| Oracle® Fusion Middleware Oracle Identity Managerのためのアプリケーションの開発とカスタマイズ 11gリリース2 (11.1.2.3.0) E61958-10 |
|
 前 |
 次 |
| Oracle® Fusion Middleware Oracle Identity Managerのためのアプリケーションの開発とカスタマイズ 11gリリース2 (11.1.2.3.0) E61958-10 |
|
前 |
次 |
Representation State Transfer (REST)は、HTTPを介してWebサービスを構築するアーキテクチャ形式です。アイデンティティRESTサービスは、セルフサービス、ユーザー、ロール/グループ、組織およびパスワード・ポリシー管理の機能を提供するREST Webサービスのセットです。アイデンティティRESTサービスは、System for Cross-Domain Identity Management (SCIM)プロトコルに基づいています。Oracle Identity Manager SCIMサービスは、「ユーザー・リソースのスキーマ属性」で説明するように、デフォルトでSCIMスキーマおよびIDM拡張機能とともに使用できます。
「スキーマの取得」で説明するように、サポートされるスキーマを取得できます。
Oracle Identity Managerをデプロイする場合、SCIMがOracle Identity ManagerサーバーのWebアプリケーションとしてデフォルトでデプロイされます。
Oracle Identity ManagerでのSCIM実装は、draft-ietf-scim-api-13 and draft-ietf-scim-core-schema-13に従います。IETFドラフトの詳細は、次のURLを参照してください。
この章の内容は次のとおりです。
表21-1は、Oracle Identity Managerのサポートされている操作に使用されるSCIMベースAPIを示しています。
表21-1 SCIMベースAPIおよびサポートされている操作
| リソース | エンドポイント | 操作 | スキーマURL。 | 説明 |
|---|---|---|---|---|
|
ユーザー |
/Users |
GET、POST、PUT、PATCH、DELETE |
urn:ietf:params:scim:schemas:core:2.0:User urn:ietf:params:scim:schemas:extension:enterprise:2.0:User · urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User · urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User |
ユーザーの取得/追加/変更/無効化/有効化/ロック/ロック解除/削除 - identity.usermgmt.api.UserManager |
|
ユーザー |
/Me |
GET、POST、PUT、PATCH |
·urn:ietf:params:scim:schemas:core:2.0:User · urn:ietf:params:scim:schemas:extension:enterprise:2.0:User · urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User · urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User |
自分のプロファイルの取得/変更、自分のパスワードの変更、自分のチャレンジ・レスポンスの変更 - selfservice.self.selfmgmt.api.AuthenticatedSelfService 自己登録 - UnauthenticatedSelfServiceを使用 |
|
PasswordResetterWithChallenges |
/PasswordResetterWithChallenges |
POST |
· urn:ietf:params:scim:schema:oracle:core:2.0:PasswordResetterWithChallenges |
|
|
PasswordValidator |
/PasswordValidator |
POST |
· urn:ietf:params:scim:schema:oracle:core:2.0:PasswordValidator |
|
|
UserNameGenerator |
/UserNameGenerator |
POST |
· urn:ietf:params:scim:schema:oracle:core:2.0:UserNameGenerator |
|
|
UserNameRecoverer |
/UserNameRecoverer |
POST |
· urn:ietf:params:scim:schema:oracle:core:2.0:UserNameRecoverer |
|
|
UserNameValidator |
/UserNameValidator |
POST |
· urn:ietf:params:scim:schema:oracle:core:2.0:UserNameValidator |
|
|
グループ |
/Groups |
GET、POST、PUT、PATCH、DELETE |
· urn:ietf:params:scim:schemas:core:2.0:Group · urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group · urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group |
グループの取得/追加/変更/SetUserMembershipRule/削除 - identity.rolemgmt.api.RoleManager |
|
組織 |
/Organizations |
GET、POST、PUT、PATCH、DELETE |
urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization |
組織の取得/追加/変更/SetUserMembershipRule/削除 - identity.orgmgmt.api.OrganizationManager |
|
パスワード・ポリシー |
/PasswordPolicies |
GET、POST、PUT、PATCH、DELETE |
urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy |
パスワード・ポリシーの取得/追加/変更/削除 - passwordmgmt.api.PasswordMgmtService |
|
通知テンプレート |
/NotificationTemplates |
GET、POST、PUT、PATCH、DELETE |
urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate |
通知テンプレートの取得/追加/変更/削除 - notification.api.NotificationService |
|
システム・プロパティ |
/SystemProperties |
GET、PATCH |
urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:SystemProperty |
システム・プロパティの取得/変更 - config.api.SystemConfigurationService |
|
サービス・プロバイダ構成スキーマ |
/ServiceProviderConfigs |
GET |
urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig |
サービス・プロバイダの構成の取得 |
|
リソース・タイプ |
/ResourceTypes |
GET |
urn:ietf:params:scim:schemas:core:2.0:ResourceType |
リソース・タイプの構成の取得 |
|
スキーマ |
/Schemas |
GET |
urn:ietf:params:scim:schemas:core:2.0:Schema urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Schema |
リソースのスキーマの取得 |
|
検索 |
[prefix]/.search |
POST |
なし |
POSTを使用した1つ以上のリソース・タイプのシステム・ルートまたはリソース・エンドポイント内での検索の実行 |
この項にリストするリソース・スキーマの表は、サポートされるSCIM属性を示しています。すべてのSCIMリソース・タイプおよびスキーマ拡張は、JSONリクエストとレスポンスの両方で次のURIによって識別されます。
urn:oracle:scim:schemas:idm:2.0:RESOURCE_TYPE
ユーザー、グループ、組織などのすべてのSCIMリソースには、SCIMスキーマ属性の次のタイプが含まれます。
SVA: 単一値属性
MVA: 複数値属性。
CSVA: 複合単一値属性
CMVA: 複合複数値属性。
SCIMユーザー・スキーマは、各値が個人用電子メール・アドレス、仕事用電子メール・アドレス、その他の電子メール・アドレスなどのサブ属性と値を持つことができる電子メール・アドレスなどのCMVAをサポートします。既存のOracle Identity Managerユーザー・スキーマ属性にマップできる場合を除き、Oracle Identity ManagerはCMVAをサポートせず、Oracle Identity Manager SCIM/REST APIもCMVAをサポートしません。Oracle Identity Manager SCIM/RESTでサポートされない複合SCIM属性を含むリクエストが行われた場合、RESTレスポンスに同じ内容を示すエラーが戻されます。
