Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.iam.provisioning.api
Interface ProvisioningService

public interface ProvisioningService

Method Summary
 void changeAccountPassword(long accountId, char[] newPassword)
          This API should be called when user wants to change the password for his account.
 void changeAccountType(long accountId, Account.ACCOUNT_TYPE accountType)
          This API should be called when user wants to change the account type of the account.
 void disable(long accountId)
          Disables an account provisioned to a user.
 void enable(long accountId)
          Enables an existing account provisioned to a user.
 Account getAccountDetails(long accountId)
          Returns a Account value object which contains detailed information about the account corresponding to the specified account ID.
 java.util.List getAccountDetails(long[] accountIds)
          This API method returns a list of Account value object given the accountIds.The account object contains detailed information about the account corresponding to the specified account ID.
 java.util.List getAccountsProvisionedToUser(java.lang.String userId)
          This API method returns a list of all the accounts provisioned to the user.
 java.util.List getAccountsProvisionedToUser(java.lang.String userId, boolean populateAccountData)
          This API method returns a list of all the accounts provisioned to the user
 java.util.List getAccountsProvisionedToUser(java.lang.String userId, SearchCriteria criteria, java.util.HashMap configParams, boolean populateAccountData)
          Returns a list of all the accounts provisioned to the user
 EntitlementInstance getEntitlementInstance(long entitlementInstanceKey)
          This API method returns an entitlement instance provisioned to the user corresponding to the entitlement key
 java.util.List getEntitlementInstances(long[] entitlementInstanceKeys)
          Returns a list of entitlement instances provisioned to the user corresponding to the entitlement instances keys
 java.util.List getEntitlementsForUser(java.lang.String userId)
          Returns a list of all the entitlements provisioned to the user
 java.util.List getEntitlementsForUser(java.lang.String userId, SearchCriteria criteria, java.util.HashMap configParams)
          Searches for entitlement instances provisioned to a user matching the specified SearchCriteria
 Account getMinimalAccountDetails(long accountId)
          This API method returns an Account value object corresponding to the specified account ID.
 java.util.List getPasswordResettableAccountsForUser(java.lang.String userID)
          Returns a list of accounts provisioned to the user for which password can be reset.
 java.util.List getUserAccountDetailsInApplicationInstance(java.lang.String userId, long appInstanceKey)
          Checks if the user has an account in the specified application instance.
 void grantEntitlement(long accountId, Entitlement entitlement)
          Grants the specified Entitlement to the specified account
 void grantEntitlements(long accountId, java.util.List entitlements)
          Grants the specified Entitlements to the specified account
 boolean isApplicationInstanceProvisionedToUser(java.lang.String userId, ApplicationInstance appInstance)
          Returns a boolean indicating whether the specified user has an account in the specified application instance.
 boolean isEntitlementProvisionedToUser(java.lang.String userId, Entitlement entitlement)
          Returns a boolean indicating whether the specified user has been granted the specific entitlement.
 void modify(Account account)
          Modifies an existing provisioned account.
 Account prepopulateAccountData(java.lang.String userId, ApplicationInstance appInstance)
          This API should be called before invoking the provision API.
 long provision(java.lang.String userId, Account account)
          This API provisions an account to a user.
 void revoke(long accountId)
          Revokes an account provisioned to a user.
 void revokeEntitlement(EntitlementInstance entitlementInstance)
          Revokes the specified entitlement from the specified accounts
 void revokeEntitlements(java.util.List entitlementInstances)
          Revokes the specified entitlement from the specified accounts
 void updateEntitlement(EntitlementInstance entitlementInstance)
          Updates the attributes of the specified entitlement instance
 void updateEntitlements(java.util.List entitlementInstances)
          Updates the attributes of the specified entitlement instances

 

