Retrieve Attribute from User Store

Contents

Overview
General Configuration
Database
Advanced

Overview

The User Store stores a user's profile, including attributes relating to that user. After a user has successfully authenticated to the API Gateway, the Retrieve From User Store filter can retrieve attributes belonging to that user from the User Store. All attributes that are retrieved are set to the attribute.lookup.list.

General Configuration

Configure the following field:

Name:

Enter an appropriate name for this filter.

Database

Configure the following fields on the Database tab:

User ID:

Select or enter the name of the message attribute that contains the name of the user to look up in the User Store. For example, if the user name is stored as admin, you must select the message attribute containing the value admin. The API Gateway then looks up the user the User Store using this name.

Attributes:

Enter the list of attributes that the API Gateway should retrieve if it successfully looks up the user identified by the message attribute specified in the User ID field. All attribute values are stored in the attribute.lookup.list message attribute.

If no user attributes are specified, the API Gateway retrieves all the user's registered attributes and sets them to the attribute.lookup.list attribute.

You can add attributes by selecting the Add button. Similarly, you can edit and remove existing attributes by selecting the Edit and Remove buttons.

Advanced

Configure the following fields on the Advanced tab:

Enable legacy attribute naming for retrieved attributes:

Specifies whether to enable legacy naming of retrieved message attributes (unselected by default). Prior to version 7.1, retrieved attributes were stored in message attributes in the following format: 

user.<retrieved_attribute_name>

For example, ${user.email}, ${user.role}, and so on. If the retrieved attribute was multi-valued, you would access the values using ${user.email.1} or ${user.email.2}, and so on.

In version 7.1 and later, by default, you can now query for multi-valued retrieved attributes using an array syntax (for example, ${user.email[0]} or ${user.email[1]}, and so on). You can also access other previously unreachable fields in the retrieved attribute (for example, ${user.email.attKey} or ${user.email.namespace}). Select this setting if you wish to use the legacy format for attribute naming.

Prefix for message attribute names:

You can specify an optional prefix for message attribute names. The default prefix is user.

Prev  Up  Next
  Home