc:SPML:2:0:reference" xmlns:ns8="urn:oasis:names:tc:SPML:2:0:async" xmlns:ns9="urn:names:spml:ws:header" status="pending" requestID="21792"/>
</env:Body>
</env:Envelope>

C.14 SPML Example - Add Role with Parent

The Request is as follows:

<addRequest xmlns="urn:oasis:names:tc:SPML:2:0"                        xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO" executionMode="asynchronous"
locale="en" policyURI="http://www.sample.com/string/string"
requestID="string" returnData="identifier" targetID="string">
    <data>
           <!--You have a CHOICE of the next 3 items at this level-->
           <pso:role>
                 <pso:commonName>
                      <!--1 or more repetitions:-->
                      <pso:values>
                           <!--1 or more repetitions:-->
                           <pso:value>TempAdmin</pso:value>
                      </pso:values>
                 </pso:commonName>
                 <pso:description>
                      <!--1 or more repetitions:-->
                      <pso:values>
                           <!--1 or more repetitions:-->
                           <pso:value>Temporary Administrator</pso:value>
                      </pso:values>
                 </pso:description>
           </pso:role>
    </data>
    <capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference" mustUnderstand="true">
           <reference typeOfReference="inheritsFrom" xmlns="urn:oasis:names:tc:SPML:2:0:reference">
                      <toPsoID ID="6C9B96E99F77DC32E040E50A3D5252F5" />
           </reference>
    </capabilityData>
</addRequest>

The Response is as follows:

<ns9:AddResponseType xmlns="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns2="urn:oasis:names:tc:SPML:2:0"
xmlns:ns3="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns5="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns6="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns7="urn:names:spml:ws:header" xmlns:ns8="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns9="oasis:names:tc:SPML:2:0" requestID="22" status="pending"/>

C.15 SPML Example - Modify Role

The Request is as follows:

<modifyRequest xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO" executionMode="asynchronous"
locale="string" policyURI="http://www.sample.com/string/string"
requestID="string" returnData="identifier">
<capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference"
mustUnderstand="true" />
<psoID ID="role:6C9B96E99FC8DC32E040E50A3D5252F5" />
<modification modificationMode="replace">
<component path="/role" namespaceURI="http://www.w3.org/TR/xpath20" />
<data>
<pso:role>
<pso:description>
<!--1 or more repetitions:-->
<pso:values>
<pso:value>UK Updated Administrator</pso:value>
</pso:values>
</pso:description>
</pso:role>
</data>
</modification>
</modifyRequest>

The Response is as follows:

<ns9:ModifyResponseType xmlns="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns2="urn:oasis:names:tc:SPML:2:0"
xmlns:ns3="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns5="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns6="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns7="urn:names:spml:ws:header" xmlns:ns8="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns9="oasis:names:tc:SPML:2:0" requestID="24" status="pending"/>

C.16 SPML Example - Add Parent to a Role

The Request is as follows:

<modifyRequest xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO" executionMode="asynchronous"
locale="string" policyURI="http://www.sample.com/string/string"
requestID="string" returnData="identifier">
 
<psoID ID="role:26" targetID="target" />
<modification modificationMode="modify">
<component path="/role" namespaceURI="http://www.w3.org/TR/xpath20" />
<data>
<pso:role>
<pso:description>
<!--1 or more repetitions:-->
<pso:values>
<!--1 or more repetitions:-->
<pso:value>UK Updated Administrator</pso:value>
</pso:values>
</pso:description>
</pso:role>
</data>
 
<capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference"
mustUnderstand="true">
<reference typeOfReference="inheritsFrom"
xmlns="urn:oasis:names:tc:SPML:2:0:reference">
<toPsoID ID="25" />
</reference>
</capabilityData>
</modification>
</modifyRequest>

The Response is as follows:

<ns9:ModifyResponseType xmlns="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns2="urn:oasis:names:tc:SPML:2:0"
xmlns:ns3="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns5="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns6="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns7="urn:names:spml:ws:header" xmlns:ns8="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns9="oasis:names:tc:SPML:2:0" requestID="25" status="pending"/>

C.17 SPML Example - Role Grant

You cannot assign a role to multiple identities by using a SPML payload. If multiple identities are given, then the latest identity only is assigned with the role. You remove either of the identity from the payload.

