Skip navigation links

Interface UserManager

public interface UserManager

The UserManager API exposes the methods to manage a user. To manage a user, it provides functionality to create, modify, enable, disable, delete, lock and unlock the user. It also provides the support for bulk modify, enable, disable, delete, lock and unlock user operations. Apart from basic user operations, there are proxy related operations to get user's proxy details and assign, remove and update the proxy of a user.

Method Summary
 long addProxyForUser(java.lang.String userID, long proxyUserKey, java.util.Date startDate, java.util.Date endDate, boolean isUserLogin)
 java.lang.String addProxyForUser(java.lang.String userID, java.lang.String proxyUserID, java.util.Date startDate, java.util.Date endDate, boolean isUserLogin)
          Adds/Sets proxy for user in OIM.
 void changePassword(java.lang.String userID, char[] password, boolean isUserLogin)
          Deprecated. This API does not support option for email notification. The preferred way to do this is via UserManager.changePassword(String, char[], boolean, boolean)
 void changePassword(java.lang.String userID, char[] password, boolean isUserLogin, boolean sendNotification)
          Changes the user's password.
 void changePassword(java.lang.String userID, char[] password, boolean isUserLogin, java.util.Locale locale, boolean setPasswordResetFlag)
          Deprecated. This API does not support option for email notification. The preferred way to do this is via UserManager.changePassword(String, char[], boolean, Locale, boolean, boolean)
 void changePassword(java.lang.String userID, char[] password, boolean isUserLogin, java.util.Locale locale, boolean setPasswordResetFlag, boolean sendNotification)
          Changes the user's password.
 void changePassword(java.lang.String attributeName, java.lang.Object attributeValue, char[] password)
          Deprecated. This API does not support option for email notification. The preferred way to do this is via UserManager.changePassword(String, Object, char[], boolean)
 void changePassword(java.lang.String attributeName, java.lang.Object attributeValue, char[] password, boolean sendNotification)
          Changes the user's password.
 UserManagerResult create(User user)
          This method creates a user in the backend data store
 UserManagerResult delete(java.util.ArrayList userIDs, boolean isUserLogin)
          Bulk delete operation.
 UserManagerResult delete(java.lang.String userID, boolean isUserLogin)
          Marks the user as deleted.
 UserManagerResult delete(java.lang.String attributeName, java.lang.Object attributeValue)
          Marks the user matching the specified search criteria as deleted.
 UserManagerResult disable(java.util.ArrayList userIDs, boolean isUserLogin)
          Bulk disable operation.
 UserManagerResult disable(java.lang.String userID, boolean isUserLogin)
          Disables the user account.
 UserManagerResult disable(java.lang.String attributeName, java.lang.Object attributeValue)
          Disables the user account matching the search criteria.
 UserManagerResult enable(java.util.ArrayList userIDs, boolean isUserLogin)
          Bulk enable operation.
 UserManagerResult enable(java.lang.String userID, boolean isUserLogin)
          Enables the user account.
 UserManagerResult enable(java.lang.String attributeName, java.lang.Object attributeValue)
          Enables the user account matching the search criteria.
 java.lang.String generateUserName(java.util.Map attrMap)
          Suggest a username based on OIM's default username policy.
 java.lang.String generateUserName(java.lang.String policyID, java.util.Map attrMap)
          Suggest a username based on the given username policy.
 java.lang.String generateUserNameFromDefaultPolicy(java.util.Map attrMap)
          Suggest a username based on OIM's default username policy.
 java.lang.String generateUserNameFromPolicy(java.lang.String policyId, java.util.Map attrMap)
          Suggest a username based on the given username policy.
 java.util.List getAllProxies(java.lang.String userID, boolean isUserLogin)
          Gets a list of the all the proxy for the given user
 java.util.List getAllUserNamePolicies(java.util.Locale locale)
          Gives the details of all the username policies configured in OIM.
 java.util.List getCurrentProxies(java.lang.String userID, boolean isUserLogin)
          Returns the current proxy details of the specified user
 User getDetails(java.lang.String attributeName, java.lang.Object attributeValue, java.util.Set retAttrs)
          Returns the profile details of the specified user.
 User getDetails(java.lang.String userID, java.util.Set retAttrs, boolean isUserLogin)
          Returns the profile details of the specified user.
 User getDetails(java.lang.String userID, java.util.Set retAttrs, boolean isUserLogin, OperationContext opContext)
          Returns the profile details of the specified user.
 java.util.List getPastProxies(java.lang.String userID, boolean isUserLogin)
          Returns the past proxy details of the specified user
 java.lang.String getPolicyDescription(java.lang.String policyID, java.util.Locale locale)
          Gives the details of the username policy configured in OIM with the given ID
 boolean isUserNameValid(java.lang.String userName, java.util.Map attrMap)
          Check the validity of the given username based on default policy.
 boolean isUserNameValid(java.lang.String userName, java.lang.String policyID, java.util.Map attrMap)
          Check the validity of the given username based on given policy.
 boolean isUserNameValidForDefaultPolicy(java.lang.String userName, java.util.Map attrMap)
          Check the validity of the given username based on default policy.
 boolean isUserNameValidForPolicy(java.lang.String userName, java.lang.String policyId, java.util.Map attrMap)
          Check the validity of the given username based on given policy.
 UserManagerResult lock(java.util.ArrayList userIDs, boolean manualFlag, boolean isUserLogin)
          Bulk lock operation.
 UserManagerResult lock(java.lang.String userID, boolean manualFlag, boolean isUserLogin)
          Locks the OIM user account, provided the user has an OIM account provisioned.
 UserManagerResult lock(java.lang.String attributeName, java.lang.Object attributeValue, boolean manualFlag)
          Locks the OIM user account matching the search criteria, provided the user has an OIM account provisioned.
 UserManagerResult modify(java.util.ArrayList userIDs, java.util.HashMap args, boolean isUserLogin)
          Modifies users in bulk.
 UserManagerResult modify(java.lang.String attributeName, java.lang.Object attributeValue, User user)
          This method updates an existing user, matching the specified search criteria, with the values specified.
 UserManagerResult modify(User user)
          This method updates the 'user' with the values in the passed VO.
 void removeAllProxiesForUser(java.lang.String userID, boolean isUserLogin)
          Removes all proxies for user.
 void removeProxy(java.lang.String userID, long proxyKey, boolean isUserLogin)
 void removeProxy(java.lang.String userID, long proxyKey, java.util.Map attrMap, boolean isUserLogin)
          Deprecated. Please use removeProxy(String userID, long proxyKey, boolean isUserLogin) instead
 void removeProxy(java.lang.String userID, java.lang.String proxyID, boolean isUserLogin)
          Removes a single proxy (identified by ID proxyID) for the given user (identified by userID).
 void resetPassword(java.lang.String userID, boolean isUserLogin)
          Resets the password of an user to a randomly generated password.
 void resetPassword(java.lang.String userID, boolean isUserLogin, boolean sendNotification)
          Resets the password of an user to a randomly generated password.
 java.util.List search(SearchCriteria criteria, java.util.Set retAttrs, java.util.HashMap configParams)
          Searches for users matching the specified SearchCriteria.
 UserManagerResult unlock(java.util.ArrayList userIDs, boolean isUserLogin)
          Bulk unlock operation.
 UserManagerResult unlock(java.lang.String userID, boolean isUserLogin)
          Unlocks the OIM user account, provided the user has an OIM account, and it is locked.
 UserManagerResult unlock(java.lang.String attributeName, java.lang.Object attributeValue)
          Unlocks the OIM user account matching the search criteria, provided the user has an OIM account, and it is locked.
 void updateProxyForUser(long pxdKey, java.util.Map attribute)
 void updateProxyForUser(java.lang.String proxyID, java.util.Map attribute)
          Updates the proxy with ID proxyID Only proxy user, start date and/or end date can be modified for the given proxy.