Method Detail

provision

long provision(java.lang.String userId,
               Account account)
               throws UserNotFoundException,
                      ApplicationInstanceNotFoundException,
                      AccessDeniedException,
                      GenericProvisioningException
This API provisions an account to a user.
Parameters:
userId - The target user to whom the account will be provisioned.
accountvo - Contains information regarding the account profile of the user. This value object will have information regarding the application instance used during provisioning.
Returns:
The accountId of the account created.
Throws:
UserNotFoundException - thrown if the target user does not exist in the system
ApplicationInstanceNotFoundException - thrown if the application instance contained in the value object does not exist in the system.
AccessDeniedException - thrown if there are authorization failures while provisioning the account to the target user
GenericProvisioningException - thrown if any other error, connector failures occur.
Since:
11.1.2.0.0

enable

void enable(long accountId)
            throws AccountNotFoundException,
                   ImproperAccountStateException,
                   AccessDeniedException,
                   GenericProvisioningException
Enables an existing account provisioned to a user. The account should be in disabled state.
Parameters:
accountId - The accountId of the account under consideration
Throws:
AccountNotFoundException - thrown when the account with the specified accountId does not exist.
AccessDeniedException - thrown if there are authorization failures while performing enable operation on the account
GenericProvisioningException - thrown if any other error, connector failures occur.
ImproperAccountStateException - thrown if the account is not in disabled state when the enable operation is attempted
Since:
11.1.2.0.0

disable

void disable(long accountId)
             throws AccountNotFoundException,
                    ImproperAccountStateException,
                    AccessDeniedException,
                    GenericProvisioningException
Disables an account provisioned to a user. The account should be in enabled or provisioned state.
Parameters:
accountId - The accountId of the account under consideration
Throws:
AccountNotFoundException - thrown when the account with the specified accountId does not exist.
AccessDeniedException - thrown if there are authorization failures while performing enable operation on the account
GenericProvisioningException - thrown if any other error, connector failures occur.
ImproperAccountStateException - thrown if the account is not in provisioned/enabled state when the enable operation is attempted
Since:
11.1.2.0.0

modify

void modify(Account account)
            throws AccountNotFoundException,
                   AccessDeniedException,
                   GenericProvisioningException
Modifies an existing provisioned account. The Account object should contain the new account profile.
Parameters:
account -
Throws:
AccountNotFoundException - thrown when the account with the specified accountId does not exist.
AccessDeniedException - thrown if there are authorization failures while performing enable operation on the account
GenericProvisioningException - thrown if any other error, connector failures occur.
Since:
11.1.2.0.0

revoke

void revoke(long accountId)
            throws AccountNotFoundException,
                   AccessDeniedException,
                   GenericProvisioningException
Revokes an account provisioned to a user. The account should be in provisioned, enabled or disabled state state.
Parameters:
accountId - The accountId of the account under consideration
Throws:
AccessDeniedException - thrown if there are authorization failures while performing revoke operation on the account
GenericProvisioningException - thrown if any other error, connector failures occur.
ImproperAccountStateException - thrown if the account is already revoked
AccountNotFoundException
Since:
11.1.2.0.0

grantEntitlement

void grantEntitlement(long accountId,
                      Entitlement entitlement)
                      throws AccountNotFoundException,
                             EntitlementNotFoundException,
                             EntitlementAlreadyProvisionedException,
                             AccessDeniedException,
                             ImproperAccountStateException,
                             GenericProvisioningException
Grants the specified Entitlement to the specified account
Parameters:
accountId - the accountId of the account to which the entitlements should be granted
entitlement - the entitlement which should be granted to the account
Throws:
AccountNotFoundException - if the account with the specified accountId does not exist.
GenericProvisioningException - if any other errors occur
EntitlementNotFoundException - if the entitlement definition does not exist
EntitlementAlreadyProvisionedException - if the entitlement has already provisioned to the specified account
ImproperAccountStateException - if the account is already revoked
AccessDeniedException
Since:
11.1.2.0.0

revokeEntitlement

void revokeEntitlement(EntitlementInstance entitlementInstance)
                       throws AccountNotFoundException,
                              EntitlementNotProvisionedException,
                              AccessDeniedException,
                              GenericProvisioningException
Revokes the specified entitlement from the specified accounts
Parameters:
entitlementInstance - the entitlement that needs to be revoked
Throws:
AccountNotFoundException - if the specified accountId is not found
AccessDeniedException - if there are authorization failures while performing the entitlement revoke
GenericProvisioningException - if any other errors occur
EntitlementNotProvisionedException
Since:
11.1.2.0.0

