Oracle® Fusion Middleware Oracle Identity Managerのためのアプリケーションの開発とカスタマイズ 11gリリース2 (11.1.2.3.0) E61958-10 |
|
前 |
次 |
Representation State Transfer (REST)は、HTTPを介してWebサービスを構築するアーキテクチャ形式です。アイデンティティRESTサービスは、セルフサービス、ユーザー、ロール/グループ、組織およびパスワード・ポリシー管理の機能を提供するREST Webサービスのセットです。アイデンティティRESTサービスは、System for Cross-Domain Identity Management (SCIM)プロトコルに基づいています。Oracle Identity Manager SCIMサービスは、「ユーザー・リソースのスキーマ属性」で説明するように、デフォルトでSCIMスキーマおよびIDM拡張機能とともに使用できます。
「スキーマの取得」で説明するように、サポートされるスキーマを取得できます。
Oracle Identity Managerをデプロイする場合、SCIMがOracle Identity ManagerサーバーのWebアプリケーションとしてデフォルトでデプロイされます。
Oracle Identity ManagerでのSCIM実装は、draft-ietf-scim-api-13 and draft-ietf-scim-core-schema-13に従います。IETFドラフトの詳細は、次のURLを参照してください。
この章の内容は次のとおりです。
表21-1は、Oracle Identity Managerのサポートされている操作に使用されるSCIMベースAPIを示しています。
表21-1 SCIMベースAPIおよびサポートされている操作
リソース | エンドポイント | 操作 | スキーマURL。 | 説明 |
---|---|---|---|---|
ユーザー |
/Users |
GET、POST、PUT、PATCH、DELETE |
urn:ietf:params:scim:schemas:core:2.0:User urn:ietf:params:scim:schemas:extension:enterprise:2.0:User · urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User · urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User |
ユーザーの取得/追加/変更/無効化/有効化/ロック/ロック解除/削除 - identity.usermgmt.api.UserManager |
ユーザー |
/Me |
GET、POST、PUT、PATCH |
·urn:ietf:params:scim:schemas:core:2.0:User · urn:ietf:params:scim:schemas:extension:enterprise:2.0:User · urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User · urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User |
自分のプロファイルの取得/変更、自分のパスワードの変更、自分のチャレンジ・レスポンスの変更 - selfservice.self.selfmgmt.api.AuthenticatedSelfService 自己登録 - UnauthenticatedSelfServiceを使用 |
PasswordResetterWithChallenges |
/PasswordResetterWithChallenges |
POST |
· urn:ietf:params:scim:schema:oracle:core:2.0:PasswordResetterWithChallenges |
|
PasswordValidator |
/PasswordValidator |
POST |
· urn:ietf:params:scim:schema:oracle:core:2.0:PasswordValidator |
|
UserNameGenerator |
/UserNameGenerator |
POST |
· urn:ietf:params:scim:schema:oracle:core:2.0:UserNameGenerator |
|
UserNameRecoverer |
/UserNameRecoverer |
POST |
· urn:ietf:params:scim:schema:oracle:core:2.0:UserNameRecoverer |
|
UserNameValidator |
/UserNameValidator |
POST |
· urn:ietf:params:scim:schema:oracle:core:2.0:UserNameValidator |
|
グループ |
/Groups |
GET、POST、PUT、PATCH、DELETE |
· urn:ietf:params:scim:schemas:core:2.0:Group · urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group · urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group |
グループの取得/追加/変更/SetUserMembershipRule/削除 - identity.rolemgmt.api.RoleManager |
組織 |
/Organizations |
GET、POST、PUT、PATCH、DELETE |
urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization |
組織の取得/追加/変更/SetUserMembershipRule/削除 - identity.orgmgmt.api.OrganizationManager |
パスワード・ポリシー |
/PasswordPolicies |
GET、POST、PUT、PATCH、DELETE |
urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy |
パスワード・ポリシーの取得/追加/変更/削除 - passwordmgmt.api.PasswordMgmtService |
通知テンプレート |
/NotificationTemplates |
GET、POST、PUT、PATCH、DELETE |
urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate |
通知テンプレートの取得/追加/変更/削除 - notification.api.NotificationService |
システム・プロパティ |
/SystemProperties |
GET、PATCH |
urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:SystemProperty |
システム・プロパティの取得/変更 - config.api.SystemConfigurationService |
サービス・プロバイダ構成スキーマ |
/ServiceProviderConfigs |
GET |
urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig |
サービス・プロバイダの構成の取得 |
リソース・タイプ |
/ResourceTypes |
GET |
urn:ietf:params:scim:schemas:core:2.0:ResourceType |
リソース・タイプの構成の取得 |
スキーマ |
/Schemas |
GET |
urn:ietf:params:scim:schemas:core:2.0:Schema urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Schema |
リソースのスキーマの取得 |
検索 |
[prefix]/.search |
POST |
なし |
POSTを使用した1つ以上のリソース・タイプのシステム・ルートまたはリソース・エンドポイント内での検索の実行 |
この項にリストするリソース・スキーマの表は、サポートされるSCIM属性を示しています。すべてのSCIMリソース・タイプおよびスキーマ拡張は、JSONリクエストとレスポンスの両方で次のURIによって識別されます。
urn:oracle:scim:schemas:idm:2.0:RESOURCE_TYPE
ユーザー、グループ、組織などのすべてのSCIMリソースには、SCIMスキーマ属性の次のタイプが含まれます。
SVA: 単一値属性
MVA: 複数値属性。
CSVA: 複合単一値属性
CMVA: 複合複数値属性。
SCIMユーザー・スキーマは、各値が個人用電子メール・アドレス、仕事用電子メール・アドレス、その他の電子メール・アドレスなどのサブ属性と値を持つことができる電子メール・アドレスなどのCMVAをサポートします。既存のOracle Identity Managerユーザー・スキーマ属性にマップできる場合を除き、Oracle Identity ManagerはCMVAをサポートせず、Oracle Identity Manager SCIM/REST APIもCMVAをサポートしません。Oracle Identity Manager SCIM/RESTでサポートされない複合SCIM属性を含むリクエストが行われた場合、RESTレスポンスに同じ内容を示すエラーが戻されます。
可変性は、特定の属性がアクセスされる方法です。可能な可変性値は次のとおりです。
読取り専用(RO): 作成および読取り/検索操作を実行できます
WO: 作成はできますが、読取り/検索操作はできません
RW: 作成および読取り/検索操作を実行できます
表21-2に、SCIMユーザー・スキーマ属性をリストします。
表21-2 urn:ietf:params:scim:schemas:core:2.0:User
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
userName |
SVA |
String |
はい |
RW |
name.formatted |
SVA |
String |
いいえ |
RW |
name.familyName |
SVA |
String |
いいえ |
RW |
name.givenName |
SVA |
String |
いいえ |
RW |
name.middleName |
SVA |
String |
いいえ |
RW |
name.honorificPrefix |
SVA |
String |
いいえ |
RW |
name.honorificSuffix |
SVA |
String |
いいえ |
RW |
displayName |
SVA |
String |
いいえ |
RW |
nickName |
SVA |
String |
いいえ |
RW |
profileUrl |
SVA |
String |
いいえ |
RW |
title |
SVA |
String |
いいえ |
RW |
title |
SVA |
String |
いいえ |
RW |
userType |
SVA |
String |
いいえ |
RW |
preferredLanguage |
SVA |
String |
いいえ |
RW |
timezone |
SVA |
String |
いいえ |
RW |
locale |
SVA |
String |
いいえ |
RW |
active |
SVA |
ブール |
いいえ |
RW |
password |
SVA |
String |
いいえ |
WO |
emails |
CMVA |
該当なし |
いいえ |
RW |
emails[work].value |
SVA |
String |
いいえ |
RW |
emails[<type>].primary |
SVA |
String |
いいえ |
RW |
phoneNumbers |
CMVA |
該当なし |
いいえ |
RW |
phoneNumbers.type |
SVA |
String |
いいえ |
RW |
phoneNumbers[work].value |
SVA |
String |
いいえ |
RW |
phoneNumbers[home].value |
SVA |
String |
いいえ |
RW |
phoneNumbers[mobile].value |
SVA |
String |
いいえ |
RW |
phoneNumber[fax].value |
SVA |
String |
いいえ |
RW |
phoneNumber[pager].value |
SVA |
String |
いいえ |
RW |
phoneNumber[other].value |
SVA |
String |
いいえ |
RW |
ims |
CMVA |
該当なし |
いいえ |
RW |
photos |
CMVA |
該当なし |
いいえ |
RW |
addresses |
CMVA |
該当なし |
いいえ |
RW |
addresses.type |
SVA |
String |
いいえ |
RW |
addresses[<type>].primary |
SVA |
String |
いいえ |
RW |
addresses[work].formatted |
SVA |
String |
いいえ |
RW |
addresses[home].formatted |
SVA |
String |
いいえ |
RW |
addresses[work].streetAddress |
SVA |
String |
いいえ |
RW |
addresses[work].locality |
SVA |
String |
いいえ |
RW |
addresses[work].region |
SVA |
String |
いいえ |
RW |
addresses[work].postalCode |
SVA |
String |
いいえ |
RW |
addresses[work].country |
SVA |
String |
いいえ |
RW |
groups |
CMVA |
該当なし |
いいえ |
RO |
groups.value |
SVA |
String |
いいえ |
RO |
groups.$ref |
SVA |
String |
いいえ |
RO |
groups.type |
SVA |
String |
いいえ |
RO |
entitlements |
SMVA |
String |
いいえ |
RW |
roles |
SMVA |
String |
いいえ |
RW |
x509Certificates |
SMVA |
String |
いいえ |
RW |
注意: アカウントおよびエンタイトルメントはOracle Identity Manager SCIMサービスでサポートされません。 |
表21-3に、SCIMエンタープライズ・ユーザー・スキーマ属性をリストします。
表21-3 urn:ietf:params:scim:schemas:extension:enterprise:2.0:User
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
employeeNumber |
SVA |
String |
いいえ |
RW |
costCenter |
SVA |
String |
いいえ |
RW |
organization |
SVA |
String |
いいえ |
RO |
division |
SVA |
String |
いいえ |
RW |
department |
SVA |
String |
いいえ |
RW |
manager.value |
SVA |
String |
いいえ |
RW |
manager.$ref |
SVA |
String |
いいえ |
RW |
manager.displayName |
SVA |
String |
いいえ |
RO |
表21-4に、SCIM IDM共通ユーザー・スキーマ拡張属性をリストします。
表21-4 urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
createBy.value |
SVA |
String |
いいえ |
RO |
createBy.$ref |
SVA |
String |
いいえ |
RO |
updateBy.value |
SVA |
String |
いいえ |
RO |
updateBy.$ref |
SVA |
String |
いいえ |
RO |
passwd |
CSVA |
|||
passwd.value |
SVA |
String |
いいえ |
WO |
passwd.oldValue |
SVA |
String |
いいえ |
WO |
passwd.sendNotification |
SVA |
String |
いいえ |
WO |
passwd.sendNotificationTo |
SVA |
String |
いいえ |
WO |
passwordMustChange |
SVA |
String |
いいえ |
RO |
passwordExpireDate |
SVA |
String |
いいえ |
RO |
locked.value |
SVA |
String |
いいえ |
RW |
locked.duration |
SVA |
String |
いいえ |
RW |
locked.reason |
SVA |
String |
いいえ |
RO |
locked.on |
SVA |
String |
いいえ |
RO |
challenges |
CMVA |
該当なし |
いいえ |
RW |
challenges.challenge |
SVA |
String |
いいえ |
RW |
challenges.response |
SVA |
String |
いいえ |
RW |
表21-5に、Oracle Identity Governance (OIG)ユーザー・スキーマ拡張属性をリストします。
表21-5 urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
dataLevel |
SVA |
String |
いいえ |
RO |
disabled |
SVA |
String |
いいえ |
RO |
passwordCreateDate |
SVA |
日付 |
いいえ |
RO |
passwordCantChange |
SVA |
String |
いいえ |
RO |
passwordNeverExpires |
SVA |
String |
いいえ |
RO |
passwordIsExpired |
SVA |
String |
いいえ |
RO |
passwordWarnDate |
SVA |
日付 |
いいえ |
RO |
lastSuccessfulLoginDate |
SVA |
日付 |
いいえ |
RO |
lastFailedLoginDate |
SVA |
日付 |
いいえ |
RO |
hireDate |
SVA |
日付 |
いいえ |
RW |
startDate |
SVA |
日付 |
いいえ |
RW |
endDate |
SVA |
日付 |
いいえ |
RW |
provisioningDate |
SVA |
日付 |
いいえ |
RW |
provisionedDate |
SVA |
日付 |