可変性は、特定の属性がアクセスされる方法です。可能な可変性値は次のとおりです。
読取り専用(RO): 作成および読取り/検索操作を実行できます
WO: 作成はできますが、読取り/検索操作はできません
RW: 作成および読取り/検索操作を実行できます
表21-2に、SCIMユーザー・スキーマ属性をリストします。
表21-2 urn:ietf:params:scim:schemas:core:2.0:User
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
userName |
SVA |
String |
はい |
RW |
|
name.formatted |
SVA |
String |
いいえ |
RW |
|
name.familyName |
SVA |
String |
いいえ |
RW |
|
name.givenName |
SVA |
String |
いいえ |
RW |
|
name.middleName |
SVA |
String |
いいえ |
RW |
|
name.honorificPrefix |
SVA |
String |
いいえ |
RW |
|
name.honorificSuffix |
SVA |
String |
いいえ |
RW |
|
displayName |
SVA |
String |
いいえ |
RW |
|
nickName |
SVA |
String |
いいえ |
RW |
|
profileUrl |
SVA |
String |
いいえ |
RW |
|
title |
SVA |
String |
いいえ |
RW |
|
title |
SVA |
String |
いいえ |
RW |
|
userType |
SVA |
String |
いいえ |
RW |
|
preferredLanguage |
SVA |
String |
いいえ |
RW |
|
timezone |
SVA |
String |
いいえ |
RW |
|
locale |
SVA |
String |
いいえ |
RW |
|
active |
SVA |
ブール |
いいえ |
RW |
|
password |
SVA |
String |
いいえ |
WO |
|
emails |
CMVA |
該当なし |
いいえ |
RW |
|
emails[work].value |
SVA |
String |
いいえ |
RW |
|
emails[<type>].primary |
SVA |
String |
いいえ |
RW |
|
phoneNumbers |
CMVA |
該当なし |
いいえ |
RW |
|
phoneNumbers.type |
SVA |
String |
いいえ |
RW |
|
phoneNumbers[work].value |
SVA |
String |
いいえ |
RW |
|
phoneNumbers[home].value |
SVA |
String |
いいえ |
RW |
|
phoneNumbers[mobile].value |
SVA |
String |
いいえ |
RW |
|
phoneNumber[fax].value |
SVA |
String |
いいえ |
RW |
|
phoneNumber[pager].value |
SVA |
String |
いいえ |
RW |
|
phoneNumber[other].value |
SVA |
String |
いいえ |
RW |
|
ims |
CMVA |
該当なし |
いいえ |
RW |
|
photos |
CMVA |
該当なし |
いいえ |
RW |
|
addresses |
CMVA |
該当なし |
いいえ |
RW |
|
addresses.type |
SVA |
String |
いいえ |
RW |
|
addresses[<type>].primary |
SVA |
String |
いいえ |
RW |
|
addresses[work].formatted |
SVA |
String |
いいえ |
RW |
|
addresses[home].formatted |
SVA |
String |
いいえ |
RW |
|
addresses[work].streetAddress |
SVA |
String |
いいえ |
RW |
|
addresses[work].locality |
SVA |
String |
いいえ |
RW |
|
addresses[work].region |
SVA |
String |
いいえ |
RW |
|
addresses[work].postalCode |
SVA |
String |
いいえ |
RW |
|
addresses[work].country |
SVA |
String |
いいえ |
RW |
|
groups |
CMVA |
該当なし |
いいえ |
RO |
|
groups.value |
SVA |
String |
いいえ |
RO |
|
groups.$ref |
SVA |
String |
いいえ |
RO |
|
groups.type |
SVA |
String |
いいえ |
RO |
|
entitlements |
SMVA |
String |
いいえ |
RW |
|
roles |
SMVA |
String |
いいえ |
RW |
|
x509Certificates |
SMVA |
String |
いいえ |
RW |
|
注意: アカウントおよびエンタイトルメントはOracle Identity Manager SCIMサービスでサポートされません。 |
表21-3に、SCIMエンタープライズ・ユーザー・スキーマ属性をリストします。
表21-3 urn:ietf:params:scim:schemas:extension:enterprise:2.0:User
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
employeeNumber |
SVA |
String |
いいえ |
RW |
|
costCenter |
SVA |
String |
いいえ |
RW |
|
organization |
SVA |
String |
いいえ |
RO |
|
division |
SVA |
String |
いいえ |
RW |
|
department |
SVA |
String |
いいえ |
RW |
|
manager.value |
SVA |
String |
いいえ |
RW |
|
manager.$ref |
SVA |
String |
いいえ |
RW |
|
manager.displayName |
SVA |
String |
いいえ |
RO |
表21-4に、SCIM IDM共通ユーザー・スキーマ拡張属性をリストします。
表21-4 urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
createBy.value |
SVA |
String |
いいえ |
RO |
|
createBy.$ref |
SVA |
String |
いいえ |
RO |
|
updateBy.value |
SVA |
String |
いいえ |
RO |
|
updateBy.$ref |
SVA |
String |
いいえ |
RO |
|
passwd |
CSVA |
|||
|
passwd.value |
SVA |
String |
いいえ |
WO |
|
passwd.oldValue |
SVA |
String |
いいえ |
WO |
|
passwd.sendNotification |
SVA |
String |
いいえ |
WO |
|
passwd.sendNotificationTo |
SVA |
String |
いいえ |
WO |
|
passwordMustChange |
SVA |
String |
いいえ |
RO |
|
passwordExpireDate |
SVA |
String |
いいえ |
RO |
|
locked.value |
SVA |
String |
いいえ |
RW |
|
locked.duration |
SVA |
String |
いいえ |
RW |
|
locked.reason |
SVA |
String |
いいえ |
RO |
|
locked.on |
SVA |
String |
いいえ |
RO |
|
challenges |
CMVA |
該当なし |
いいえ |
RW |
|
challenges.challenge |
SVA |
String |
いいえ |
RW |
|
challenges.response |
SVA |
String |
いいえ |
RW |
表21-5に、Oracle Identity Governance (OIG)ユーザー・スキーマ拡張属性をリストします。
表21-5 urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
dataLevel |
SVA |
String |
いいえ |
RO |
|
disabled |
SVA |
String |
いいえ |
RO |
|
passwordCreateDate |
SVA |
日付 |
いいえ |
RO |
|
passwordCantChange |
SVA |
String |
いいえ |
RO |
|
passwordNeverExpires |
SVA |
String |
いいえ |
RO |
|
passwordIsExpired |
SVA |
String |
いいえ |
RO |
|
passwordWarnDate |
SVA |
日付 |
いいえ |
RO |
|
lastSuccessfulLoginDate |
SVA |
日付 |
いいえ |
RO |
|
lastFailedLoginDate |
SVA |
日付 |
いいえ |
RO |
|
hireDate |
SVA |
日付 |
いいえ |