The Request is as follows:

<modifyRequest xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO" executionMode="asynchronous"
locale="string" policyURI="http://www.sample.com/string/string"
requestID="string" returnData="identifier">
<!--Zero or more repetitions:-->
<capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference"
mustUnderstand="true" />
<psoID ID="identity:6C9B96E99FC8DC32E040E50A3D5252F5" />
<psoID ID="identity:6C9B96E99FC8DC32E040E50A3D5252F5" />
<!--1 or more repetitions:-->
<modification modificationMode="add">
<capabilityData capabilityURI="urn:oasis:names:tc:SPML:2:0:reference"
mustUnderstand="true">
<reference xmlns="urn:oasis:names:tc:SPML:2:0:reference"
typeOfReference="memberOf">
<toPsoID ID="6C9B96E99FC8DC32E040E50A3D5252F5" />
</reference>
</capabilityData>
</modification>
</modifyRequest>

The Response is as follows:

<ns9:ResponseType xmlns="urn:oasis:names:tc:SPML:2:0"
xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns3="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns5="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns6="urn:names:spml:ws:header" 
xmlns:ns7="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns8="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns9="oasis:names:tc:SPML:2:0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="ns4:ActiveResponseType" requestID="143" status="failure"/>

C.18 SPML Example - Delete Role

The Request is as follows:

<deleteRequest xmlns="urn:oasis:names:tc:SPML:2:0"
                        xmlns:pso="http://xmlns.oracle.com/idm/identity/PSO" executionMode="asynchronous"
                        locale="en" policyURI="http://www.sample.com/string/string"
                        requestID="string" returnData="identifier" targetID="string">
                        <psoID ID="role:6C9B96E99FC8DC32E040E50A3D5252F5" />
                </deleteRequest>

The Response is as follows:

<ns9:ResponseType xmlns="http://xmlns.oracle.com/idm/identity/PSO"
xmlns:ns2="urn:oasis:names:tc:SPML:2:0"
xmlns:ns3="urn:oasis:names:tc:SPML:2:0:reference"
xmlns:ns4="urn:oasis:names:tc:SPML:2:0:password"
xmlns:ns5="urn:oasis:names:tc:SPML:2:0:suspend"
xmlns:ns6="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username"
xmlns:ns7="urn:names:spml:ws:header" xmlns:ns8="urn:oasis:names:tc:SPML:2:0:async"
xmlns:ns9="oasis:names:tc:SPML:2:0" requestID="18" status="pending"/>

C.19 SPML Example - Status Request

The Request is as follows:

<statusRequest xmlns="urn:oasis:names:tc:SPML:2:0:async" 
    requestID="3456563" 
    asyncRequestID="75779"/>

The Response is as follows:

<statusResponse xmlns="urn:oasis:names:tc:SPML:2:0:async"
    requestID="3456563" status="success">
    <addResponse requestID="75779" status="pending"/>
</statusResponse>

Another Request is as follows:

<statusRequest xmlns="urn:oasis:names:tc:SPML:2:0:async"    requestID="12" asyncRequestID="1" returnResults="true" />

Here. returnResults=true. Therefore, the response will have all the attributes of the request.

The Response is as follows:

<ns9:StatusResponseType xmlns="urn:oasis:names:tc:SPML:2:0" xmlns:ns2="urn:oasis:names:tc:SPML:2:0:async" xmlns:ns3="http://xmlns.oracle.com/idm/identity/PSO" xmlns:ns4="urn:oasis:names:tc:SPML:2:0:reference" xmlns:ns5="urn:oasis:names:tc:SPML:2:0:password" xmlns:ns6="urn:oasis:names:tc:SPML:2:0:suspend" xmlns:ns7="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username" xmlns:ns8="urn:names:spml:ws:header" xmlns:ns9="oasis:names:tc:SPML:2:0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="ns2:StatusResponseType" requestID="12" status="success">
    <ns2:addResponse requestID="14" status="success">
        <pso>
            <psoID targetID="Identity"/>
            <data>
                <ns4:Identity xmlns:ns4="oasis:names:tc:SPML:2:0" xmlns:ns2="http://xmlns.oracle.com/idm/identity/PSO" xmlns:ns3="urn:oasis:names:tc:SPML:2:0:async" xmlns:ns5="urn:oasis:names:tc:SPML:2:0:async" xmlns:ns6="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username" xmlns:ns7="urn:oasis:names:tc:SPML:2:0:suspend">
                    <ns2:attributes>
                        <ns2:attr xmlns="" xmlns:ns11="urn:oasis:names:tc:SPML:2:0" name="Organization">
                            <ns2:value>1</ns2:value>
                        </ns2:attr>
                    </ns2:attributes>
                    <ns2:activeEndDate>2009-12-25T16:00:00.000Z</ns2:activeEndDate>
                    <ns2:activeStartDate>2009-12-24T18:00:00.000Z</ns2:activeStartDate>
                    <ns2:commonName>
                        <ns2:values>
                            <ns2:value>Alice Krug</ns2:value>
                        </ns2:values>
                    </ns2:commonName>
                    <ns2:countryName>Canada</ns2:countryName>
                    <ns2:departmentNumber>
                        <ns2:value>123</ns2:value>
                    </ns2:departmentNumber>
                    <ns2:description>
                        <ns2:values>
                            <ns2:value>Alice Krugs profile</ns2:value>
                        </ns2:values>
                    </ns2:description>
                    <ns2:displayName>
                        <ns2:value>Alice Krug</ns2:value>
                    </ns2:displayName>
                    <ns2:employeeNumber>333</ns2:employeeNumber>
                    <ns2:employeeType>
                        <ns2:values>
                            <ns2:value>Full-Time</ns2:value>
                        </ns2:values>
                    </ns2:employeeType>
                    <ns2:facsimileTelephoneNumber>
                        <ns2:number>6506072253</ns2:number>
                    </ns2:facsimileTelephoneNumber>
                    <ns2:generationQualifier>
                        <ns2:value>II</ns2:value>
                    </ns2:generationQualifier>
                    <ns2:givenName>
                        <ns2:value>Alice</ns2:value>
                    </ns2:givenName>
                    <ns2:hireDate>1999-12-24T16:00:00.000Z</ns2:hireDate>
                    <ns2:homePhone>
                        <ns2:number>8888888888</ns2:number>
                    </ns2:homePhone>
                    <ns2:homePostalAddress>
                        <ns2:value>Baker street</ns2:value>
                    </ns2:homePostalAddress>
                    <ns2:initials>
                        <ns2:value>J S</ns2:value>
                    </ns2:initials>
                    <ns2:localityName>
                        <ns2:value>SFO</ns2:value>
                    </ns2:localityName>
                    <ns2:middleName>A</ns2:middleName>
                    <ns2:mobile>
                        <ns2:number>4083485309</ns2:number>
                    </ns2:mobile>
                    <ns2:organization>
                        <ns2:values>
                            <ns2:value>1</ns2:value>
                        </ns2:values>
                    </ns2:organization>
                    <ns2:organizationUnit>
                        <ns2:values>
                            <ns2:value>Sales</ns2:value>
                        </ns2:values>
                    </ns2:organizationUnit>
                    <ns2:pager>
                        <ns2:number>333</ns2:number>
                    </ns2:pager>
                    <ns2:postalAddress>
                        <ns2:value>Baker street 222</ns2:value>
                    </ns2:postalAddress>
                    <ns2:postalCode>
                        <ns2:value>4081</ns2:value>
                    </ns2:postalCode>
                    <ns2:postOfficeBox>
                        <ns2:value>333n</ns2:value>
                    </ns2:postOfficeBox>
                    <ns2:preferredLanguage>en</ns2:preferredLanguage>
                    <ns2:state>
                        <ns2:value>CA</ns2:value>
                    </ns2:state>
                    <ns2:street>
                        <ns2:value>Baker</ns2:value>
                    </ns2:street>
                    <ns2:surname>
                        <ns2:values>
                            <ns2:value>Krug</ns2:value>
                        </ns2:values>
                    </ns2:surname>
                    <ns2:telephoneNumber>
                        <ns2:number>6506072253</ns2:number>
                    </ns2:telephoneNumber>
                    <ns2:title>
                        <ns2:values>
                            <ns2:value>Mr</ns2:value>
                        </ns2:values>
                    </ns2:title>
                    <ns2:username>
                        <ns2:value>akrug3478</ns2:value>
                    </ns2:username>
                    <ns2:userType>End-User</ns2:userType>
                </ns4:Identity>
            </data>
        </pso>
    </ns2:addResponse>
</ns9:StatusResponseType>