いいえ |
RO |
deprovisioningDate |
SVA |
日付 |
いいえ |
RW |
deprovisionedDate |
SVA |
日付 |
いいえ |
RO |
automaticallyDeleteOn |
SVA |
日付 |
いいえ |
RO |
userLoginAttemptsCounter |
SVA |
Int |
いいえ |
RO |
userPasswordResetAttemptsCounter |
SVA |
Int |
いいえ |
RO |
userMustChangePasswordAtNextLogin |
SVA |
String |
いいえ |
RO |
userPasswordMinAgeDate |
SVA |
日付 |
いいえ |
RO |
description |
SVA |
String |
いいえ |
RW |
ldapCommonName |
SVA |
String |
いいえ |
RW |
ldapCommonNameGenerated |
SVA |
String |
いいえ |
RW |
ldapOrganization |
SVA |
String |
いいえ |
RW |
ldapOrganizationalUnit |
SVA |
String |
いいえ |
RW |
ldapDn |
SVA |
String |
いいえ |
RW |
ldapGuid |
SVA |
String |
いいえ |
RW |
poBox |
SVA |
String |
いいえ |
RW |
jobCode |
SVA |
String |
いいえ |
RW |
officeName |
SVA |
String |
いいえ |
RW |
initials |
SVA |
String |
いいえ |
RW |
faLanguage |
SVA |
String |
いいえ |
RW |
faTerritory |
SVA |
String |
いいえ |
RW |
embeddedHelp |
SVA |
String |
いいえ |
RW |
fontSize |
SVA |
String |
いいえ |
RW |
colorContrast |
SVA |
String |
いいえ |
RW |
accessibilityMode |
SVA |
String |
いいえ |
RW |
numberFormat |
SVA |
String |
いいえ |
RW |
dateFormat |
SVA |
String |
いいえ |
RW |
timeFormat |
SVA |
String |
いいえ |
RW |
currency |
SVA |
String |
いいえ |
RW |
summaryRisk |
SVA |
String |
いいえ |
RO |
hasHighRiskRole |
SVA |
String |
いいえ |
RO |
hasHighRiskResource |
SVA |
String |
いいえ |
RO |
hasHighRiskEntitlement |
SVA |
String |
いいえ |
RO |
hasHighRiskProvisioningMethod |
SVA |
String |
いいえ |
RO |
hasHighRiskOpenSod |
SVA |
String |
いいえ |
RO |
hasHighRiskLastCert |
SVA |
String |
いいえ |
RO |
roleSummaryRisk |
SVA |
String |
いいえ |
RO |
accountSummaryRisk |
SVA |
String |
いいえ |
RO |
entitlementSummaryRisk |
SVA |
String |
いいえ |
RO |
riskUpdateDate |
SVA |
String |
いいえ |
RO |
homeOrganization |
CSVA |
該当なし |
いいえ |
RW |
homeOrganization.value |
SVA |
String |
いいえ |
RW |
homeOrganization.$ref |
SVA |
String |
いいえ |
RO |
Organizations |
CMVA |
該当なし |
いいえ |
RO |
organizations.value |
SVA |
String |
いいえ |
RO |
organizations.$ref |
SVA |
String |
いいえ |
RO |
passwordPolicyDescription |
SVA |
String |
いいえ |
RO |
requestId |
SVA |
String |
いいえ |
RO |
表21-6に、IDM PasswordResetterWithChallengesユーザー・スキーマ属性をリストします。
表21-11に、SCIMグループ・スキーマ属性をリストします。
表21-11 urn:ietf:params:scim:schemas:core:2.0:Group
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
displayName |
SVA |
String |
はい |
RW |
members |
CMVA |
該当なし |
いいえ |
|
members.value |
SVA |
String |
いいえ |
RW |
members .$ref |
SVA |
String |
いいえ |
RW |
表21-12に、IDM共通グループ・スキーマ拡張属性をリストします。
表21-12 urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
createBy.value |
SVA |
String |
いいえ |
RO |
createBy.$ref |
SVA |
String |
いいえ |
RO |
updateBy.value |
SVA |
String |
いいえ |
RO |
updateBy.$ref |
SVA |
String |
いいえ |
RO |
|
SVA |
String |
いいえ |
RW |
description |
SVA |
String |
いいえ |
RW |
owner |
CSVA |
該当なし |
いいえ |
RW |
owner.value |
SVA |
String |
いいえ |
RW |
owner.$ref |
SVA |
String |
いいえ |
RO |
owner.firstName |
SVA |
String |
いいえ |
RO |
owner.lastName |
SVA |
String |
いいえ |
RO |
owner.displayName |
SVA |
String |
いいえ |
RO |
owner.email |
SVA |
String |
いいえ |
RO |
owner.login |
SVA |
String |
いいえ |
RO |
表21-13に、OIGグループ・スキーマ拡張属性をリストします。
表21-13 urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
dataLevel |
SVA |
String |
いいえ |
RO |
namespace |
SVA |
String |
いいえ |
RW |
category |
CSVA |
該当なし |
いいえ |
RW |
category.value |
SVA |
String |
いいえ |
RW |
category.name |
SVA |
String |
いいえ |
RO |
ldapGuid |
SVA |
String |
いいえ |
RO |
ldapDn |
SVA |
String |
いいえ |
RO |
requestId |
SVA |
String |
いいえ |
RO |
accessPolicies.value |
MVA |
String |
いいえ |
RW |
organizationsPublishedTo |
CMVA |
該当なし |
いいえ |
RW |
organizationsPublishedTo.value |
SVA |
String |
いいえ |
RW |
organizationsPublishedTo.$ref |
SVA |
String |
いいえ |
RO |
catalog |
CSVA |
該当なし |
いいえ |
RW |
catalog.id |
SVA |
String |
いいえ |
RO |
catalog.categoryName |
SVA |
String |
いいえ |
RW |
catalog.auditObjectives |
SVA |
String |
いいえ |
RW |
catalog.itemRisk |
SVA |
Integer |
いいえ |
RW |
catalog.userDefinedTags |
SVA |
String |
いいえ |
RW |
catalog.certifiable |
SVA |
ブール |
いいえ |
RW |
catalog.auditable |
SVA |
ブール |
いいえ |
RW |
catalog.requestable |
SVA |
ブール |
いいえ |
RW |
catalog.tags |
SVA |
String |
いいえ |
RO |
catalog.hierarchicalDataAvailable |
SVA |
ブール |
いいえ |
RO |
catalogApproverUser.value |
SVA |
String |
いいえ |
RW |
catalogApproverUser.$ref |
SVA |
Reference |
いいえ |
RW |
catalogApproverRole.value |
SVA |
String |
いいえ |
RW |
catalogApproverRole.$ref |
SVA |
Reference |
いいえ |
RW |
catalogCertifierUser.value |
SVA |
String |
いいえ |
RW |
catalogCertifierUser.$ref |
SVA |
Reference |
いいえ |
RW |
catalogCertifierRole.value |
SVA |
String |
いいえ |
RW |
catalogCertifierRole.$ref |
SVA |
Reference |
いいえ |
RW |
catalogFulfillmentUser.value |
SVA |
String |
いいえ |
RW |
catalogFulfillmentUser.$ref |
SVA |
Reference |
いいえ |
RW |
catalogFulfillmentRole.value |
SVA |
String |
いいえ |
RW |
catalogFulfillmentRole.$ref |
SVA |
Reference |
いいえ |
RW |
catalogAttributes |
CMVA |
該当なし |
いいえ |
RW |
catalogAttributes.name |
SVA |
String |
いいえ |
RW |
catalogAttributes.value |
SVA |
String |
いいえ |
RW |
catalogAttributes.udf |
SVA |
ブール |
いいえ |
RW |
catalogAttributes.description |
SVA |
String |
いいえ |
RW |
catalogAttributes.searchable |
SVA |
ブール |
いいえ |
RW |
catalogAttributes.sortable |
SVA |
ブール |
いいえ |
RW |
catalogAttributes.certifiable |
SVA |
ブール |
いいえ |
RW |
catalogAttributes.datatype |
SVA |
String |
いいえ |
RO |
userMembershipRule |
CSVA |
該当なし |
いいえ |
RW |
userMembershipRule.value |
SVA |
String |
いいえ |
RW |
userMembershipRule.evaluate |
SVA |
ブール |
いいえ |
WO |
表21-14に、OIG組織スキーマ属性をリストします。
表21-14 urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
createBy.value |
SVA |
String |
いいえ |
RO |
createBy.$ref |
SVA |
String |
いいえ |
RO |
updateBy.value |
SVA |
String |
いいえ |
RO |
updateBy.$ref |
SVA |
String |
いいえ |
RO |
dataLevel |
SVA |
String |
いいえ |
RO |
name |
SVA |
String |
いいえ |
RW |
customerType |
SVA |
String |
いいえ |
RW |
status |
SVA |
String |
いいえ |
RW |
disabled |
SVA |
String |
いいえ |
RW |
parent |
CSVA |
該当なし |
いいえ |
RW |
parent.value |
SVA |
String |
いいえ |
RW |
parent.$ref |
SVA |
String |
いいえ |
RO |
parent.name |
SVA |
String |
いいえ |
RO |
passwordPolicy |
CSVA |
該当なし |
いいえ |
RW |
passwordPolicy.value |
SVA |
String |
いいえ |
RW |
passwordPolicy.$ref |
SVA |
String |
いいえ |
RO |
passwordPolicy.name |
SVA |
String |
いいえ |
RO |
certifierUser |
CSVA |
該当なし |
いいえ |
RW |
certifierUser.value |
SVA |
String |
いいえ |
RW |
certifierUser.$ref |
SVA |
String |
いいえ |
RO |
certifierUser.login |
SVA |
String |
いいえ |
RO |
enforceNewPasswordPolicy |
SVA |
String |
いいえ |
RW |
userMembershipRule |
CSVA |
該当なし |
いいえ |
RW |
userMembershipRule.value |
SVA |
String |
いいえ |
RW |
userMembershipRule.evaluate |
SVA |
String |
いいえ |
WO |
members |
CMVA |
該当なし |
いいえ |
RO |
members.value |
SVA |
String |
いいえ |
RO |
members.$ref |
SVA |
String |
いいえ |
RO |
childOrganizations |
CSVA |
該当なし |
いいえ |
RO |
childOrganizations.value |
SVA |
String |
いいえ |
RO |
childOrganizations.$ref |
SVA |
Reference |
いいえ |
RO |
表21-15に、IDMパスワード・ポリシー・スキーマ属性をリストします。
表21-15 urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
name |
SVA |
String |
いいえ |
RW |
description |
SVA |
String |
いいえ |
RW |
maxLength |
SVA |
String |
いいえ |
RW |
minLength |
SVA |
String |
いいえ |
RW |
minAlphas |
SVA |
String |
いいえ |
RW |
minNumerals |
SVA |
String |
いいえ |
RW |
minAlphaNumerals |
SVA |
String |
いいえ |
RW |
minSpecialChars |
SVA |
String |
いいえ |
RW |
maxSpecialChars |
SVA |
String |
いいえ |
RW |
minUpperCase |
SVA |
String |
いいえ |
RW |
minLowerCase |
SVA |
String |
いいえ |
RW |
minUniqueChars |
SVA |
String |
いいえ |
RW |
maxRepeatedChars |
SVA |
String |
いいえ |
RW |
startsWithAlphabet |
SVA |
String |
いいえ |
RW |
minUnicodeChars |
SVA |
String |
いいえ |
RW |
maxUnicodeChars |
SVA |
String |
いいえ |
RW |
firstNameDisallowed |
SVA |
String |
いいえ |
RW |
lastNameDisallowed |
SVA |
String |
いいえ |
RW |
userIdDisallowed |
SVA |
String |
いいえ |
RW |
minPasswordAgeInDays |
SVA |
String |
いいえ |
RW |
passwordWarningAfterInDays |
SVA |
String |
いいえ |
RW |
passwordExpiresAfterInDays |
SVA |
String |
いいえ |
RW |
requiredChars |
SVA |
String |
いいえ |
RW |
disallowedChars |
SVA |
String |
いいえ |
RW |
allowedChars |
SVA |
String |
いいえ |
RW |
disallowedSubstrings |
SVA |
String |
いいえ |
RW |
dictionaryLocation |
SVA |
String |
いいえ |
RW |
dictionaryDelimiter |
SVA |
String |
いいえ |
RW |
numPasswordsInHistory |
SVA |
String |
いいえ |
RW |
maxIncorrectAttempts |
SVA |
String |
いいえ |
RW |
lockoutDuration |
SVA |
String |
いいえ |
RW |
complexPolicy |
SVA |
String |
いいえ |
RW |
challengesEnabled |
SVA |
String |
いいえ |
RW |
challengeSource |
SVA |
String |
いいえ |
RW |
challengeDefaultQuestions.value |
SVA |
String |
いいえ |
RW |
challengeMinQuestions |
SVA |
String |
いいえ |
RW |
challengeMinAnswers |
SVA |
String |
いいえ |
RW |
challengeAllAtOnce |
SVA |
String |
いいえ |
RW |
challengeResponseMinLength |
SVA |