Method Detail


UserManagerResult create(User user)
                         throws ValidationFailedException,
This method creates a user in the backend data store
user - This VO contains the attributes for the user to be created
UserManagerResult containing the entity id of the user created in DB.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserAlreadyExistsException - if the login id of the user is not available.
UserCreateException - if the orchestration fails for create operation.


UserManagerResult modify(java.lang.String attributeName,
                         java.lang.Object attributeValue,
                         User user)
                         throws ValidationFailedException,
This method updates an existing user, matching the specified search criteria, with the values specified.
attributeName - - The attribute name for the search criteria.
attributeValue - - The attribute value for the search criteria.
user - The attributes and values to update the user with.
UserManagerResult containing the entity id of the modified user.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserModifyException - if the orchestration fails for modify operation.
NoSuchUserException - if the user is not found.
SearchKeyNotUniqueException - if there is more than one user matching the search criteria.


UserManagerResult modify(User user)
                         throws ValidationFailedException,
This method updates the 'user' with the values in the passed VO.
user - The User VO containing the details of the user to be updated
UserManagerResult containing the entity id of the modified user.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserModifyException - if the orchestration fails for modify operation.
NoSuchUserException - if the user with given key is not found.


UserManagerResult modify(java.util.ArrayList userIDs,
                         java.util.HashMap args,
                         boolean isUserLogin)
                         throws ValidationFailedException,
Modifies users in bulk. The profile of all users whose key is in userIDs list are updated with value of all bulk modifiable attribute specified in the map.
userIDs - The ids of the users whose profiles are to be updated. The isUserLogin flag will decide what does userID contains.
args - The common set of attributes and values to update the users with.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserModifyException - if the orchestration fails for modify operation.
NoSuchUserException - if the user with given key is not found.