RW |
|
startDate |
SVA |
日付 |
いいえ |
RW |
|
endDate |
SVA |
日付 |
いいえ |
RW |
|
provisioningDate |
SVA |
日付 |
いいえ |
RW |
|
provisionedDate |
SVA |
日付 |
いいえ |
RO |
|
deprovisioningDate |
SVA |
日付 |
いいえ |
RW |
|
deprovisionedDate |
SVA |
日付 |
いいえ |
RO |
|
automaticallyDeleteOn |
SVA |
日付 |
いいえ |
RO |
|
userLoginAttemptsCounter |
SVA |
Int |
いいえ |
RO |
|
userPasswordResetAttemptsCounter |
SVA |
Int |
いいえ |
RO |
|
userMustChangePasswordAtNextLogin |
SVA |
String |
いいえ |
RO |
|
userPasswordMinAgeDate |
SVA |
日付 |
いいえ |
RO |
|
description |
SVA |
String |
いいえ |
RW |
|
ldapCommonName |
SVA |
String |
いいえ |
RW |
|
ldapCommonNameGenerated |
SVA |
String |
いいえ |
RW |
|
ldapOrganization |
SVA |
String |
いいえ |
RW |
|
ldapOrganizationalUnit |
SVA |
String |
いいえ |
RW |
|
ldapDn |
SVA |
String |
いいえ |
RW |
|
ldapGuid |
SVA |
String |
いいえ |
RW |
|
poBox |
SVA |
String |
いいえ |
RW |
|
jobCode |
SVA |
String |
いいえ |
RW |
|
officeName |
SVA |
String |
いいえ |
RW |
|
initials |
SVA |
String |
いいえ |
RW |
|
faLanguage |
SVA |
String |
いいえ |
RW |
|
faTerritory |
SVA |
String |
いいえ |
RW |
|
embeddedHelp |
SVA |
String |
いいえ |
RW |
|
fontSize |
SVA |
String |
いいえ |
RW |
|
colorContrast |
SVA |
String |
いいえ |
RW |
|
accessibilityMode |
SVA |
String |
いいえ |
RW |
|
numberFormat |
SVA |
String |
いいえ |
RW |
|
dateFormat |
SVA |
String |
いいえ |
RW |
|
timeFormat |
SVA |
String |
いいえ |
RW |
|
currency |
SVA |
String |
いいえ |
RW |
|
summaryRisk |
SVA |
String |
いいえ |
RO |
|
hasHighRiskRole |
SVA |
String |
いいえ |
RO |
|
hasHighRiskResource |
SVA |
String |
いいえ |
RO |
|
hasHighRiskEntitlement |
SVA |
String |
いいえ |
RO |
|
hasHighRiskProvisioningMethod |
SVA |
String |
いいえ |
RO |
|
hasHighRiskOpenSod |
SVA |
String |
いいえ |
RO |
|
hasHighRiskLastCert |
SVA |
String |
いいえ |
RO |
|
roleSummaryRisk |
SVA |
String |
いいえ |
RO |
|
accountSummaryRisk |
SVA |
String |
いいえ |
RO |
|
entitlementSummaryRisk |
SVA |
String |
いいえ |
RO |
|
riskUpdateDate |
SVA |
String |
いいえ |
RO |
|
homeOrganization |
CSVA |
該当なし |
いいえ |
RW |
|
homeOrganization.value |
SVA |
String |
いいえ |
RW |
|
homeOrganization.$ref |
SVA |
String |
いいえ |
RO |
|
Organizations |
CMVA |
該当なし |
いいえ |
RO |
|
organizations.value |
SVA |
String |
いいえ |
RO |
|
organizations.$ref |
SVA |
String |
いいえ |
RO |
|
passwordPolicyDescription |
SVA |
String |
いいえ |
RO |
|
requestId |
SVA |
String |
いいえ |
RO |
表21-6に、IDM PasswordResetterWithChallengesユーザー・スキーマ属性をリストします。
表21-11に、SCIMグループ・スキーマ属性をリストします。
表21-11 urn:ietf:params:scim:schemas:core:2.0:Group
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
displayName |
SVA |
String |
はい |
RW |
|
members |
CMVA |
該当なし |
いいえ |
|
|
members.value |
SVA |
String |
いいえ |
RW |
|
members .$ref |
SVA |
String |
いいえ |
RW |
表21-12に、IDM共通グループ・スキーマ拡張属性をリストします。
表21-12 urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
createBy.value |
SVA |
String |
いいえ |
RO |
|
createBy.$ref |
SVA |
String |
いいえ |
RO |
|
updateBy.value |
SVA |
String |
いいえ |
RO |
|
updateBy.$ref |
SVA |
String |
いいえ |
RO |
|
|
SVA |
String |
いいえ |
RW |
|
description |
SVA |
String |
いいえ |
RW |
|
owner |
CSVA |
該当なし |
いいえ |
RW |
|
owner.value |
SVA |
String |
いいえ |
RW |
|
owner.$ref |
SVA |
String |
いいえ |
RO |
|
owner.firstName |
SVA |
String |
いいえ |
RO |
|
owner.lastName |
SVA |
String |
いいえ |
RO |
|
owner.displayName |
SVA |
String |
いいえ |
RO |
|
owner.email |
SVA |
String |
いいえ |
RO |
|
owner.login |
SVA |
String |
いいえ |
RO |
表21-13に、OIGグループ・スキーマ拡張属性をリストします。
表21-13 urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
dataLevel |
SVA |
String |
いいえ |
RO |
|
namespace |
SVA |
String |
いいえ |
RW |
|
category |
CSVA |
該当なし |
いいえ |
RW |
|
category.value |
SVA |
String |
いいえ |
RW |
|
category.name |
SVA |
String |
いいえ |
RO |
|
ldapGuid |
SVA |
String |
いいえ |
RO |
|
ldapDn |
SVA |
String |
いいえ |
RO |
|
requestId |
SVA |
String |
いいえ |
RO |
|
accessPolicies.value |
MVA |
String |
いいえ |
RW |
|
organizationsPublishedTo |
CMVA |
該当なし |
いいえ |
RW |
|
organizationsPublishedTo.value |
SVA |
String |
いいえ |
RW |
|
organizationsPublishedTo.$ref |
SVA |
String |
いいえ |
RO |
|
catalog |
CSVA |
該当なし |
いいえ |
RW |
|
catalog.id |
SVA |
String |
いいえ |
RO |
|
catalog.categoryName |
SVA |
String |
いいえ |
RW |
|
catalog.auditObjectives |
SVA |
String |
いいえ |
RW |
|
catalog.itemRisk |
SVA |
Integer |
いいえ |
RW |
|
catalog.userDefinedTags |
SVA |
String |
いいえ |
RW |
|
catalog.certifiable |
SVA |
ブール |
いいえ |
RW |
|
catalog.auditable |
SVA |
ブール |
いいえ |
RW |
|
catalog.requestable |
SVA |
ブール |
いいえ |
RW |
|
catalog.tags |
SVA |
String |
いいえ |
RO |
|