updateEntitlement

void updateEntitlement(EntitlementInstance entitlementInstance)
                       throws AccountNotFoundException,
                              EntitlementNotFoundException,
                              AccessDeniedException,
                              GenericProvisioningException
Updates the attributes of the specified entitlement instance
Parameters:
entitlementInstance - the modified entitlement instance
Throws:
AccountNotFoundException - if the specified accountId is not found
EntitlementNotFoundException - if the specified entitlement instance is not found in the system
AccessDeniedException - if there are authorization failures while performing the entitlement update
GenericProvisioningException - if any other errors occur while performing entitlement update
Since:
11.1.2.0.0

grantEntitlements

void grantEntitlements(long accountId,
                       java.util.List entitlements)
                       throws BulkProvisioningException
Grants the specified Entitlements to the specified account
Parameters:
accountId - the accountId of the account to which the entitlements should be granted
entitlements - the list of entitlements that need to be granted to the account
Throws:
AccessDeniedException - if there are authorization failures while performing the entitlement grant
BulkProvisioningException - if errors occur during bulk operations
Since:
11.1.2.0.0

revokeEntitlements

void revokeEntitlements(java.util.List entitlementInstances)
                        throws BulkProvisioningException
Revokes the specified entitlement from the specified accounts
Parameters:
entitlementInstances - the list of entitlement instances that need to be revoked
Throws:
AccessDeniedException - if there are authorization failures while performing the entitlement revoke
BulkProvisioningException - if errors occur during bulk operations
Since:
11.1.2.0.0

updateEntitlements

void updateEntitlements(java.util.List entitlementInstances)
                        throws BulkProvisioningException
Updates the attributes of the specified entitlement instances
Parameters:
entitlementInstances - the list of modified entitlement instances
Throws:
AccessDeniedException - if there are authorization failures while performing the entitlement update
BulkProvisioningException - if errors occur during bulk operations
Since:
11.1.2.0.0

getAccountsProvisionedToUser

java.util.List getAccountsProvisionedToUser(java.lang.String userId)
                                            throws UserNotFoundException,
                                                   GenericProvisioningException
This API method returns a list of all the accounts provisioned to the user. By default this method will not return the AccountData in the AccountVO. To get the account data use getAccountsProvisionedToUser(String userId, boolean populateAccountData)
Parameters:
userId -
Returns:
A List of Account objects, which contains details about the application instance, the account profile and the entitlements corresponding to the accounts
Throws:
UserNotFoundException
GenericProvisioningException
Since:
11.1.2.0.0

getAccountsProvisionedToUser

java.util.List getAccountsProvisionedToUser(java.lang.String userId,
                                            SearchCriteria criteria,
                                            java.util.HashMap configParams,
                                            boolean populateAccountData)
                                            throws UserNotFoundException,
                                                   GenericProvisioningException
Returns a list of all the accounts provisioned to the user
Parameters:
userId -
criteria - The search criteria based on which entries will be retrieved from the backend. The SearchCriteria Operators supported are AND, OR, NOT, GREATER_THAN, GREATER_EQUAL, LESS_THAN, LESS_EQUAL, EQUAL and NOT_EQUAL. For additional comparisons like contains the SearchCriteria Operator will be EQUAL with value to be searched will be '*<value>*'

The following is a list of attributes supported: ProvisioningConstants.AppInstanceSearchAttribute.DISPLAY_NAME.getId() ProvisioningConstants.AppInstanceSearchAttribute.OBJ_NAME.getId() ProvisioningConstants.AppInstanceSearchAttribute.ACCOUNT_STATUS.getId()

configParams - Parameters to further configure the search operation. There are four configuration parameters. STARTROW, ENDROW, SORTEDBY and SORTORDER.

The STARTROW and ENDROW search configuration parameters indicates which subset of the complete search result is to be fetched. These parameters are mandatory.

The SORTEDBY search configuration parameter indicates the attribute on which search result is to be sorted. This parameter is optional

The SORTORDER search configuration parameter indicates the order of sorting. There are two possible values for this parameter. To sort the result in ascending order use SortOrder.ASCENDING and to sort the result in descending order use SortOrder.DESCENDING.