UserManagerResult delete(java.lang.String userID,
                         boolean isUserLogin)
                         throws ValidationFailedException,
Marks the user as deleted. This is a soft delete operation and will not remove the user from the data store.
userID - The id of the user to be marked for deletion. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
UserManagerResult containing the entity id of the deleted user.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserDeleteException - if the orchestration fails for delete operation.
NoSuchUserException - if the user with given key is not found.


UserManagerResult delete(java.lang.String attributeName,
                         java.lang.Object attributeValue)
                         throws ValidationFailedException,
Marks the user matching the specified search criteria as deleted. This is a soft delete operation and will not remove the user from the data store.
attributeName - - The attribute name for the search criteria.
attributeValue - - The attribute value for the search criteria.
UserManagerResult containing the entity id of the deleted user.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserDeleteException - if the orchestration fails for delete operation.
NoSuchUserException - if the user with given key is not found.
SearchKeyNotUniqueException - if there is more than one user of the search criteria.


UserManagerResult delete(java.util.ArrayList userIDs,
                         boolean isUserLogin)
                         throws ValidationFailedException,
Bulk delete operation. It will mark all specified users as deleted.
userIDs - The ids of the user to be marked for deletion. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserDeleteException - if the orchestration fails for delete operation.
NoSuchUserException - if the user with given key is not found.


User getDetails(java.lang.String userID,
                java.util.Set retAttrs,
                boolean isUserLogin)
                throws oracle.iam.platform.authz.exception.AccessDeniedException,
Returns the profile details of the specified user.
userID - The id of the user who's details are required. The isUserLogin flag will decide what does userID contains.
retAttrs - The list of attributes which are to be returned for each user.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
If the user exists then an 'User' object containing all the retAttrs of the user is returned otherwise NoSuchUserException exception is thrown.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
NoSuchUserException - if the user does not exist.
UserLookupException - if the user lookup operation fails.


User getDetails(java.lang.String userID,
                java.util.Set retAttrs,
                boolean isUserLogin,
                OperationContext opContext)
                throws oracle.iam.platform.authz.exception.AccessDeniedException,
Returns the profile details of the specified user.
userID - The id of the user who's details are required. The isUserLogin flag will decide what does userID contains.
retAttrs - The list of attributes which are to be returned for each user.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
opContext - The context of the request.
If the user exists then an 'User' object containing all the retAttrs of the user is returned otherwise NoSuchUserException exception is thrown.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
NoSuchUserException - if the user does not exist.
UserLookupException - if the user lookup operation fails.


User getDetails(java.lang.String attributeName,
                java.lang.Object attributeValue,
                java.util.Set retAttrs)
                throws oracle.iam.platform.authz.exception.AccessDeniedException,
Returns the profile details of the specified user.
attributeName - - The attribute name for the search criteria.
attributeValue - - The attribute value for the search criteria.
retAttrs - The list of attributes which are to be returned for each user.
If the user exists then an 'User' object containing all the retAttrs of the user is returned otherwise NoSuchUserException exception is thrown.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
NoSuchUserException - if the user does not exist.
UserLookupException - if the user lookup operation fails.
SearchKeyNotUniqueException - if there is more than one user of the search criteria.


java.util.List search(SearchCriteria criteria,
                      java.util.Set retAttrs,
                      java.util.HashMap configParams)
                      throws oracle.iam.platform.authz.exception.AccessDeniedException,
Searches for users matching the specified SearchCriteria.
criteria - The search criteria based on which entries will be retrieved from the backend. The SearchCriteria Operators supported are AND, OR, NOT, GREATER_THAN, GREATER_EQUAL, LESS_THAN, LESS_EQUAL, EQUAL and NOT_EQUAL. For additional comparisons like contains the SearchCriteria Operator will be EQUAL with value to be searched will be '*<value>*'
retAttrs - The list of attributes which are to be returned for each user.
configParams - Parameters to further configure the search operation. There are four configuration parameters. STARTROW, ENDROW, SORTEDBY and SORTORDER.

The STARTROW and ENDROW search configuration parameters indicates which subset of the complete search result is to be fetched. These parameters are mandatory.

The SORTEDBY search configuration parameter indicates the attribute on which search result is to be sorted. This parameter is optional and is set to 'User Login' by default.

The SORTORDER search configuration parameter indicates the order of sorting. There are two possible values for this parameter. To sort the result in ascending order use SortOrder.ASCENDING and to sort the result in descending order use SortOrder.DESCENDING. This parameter is optional and is set to SortOrder.ASCENDING by default.

the list of users which matched the search criteria. This list is filtered based on the attribute and entity permissions of the logged-in User.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserSearchException - if the user search operation fails.