String |
いいえ |
RW |
challengeAllowDuplicateResponses |
SVA |
String |
いいえ |
RW |
challengeMaxIncorrectAttempts |
SVA |
String |
いいえ |
RW |
表21-16に、OIG通知テンプレート・スキーマ属性をリストします。
表21-16 urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
name |
SVA |
String |
はい |
RW |
eventName |
SVA |
String |
はい |
RW |
description |
SVA |
String |
いいえ |
RW |
locales |
CMVA |
該当なし |
いいえ |
RW |
locales.locale |
SVA |
String |
はい |
RW |
locales.encoding |
SVA |
String |
はい |
RW |
locales .subject |
SVA |
String |
はい |
RW |
locales .contentType |
SVA |
String |
はい |
RW |
locales.shortMessage |
SVA |
String |
いいえ |
RW |
locales.longMessage |
SVA |
String |
はい |
RW |
表21-18に、SCIMサービス・プロバイダ構成スキーマ属性をリストします。
表21-18 urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
documentationUrl |
SVA |
String |
いいえ |
RO |
patch.supported |
SVA |
ブール |
いいえ |
RO |
bulk.supported |
SVA |
ブール |
いいえ |
RO |
bulk.maxOperations |
SVA |
Integer |
いいえ |
RO |
bulk.maxPayloadSize |
SVA |
Integer |
いいえ |
RO |
filter.supported |
SVA |
ブール |
いいえ |
RO |
filter.maxResults |
SVA |
Integer |
いいえ |
RO |
changePassword.supported |
SVA |
ブール |
いいえ |
RO |
sort.supported |
SVA |
ブール |
いいえ |
RO |
Etag.supported |
SVA |
ブール |
いいえ |
RO |
authenticationSchemes.name |
SVA |
String |
いいえ |
RO |
authenticationSchemes.description |
SVA |
String |
いいえ |
RO |
authenticationSchemes.specUrl |
SVA |
String |
いいえ |
RO |
authenticationSchemes.documentationUrl |
SVA |
String |
いいえ |
RO |
表21-20に、SCIMスキーマの属性をリストします。
表21-20 urn:ietf:params:scim:schemas:core:2.0:Schema
SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
---|---|---|---|---|
id |
SVA |
String |
いいえ |
RO |
name |
SVA |
String |
いいえ |
RO |
description |
SVA |
String |
いいえ |
RO |
attributes.name |
SVA |
String |
いいえ |
RO |
attributes.type |
SVA |
String |
いいえ |
RO |
attributes.multiValued |
SVA |
String |
いいえ |
RO |
attributes.description |
SVA |
String |
いいえ |
RO |
attributes.readOnly |
SVA |
ブール |
いいえ |
RO |
attributes.required |
SVA |
ブール |
いいえ |
RO |
attributes.mutability |
SVA |
String |
いいえ |
RO |
attributes.returned |
SVA |
String |
いいえ |
RO |
attributes.uniqueness |
SVA |
String |
いいえ |
RO |
attributes.caseExact |
SVA |
ブール |
いいえ |
RO |
表21-21に、OIGスキーマのスキーマ拡張属性をリストします。
次の操作タイプがサポートされています。
GET: 1つ以上の完全または部分リソースを取得します。
POST: エンドポイントに応じて、新規リソースを作成するか、検索リクエストを作成します。
PUT: 既存の属性を指定した置換属性のセット(replace)で置換することでリソースを変更します。PUTを使用して新規リソースを作成する必要があります。
PATCH: クライアントが指定した変更のセット(partial updates)でリソースを変更します。
DELETE: リソースを削除します。
操作タイプの詳細は、次のURLを参照してください。
HTTPレスポンス・コードを返すことに加えて、アイデンティティRESTサービスはレスポンスの本文内のエラーをエラー・コードと説明とともに返します。表21-22に、エラー・コードとその意味をリストします。
表21-22 エラー・コードと意味
エラー条件 | HTTPリターン・コード | 意味 |
---|---|---|
入力を解析できない、入力が必要なエンティティと一致しない、または検証失敗 |
400 |
不正なリクエスト: 検証失敗、スキーマ違反 |
リクエスト・リソースが見つからない |
404 |
ADDITIONAL_INFORMATION_INDICATING_NOT_FOUND_OBJECTが見つからない |
ユーザーにアクティビティの実行権限がない。 |
401 |
未認可 |
リクエストされたメソッドがサポートされていない。 |
501 |
使用できないメソッド |
作成されたコンテンツ・タイプをクライアントが受け付けない。 |
406 |
受入れ不可 |
リクエスト・パラメータのセマンティックが正しくない |
422 |
処理不能なエンティティ。ADDITIONAL_INFORMATION_ON_NATURE_OF_ERROR |
クライアント・メディア・タイプがサポートされていない。 |
415 |
サポートされないメディア・タイプ |
依存性のエラーが発生 |
424 |
依存性のエラーが発生。ADDITIONAL_INFORMATION_ON_FAILED_DEPENDENCY |
汎用的なサーバー・エラー |
500 |
内部サーバー・エラー |
競合 |
409 |
指定したバージョン番号が一致しないか、リソースの最新バージョン番号またはサービス・プロバイダが新しい重複リソースの作成を拒否 |
事前の条件設定に失敗 |
412 |
サーバーで最後に取得されたリソースIDが変更されたため、更新に失敗 |
禁止 |
403 |
サーバーは指定されたリソースでリクエストされた操作をサポートしていない |
表21-23に、成功コードとその意味をリストします。
この項では、次のSCIMベースAPIの使用例を示します。
注意: SCIMリクエストでユーザー定義フィールド(UDF)を使用できます。UDFがOracle Identity Managerに作成された後、これらはSCIMリソースに通常の属性として自動的に表示されます。通常の属性を持つリクエストとレスポンスに違いはありません。 |
この項では、ユーザー・リソースの次の例を示します。
リクエスト:
操作とURI: POST http://
HOST_NAME
:PORT
/idaas/im/scim/v1/Users
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User", "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User" ], "userName": "bjensen@example.com", "name": { "familyName": "Jensen", "givenName": "Barbara", "middleName": "Jane", "honorificSuffix": "III" }, "displayName": "Babs Jensen", "profileUrl": "https://HOST_NAME:PORT/bjensen", "emails": [ { "value": "bjensen@example.com", "type": "work" } ], "addresses": [ { "type": "work", "streetAddress": "100 Universal City Plaza", "locality": "Hollywood", "region": "CA", "postalCode": "91608", "country": "USA", "formatted": "100 Universal City Plaza\nHollywood, CA 91608 USA" }, { "type": "home", "formatted": "456 Hollywood Blvd\nHollywood, CA 91608 USA" } ], "phoneNumbers": [ { "value": "555-555-5555", "type": "work" }, { "value": "555-555-4444", "type": "mobile" } ], "userType": "Contractor", "title": "Tour Guide", "preferredLanguage":"en-US", "locale": "en-US", "timezone": "America/Los_Angeles", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "employeeNumber": "701984", "costCenter": "4130", "division": "Theme Park", "department": "Tour Operations", "manager": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" } }, "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": { "homeOrganization": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1" } } }
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User", "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User" ], "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": { "userLoginAttemptsCounter": 0, "passwordIsExpired": "0", "ldapCommonNameGenerated": 0, "userPasswordResetAttemptsCounter": 0, "passwordWarnDate": "2015-04-29T03:24:16.000-07:00", "homeOrganization": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1" }, "passwordCreateDate": "2015-01-06T03:24:16.000-08:00", "provisionedDate": "2015-01-06T03:24:16.000-08:00", "passwordPolicyDescription": [], "userMustChangePasswordAtNextLogin": "1", "disabled": false, "organizations": [ { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1", "display": "Xellerate Users" } ] }, "displayName": "Babs Jensen", "id": "145", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": { "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "passwordExpireDate": "2015-05-06T03:24:16.000-07:00", "locked": { "duration": 0, "value": "0", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/0" } }, "userName": "BJENSEN@EXAMPLE.COM", "emails": [ { "value": "bjensen@example.com", "type": "work" } ], "active": true, "userType": "Contractor", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "employeeNumber": "701984", "manager": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1", "displayName": "new display" }, "department": "Tour Operations", "organization": "Xellerate Users" }, "preferredLanguage": "en-US", "phoneNumbers": [ { "value": "555-555-4444", "type": "mobile" }, { "value": "555-555-5555", "type": "work" } ], "name": { "middleName": "Jane", "familyName": "Jensen", "givenName": "Barbara", "honorificSuffix": "III" }, "addresses": [ { "region": "CA", "streetAddress": "100 Universal City Plaza", "formatted": "100 Universal City Plaza\nHollywood, CA 91608 USA", "postalCode": "91608", "locality": "Hollywood", "country": "USA", "type": "work" }, { "formatted": "456 Hollywood Blvd\nHollywood, CA 91608 USA", "type": "home" } ], "groups": [ { "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/3", "type": "direct" } ], "timezone": "America/Los_Angeles", "title": "Tour Guide", "meta": { "lastModified": "2015-01-06T03:24:17.000-08:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/145", "created": "2015-01-06T03:24:17.000-08:00", "resourceType": "User" } }
リクエスト:
操作とURI: PUT http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Users/355
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User", "urn:ietf:params:scim:schemas:core:2.0:User" ], "userName": "userName_user216_08_09.382323", "name": { "familyName": "familyName2_user216_08_09.382323" }, "userType": "Contractor", "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": { "description": "description2_user216_08_09.382323" }, "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": { "homeOrganization": { "value": "4", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/4" } } }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User", "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User" ], "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": { "passwordIsExpired": "0", "userLoginAttemptsCounter": 0, "ldapCommonNameGenerated": 0, "userPasswordResetAttemptsCounter": 0, "passwordWarnDate": "2015-07-02T08:46:57.000-07:00", "homeOrganization": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1" }, "passwordCreateDate": "2015-03-11T08:46:57.000-07:00", "provisionedDate": "2015-03-11T08:46:57.000-07:00", "passwordPolicyDescription": [ { "value": "Password must not match or contain first name." }, { "value": "Password must not match or contain last name." }, { "value": "Password must contain at least 2 alphabetic character(s)." }, { "value": "Password must be at least 6 character(s) long." }, { "value": "Password must contain at least 1 lowercase