catalog.hierarchicalDataAvailable |
SVA |
ブール |
いいえ |
RO |
|
catalogApproverUser.value |
SVA |
String |
いいえ |
RW |
|
catalogApproverUser.$ref |
SVA |
Reference |
いいえ |
RW |
|
catalogApproverRole.value |
SVA |
String |
いいえ |
RW |
|
catalogApproverRole.$ref |
SVA |
Reference |
いいえ |
RW |
|
catalogCertifierUser.value |
SVA |
String |
いいえ |
RW |
|
catalogCertifierUser.$ref |
SVA |
Reference |
いいえ |
RW |
|
catalogCertifierRole.value |
SVA |
String |
いいえ |
RW |
|
catalogCertifierRole.$ref |
SVA |
Reference |
いいえ |
RW |
|
catalogFulfillmentUser.value |
SVA |
String |
いいえ |
RW |
|
catalogFulfillmentUser.$ref |
SVA |
Reference |
いいえ |
RW |
|
catalogFulfillmentRole.value |
SVA |
String |
いいえ |
RW |
|
catalogFulfillmentRole.$ref |
SVA |
Reference |
いいえ |
RW |
|
catalogAttributes |
CMVA |
該当なし |
いいえ |
RW |
|
catalogAttributes.name |
SVA |
String |
いいえ |
RW |
|
catalogAttributes.value |
SVA |
String |
いいえ |
RW |
|
catalogAttributes.udf |
SVA |
ブール |
いいえ |
RW |
|
catalogAttributes.description |
SVA |
String |
いいえ |
RW |
|
catalogAttributes.searchable |
SVA |
ブール |
いいえ |
RW |
|
catalogAttributes.sortable |
SVA |
ブール |
いいえ |
RW |
|
catalogAttributes.certifiable |
SVA |
ブール |
いいえ |
RW |
|
catalogAttributes.datatype |
SVA |
String |
いいえ |
RO |
|
userMembershipRule |
CSVA |
該当なし |
いいえ |
RW |
|
userMembershipRule.value |
SVA |
String |
いいえ |
RW |
|
userMembershipRule.evaluate |
SVA |
ブール |
いいえ |
WO |
表21-14に、OIG組織スキーマ属性をリストします。
表21-14 urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
createBy.value |
SVA |
String |
いいえ |
RO |
|
createBy.$ref |
SVA |
String |
いいえ |
RO |
|
updateBy.value |
SVA |
String |
いいえ |
RO |
|
updateBy.$ref |
SVA |
String |
いいえ |
RO |
|
dataLevel |
SVA |
String |
いいえ |
RO |
|
name |
SVA |
String |
いいえ |
RW |
|
customerType |
SVA |
String |
いいえ |
RW |
|
status |
SVA |
String |
いいえ |
RW |
|
disabled |
SVA |
String |
いいえ |
RW |
|
parent |
CSVA |
該当なし |
いいえ |
RW |
|
parent.value |
SVA |
String |
いいえ |
RW |
|
parent.$ref |
SVA |
String |
いいえ |
RO |
|
parent.name |
SVA |
String |
いいえ |
RO |
|
passwordPolicy |
CSVA |
該当なし |
いいえ |
RW |
|
passwordPolicy.value |
SVA |
String |
いいえ |
RW |
|
passwordPolicy.$ref |
SVA |
String |
いいえ |
RO |
|
passwordPolicy.name |
SVA |
String |
いいえ |
RO |
|
certifierUser |
CSVA |
該当なし |
いいえ |
RW |
|
certifierUser.value |
SVA |
String |
いいえ |
RW |
|
certifierUser.$ref |
SVA |
String |
いいえ |
RO |
|
certifierUser.login |
SVA |
String |
いいえ |
RO |
|
enforceNewPasswordPolicy |
SVA |
String |
いいえ |
RW |
|
userMembershipRule |
CSVA |
該当なし |
いいえ |
RW |
|
userMembershipRule.value |
SVA |
String |
いいえ |
RW |
|
userMembershipRule.evaluate |
SVA |
String |
いいえ |
WO |
|
members |
CMVA |
該当なし |
いいえ |
RO |
|
members.value |
SVA |
String |
いいえ |
RO |
|
members.$ref |
SVA |
String |
いいえ |
RO |
|
childOrganizations |
CSVA |
該当なし |
いいえ |
RO |
|
childOrganizations.value |
SVA |
String |
いいえ |
RO |
|
childOrganizations.$ref |
SVA |
Reference |
いいえ |
RO |
表21-15に、IDMパスワード・ポリシー・スキーマ属性をリストします。
表21-15 urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
name |
SVA |
String |
いいえ |
RW |
|
description |
SVA |
String |
いいえ |
RW |
|
maxLength |
SVA |
String |
いいえ |
RW |
|
minLength |
SVA |
String |
いいえ |
RW |
|
minAlphas |
SVA |
String |
いいえ |
RW |
|
minNumerals |
SVA |
String |
いいえ |
RW |
|
minAlphaNumerals |
SVA |
String |
いいえ |
RW |
|
minSpecialChars |
SVA |
String |
いいえ |
RW |
|
maxSpecialChars |
SVA |
String |
いいえ |
RW |
|
minUpperCase |
SVA |
String |
いいえ |
RW |
|
minLowerCase |
SVA |
String |
いいえ |
RW |
|
minUniqueChars |
SVA |
String |
いいえ |
RW |
|
maxRepeatedChars |
SVA |
String |
いいえ |
RW |
|
startsWithAlphabet |
SVA |
String |
いいえ |
RW |
|
minUnicodeChars |
SVA |
String |
いいえ |
RW |
|
maxUnicodeChars |
SVA |
String |
いいえ |
RW |
|
firstNameDisallowed |
SVA |
String |
いいえ |
RW |
|
lastNameDisallowed |
SVA |
String |
いいえ |
RW |
|
userIdDisallowed |
SVA |
String |
いいえ |
RW |
|
minPasswordAgeInDays |
SVA |
String |
いいえ |
RW |
|
passwordWarningAfterInDays |
SVA |
String |
いいえ |
RW |
|
passwordExpiresAfterInDays |
SVA |
String |
いいえ |
RW |
|
requiredChars |
SVA |
String |
いいえ |
RW |
|
disallowedChars |
SVA |
String |
いいえ |
RW |
|
allowedChars |
SVA |
String |
いいえ |
RW |
|
disallowedSubstrings |
SVA |
String |
いいえ |
RW |
|
dictionaryLocation |
SVA |
String |
いいえ |
RW |
|
dictionaryDelimiter |
SVA |
String |
いいえ |
RW |
|
numPasswordsInHistory |
SVA |
String |
いいえ |
RW |
|
maxIncorrectAttempts |
SVA |
String |
いいえ |
RW |
|
lockoutDuration |
SVA |
String |
いいえ |
RW |
|
complexPolicy |
SVA |
String |
いいえ |
RW |
|
challengesEnabled |