UserManagerResult enable(java.lang.String userID,
                         boolean isUserLogin)
                         throws ValidationFailedException,
Enables the user account.
userID - The id of the user to be enabled. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
UserManagerResult containing the entity id of the enabled user.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserEnableException - if the orchestration fails for enable operation.
NoSuchUserException - if the user with given userID is not found.


UserManagerResult enable(java.lang.String attributeName,
                         java.lang.Object attributeValue)
                         throws ValidationFailedException,
Enables the user account matching the search criteria.
attributeName - - The attribute name for the search criteria.
attributeValue - - The attribute value for the search criteria.
UserManagerResult containing the entity id of the enabled user.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserEnableException - if the orchestration fails for enable operation.
NoSuchUserException - if the user matching the search criteria is not found.
SearchKeyNotUniqueException - if there is more than one user of the search criteria.


UserManagerResult enable(java.util.ArrayList userIDs,
                         boolean isUserLogin)
                         throws ValidationFailedException,
Bulk enable operation. Enables accounts of all specified users.
userIDs - The ids of the user to be enabled. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserEnableException - if the orchestration fails for enable operation.
NoSuchUserException - if the user with given userID is not found.


UserManagerResult disable(java.lang.String userID,
                          boolean isUserLogin)
                          throws ValidationFailedException,
Disables the user account.
userID - The id of the user to be disabled. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
UserManagerResult containing the entity id of the disabled user.
ValidationFailedException - is thrown if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserDisableException - if the orchestration fails for disable operation.
NoSuchUserException - if the user with given userID is not found.


UserManagerResult disable(java.lang.String attributeName,
                          java.lang.Object attributeValue)
                          throws ValidationFailedException,
Disables the user account matching the search criteria.
attributeName - - The attribute name for the search criteria.
attributeValue - - The attribute value for the search criteria.
UserManagerResult containing the entity id of the disabled user.
ValidationFailedException - is thrown if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserDisableException - if the orchestration fails for disable operation.
NoSuchUserException - if the user matching the search criteria is not found.
SearchKeyNotUniqueException - if there is more than one user of the search criteria.


UserManagerResult disable(java.util.ArrayList userIDs,
                          boolean isUserLogin)
                          throws ValidationFailedException,
Bulk disable operation. Disables accounts of all specified users.
userIDs - The ids of the user to be disabled. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserDisableException - if the orchestration fails for disable operation.
NoSuchUserException - if the user with given userID is not found.


UserManagerResult lock(java.lang.String userID,
                       boolean manualFlag,
                       boolean isUserLogin)
                       throws ValidationFailedException,
Locks the OIM user account, provided the user has an OIM account provisioned. Else, an exception will be thrown.
userID - The id of the user to be locked. The isUserLogin flag will decide what does userID contains.
manualFlag - The flag is true then lock is manual otherwise system lock.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
UserManagerResult containing the entity id of the locked user.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserLockException - if the orchestration fails for lock operation.
NoSuchUserException - if the user with given userID is not found.


UserManagerResult lock(java.lang.String attributeName,
                       java.lang.Object attributeValue,
                       boolean manualFlag)
                       throws ValidationFailedException,
Locks the OIM user account matching the search criteria, provided the user has an OIM account provisioned. Else, an exception will be thrown.
attributeName - - The attribute name for the search criteria.
attributeValue - - The attribute value for the search criteria.
manualFlag - The flag is true then lock is manual otherwise system lock.
UserManagerResult containing the entity id of the locked user.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserLockException - if the orchestration fails for lock operation.
NoSuchUserException - if the user with given userID is not found.
SearchKeyNotUniqueException - if there is more than one user of the search criteria.


UserManagerResult lock(java.util.ArrayList userIDs,
                       boolean manualFlag,
                       boolean isUserLogin)
                       throws ValidationFailedException,
Bulk lock operation. If any of the users do not have an OIM account provisioned, then no user account will be locked and an appropriate exception will be thrown.
userIDs - The ids of the user to be locked. The isUserLogin flag will decide what does userID contains.
manualFlag - The flag is true then lock is manual otherwise system lock.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserLockException - if the orchestration fails for lock operation.
NoSuchUserException - if the user with given userID is not found.


UserManagerResult unlock(java.lang.String userID,
                         boolean isUserLogin)
                         throws ValidationFailedException,
Unlocks the OIM user account, provided the user has an OIM account, and it is locked. An exception is thrown if the user doesn't have an OIM account.
userID - The id of the user to be unlocked. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
UserManagerResult containing the entity id of the unlocked user.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserUnlockException - if the orchestration fails for unlock operation.
NoSuchUserException - if the user with given userID is not found.