letter(s)." }, { "value": "Password must contain at least 1 numeric character(s)." }, { "value": "Password must contain at least 1 uppercase letter(s)." }, { "value": "Password must start with an alphabetic character." }, { "value": "Password must not match or contain user ID." } ], "userMustChangePasswordAtNextLogin": "1", "disabled": false, "organizations": [ { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1", "display": "Xellerate Users" } ], "description": "description2_user216_08_09.382323" }, "displayName": "Babs Jensen", "id": "355", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": { "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "passwordExpireDate": "2015-07-09T08:46:57.000-07:00", "locked": { "duration": 0, "value": "0" } }, "userName": "USERNAME_USER216_08_09.382323", "emails": [ { "value": "u1@example.com", "type": "work" } ], "active": true, "userType": "Contractor", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "employeeNumber": "701984", "manager": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1", "displayName": "display" }, "department": "Tour Operations", "organization": "Xellerate Users" }, "preferredLanguage": "en-US", "phoneNumbers": [ { "value": "555-555-4444", "type": "mobile" }, { "value": "555-555-5555", "type": "work" } ], "name": { "middleName": "Jane", "familyName": "familyName2_user216_08_09.382323", "givenName": "Barbara", "honorificSuffix": "III" }, "addresses": [ { "region": "CA", "streetAddress": "100 Universal City Plaza", "formatted": "100 Universal City Plaza\nHollywood, CA 91608 USA", "postalCode": "91608", "locality": "Hollywood", "country": "USA", "type": "work" }, { "formatted": "456 Hollywood Blvd\nHollywood, CA 91608 USA", "type": "home" } ], "groups": [ { "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/3", "type": "direct" } ], "timezone": "America/Los_Angeles", "title": "Tour Guide", "meta": { "lastModified": "2015-03-11T08:47:19.000-07:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/355", "created": "2015-03-11T08:46:57.000-07:00", "resourceType": "User" } }
リクエスト:
操作とURI: PATCH http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Users/355
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations": [ { "op":"replace", "path":"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User:description, "value":"description3" } ] }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User", "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User" ], "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": { "passwordIsExpired": "0", "userLoginAttemptsCounter": 0, "ldapCommonNameGenerated": 0, "userPasswordResetAttemptsCounter": 0, "passwordWarnDate": "2015-07-02T08:46:57.000-07:00", "homeOrganization": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1" }, "passwordCreateDate": "2015-03-11T08:46:57.000-07:00", "provisionedDate": "2015-03-11T08:46:57.000-07:00", "passwordPolicyDescription": [ { "value": "Password must not match or contain first name." }, { "value": "Password must not match or contain last name." }, { "value": "Password must contain at least 2 alphabetic character(s)." }, { "value": "Password must be at least 6 character(s) long." }, { "value": "Password must contain at least 1 lowercase letter(s)." }, { "value": "Password must contain at least 1 numeric character(s)." }, { "value": "Password must contain at least 1 uppercase letter(s)." }, { "value": "Password must start with an alphabetic character." }, { "value": "Password must not match or contain user ID." } ], "userMustChangePasswordAtNextLogin": "1", "disabled": false, "organizations": [ { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1", "display": "Xellerate Users" } ], "description": "description3" }, "displayName": "Babs Jensen", "id": "355", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": { "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "passwordExpireDate": "2015-07-09T08:46:57.000-07:00", "locked": { "duration": 0, "value": "0" } }, "userName": "USERNAME_USER216_08_09.382323", "emails": [ { "value": "u1@example.com", "type": "work" } ], "active": true, "userType": "Contractor", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "employeeNumber": "701984", "manager": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1", "displayName": "display" }, "department": "Tour Operations", "organization": "Xellerate Users" }, "preferredLanguage": "en-US", "phoneNumbers": [ { "value": "555-555-4444", "type": "mobile" }, { "value": "555-555-5555", "type": "work" } ], "name": { "middleName": "Jane", "familyName": "familyName2_user216_08_09.382323", "givenName": "Barbara", "honorificSuffix": "III" }, "addresses": [ { "region": "CA", "streetAddress": "100 Universal City Plaza", "formatted": "100 Universal City Plaza\nHollywood, CA 91608 USA", "postalCode": "91608", "locality": "Hollywood", "country": "USA", "type": "work" }, { "formatted": "456 Hollywood Blvd\nHollywood, CA 91608 USA", "type": "home" } ], "groups": [ { "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/3", "type": "direct" } ], "timezone": "America/Los_Angeles", "title": "Tour Guide", "meta": { "lastModified": "2015-03-11T08:49:17.000-07:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/355", "created": "2015-03-11T08:46:57.000-07:00", "resourceType": "User" } }
次に、ページ区切りの例を示します。
リクエスト:
操作とURI: GET /Users http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Users?attributes=id&startIndex=6&count=5
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 5, "itemsPerPage": 5, "startIndex": 6, "Resources": [ { "id": "59" }, { "id": "42" }, { "id": "25" }, { "id": "106" }, { "id": "89" } ] }
次に、検索のフィルタの例を示します。
http://HOST_NAME:PORT/idaas/im/scim/v1/Users?filter=(userName co xel)&attributes=id http://HOST_NAME:PORT/idaas/im/scim/v1/Users?attributes=userName&filter=(userName co 4) and (userName co BUG) http://HOST_NAME:PORT/idaas/im/scim/v1/Users?attributes=userName&filter=(emails.type eq work and emails.value sw u)
注意: 検索フィルタの詳細な説明は、次のURLにあるSCIM REST API IETFドラフトのフィルタリングに関する項を参照してください。
|
リクエスト:
操作とURI: DELETE http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Users/355
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文: NA
レスポンス:
ステータス: 204 No Content
本文: NA
リクエスト:
操作とURI: PATCH http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Users/356
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"], "Operations": [ { "op":"replace", "path":"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User:locked", "value" : { "value" : 1, "duration" : 3600 } } ] }
レスポンス:
ロック属性を更新した完全なリソースを返します。
ステータス: HTTP/1.1 200 OK
リクエスト:
操作とURI: PATCH http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Users/356
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"], "Operations": [ { "op":"replace", "path":"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User:locked", "value" : { "value" : 0 } } ] }
レスポンス:
ロック属性を更新した完全なリソースを返します。
ステータス: HTTP/1.1 200 OK
リクエスト:
操作とURI: PATCH http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Users/356
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"], "Operations": [ { "op": "replace","path": "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User:passwd", "value" : { "value": "newPassw0rd", "sendNotification": "true", "sendNotificationTo": "example2@example.com" } } ] }
レスポンス:
レスポンスには変更されたリソースが含まれます。
ステータス: HTTP/1.1 200 OK
リクエスト:
操作とURI: PATCH http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Users/356
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"], "Operations": [ { "op": "replace", "path": "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User:passwd", "value": { "value": "auto-generate", "sendNotification": "true", "sendNotificationTo": "john.doe@example.com" } } ] }
レスポンス
レスポンスは変更されたリソースです。
ステータス: HTTP/1.1 200 OK
リクエスト:
操作とURI: GET http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Me