SVA |
String |
いいえ |
RW |
|
challengeSource |
SVA |
String |
いいえ |
RW |
|
challengeDefaultQuestions.value |
SVA |
String |
いいえ |
RW |
|
challengeMinQuestions |
SVA |
String |
いいえ |
RW |
|
challengeMinAnswers |
SVA |
String |
いいえ |
RW |
|
challengeAllAtOnce |
SVA |
String |
いいえ |
RW |
|
challengeResponseMinLength |
SVA |
String |
いいえ |
RW |
|
challengeAllowDuplicateResponses |
SVA |
String |
いいえ |
RW |
|
challengeMaxIncorrectAttempts |
SVA |
String |
いいえ |
RW |
表21-16に、OIG通知テンプレート・スキーマ属性をリストします。
表21-16 urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
name |
SVA |
String |
はい |
RW |
|
eventName |
SVA |
String |
はい |
RW |
|
description |
SVA |
String |
いいえ |
RW |
|
locales |
CMVA |
該当なし |
いいえ |
RW |
|
locales.locale |
SVA |
String |
はい |
RW |
|
locales.encoding |
SVA |
String |
はい |
RW |
|
locales .subject |
SVA |
String |
はい |
RW |
|
locales .contentType |
SVA |
String |
はい |
RW |
|
locales.shortMessage |
SVA |
String |
いいえ |
RW |
|
locales.longMessage |
SVA |
String |
はい |
RW |
表21-18に、SCIMサービス・プロバイダ構成スキーマ属性をリストします。
表21-18 urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
documentationUrl |
SVA |
String |
いいえ |
RO |
|
patch.supported |
SVA |
ブール |
いいえ |
RO |
|
bulk.supported |
SVA |
ブール |
いいえ |
RO |
|
bulk.maxOperations |
SVA |
Integer |
いいえ |
RO |
|
bulk.maxPayloadSize |
SVA |
Integer |
いいえ |
RO |
|
filter.supported |
SVA |
ブール |
いいえ |
RO |
|
filter.maxResults |
SVA |
Integer |
いいえ |
RO |
|
changePassword.supported |
SVA |
ブール |
いいえ |
RO |
|
sort.supported |
SVA |
ブール |
いいえ |
RO |
|
Etag.supported |
SVA |
ブール |
いいえ |
RO |
|
authenticationSchemes.name |
SVA |
String |
いいえ |
RO |
|
authenticationSchemes.description |
SVA |
String |
いいえ |
RO |
|
authenticationSchemes.specUrl |
SVA |
String |
いいえ |
RO |
|
authenticationSchemes.documentationUrl |
SVA |
String |
いいえ |
RO |
表21-20に、SCIMスキーマの属性をリストします。
表21-20 urn:ietf:params:scim:schemas:core:2.0:Schema
| SCIM属性 | 属性タイプ | データ型 | 必須 | 可変性 |
|---|---|---|---|---|
|
id |
SVA |
String |
いいえ |
RO |
|
name |
SVA |
String |
いいえ |
RO |
|
description |
SVA |
String |
いいえ |
RO |
|
attributes.name |
SVA |
String |
いいえ |
RO |
|
attributes.type |
SVA |
String |
いいえ |
RO |
|
attributes.multiValued |
SVA |
String |
いいえ |
RO |
|
attributes.description |
SVA |
String |
いいえ |
RO |
|
attributes.readOnly |
SVA |
ブール |
いいえ |
RO |
|
attributes.required |
SVA |
ブール |
いいえ |
RO |
|
attributes.mutability |
SVA |
String |
いいえ |
RO |
|
attributes.returned |
SVA |
String |
いいえ |
RO |
|
attributes.uniqueness |
SVA |
String |
いいえ |
RO |
|
attributes.caseExact |
SVA |
ブール |
いいえ |
RO |
表21-21に、OIGスキーマのスキーマ拡張属性をリストします。
次の操作タイプがサポートされています。
GET: 1つ以上の完全または部分リソースを取得します。
POST: エンドポイントに応じて、新規リソースを作成するか、検索リクエストを作成します。
PUT: 既存の属性を指定した置換属性のセット(replace)で置換することでリソースを変更します。PUTを使用して新規リソースを作成する必要があります。
PATCH: クライアントが指定した変更のセット(partial updates)でリソースを変更します。
DELETE: リソースを削除します。
操作タイプの詳細は、次のURLを参照してください。
HTTPレスポンス・コードを返すことに加えて、アイデンティティRESTサービスはレスポンスの本文内のエラーをエラー・コードと説明とともに返します。表21-22に、エラー・コードとその意味をリストします。
表21-22 エラー・コードと意味
| エラー条件 | HTTPリターン・コード | 意味 |
|---|---|---|
|
入力を解析できない、入力が必要なエンティティと一致しない、または検証失敗 |
400 |
不正なリクエスト: 検証失敗、スキーマ違反 |
|
リクエスト・リソースが見つからない |
404 |
ADDITIONAL_INFORMATION_INDICATING_NOT_FOUND_OBJECTが見つからない |
|
ユーザーにアクティビティの実行権限がない。 |
401 |
未認可 |
|
リクエストされたメソッドがサポートされていない。 |
501 |
使用できないメソッド |
|
作成されたコンテンツ・タイプをクライアントが受け付けない。 |
406 |
受入れ不可 |
|
リクエスト・パラメータのセマンティックが正しくない |
422 |
処理不能なエンティティ。ADDITIONAL_INFORMATION_ON_NATURE_OF_ERROR |
|
クライアント・メディア・タイプがサポートされていない。 |
415 |
サポートされないメディア・タイプ |
|
依存性のエラーが発生 |
424 |
依存性のエラーが発生。ADDITIONAL_INFORMATION_ON_FAILED_DEPENDENCY |
|
汎用的なサーバー・エラー |
500 |
内部サーバー・エラー |
|
競合 |
409 |
指定したバージョン番号が一致しないか、リソースの最新バージョン番号またはサービス・プロバイダが新しい重複リソースの作成を拒否 |
|
事前の条件設定に失敗 |
412 |
サーバーで最後に取得されたリソースIDが変更されたため、更新に失敗 |
|
禁止 |
403 |
サーバーは指定されたリソースでリクエストされた操作をサポートしていない |
表21-23に、成功コードとその意味をリストします。
この項では、次のSCIMベースAPIの使用例を示します。
|
注意: SCIMリクエストでユーザー定義フィールド(UDF)を使用できます。UDFがOracle Identity Managerに作成された後、これらはSCIMリソースに通常の属性として自動的に表示されます。通常の属性を持つリクエストとレスポンスに違いはありません。 |
この項では、ユーザー・リソースの次の例を示します。
リクエスト:
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/Users
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User"
],
"userName": "bjensen@example.com",
"name": {
"familyName": "Jensen",
"givenName": "Barbara",
"middleName": "Jane",
"honorificSuffix": "III"
},
"displayName": "Babs Jensen",
"profileUrl": "https://HOST_NAME:PORT/bjensen",
"emails":
[
{
"value": "bjensen@example.com",
"type": "work"
}
],
"addresses": [
{
"type": "work",
"streetAddress": "100 Universal City Plaza",
"locality": "Hollywood",