The following is a list of attributes supported: ProvisioningConstants.AppInstanceSearchAttribute.DISPLAY_NAME.getId() ProvisioningConstants.AppInstanceSearchAttribute.OBJ_NAME.getId() ProvisioningConstants.AppInstanceSearchAttribute.ACCOUNT_STATUS.getId() ProvisioningConstants.AppInstanceSearchAttribute.PROVISIONED_ON.getId()

populateAccountData - A boolean to indicate whether account data should be populated in the returned list of Account VO. If set to false, account data will not be populated.
Returns:
A List of Account objects, which contains details about the application instance, the account profile and the entitlements corresponding to the accounts
Throws:
UserNotFoundException
GenericProvisioningException
Since:
11.1.2.0.0

getAccountsProvisionedToUser

java.util.List getAccountsProvisionedToUser(java.lang.String userId,
                                            boolean populateAccountData)
                                            throws UserNotFoundException,
                                                   GenericProvisioningException
This API method returns a list of all the accounts provisioned to the user
Parameters:
userId - The target user for whom the list of account is returned.
populateAccountData - boolean to indicate if account data should be populated in the returned Account VO. If set to false, account data will not be populated.
Returns:
A List of Account objects, which contains details about the application instance, the account profile and the entitlements corresponding to the accounts. Logged in user can have permission to view few accounts (i.e ApplicationInstance) out of the specified list. Only those accounts are returned in the list.
Throws:
UserNotFoundException - if the target user does not exist (i.e deleted) in the system.
GenericProvisioningException - if any other errors occur while fetching the accounts provisioned to user. This API does not throw AccessDeniedException since this is a bulk operation.
Since:
11.1.2.0.0
See Also:
Account, AccountData, ApplicationInstance, EntitlementInstance

getEntitlementInstance

EntitlementInstance getEntitlementInstance(long entitlementInstanceKey)
                                           throws AccessDeniedException,
                                                  EntitlementInstanceNotFoundException,
                                                  GenericProvisioningException
This API method returns an entitlement instance provisioned to the user corresponding to the entitlement key
Parameters:
userId -
Returns:
An EntitlementInstance object which contains details about entitlements provisioned to the user.
Throws:
AccessDeniedException
EntitlementInstanceNotFoundException
GenericProvisioningException
Since:
11.1.2.0.0

getEntitlementInstances

java.util.List getEntitlementInstances(long[] entitlementInstanceKeys)
                                       throws GenericProvisioningException
Returns a list of entitlement instances provisioned to the user corresponding to the entitlement instances keys
Parameters:
userId -
Returns:
A list of EntitlementInstance objects which contains details about entitlements provisioned to the user.
Throws:
GenericProvisioningException
Since:
11.1.2.0.0

getEntitlementsForUser

java.util.List getEntitlementsForUser(java.lang.String userId)
                                      throws UserNotFoundException,
                                             GenericProvisioningException
Returns a list of all the entitlements provisioned to the user
Parameters:
userId -
Returns:
A List of EntitlementInstance objects, which contains details about entitlements provisioned to the user.
Throws:
UserNotFoundException
GenericProvisioningException
Since:
11.1.2.0.0

getEntitlementsForUser

java.util.List getEntitlementsForUser(java.lang.String userId,
                                      SearchCriteria criteria,
                                      java.util.HashMap configParams)
                                      throws UserNotFoundException,
                                             GenericProvisioningException
Searches for entitlement instances provisioned to a user matching the specified SearchCriteria
Parameters:
userId - The usr_key of target user
criteria - The search criteria based on which entries will be retrieved from the backend. The SearchCriteria Operators supported are AND, OR, NOT, GREATER_THAN, GREATER_EQUAL, LESS_THAN, LESS_EQUAL, EQUAL and NOT_EQUAL. For additional comparisons like contains the SearchCriteria Operator will be EQUAL with value to be searched will be '*<value>*'

The following is a list of search attributes supported: ProvisioningConstants.EntitlementSearchAttribute.ENTITLEMENT_DISPLAYNAME.getId()

configParams - Parameters to further configure the search operation. There are four configuration parameters. STARTROW, ENDROW, SORTEDBY and SORTORDER.