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User", "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User" ], "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": { "userLoginAttemptsCounter": 0, "ldapCommonNameGenerated": 0, "userPasswordResetAttemptsCounter": 0, "ldapCommonName": "System Administrator", "passwordWarnDate": "2015-06-30T01:51:27.000-07:00", "lastSuccessfulLoginDate": "2015-03-11T00:00:00.000-07:00", "homeOrganization": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1" }, "passwordPolicyDescription": [ { "value": "Password must not match or contain first name." }, { "value": "Password must not match or contain last name." }, { "value": "Password must contain at least 2 alphabetic character(s)." }, { "value": "Password must be at least 6 character(s) long." }, { "value": "Password must contain at least 1 lowercase letter(s)." }, { "value": "Password must contain at least 1 numeric character(s)." }, { "value": "Password must contain at least 1 uppercase letter(s)." }, { "value": "Password must start with an alphabetic character." }, { "value": "Password must not match or contain user ID." } ], "disabled": false, "dataLevel": "2", "organizations": [ { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1", "display": "Xellerate Users" } ] }, "displayName": "display", "id": "1", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": { "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "passwordExpireDate": "2015-07-07T01:51:27.000-07:00", "locked": { "value": "0" } }, "userName": "XELSYSADM", "emails": [ { "value": "donotreply@example.com", "type": "work" } ], "active": true, "userType": "Full-Time", "name": { "familyName": "Administrator", "givenName": "System" }, "groups": [ { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/1", "type": "direct" }, { "value": "6", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/6", "type": "direct" } ], "meta": { "lastModified": "2015-03-11T08:15:44.000-07:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Me", "created": "2015-03-09T01:51:27.000-07:00", "resourceType": "User" }, "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "organization": "Xellerate Users" } }
リクエスト:
操作とURI: POST http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Me
ヘッダー:
Content-Type: application/scim+json
認可: NA
本文:
{ "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User", "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"], "userName": "bjensen@example.com", "name": { "familyName": "Jensen", "givenName": "Barbara", "middleName": "Jane", "honorificSuffix": "III" }, "displayName": "Babs Jensen", "emails": [ { "value": "bjensen@example.com", "type": "work" } ], "userType": "Full-Time", "password":"t1meMa$heen", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": { "challenges": [ { "challenge":"What is your favorite color?", "response":"color" }, { "challenge":"What is the name of your pet?", "response":"pet" }, { "challenge":"What is the city of your birth?", "response":"city" } ] } }
レスポンス:
ユーザーは直接作成され、新規ユーザーのentityIdが返されます。
ステータス: HTTP/1.1 201 Created
リクエスト
操作とURI: PATCH http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Me
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"], "Operations":[ { "op":"replace", "path":"displayName", "value" : "NEW_NAME" } ] }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User", "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User" ], "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": { "userLoginAttemptsCounter": 0, "ldapCommonNameGenerated": 0, "userPasswordResetAttemptsCounter": 0, "ldapCommonName": "System Administrator", "passwordWarnDate": "2015-06-30T01:51:27.000-07:00", "lastSuccessfulLoginDate": "2015-03-11T00:00:00.000-07:00", "homeOrganization": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1" }, "passwordPolicyDescription": [ { "value": "Password must not match or contain first name." }, { "value": "Password must not match or contain last name." }, { "value": "Password must contain at least 2 alphabetic character(s)." }, { "value": "Password must be at least 6 character(s) long." }, { "value": "Password must contain at least 1 lowercase letter(s)." }, { "value": "Password must contain at least 1 numeric character(s)." }, { "value": "Password must contain at least 1 uppercase letter(s)." }, { "value": "Password must start with an alphabetic character." }, { "value": "Password must not match or contain user ID." } ], "disabled": false, "dataLevel": "2", "organizations": [ { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1", "display": "Xellerate Users" } ] }, "displayName": "NEW_NAME", "id": "1", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": { "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "passwordExpireDate": "2015-07-07T01:51:27.000-07:00", "locked": { "value": "0" } }, "userName": "XELSYSADM", "emails": [ { "value": "donotreply@example.com", "type": "work" } ], "active": true, "userType": "Full-Time", "name": { "familyName": "Administrator", "givenName": "System" }, "groups": [ { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/1", "type": "direct" }, { "value": "6", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/6", "type": "direct" } ], "meta": { "lastModified": "2015-03-11T08:55:23.000-07:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Me", "created": "2015-03-09T01:51:27.000-07:00", "resourceType": "User" }, "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "organization": "Xellerate Users" } }
リクエスト:
操作とURI: PUT http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Me
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User", "urn:ietf:params:scim:schemas:core:2.0:User" ], "userName": "bjensen@example.com", "name": { "familyName": "Jensen" }, "userType": "Contractor", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "organization": "Xellerate Users", "homeOrganization": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1" } } }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User", "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User" ], "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": { "userLoginAttemptsCounter": 0, "passwordIsExpired": "0", "ldapCommonNameGenerated": 0, "userPasswordResetAttemptsCounter": 0, "passwordWarnDate": "2015-04-29T03:24:16.000-07:00", "homeOrganization": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1" }, "passwordCreateDate": "2015-01-06T03:24:16.000-08:00", "provisionedDate": "2015-01-06T03:24:16.000-08:00", "passwordPolicyDescription": [], "userMustChangePasswordAtNextLogin": "1", "disabled": false, "organizations": [ { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1", "display": "Xellerate Users" } ] }, "displayName": "Babs Jensen", "id": "145", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": { "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "passwordExpireDate": "2015-05-06T03:24:16.000-07:00", "locked": { "duration": 0, "value": "0", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/0" } }, "userName": "BJENSEN@EXAMPLE.COM", "emails": [ { "value": "bjensen@example.com", "type": "work" } ], "active": true, "userType": "Contractor", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": { "employeeNumber": "701984", "manager": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1", "displayName": "new display" }, "department": "Tour Operations", "organization": "Xellerate Users" }, "preferredLanguage": "en-US", "phoneNumbers": [ { "value": "555-555-4444", "type": "mobile" }, { "value": "555-555-5555", "type": "work" } ], "name": { "middleName": "Jane", "familyName": "Jensen", "givenName": "Barbara", "honorificSuffix": "III" }, "addresses": [ { "region": "CA", "streetAddress": "100 Universal City Plaza", "formatted": "100 Universal City Plaza\nHollywood, CA 91608 USA", "postalCode": "91608", "locality": "Hollywood", "country": "USA", "type": "work" }, { "formatted": "456 Hollywood Blvd\nHollywood, CA 91608 USA", "type": "home" } ], "groups": [ { "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/3", "type": "direct" } ], "timezone": "America/Los_Angeles", "title": "Tour Guide", "meta": { "lastModified": "2015-01-06T03:24:17.000-08:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/145", "created": "2015-01-06T03:24:17.000-08:00", "resourceType": "User" } }
リクエスト:
操作とURI: POST http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/PasswordResetterWithChallenges
ヘッダー:
Content-Type: application/json
認可: NA
本文:
{ "schemas": ["urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordResetterWithChallenges"], "userName": "JDOE", "challenges": [ { "challenge":"What is the name of your pet?", "response":"name" }, { "challenge":"What is the city of your birth?", "response":"city" }, { "challenge":"What is your favorite color?", "response":"color" } ], "password": "Welcome3" }
レスポンス:
レスポンスは空です。
ステータス: HTTP/1.1 204 No Content
リクエスト:
次のリクエストは、潜在的なパスワードを検証します。パスワードの検証リクエストの正常なレスポンスは、パスワードが有効であることを意味します。
操作とURI: POST http://
HOST_NAME
:PORT
/idaas/im/scim/v1/PasswordValidator
ヘッダー:
Content-Type: application/json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordValidator" ], "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1", "password": "jijijSSij1" }
レスポンス:
ステータス: HTTP/1.1 204 No Content
リクエスト:
ユーザー名の検証リクエストの正常なレスポンスは、パスワードが有効であることを意味します。次に、リクエストを示します。
操作とURI: POST http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/UserNameValidator
ヘッダー:
Content-Type: application/json
認可: Bearer h480djs93hd8
本文:
{ "schemas":["urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:UserNameValidator"], "userName": "aUserName" }
レスポンス:
ステータス: HTTP/1.1 204 No Content
リクエスト:
操作とURI: POST http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/UserNameGenerator
ヘッダー:
Content-Type: application/json
認可: Bearer h480djs93hd8
本文:
{ "schemas":["urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:UserNameGenerator"], "name": { "formatted": "Ms. Barbara J Doe III", "familyName": "Doe", "givenName": "Barbara", "middleName": "Jane", "honorificSuffix": "III" } }
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:UserNameGenerator" ], "meta": { "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/UserNameGenerator", "resourceType": "UserNameGenerator" }, "urn:ietf:params:scim:schemas:core:2.0:User": { "userName": "Barbara.Doe@example.com" } }
リクエスト:
リクエストは次のとおりです(認可ヘッダー、認証されていないフローなし)。
操作とURI: POST http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/UserNameRecoverer
ヘッダー:
Content-Type: application/json
認可: NA
本文:
{ "schemas": ["urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:UserNameRecoverer"], "email": "myemail@example.com" }
レスポンス:
ステータス: HTTP/1.1 204 No Content
ユーザー名がユーザーの電子メール・アドレスに送信されます。
この項では、グループ・リソースの次の例を示します。
リクエスト:
操作とURI: GET http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Groups?attributes=id,displayName
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 4, "Resources": [ { "displayName": "Group1", "id": "2" }, { "displayName": "SYSTEM ADMINISTRATORS", "id": "3" }, { "displayName": "Group2", "id": "4" }, { "displayName": "Group3", "id": "5" } ] }
リクエスト:
操作とURI: POST http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Groups
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group", "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group" ], "displayName": "Group33", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group": { "email": "group33@example.com", "description": "description1" }, "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group": { "namespace": "Default" } }
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group", "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group", "urn:ietf:params:scim:schemas:core:2.0:Group" ], "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group": { "organizationsPublishedTo": [ { "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3" } ], "category": { "name": "Default", "value": 1 }, "namespace": "Default", "catalog": { "tags": "Group33 Group33 Default", "requestable": true, "certifiable": false, "id": "151", "categoryName": "Role", "auditable": false, "itemRisk": 3, "hierarchicalDataAvailable": false } }, "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group": { "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "description": "description1", "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "owner": { "lastName": "Administrator", "email": "donotreply@example.com", "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1", "login": "XELSYSADM", "firstName": "System", "displayName": "NEW_NAME" }, "email": "group33@example.com" }, "meta": { "lastModified": "2015-03-11T08:55:57.000-07:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/157", "created": "2015-03-11T08:55:57.000-07:00", "resourceType": "Group" }, "displayName": "Group33", "id": "157" }
リクエスト:
操作とURI: PUT http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Groups/157
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group", "urn:ietf:params:scim:schemas:core:2.0:Group", "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group" ], "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group": { "organizationsPublishedTo": [ { "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3" } ], "category": { "name": "Default", "value": 1 }, "namespace": "Default" }, "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group": { "description": "description1", "localeNames": [ { "name": "Group_group09_53_11.228163", "locale": "base" } ], "email": "group_new@example.com" }, "displayName": "Group_group09_53_11.228163" }
レスポンス:
ステータス: HTTP/1.1 200 OK
場所: https://
HOST_NAME
:
PORT
/Groups/157
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group", "urn:ietf:params:scim:schemas:core:2.0:Group", "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group" ], "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group": { "organizationsPublishedTo": [ { "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3" } ], "category": { "name": "Default", "value": 1 }, "namespace": "Default" }, "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group": { "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "description": "description1", "localeNames": [ { "name": "Group_group09_53_11.228163", "locale": "base" } ], "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "owner": { "lastName": "Administrator", "email": "donotreply@example.com", "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1", "login": "XELSYSADM", "displayName": "System Administrator", "firstName": "System" }, "email": "group_new@example.com" }, "meta": { "lastModified": "2015-01-05T06:59:25.000-08:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/157", "created": "2015-01-05T06:55:14.000-08:00", "resourceType": "Group" }, "displayName": "Group_group09_53_11.228163", "id": "157" }
リクエスト:
操作とURI: PATCH http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Groups/153
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations": [ { "op":"replace" , "path":"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group:description", "value":"description3" } ] }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group", "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group", "urn:ietf:params:scim:schemas:core:2.0:Group" ], "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group": { "organizationsPublishedTo": [ { "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3" } ], "category": { "name": "Default", "value": 1 }, "namespace": "Default", "catalog": { "tags": "replace_catalog_requestable_6587843 replace_catalog_requestable_6587843 Default", "requestable": true, "certifiable": false, "id": "147", "categoryName": "Role", "auditable": false, "itemRisk": 3, "hierarchicalDataAvailable": false } }, "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group": { "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "description": "description3", "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "owner": { "lastName": "Administrator", "email": "donotreply@example.com", "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1", "login": "XELSYSADM", "firstName": "System", "displayName": "NEW_NAME" } }, "meta": { "lastModified": "2015-03-11T08:59:16.000-07:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/153", "created": "2015-03-11T08:13:11.000-07:00", "resourceType": "Group" }, "displayName": "replace_catalog_requestable_6587843", "id": "153" }
リクエスト:
操作とURI: DELETE http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Groups/153
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
レスポンス:
ステータス: HTTP/1.1 204 No Content
この項では、PATCH操作タイプを使用した「ロールの削除」操作の例を紹介します。次の項目が含まれます。
リクエスト
操作とURI: PATCH http://
HOST_NAME
:
PORT
/iam/governance/scim/v1/Groups/<role_id>
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations": [ { "op":"remove", "path":"urn:ietf:params:scim:schemas:core:2.0:Group:members", "value":[ { "value":"<usr_key>", "$ref":"http://HOST_NAME:PORT/idaas/im/scim/v1/Users/<usr_key>" } ] } ] }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group", "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group", "urn:ietf:params:scim:schemas:core:2.0:Group" ], "urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group": { "namespace": "Default", "organizationsPublishedTo": [ { "value": "3", "$ref": "http://HOST_NAME:PORT/iam/governance/scim/v1/Organizations/3" } ], "category": { "name": "Default", "value": 1 }, "ldapDn": "cn=tesrole1,cn=groups,dc=isc,dc=com", "catalog": { "auditable": true, "hierarchicalDataAvailable": false, "id": "101", "requestable": true, "itemRisk": 3, "certifiable": true, "categoryName": "Role", "tags": "tesrole1 tesrole1 Default" } }, "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group": { "createBy": { "$ref": "http://HOST_NAME:PORT/iam/governance/scim/v1/Users/1", "value": "1" }, "owner": { "firstName": "System", "lastName": "Administrator", "displayName": "System Administrator", "login": "XELSYSADM", "value": "1", "$ref": "http://HOST_NAME:PORT/iam/governance/scim/v1/Users/1", "email": "donotreply@oracle.com" }, "updateBy": { "value": "5", "$ref": "http://HOST_NAME:PORT/iam/governance/scim/v1/Users/5" } }, "members": [ { "value": "7002", "$ref": "http://HOST_NAME:PORT/iam/governance/scim/v1/Users/7002" } ], "meta": { "created": "2018-11-13T08:48:49.000+05:30", "location": "http://HOST_NAME:PORT/iam/governance/scim/v1/Groups/<role_id>", "lastModified": "2018-11-13T08:53:58.000+05:30", "resourceType": "Group" }, "displayName": "<role name>", "id": "<role_d>" }
この項では、組織リソースの次の例を示します。
リクエスト:
操作とURI: GET http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Organizations/148
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