UserManagerResult unlock(java.lang.String attributeName,
                         java.lang.Object attributeValue)
                         throws ValidationFailedException,
Unlocks the OIM user account matching the search criteria, provided the user has an OIM account, and it is locked. An exception is thrown if the user doesn't have an OIM account.
attributeName - - The attribute name for the search criteria.
attributeValue - - The attribute value for the search criteria.
UserManagerResult containing the entity id of the unlocked user.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserUnlockException - if the orchestration fails for unlock operation.
NoSuchUserException - if the user matching the search criteria is not found.
SearchKeyNotUniqueException - if there is more than one user of the search criteria.


UserManagerResult unlock(java.util.ArrayList userIDs,
                         boolean isUserLogin)
                         throws ValidationFailedException,
Bulk unlock operation. If any of the users do not have an OIM account provisioned, then no users' accounts will be unlocked and an appropriate exception will be thrown.
userIDs - The ids of the user to be unlocked. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
UserManagerResult containing the list of success and failure results. Each failure result has a reason for failure associated with it.
ValidationFailedException - if the validation during the orchestration process fails.
oracle.iam.platform.authz.exception.AccessDeniedException - if the logged-in user does not have the required authorization.
UserUnlockException - if the orchestration fails for unlock operation.
NoSuchUserException - if the user with given userID is not found.


java.util.List getCurrentProxies(java.lang.String userID,
                                 boolean isUserLogin)
                                 throws oracle.iam.platform.authz.exception.AccessDeniedException,
Returns the current proxy details of the specified user
userID - The ID of the user whose current proxies are required. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
List of proxy details for all current proxies associated with the specified user
oracle.iam.platform.authz.exception.AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation.
NoSuchUserException - If the user with given userID is not found.
UserManagerException - If getCurrentProxies operation fails due some other reason.


java.util.List getPastProxies(java.lang.String userID,
                              boolean isUserLogin)
                              throws oracle.iam.platform.authz.exception.AccessDeniedException,
Returns the past proxy details of the specified user
userID - The id of the user whose past proxies are required. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
List of proxy details for all past proxies associated with the specified user
oracle.iam.platform.authz.exception.AccessDeniedException - If the loggedUser does not have the required authorization to perform this operation.
NoSuchUserException - If the user with given userID is not found.
UserManagerException - If getPastProxies operation fails due some other reason.


void changePassword(java.lang.String userID,
                               char[] password,
                               boolean isUserLogin,
                               java.util.Locale locale,
                               boolean setPasswordResetFlag)
                    throws NoSuchUserException,
Deprecated. This API does not support option for email notification. The preferred way to do this is via UserManager.changePassword(String, char[], boolean, Locale, boolean, boolean)
Changes the user's password. This signature API is called in OAAM integrated env.
userID - The ID of the user whose password is to be changed. The isUserLogin flag will decide what does userID contains.
password - New password
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
locale - If not null, this locale is used to throw translated exceptions (if any)
setPasswordResetFlag - To identify whether the password reset flag should be reset or not. In case of OAAM scenario, this flag value should be false which should indicate not be reset the 'change password at next logon' flag in the database.
NoSuchUserException - If user with given userID does not exist.
oracle.iam.platform.authz.exception.AccessDeniedException - If logged-in user does not have permission to change the password of this user.
UserManagerException - If there is an error while changing the user's password
See Also:
UserManager.changePassword(String, char[], boolean, Locale, boolean, boolean)


void changePassword(java.lang.String userID,
                               char[] password,
                               boolean isUserLogin)
                    throws NoSuchUserException,
Deprecated. This API does not support option for email notification. The preferred way to do this is via UserManager.changePassword(String, char[], boolean, boolean)
Changes the user's password.
userID - The id of the user whose password is to be changed. The isUserLogin flag will decide what does userID contains.
password - New password
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
NoSuchUserException - If user with given userID does not exist.
oracle.iam.platform.authz.exception.AccessDeniedException - If logged-in user does not have permission to change the password of this user.
UserManagerException - If there is an error while changing the user's password
See Also:
UserManager.changePassword(String, char[], boolean, boolean), UserManager.changePassword(String, char[], boolean, boolean)


void changePassword(java.lang.String attributeName,
                               java.lang.Object attributeValue,
                               char[] password)
                    throws NoSuchUserException,
Deprecated. This API does not support option for email notification. The preferred way to do this is via UserManager.changePassword(String, Object, char[], boolean)
Changes the user's password.
attributeName - The attribute name for the search criteria to identify the user.
attributeValue - The attribute value for the search criteria to identify the user.
password - New password
NoSuchUserException - If user with the given criteria does not exist.
oracle.iam.platform.authz.exception.AccessDeniedException - If logged-in user does not have permission to change the password of this user.
UserManagerException - If there is an error while changing password
SearchKeyNotUniqueException - If there are more than one users found with the given search criteria.
See Also:
UserManager.changePassword(String, Object, char[], boolean)


java.util.List getAllProxies(java.lang.String userID,
                             boolean isUserLogin)
                             throws oracle.iam.platform.authz.exception.AccessDeniedException,
Gets a list of the all the proxy for the given user
userID - The ID of the user whose proxies are required. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
List of proxy details for all proxies associated with the specified user
oracle.iam.platform.authz.exception.AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation.
NoSuchUserException - If user with given userID does not exist.
UserManagerException - If getAllProxies operation fails due some other reason.