The STARTROW and ENDROW search configuration parameters indicates which subset of the complete search result is to be fetched. These parameters are mandatory.

The SORTEDBY search configuration parameter indicates the attribute on which search result is to be sorted. This parameter is optional

The SORTORDER search configuration parameter indicates the order of sorting. There are two possible values for this parameter. To sort the result in ascending order use SortOrder.ASCENDING and to sort the result in descending order use SortOrder.DESCENDING.

The following is a list of search attributes supported: ProvisioningConstants.EntitlementSearchAttribute.ENTITLEMENT_DISPLAYNAME.getId()

Returns:
A List of EntitlementInstance objects, which contains details about entitlements provisioned to the user.
Throws:
UserNotFoundException
GenericProvisioningException
Since:
11.1.2.0.0

isApplicationInstanceProvisionedToUser

boolean isApplicationInstanceProvisionedToUser(java.lang.String userId,
                                               ApplicationInstance appInstance)
                                               throws UserNotFoundException,
                                                      ApplicationInstanceNotFoundException,
                                                      GenericProvisioningException,
                                                      AccessDeniedException
Returns a boolean indicating whether the specified user has an account in the specified application instance.
Parameters:
userId -
appInstance -
Returns:
true if the user has an account in the application instance in Provisioned/Enabled/Disabled state. false otherwise.
Throws:
UserNotFoundException - thrown if a user with the specified userId is not found in the system
ApplicationInstanceNotFoundException - thrown if the specified Application instance is not found in the system.
GenericProvisioningException
AccessDeniedException
Since:
11.1.2.0.0

isEntitlementProvisionedToUser

boolean isEntitlementProvisionedToUser(java.lang.String userId,
                                       Entitlement entitlement)
                                       throws UserNotFoundException,
                                              EntitlementNotFoundException,
                                              GenericProvisioningException,
                                              AccessDeniedException
Returns a boolean indicating whether the specified user has been granted the specific entitlement.
Parameters:
userId -
entitlement -
Returns:
true if the user has an been granted the specified entitlement. false otherwise.
Throws:
UserNotFoundException - thrown if a user with the specified userId is not found in the system
EntitlementNotFoundException - thrown if the specified Entitlement is not found in the system.
GenericProvisioningException
AccessDeniedException
Since:
11.1.2.0.0

getAccountDetails

Account getAccountDetails(long accountId)
                          throws AccountNotFoundException,
                                 AccessDeniedException,
                                 GenericProvisioningException
Returns a Account value object which contains detailed information about the account corresponding to the specified account ID. The value object will contain information regarding the application instance, the account profile and all the entitlements corresponding to the accounts.
Parameters:
accountId -
Returns:
An Account value object.
Throws:
AccountNotFoundException - thrown if no account is found corresponding to the specified accountId.
AccessDeniedException - thrown if there are authorization failures
GenericProvisioningException
Since:
11.1.2.0.0

getMinimalAccountDetails

Account getMinimalAccountDetails(long accountId)
                                 throws AccountNotFoundException,
                                        AccessDeniedException,
                                        GenericProvisioningException
This API method returns an Account value object corresponding to the specified account ID. The AccountVO will not return the AccountData if this API is called. To retrieve the account data use getAccountDetails(long accountId)
Parameters:
accountId - The account id of account whose details to be fetched.
Returns:
An Account value object.
Throws:
AccountNotFoundException - if no account is found corresponding to the specified accountId.
AccessDeniedException - if there is any authorization failure fetching account details. To avoid this exception, the logged in user should at least have ApplicationInstance Viewer Admin Role on Organization to which this ApplicationInstance is published to. If default permissions to admin roles are changed, then make sure user's admin role should have permission to view ApplicationInstance.
GenericProvisioningException - if any other errors occur while fetching account details.
Since:
11.1.2.0.0