レスポンス:
ステータス: HTTP/1.1 200 OK
場所: https://
HOST_NAME
:
PORT
/Organization/148
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization" ], "parent": { "name": "Top", "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3" }, "name": "org_pcu3_1426086587854", "passwordPolicy": { "name": "ppchg_1426086587854", "value": "94" }, "id": "148", "meta": { "lastModified": "2015-03-11T08:16:00.000-07:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/148", "created": "2015-03-11T08:16:00.000-07:00", "resourceType": "Organization" }, "customerType": "Company", "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "enforceNewPasswordPolicy": "Yes", "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "status": "Active", "members": [ { "value": "353", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/353" } ] }
リクエスト:
操作とURI: POST http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Organizations
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization" ], "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization": { "name": "organization16_08_50.141529", "customerType": "Branch" } }
注意: customerType 属性の有効な値は、Branch 、Company およびDepartment です。 |
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization" ], "parent": { "name": "Top", "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3" }, "name": "organization16_08_50.141529", "id": "77", "meta": { "lastModified": "2015-02-06T07:06:46.000-08:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/77", "created": "2015-02-06T07:06:46.000-08:00", "resourceType": "Organization" }, "customerType": "Branch", "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "enforceNewPasswordPolicy": "Yes", "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "status": "Active" }
リクエスト:
操作とURI: PUT http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Organizations/77
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization" ], "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization": { "name": "organization16_08_53.883452", "customerType": "Scim2" } }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization" ], "parent": { "name": "Top", "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3" }, "name": "organization16_08_53.883452", "id": "77", "meta": { "lastModified": "2015-02-06T07:09:27.000-08:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/77", "created": "2015-02-06T07:06:46.000-08:00", "resourceType": "Organization" }, "customerType": "Scim2", "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "enforceNewPasswordPolicy": "Yes", "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "status": "Active" }
リクエスト:
操作とURI: PATCH http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/Organizations/77
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations": [ { "op":"replace", "path":"customerType", "value":"Scim3" } ] }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization" ], "parent": { "name": "Top", "value": "3", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3" }, "name": "organization16_08_53.883452", "id": "77", "meta": { "lastModified": "2015-02-06T07:13:19.000-08:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/77", "created": "2015-02-06T07:06:46.000-08:00", "resourceType": "Organization" }, "customerType": "Scim3", "createBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "enforceNewPasswordPolicy": "Yes", "updateBy": { "value": "1", "$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1" }, "status": "Active" }
この項では、パスワード・ポリシー・リソースの次の例を示します。
リクエスト:
操作とURI: GET http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/PasswordPolicies?filter=(urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy:allowedChars co q)&attributes=id,description,name
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 3, "Resources": [ { "id": "2", "name": "pwp1_1423213466123", "description": "1" }, { "id": "6", "name": "pwp_q_3466186", "description": "pwp_q_3466186" }, { "id": "36", "name": "p1214_1423213645161" } ] }
リクエスト:
操作とURI: POST http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/PasswordPolicies
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy" ], "urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy": { "name":"pwdpol0901258070", "description":"complex password policy for ST org", "passwordWarningAfterInDays": 20, "passwordExpiresAfterInDays": 30, "minPasswordAgeInDays": 10, "userIdDisallowed": "false", "minLength": 3, "maxLength": 8, "firstNameDisallowed": "true", "challengeSource": 1, "challengeMinQuestions": 3, "challengeMinAnswers": 2, "challengeResponseMinLength": 5, "challengeAllowDuplicateResponses": "false", "challengeMaxIncorrectAttempts": 5, "challengeDefaultQuestions": [ { "value": "what is your favorite color" }, { "value": "what is name of your pet" }, { "value": "which is your favorite movie" }, { "value": "which is your favorite sport" } ] } }
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy" ], "challengesEnabled": false, "id": "49", "challengeSource": 1, "minLength": 3, "startsWithAlphabet": false, "description": "complex password policy for ST org", "name": "pwdpol0901258070", "complexPolicy": false, "challengeDefaultQuestions": [ { "value": "what is your favorite color" }, { "value": "what is name of your pet" }, { "value": "which is your favorite movie" }, { "value": "which is your favorite sport" } ], "challengeAllAtOnce": true, "minPasswordAgeInDays": 10, "passwordWarningAfterInDays": 20, "challengeResponseMinLength": 5, "userIdDisallowed": false, "maxLength": 8, "challengeMinQuestions": 3, "meta": { "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordPolicies/49", "resourceType": "PasswordPolicy" }, "challengeMaxIncorrectAttempts": 5, "challengeMinAnswers": 2, "passwordExpiresAfterInDays": 30, "challengeAllowDuplicateResponses": false, "lastNameDisallowed": false, "firstNameDisallowed": true, "dictionaryDelimiter": "\u0000" }
リクエスト:
操作とURI: PUT http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/PasswordPolicies/49
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy" ], "urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy": { "name":"pwdpol0905770857", "description":"complex password policy for ST org", "passwordWarningAfterInDays": 20, "passwordExpiresAfterInDays": 30, "minPasswordAgeInDays": 10, "userIdDisallowed": "false", "minLength": 3, "maxLength": 8, "firstNameDisallowed": "true", "challengeSource": 1, "challengeMinQuestions": 3, "challengeMinAnswers": 2, "challengeResponseMinLength": 5, "challengeAllowDuplicateResponses": "false", "challengeMaxIncorrectAttempts": 5, "challengeDefaultQuestions": [ { "value": "what is your favorite car" }, { "value": "what is name of your truck" }, { "value": "which is your favorite bicycle" }, { "value": "which is your favorite shoe" } ] } }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy" ], "challengesEnabled": false, "id": "49", "challengeSource": 1, "minLength": 3, "startsWithAlphabet": false, "description": "complex password policy for ST org", "name": "pwdpol0905770857", "complexPolicy": false, "challengeDefaultQuestions": [ { "value": "what is your favorite car" }, { "value": "what is name of your truck" }, { "value": "which is your favorite bicycle" }, { "value": "which is your favorite shoe" } ], "challengeAllAtOnce": true, "minPasswordAgeInDays": 10, "passwordWarningAfterInDays": 20, "challengeResponseMinLength": 5, "userIdDisallowed": false, "maxLength": 8, "challengeMinQuestions": 3, "meta": { "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordPolicies/49", "resourceType": "PasswordPolicy" }, "challengeMaxIncorrectAttempts": 5, "challengeMinAnswers": 2, "passwordExpiresAfterInDays": 30, "challengeAllowDuplicateResponses": false, "lastNameDisallowed": false, "firstNameDisallowed": true, "dictionaryDelimiter": "\u0000" }
リクエスト:
操作とURI: PATCH http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/PasswordPolicies/49
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations": [ { "op":"replace", "path":"firstNameDisallowed", "value":"false" } ] }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy" ], "challengesEnabled": false, "id": "49", "challengeSource": 1, "minLength": 3, "startsWithAlphabet": false, "description": "complex password policy for ST org", "name": "pwdpol0905770857", "complexPolicy": false, "challengeDefaultQuestions": [ { "value": "what is your favorite car" }, { "value": "what is name of your truck" }, { "value": "which is your favorite bicycle" }, { "value": "which is your favorite shoe" } ], "challengeAllAtOnce": true, "minPasswordAgeInDays": 10, "passwordWarningAfterInDays": 20, "challengeResponseMinLength": 5, "userIdDisallowed": false, "maxLength": 8, "challengeMinQuestions": 3, "meta": { "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordPolicies/49", "resourceType": "PasswordPolicy" }, "challengeMaxIncorrectAttempts": 5, "challengeMinAnswers": 2, "passwordExpiresAfterInDays": 30, "challengeAllowDuplicateResponses": false, "lastNameDisallowed": false, "firstNameDisallowed": false, "dictionaryDelimiter": "\u0000" }