long addProxyForUser(java.lang.String userID,
                                long proxyUserKey,
                                java.util.Date startDate,
                                java.util.Date endDate,
                                boolean isUserLogin)
                     throws NoSuchUserException,
Adds/Sets proxy for user in OIM and BPEL.
userID - The id of the user for which proxy is to be added. The isUserLogin flag will decide if userID contains the user login or the user key
proxyUserKey - key of the user to be proxied.
startDate - start date for the proxy.
endDate - end date of the proxy.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
the proxy id in the table.
NoSuchUserException - If user with given userID does not exist.
RecursiveProxyException - if there is a recursive proxy.
UserManagerException - If add proxy operation fails due some other reason.
oracle.iam.platform.authz.exception.AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation


void updateProxyForUser(long pxdKey,
                                   java.util.Map attribute)
                        throws NoSuchUserException,
Updates the proxy with key pxdKey Only proxy user, start date and/or end date can be modified for the given proxy. Original user cannot be modifed for a proxy. The values to be changed needs to be passed in the map as name value pairs.
pxdKey - key of the proxy whose details is to be updated.
attribute - an attribute map of the fields to update:
  • pxyoriginaluserkey - to identify the original user. This field cannot be updated.
  • proxyuserkey - the new proxy user
  • proxystartdate - start date when the proxy takes effect
  • proxyenddate - end date when the proxy ends
NoSuchUserException - If user with given userID does not exist.
RecursiveProxyException - If there is a recursive proxy.
oracle.iam.platform.authz.exception.AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
UserManagerException - If update proxy operation fails due some other reason.


void removeAllProxiesForUser(java.lang.String userID,
                             boolean isUserLogin)
                             throws NoSuchUserException,
Removes all proxies for user. Past Proxies cannot be deleted. In Progress Proxy are not deleted rather their end date is changed to today.
userID - The ID of the user whose proxies are to be removed. The isUserLogin flag will decide what does userID contains.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
NoSuchUserException - If user with given userID does not exist.
oracle.iam.platform.authz.exception.AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
UserManagerException - If update proxy operation fails due some other reason.


void removeProxy(java.lang.String userID,
                 long proxyKey,
                 java.util.Map attrMap,
                 boolean isUserLogin)
                 throws NoSuchUserException,
Deprecated. Please use removeProxy(String userID, long proxyKey, boolean isUserLogin) instead
userID - The ID of the user whose proxy is to be removed. The isUserLogin flag will decide what does userID contains.
proxyKey - The key of the proxy to be removed.
attrMap - [Optional] The Map of attributes containing proxy details
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
NoSuchUserException - If user with given userID does not exist.
oracle.iam.platform.authz.exception.AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
UserManagerException - If remove proxy operation fails due some other reason.
See Also:
Removes a single proxy (identified by key proxyKey) for the given user (identified by userID).


void removeProxy(java.lang.String userID,
                            long proxyKey,
                            boolean isUserLogin)
                 throws NoSuchUserException,
Removes a single proxy (identified by key proxyKey) for the given user (identified by userID).
userID - The ID of the user whose proxy is to be removed. The isUserLogin flag will decide what does userID contains.
proxyKey - The key of the proxy to be removed.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
NoSuchUserException - If user with given userID does not exist.
oracle.iam.platform.authz.exception.AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
UserManagerException - If remove proxy operation fails due some other reason.


java.lang.String addProxyForUser(java.lang.String userID,
                                 java.lang.String proxyUserID,
                                 java.util.Date startDate,
                                 java.util.Date endDate,
                                 boolean isUserLogin)
                                 throws NoSuchUserException,
Adds/Sets proxy for user in OIM. The API internally consumes the SOA/BPEL UserMetadataService APIs. UserMetadataService provides the APIs for creating vacation rule which serves our purpose for proxy.
userID - ID of the user for which proxy is to be added. The isUserLogin flag will decide if userID contains the user login or the entity ID.
proxyUserID - ID of the user that is set as a proxy of the original user. The isUserLogin flag will decide if proxyUserID contains the user login or the entity ID.
startDate - start date for the proxy.
endDate - end date of the proxy.
isUserLogin - Set to true if the userID contains user login and false if the userID contains Entity ID (user key/user GUID).
the unique identifier of the proxy created.
NoSuchUserException - If user with given userID does not exist.
RecursiveProxyException - if there is a recursive proxy.
UserManagerException - If add proxy operation fails due some other reason.
oracle.iam.platform.authz.exception.AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation.