getAccountDetails

java.util.List getAccountDetails(long[] accountIds)
                                 throws GenericProvisioningException
This API method returns a list of Account value object given the accountIds.The account object contains detailed information about the account corresponding to the specified account ID.
Parameters:
accountId -
Returns:
A list of Account value objects which have passed the authorization check. If an account is not found for a specified accountId, those accounts are also not returned in the list.
Throws:
GenericProvisioningException
Since:
11.1.2.0.0

getUserAccountDetailsInApplicationInstance

java.util.List getUserAccountDetailsInApplicationInstance(java.lang.String userId,
                                                          long appInstanceKey)
                                                          throws UserNotFoundException,
                                                                 ApplicationInstanceNotFoundException,
                                                                 AccessDeniedException,
                                                                 GenericProvisioningException
Checks if the user has an account in the specified application instance. If an account is found, this API will return a List of Account provisioned to the specified userId. The value object will contain information regarding the application instance, the account profile and all the entitlements corresponding to the accounts.
Parameters:
userId -
appInstanceKey -
Returns:
List of Account value object - User can have multiple accounts in application instance and hence the list of Account
Throws:
UserNotFoundException - thrown if no user is found in the system.
ApplicationInstanceNotFoundException - thrown if the specified Application instance is not found in the system.
AccessDeniedException - thrown if there are authorization failures
GenericProvisioningException
Since:
11.1.2.0.0

prepopulateAccountData

Account prepopulateAccountData(java.lang.String userId,
                               ApplicationInstance appInstance)
                               throws UserNotFoundException,
                                      ApplicationInstanceNotFoundException,
                                      AccessDeniedException,
                                      GenericProvisioningException
This API should be called before invoking the provision API. Once a decision has been made to provision a user an account in an application instance, the caller can choose to specify the entire account data, or he can invoke this API, which will return an Account value object, with account data pre-filled based on default and pre-populate rules specified in the system.
Parameters:
userId -
appInstance -
Returns:
Throws:
UserNotFoundException - thrown if a user with the specified userId is not found in the system
ApplicationInstanceNotFoundException - thrown if the specified Application instance is not found in the system.
AccessDeniedException - thrown if there are authorization failures
GenericProvisioningException
Since:
11.1.2.0.0

changeAccountPassword

void changeAccountPassword(long accountId,
                           char[] newPassword)
                           throws AccessDeniedException,
                                  AccountNotFoundException,
                                  GenericProvisioningException
This API should be called when user wants to change the password for his account.
Parameters:
accountId - - This is OIU_KEY for the account
newPassword - - Character array containing new password
Throws:
AccountNotFoundException - thrown if no account is found corresponding to the specified accountId.
AccessDeniedException - thrown if there are authorization failures
GenericProvisioningException - thrown if any error in db, connector failures occur.
Since:
11.1.2.0.0

getPasswordResettableAccountsForUser

java.util.List getPasswordResettableAccountsForUser(java.lang.String userID)
                                                    throws UserNotFoundException,
                                                           GenericProvisioningException
Returns a list of accounts provisioned to the user for which password can be reset. That is, it returns only those accounts that have password field in process form.
Parameters:
userId -
Returns:
A List of Account objects, which contains details about the application instance, the account profile and the entitlements corresponding to the accounts
Throws:
UserNotFoundException
GenericProvisioningException
Since:
11.1.2.0.0

changeAccountType

void changeAccountType(long accountId,
                       Account.ACCOUNT_TYPE accountType)
                       throws AccessDeniedException,
                              AccountNotFoundException,
                              GenericProvisioningException
This API should be called when user wants to change the account type of the account.
Parameters:
accountId - - This is OIU_KEY for the account
accountType - - The values can be Account.ACCOUNT_TYPE.Primary, Account.ACCOUNT_TYPE.Secondery, Account.ACCOUNT_TYPE.Admin, Account.ACCOUNT_TYPE.Other, Account.ACCOUNT_TYPE.ServiceAccount An account can not change from Primary to any other type However, any other type can be changed into primary account.
Throws:
AccountNotFoundException - thrown if no account is found corresponding to the specified accountId.
AccessDeniedException - thrown if there are authorization failures
GenericProvisioningException - thrown if any error in db, connector failures occur.
Since:
11.1.2.0.0

Skip navigation links

Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2014, Oracle and/or its affiliates. All rights reserved.