この項では、通知テンプレート・リソースの次の例を示します。
リクエスト:
操作とURI: GET http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/NotificationTemplates?attributes=id,name
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 4, "Resources": [ { "name": "AddProxyNotificationTemplate", "id": "12" }, { "name": "BulkRequestCreation", "id": "6" }, { "name": "CreateUserSelfServiceNotification", "id": "7" }, { "name": "UserDeletedNotificationTemplate", "id": "10" } ] }
リクエスト:
操作とURI: POST http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/NotificationTemplates/
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate" ], "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate": { "name":"notificationtemplate16_09_14.724166_1", "eventName":"AddProxy", "description":"myTemplate", "locales": [ { "locale": "dddd", "subject": "Notification for contractors 1", "encoding": "UTF-8", "contentType": "text/html, charset=UTF-8", "shortMessage": "short message1", "longMessage": "long message1" }, { "locale": "eeee", "subject": "Notification for contractors 2", "encoding": "UTF-8", "contentType": "text/html, charset=UTF-8", "shortMessage": "short message2", "longMessage": "long message2" } ] } }
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate" ], "meta": { "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/NotificationTemplates/25", "resourceType": "NotificationTemplate" }, "name": "notificationtemplate16_09_14.724166_1", "eventName": "AddProxy", "locales": [ { "subject": "Notification for contractors 2", "locale": "eeee", "shortMessage": "short message2", "encoding": "UTF-8", "contentType": "text/html, charset=UTF-8", "longMessage": "long message2" }, { "subject": "Notification for contractors 1", "locale": "dddd", "shortMessage": "short message1", "encoding": "UTF-8", "contentType": "text/html, charset=UTF-8", "longMessage": "long message1" } ], "description": "myTemplate", "id": "25" }
リクエスト:
操作とURI: PUT http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/NotificationTemplates/25
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate" ], "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate": { "name":"notificationtemplate16_09_17.742004_2", "eventName":"AddProxy", "description":"Template to notify contractors after password has been reset", "locales": [ { "subject": "Notification for contractors 1", "encoding": "UTF-8", "contentType": "text/html, charset=UTF-8", "shortMessage": "short message1", "longMessage": "long message1", "locale": "ffff" }, { "subject": "Notification for contractors 2", "encoding": "UTF-8", "contentType": "text/html, charset=UTF-8", "shortMessage": "short message2", "longMessage": "long message2", "locale": "gggg" } ] } }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate" ], "meta": { "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/NotificationTemplates/25", "resourceType": "NotificationTemplate" }, "name": "notificationtemplate16_09_14.724166_1", "eventName": "AddProxy", "locales": [ { "subject": "Notification for contractors 2", "locale": "gggg", "shortMessage": "short message2", "encoding": "UTF-8", "contentType": "text/html, charset=UTF-8", "longMessage": "long message2" }, { "subject": "Notification for contractors 1", "locale": "ffff", "shortMessage": "short message1", "encoding": "UTF-8", "contentType": "text/html, charset=UTF-8", "longMessage": "long message1" } ], "description": "Template to notify contractors after password has been reset", "id": "25" }
リクエスト:
操作とURI: PATCH http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/NotificationTemplates/25
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations": [ { "op":"replace", "path":"description", "value":"description3" } ] }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate" ], "meta": { "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/NotificationTemplates/25", "resourceType": "NotificationTemplate" }, "name": "notificationtemplate16_09_14.724166_1", "eventName": "AddProxy", "locales": [ { "subject": "Notification for contractors 2", "locale": "gggg", "shortMessage": "short message2", "encoding": "UTF-8", "contentType": "text/html, charset=UTF-8", "longMessage": "long message2" }, { "subject": "Notification for contractors 1", "locale": "ffff", "shortMessage": "short message1", "encoding": "UTF-8", "contentType": "text/html, charset=UTF-8", "longMessage": "long message1" } ], "description": "description3", "id": "25" }
この項では、システム・プロパティ・リソースの次の例を示します。
リクエスト:
操作とURI: GET http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/SystemProperties?filter=(name eq AllowDisabledManagers)
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "Resources": [ { "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:SystemProperty" ], "id": "40", "meta": { "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/SystemProperties/40", "resourceType": "SystemProperty" }, "value": "FALSE", "name": "AllowDisabledManagers", "displayName": "Is disabled manager allowed" } ] }
リクエスト:
操作とURI: PATCH http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/SystemProperties/27
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations": [ { "op":"replace", "path":"displayName", "value":"new_displayName_for_systemProperty" } ] }
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:SystemProperty" ], "id": "27", "meta": { "lastModified": "2015-02-05T08:44:04.000-08:00", "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/SystemProperties/27", "created": "2015-02-05T08:44:04.000-08:00", "resourceType": "SystemProperty" }, "value": "NONE", "name": "OIM.ChallengeQuestionModificationURL", "displayName": "new_displayName_for_systemProperty" }
リクエスト:
操作とURI: GET http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/ServiceProviderConfigs
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "Resources": [ { "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig" ], "patch": { "supported": true }, "meta": { "location": "http://HOST_NAME:PORT/idaas/im/scim/v1/ServiceProviderConfigs", "resourceType": "ServiceProviderConfig" }, "bulk": { "maxPayloadSize": 1048576, "supported": false, "maxOperations": 1000 }, "authenticationSchemes": [ { "documentationUrl": "http://HOST_NAME/help/httpBasic.htm", "specUrl": "http://www.ietf.org/rfc/rfc2617.txt", "description": "Authentication Scheme using the Http Basic Standard", "name": "HTTP Basic" } ], "documentationUrl": "http://HOST_NAME", "changePassword": { "supported": true }, "etag": { "supported": false }, "sort": { "supported": true }, "filter": { "supported": true, "maxResults": 200 } } ] }
リクエスト:
操作とURI: GET http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/ResourceTypes?attributes=name
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 15, "Resources": [ { "name": "User" }, { "name": "PasswordValidator" }, { "name": "UserNameRecoverer" }, { "name": "Schema" }, { "name": "ServiceProviderConfig" }, { "name": "Organization" }, { "name": "Request" }, { "name": "Group" }, { "name": "PasswordPolicy" }, { "name": "SystemProperty" }, { "name": "NotificationTemplate" }, { "name": "ResourceType" }, { "name": "PasswordResetterWithChallenges" }, { "name": "UserNameValidator" }, { "name": "UserNameGenerator" } ] }
リクエストは、リソース検索の代替方法であるPOST [prefix]/.search
で発行されます。URLでパラメータを渡すかわりに、次の例に示すようにリクエスト・パラメータがPOST本文で渡されます。
リクエスト:
操作とURI: POST http://
HOST_NAME
:
PORT
/idaas/im/scim/v1/
Users/.search
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":["urn:ietf:params:scim:api:messages:2.0:SearchRequest"],
"attributes": [ "id", "userName" ],
"filter": "userType eq \"Employee\" and (emails [type eq \"work\" and value co \"HOST_NAME\"] or name.givenName co \"doe\")",
"startIndex":1,
"count":2,
"sortBy": "userName",
"sortOrder": "ascending"
}
レスポンス:
本文:
{ "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "itemsPerPage": 2, "startIndex": 1, "Resources": [ { "id": "10", "userName": "John Doe" }, { "id": "89", "userName": "Mary Doe" } ] }
Oracle Identity Manager RESTサービスでサポートされるスキーマを取得するには、次のSCIMリクエストを送信します。
GET /Schemas
SCIMリソースは、Oracle Identity Managerのインストールまたはアップグレード時にデフォルトで作成されるカスタムOracle Web Services Manager (OWSM)ポリシーoracle/multi_token_noauth_over_ssl_rest_service_policy
で保護されます。このポリシーは変更できません。
このポリシーは、OWSMの定義済ポリシーoracle/multi_token_rest_service_policy
とoracle/no_authentication_service_policy
の機能を組み合せます。このポリシーは、トークンがクライアントによって送信されたときに次の認証ポリシーのいずれかを実行するか、トークンが指定されていない場合は匿名を許可します。
HTTP Basic
HTTPヘッダー内のSAML 2.0 Bearerトークン
HTTP OAMセキュリティ
SPNEGO over HTTPセキュリティ
HTTPヘッダー内のJWTトークン
SCIMおよびRESTサービス用のJWTサービスの詳細は、JSON Webトークン・サービスの使用を参照してください。
定義済OWSMポリシーの詳細は、『Webサービスのためのセキュリティおよび管理者ガイド』の次の項を参照してください。
oracle/multi_token_rest_service_policy
動作無効ポリシー