void updateProxyForUser(java.lang.String proxyID,
                        java.util.Map attribute)
                        throws NoSuchUserException,
Updates the proxy with ID proxyID Only proxy user, start date and/or end date can be modified for the given proxy. Original user cannot be modifed for a proxy. The values to be changed needs to be passed in the map as name value pairs.
proxyID - ID of the proxy for which details are to be updated.
attribute - an attribute map of the fields to update:
  • Key as String with text "pxyOriginalUserEntityId" and VALUE as String representing the Orignal User Entity Id. This field cannot be updated.
  • Key as String with text "pxyProxyUserEntityId" and VALUE as String representing the New Proxy User Entity Id.
  • Key as String with text "proxystartdate" and VALUE as String representing Proxy New Start Date with format "MM/dd/yyyy".
  • Key as String with text "proxyenddate" and VALUE as String representing Proxy New End Date with format "MM/dd/yyyy".
NoSuchUserException - If user with given userID does not exist.
RecursiveProxyException - If there is a recursive proxy.
oracle.iam.platform.authz.exception.AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
UserManagerException - If update proxy operation fails due some other reason.


void removeProxy(java.lang.String userID,
                 java.lang.String proxyID,
                 boolean isUserLogin)
                 throws NoSuchUserException,
Removes a single proxy (identified by ID proxyID) for the given user (identified by userID).
userID - The ID of the user whose proxy is to be removed. The isUserLogin flag will decide what does userID contains.
proxyID - The ID of the proxy to be removed.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user's entity id.
NoSuchUserException - If user with given userID does not exist.
oracle.iam.platform.authz.exception.AccessDeniedException - If the logged-in user does not have the required authorization to perform this operation
UserManagerException - If remove proxy operation fails due some other reason.


java.lang.String generateUserName(java.util.Map attrMap)
                                  throws UserNameGenerationException,
Suggest a username based on OIM's default username policy.
attrMap - Map contains user attributes required to generate username.
The generated username based on the default policy and user attributes
UserNameGenerationException - If username generation operation fails due some reason.
UserManagerException - If the operation fails due some other reason.


java.lang.String generateUserName(java.lang.String policyID,
                                  java.util.Map attrMap)
                                  throws UserNameGenerationException,
Suggest a username based on the given username policy.
policyID - The ID (class name of policy) of the policy that will be used to generate username.
attrMap - Map contains user attributes required to generate username.
The generated username based on the given policy and user attributes
UserNameGenerationException - If username generation operation fails due some reason.
UserManagerException - If the operation fails due some other reason.


boolean isUserNameValid(java.lang.String userName,
                        java.util.Map attrMap)
                        throws UserManagerException
Check the validity of the given username based on default policy.
userName - The username that need to be validated.
attrMap - Map contains user attributes required to generate username.
True or false based on the validity of the user name as per the default policy
UserManagerException - If the operation fails due some other reason.


boolean isUserNameValid(java.lang.String userName,
                        java.lang.String policyID,
                        java.util.Map attrMap)
                        throws UserManagerException
Check the validity of the given username based on given policy.
userName - The username that needs to be validated.
policyID - The ID (class name of policy) of the policy that will be used to validate the username.
attrMap - Map contains user attributes required to generate username.
True or false based on the validity of the user name as per the given policy
UserManagerException - If the operation fails due some other reason.


java.util.List getAllUserNamePolicies(java.util.Locale locale)
                                      throws UserManagerException
Gives the details of all the username policies configured in OIM.
locale - The locale in which policy discription is needed.
List containing all the policy details mentioned in a Map as:
  • policy_id - the ID of the policy
  • policy_name- the name of the policy
  • policy_description - the description of the policy
UserManagerException - If the operation fails due some other reason.


java.lang.String getPolicyDescription(java.lang.String policyID,
                                      java.util.Locale locale)
                                      throws UserManagerException
Gives the details of the username policy configured in OIM with the given ID
policyID - The ID (class name of policy) of the policy for which description is required.
locale - The locale in which policy discription needed.
The description of the policy with the given Id in the specified locale.
UserManagerException - If the operation fails due some other reason.


java.lang.String generateUserNameFromDefaultPolicy(java.util.Map attrMap)
                                                   throws UserNameGenerationException,
Suggest a username based on OIM's default username policy.
attrMap - Map of <String,Object> contains user attributes required to generate username. Note: You can also pass multiple values (IMultiValueData) here.
The generated username based on the default policy and user attributes
UserNameGenerationException - If username generation operation fails due some reason.
UserManagerException - If the operation fails due some other reason.