"region": "CA",
"postalCode": "91608",
"country": "USA",
"formatted": "100 Universal City Plaza\nHollywood, CA 91608 USA"
},
{
"type": "home",
"formatted": "456 Hollywood Blvd\nHollywood, CA 91608 USA"
}
],
"phoneNumbers": [
{
"value": "555-555-5555",
"type": "work"
},
{
"value": "555-555-4444",
"type": "mobile"
}
],
"userType": "Contractor",
"title": "Tour Guide",
"preferredLanguage":"en-US",
"locale": "en-US",
"timezone": "America/Los_Angeles",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User":
{
"employeeNumber": "701984",
"costCenter": "4130",
"division": "Theme Park",
"department": "Tour Operations",
"manager":
{
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
}
},
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User":
{
"homeOrganization":
{
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1"
}
}
}
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": {
"userLoginAttemptsCounter": 0,
"passwordIsExpired": "0",
"ldapCommonNameGenerated": 0,
"userPasswordResetAttemptsCounter": 0,
"passwordWarnDate": "2015-04-29T03:24:16.000-07:00",
"homeOrganization": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1"
},
"passwordCreateDate": "2015-01-06T03:24:16.000-08:00",
"provisionedDate": "2015-01-06T03:24:16.000-08:00",
"passwordPolicyDescription": [],
"userMustChangePasswordAtNextLogin": "1",
"disabled": false,
"organizations": [
{
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1",
"display": "Xellerate Users"
}
]
},
"displayName": "Babs Jensen",
"id": "145",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": {
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"passwordExpireDate": "2015-05-06T03:24:16.000-07:00",
"locked": {
"duration": 0,
"value": "0",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/0"
}
},
"userName": "BJENSEN@EXAMPLE.COM",
"emails": [
{
"value": "bjensen@example.com",
"type": "work"
}
],
"active": true,
"userType": "Contractor",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"employeeNumber": "701984",
"manager": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1",
"displayName": "new display"
},
"department": "Tour Operations",
"organization": "Xellerate Users"
},
"preferredLanguage": "en-US",
"phoneNumbers": [
{
"value": "555-555-4444",
"type": "mobile"
},
{
"value": "555-555-5555",
"type": "work"
}
],
"name": {
"middleName": "Jane",
"familyName": "Jensen",
"givenName": "Barbara",
"honorificSuffix": "III"
},
"addresses": [
{
"region": "CA",
"streetAddress": "100 Universal City Plaza",
"formatted": "100 Universal City Plaza\nHollywood, CA 91608 USA",
"postalCode": "91608",
"locality": "Hollywood",
"country": "USA",
"type": "work"
},
{
"formatted": "456 Hollywood Blvd\nHollywood, CA 91608 USA",
"type": "home"
}
],
"groups": [
{
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/3",
"type": "direct"
}
],
"timezone": "America/Los_Angeles",
"title": "Tour Guide",
"meta": {
"lastModified": "2015-01-06T03:24:17.000-08:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/145",
"created": "2015-01-06T03:24:17.000-08:00",
"resourceType": "User"
}
}
リクエスト:
操作とURI: PUT http://HOST_NAME:PORT/idaas/im/scim/v1/Users/355
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"userName": "userName_user216_08_09.382323",
"name":
{
"familyName": "familyName2_user216_08_09.382323"
},
"userType": "Contractor",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User":
{
"description": "description2_user216_08_09.382323"
},
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User":
{
"homeOrganization":
{
"value": "4",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/4"
}
}
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User"
],
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": {
"passwordIsExpired": "0",
"userLoginAttemptsCounter": 0,
"ldapCommonNameGenerated": 0,
"userPasswordResetAttemptsCounter": 0,
"passwordWarnDate": "2015-07-02T08:46:57.000-07:00",
"homeOrganization": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1"
},
"passwordCreateDate": "2015-03-11T08:46:57.000-07:00",
"provisionedDate": "2015-03-11T08:46:57.000-07:00",
"passwordPolicyDescription": [
{
"value": "Password must not match or contain first name."
},
{
"value": "Password must not match or contain last name."
},
{
"value": "Password must contain at least 2 alphabetic character(s)."
},
{
"value": "Password must be at least 6 character(s) long."
},
{
"value": "Password must contain at least 1 lowercase letter(s)."
},
{
"value": "Password must contain at least 1 numeric character(s)."