java.lang.String generateUserNameFromPolicy(java.lang.String policyId,
                                            java.util.Map attrMap)
                                            throws UserNameGenerationException,
Suggest a username based on the given username policy.
policyID - The ID (class name of policy) of the policy that will be used to generate username.
attrMap - Map of <String,Object> contains user attributes required to generate username. Note: You can also pass multiple values (IMultiValueData) here.
The generated username based on the given policy and user attributes
UserNameGenerationException - If username generation operation fails due some reason.
UserManagerException - If the operation fails due some other reason.


boolean isUserNameValidForDefaultPolicy(java.lang.String userName,
                                        java.util.Map attrMap)
                                        throws UserManagerException
Check the validity of the given username based on default policy.
userName - The username that need to be validated.
attrMap - Map of <String,Object> contains user attributes required to generate username. Note: You can also pass multiple values (IMultiValueData) here.
True or false based on the validity of the user name as per the default policy
UserManagerException - If the operation fails due some other reason.


boolean isUserNameValidForPolicy(java.lang.String userName,
                                 java.lang.String policyId,
                                 java.util.Map attrMap)
                                 throws UserManagerException
Check the validity of the given username based on given policy.
userName - The username that needs to be validated.
policyID - The ID (class name of policy) of the policy that will be used to validate the username.
attrMap - Map of <String,Object> contains user attributes required to generate username. Note: You can also pass multiple values (IMultiValueData) here.
True or false based on the validity of the user name as per the given policy
UserManagerException - If the operation fails due some other reason.


void resetPassword(java.lang.String userID,
                   boolean isUserLogin)
                   throws NoSuchUserException,
Resets the password of an user to a randomly generated password. As part of the password reset, a notification is sent to the user regarding the new password
NOTE: The email attribute of the user must be set for reset password to work
userID - the userID of the user whose password is to be reset.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.


void resetPassword(java.lang.String userID,
                   boolean isUserLogin,
                   boolean sendNotification)
                   throws NoSuchUserException,
Resets the password of an user to a randomly generated password. As part of the password reset, a notification is sent to the user regarding the new password
NOTE: The email attribute of the user must be set for reset password to work
userID - the userID of the user whose password is to be reset.
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
sendNotification - Set to true if an email notification needs to be sent to the user whose password is changed


void changePassword(java.lang.String userID,
                    char[] password,
                    boolean isUserLogin,
                    boolean sendNotification)
                    throws NoSuchUserException,
Changes the user's password.
userID - The id of the user whose password is to be changed. The isUserLogin flag will decide what does userID contains.
password - New password
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
sendNotification - Set to true if an email notification needs to be sent to the user whose password is changed
NoSuchUserException - If user with given userID does not exist.
oracle.iam.platform.authz.exception.AccessDeniedException - If logged-in user does not have permission to change the password of this user.
UserManagerException - If there is an error while changing the user's password


void changePassword(java.lang.String userID,
                    char[] password,
                    boolean isUserLogin,
                    java.util.Locale locale,
                    boolean setPasswordResetFlag,
                    boolean sendNotification)
                    throws NoSuchUserException,
Changes the user's password. This signature API is called in OAAM integrated env.
userID - The ID of the user whose password is to be changed. The isUserLogin flag will decide what does userID contains.
password - New password
isUserLogin - Set to true if the userID contains user login and false if the userID contains user key.
locale - If not null, this locale is used to throw translated exceptions (if any)
setPasswordResetFlag - To identify whether the password reset flag should be reset or not. In case of OAAM scenario, this flag value should be false which should indicate not be reset the 'change password at next logon' flag in the database.
sendNotification - Set to true if an email notification needs to be sent to the user whose password is changed
NoSuchUserException - If user with given userID does not exist.
oracle.iam.platform.authz.exception.AccessDeniedException - If logged-in user does not have permission to change the password of this user.
UserManagerException - If there is an error while changing the user's password


void changePassword(java.lang.String attributeName,
                    java.lang.Object attributeValue,
                    char[] password,
                    boolean sendNotification)
                    throws NoSuchUserException,
Changes the user's password.
attributeName - The attribute name for the search criteria to identify the user.
attributeValue - The attribute value for the search criteria to identify the user.
password - New password
sendNotification - Set to true if an email notification needs to be sent to the user whose password is changed
NoSuchUserException - If user with the given criteria does not exist.
oracle.iam.platform.authz.exception.AccessDeniedException - If logged-in user does not have permission to change the password of this user.
UserManagerException - If there is an error while changing password
SearchKeyNotUniqueException - If there are more than one users found with the given search criteria.

Skip navigation links

Copyright © 2014, Oracle and/or its affiliates. All rights reserved.