},
{
"value": "Password must contain at least 1 uppercase letter(s)."
},
{
"value": "Password must start with an alphabetic character."
},
{
"value": "Password must not match or contain user ID."
}
],
"userMustChangePasswordAtNextLogin": "1",
"disabled": false,
"organizations": [
{
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1",
"display": "Xellerate Users"
}
],
"description": "description2_user216_08_09.382323"
},
"displayName": "Babs Jensen",
"id": "355",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": {
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"passwordExpireDate": "2015-07-09T08:46:57.000-07:00",
"locked": {
"duration": 0,
"value": "0"
}
},
"userName": "USERNAME_USER216_08_09.382323",
"emails": [
{
"value": "u1@example.com",
"type": "work"
}
],
"active": true,
"userType": "Contractor",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"employeeNumber": "701984",
"manager": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1",
"displayName": "display"
},
"department": "Tour Operations",
"organization": "Xellerate Users"
},
"preferredLanguage": "en-US",
"phoneNumbers": [
{
"value": "555-555-4444",
"type": "mobile"
},
{
"value": "555-555-5555",
"type": "work"
}
],
"name": {
"middleName": "Jane",
"familyName": "familyName2_user216_08_09.382323",
"givenName": "Barbara",
"honorificSuffix": "III"
},
"addresses": [
{
"region": "CA",
"streetAddress": "100 Universal City Plaza",
"formatted": "100 Universal City Plaza\nHollywood, CA 91608 USA",
"postalCode": "91608",
"locality": "Hollywood",
"country": "USA",
"type": "work"
},
{
"formatted": "456 Hollywood Blvd\nHollywood, CA 91608 USA",
"type": "home"
}
],
"groups": [
{
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/3",
"type": "direct"
}
],
"timezone": "America/Los_Angeles",
"title": "Tour Guide",
"meta": {
"lastModified": "2015-03-11T08:47:19.000-07:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/355",
"created": "2015-03-11T08:46:57.000-07:00",
"resourceType": "User"
}
}
リクエスト:
操作とURI: PATCH http://HOST_NAME:PORT/idaas/im/scim/v1/Users/355
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations":
[
{
"op":"replace",
"path":"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User:description,
"value":"description3"
}
]
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User"
],
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": {
"passwordIsExpired": "0",
"userLoginAttemptsCounter": 0,
"ldapCommonNameGenerated": 0,
"userPasswordResetAttemptsCounter": 0,
"passwordWarnDate": "2015-07-02T08:46:57.000-07:00",
"homeOrganization": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1"
},
"passwordCreateDate": "2015-03-11T08:46:57.000-07:00",
"provisionedDate": "2015-03-11T08:46:57.000-07:00",
"passwordPolicyDescription": [
{
"value": "Password must not match or contain first name."
},
{
"value": "Password must not match or contain last name."
},
{
"value": "Password must contain at least 2 alphabetic character(s)."
},
{
"value": "Password must be at least 6 character(s) long."
},
{
"value": "Password must contain at least 1 lowercase letter(s)."
},
{
"value": "Password must contain at least 1 numeric character(s)."
},
{
"value": "Password must contain at least 1 uppercase letter(s)."
},
{
"value": "Password must start with an alphabetic character."
},
{
"value": "Password must not match or contain user ID."
}
],
"userMustChangePasswordAtNextLogin": "1",
"disabled": false,
"organizations": [
{
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1",
"display": "Xellerate Users"
}
],
"description": "description3"
},
"displayName": "Babs Jensen",
"id": "355",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": {
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"passwordExpireDate": "2015-07-09T08:46:57.000-07:00",
"locked": {
"duration": 0,
"value": "0"
}
},
"userName": "USERNAME_USER216_08_09.382323",
"emails": [
{
"value": "u1@example.com",
"type": "work"
}
],
"active": true,
"userType": "Contractor",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"employeeNumber": "701984",
"manager": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1",
"displayName": "display"
},
"department": "Tour Operations",
"organization": "Xellerate Users"
},
"preferredLanguage": "en-US",
"phoneNumbers": [
{
"value": "555-555-4444",
"type": "mobile"
},
{
"value": "555-555-5555",
"type": "work"
}
],
"name": {
"middleName": "Jane",
"familyName": "familyName2_user216_08_09.382323",
"givenName": "Barbara",
"honorificSuffix": "III"
},
"addresses": [
{
"region": "CA",
"streetAddress": "100 Universal City Plaza",
"formatted": "100 Universal City Plaza\nHollywood, CA 91608 USA",
"postalCode": "91608",
"locality": "Hollywood",
"country": "USA",
"type": "work"
},
{
"formatted": "456 Hollywood Blvd\nHollywood, CA 91608 USA",
"type": "home"
}
],
"groups": [
{
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/3",
"type": "direct"
}
],
"timezone": "America/Los_Angeles",
"title": "Tour Guide",
"meta": {
"lastModified": "2015-03-11T08:49:17.000-07:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/355",
"created": "2015-03-11T08:46:57.000-07:00",
"resourceType": "User"
}
}
次に、ページ区切りの例を示します。
リクエスト:
操作とURI: GET /Users http://HOST_NAME:PORT/idaas/im/scim/v1/Users?attributes=id&startIndex=6&count=5
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 5,
"itemsPerPage": 5,
"startIndex": 6,
"Resources": [
{
"id": "59"
},
{
"id": "42"
},
{
"id": "25"
},
{
"id": "106"
},
{
"id": "89"
}
]
}
次に、検索のフィルタの例を示します。
http://HOST_NAME:PORT/idaas/im/scim/v1/Users?filter=(userName co xel)&attributes=id http://HOST_NAME:PORT/idaas/im/scim/v1/Users?attributes=userName&filter=(userName co 4) and (userName co BUG) http://HOST_NAME:PORT/idaas/im/scim/v1/Users?attributes=userName&filter=(emails.type eq work and emails.value sw u)
|
注意: 検索フィルタの詳細な説明は、次のURLにあるSCIM REST API IETFドラフトのフィルタリングに関する項を参照してください。
|
リクエスト:
操作とURI: DELETE http://HOST_NAME:PORT/idaas/im/scim/v1/Users/355
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文: NA
レスポンス:
ステータス: 204 No Content
本文: NA
リクエスト:
操作とURI: PATCH http://HOST_NAME:PORT/idaas/im/scim/v1/Users/356
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
"Operations": [
{
"op":"replace",
"path":"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User:locked",
"value" :
{
"value" : 1,
"duration" : 3600
}
}
]
}
レスポンス:
ロック属性を更新した完全なリソースを返します。
ステータス: HTTP/1.1 200 OK
リクエスト:
操作とURI: PATCH http://HOST_NAME:PORT/idaas/im/scim/v1/Users/356
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
"Operations": [
{
"op":"replace",
"path":"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User:locked",
"value" :
{
"value" : 0
}
}
]
}
レスポンス:
ロック属性を更新した完全なリソースを返します。
ステータス: HTTP/1.1 200 OK
リクエスト:
操作とURI: PATCH http://HOST_NAME:PORT/idaas/im/scim/v1/Users/356
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
"Operations": [
{
"op": "replace","path": "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User:passwd",
"value" :
{
"value": "newPassw0rd",
"sendNotification": "true",
"sendNotificationTo": "example2@example.com"
}
}
]
}
レスポンス:
レスポンスには変更されたリソースが含まれます。
ステータス: HTTP/1.1 200 OK
リクエスト:
操作とURI: PATCH http://HOST_NAME:PORT/idaas/im/scim/v1/Users/356
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
"Operations": [
{
"op": "replace", "path": "urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User:passwd",
"value":
{
"value": "auto-generate",
"sendNotification": "true",
"sendNotificationTo": "john.doe@example.com"
}
}
]
}
レスポンス
レスポンスは変更されたリソースです。
ステータス: HTTP/1.1 200 OK
リクエスト:
操作とURI: GET http://HOST_NAME:PORT/idaas/im/scim/v1/Me
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": {
"userLoginAttemptsCounter": 0,
"ldapCommonNameGenerated": 0,
"userPasswordResetAttemptsCounter": 0,
"ldapCommonName": "System Administrator",
"passwordWarnDate": "2015-06-30T01:51:27.000-07:00",
"lastSuccessfulLoginDate": "2015-03-11T00:00:00.000-07:00",
"homeOrganization": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1"
},
"passwordPolicyDescription": [
{
"value": "Password must not match or contain first name."
},
{
"value": "Password must not match or contain last name."
},
{
"value": "Password must contain at least 2 alphabetic character(s)."
},
{
"value": "Password must be at least 6 character(s) long."
},
{
"value": "Password must contain at least 1 lowercase letter(s)."
},
{
"value": "Password must contain at least 1 numeric character(s)."
},
{
"value": "Password must contain at least 1 uppercase letter(s)."
},
{
"value": "Password must start with an alphabetic character."
},
{
"value": "Password must not match or contain user ID."
}
],
"disabled": false,
"dataLevel": "2",
"organizations": [
{
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1",
"display": "Xellerate Users"
}
]
},
"displayName": "display",
"id": "1",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": {
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"passwordExpireDate": "2015-07-07T01:51:27.000-07:00",
"locked": {
"value": "0"
}
},
"userName": "XELSYSADM",
"emails": [
{
"value": "donotreply@example.com",
"type": "work"
}
],
"active": true,
"userType": "Full-Time",
"name": {
"familyName": "Administrator",
"givenName": "System"
},
"groups": [
{
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/1",
"type": "direct"
},
{
"value": "6",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/6",
"type": "direct"
}
],
"meta": {
"lastModified": "2015-03-11T08:15:44.000-07:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Me",
"created": "2015-03-09T01:51:27.000-07:00",
"resourceType": "User"
},
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "Xellerate Users"
}
}
リクエスト:
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/Me
ヘッダー:
Content-Type: application/scim+json
認可: NA
本文:
{
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"],
"userName": "bjensen@example.com",
"name": {
"familyName": "Jensen",
"givenName": "Barbara",
"middleName": "Jane",
"honorificSuffix": "III"
},
"displayName": "Babs Jensen",
"emails": [
{
"value": "bjensen@example.com",
"type": "work"
}
],
"userType": "Full-Time",
"password":"t1meMa$heen",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": {
"challenges": [
{
"challenge":"What is your favorite color?",
"response":"color"
},
{
"challenge":"What is the name of your pet?",
"response":"pet"
},
{
"challenge":"What is the city of your birth?",
"response":"city"
}
]
}
}
レスポンス:
ユーザーは直接作成され、新規ユーザーのentityIdが返されます。
ステータス: HTTP/1.1 201 Created
リクエスト
操作とURI: PATCH http://HOST_NAME:PORT/idaas/im/scim/v1/Me
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
"Operations":[
{
"op":"replace",
"path":"displayName",
"value" : "NEW_NAME"
}
]
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": {
"userLoginAttemptsCounter": 0,
"ldapCommonNameGenerated": 0,
"userPasswordResetAttemptsCounter": 0,
"ldapCommonName": "System Administrator",
"passwordWarnDate": "2015-06-30T01:51:27.000-07:00",
"lastSuccessfulLoginDate": "2015-03-11T00:00:00.000-07:00",
"homeOrganization": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1"
},
"passwordPolicyDescription": [
{
"value": "Password must not match or contain first name."
},
{
"value": "Password must not match or contain last name."
},
{
"value": "Password must contain at least 2 alphabetic character(s)."
},
{
"value": "Password must be at least 6 character(s) long."
},
{
"value": "Password must contain at least 1 lowercase letter(s)."
},
{
"value": "Password must contain at least 1 numeric character(s)."
},
{
"value": "Password must contain at least 1 uppercase letter(s)."
},
{
"value": "Password must start with an alphabetic character."
},
{
"value": "Password must not match or contain user ID."
}
],
"disabled": false,
"dataLevel": "2",
"organizations": [
{
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1",
"display": "Xellerate Users"
}
]
},
"displayName": "NEW_NAME",
"id": "1",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": {
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"passwordExpireDate": "2015-07-07T01:51:27.000-07:00",
"locked": {
"value": "0"
}
},
"userName": "XELSYSADM",
"emails": [
{
"value": "donotreply@example.com",
"type": "work"
}
],
"active": true,
"userType": "Full-Time",
"name": {
"familyName": "Administrator",
"givenName": "System"
},
"groups": [
{
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/1",
"type": "direct"
},
{
"value": "6",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/6",
"type": "direct"
}
],
"meta": {
"lastModified": "2015-03-11T08:55:23.000-07:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Me",
"created": "2015-03-09T01:51:27.000-07:00",
"resourceType": "User"
},
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"organization": "Xellerate Users"
}
}
リクエスト:
操作とURI: PUT http://HOST_NAME:PORT/idaas/im/scim/v1/Me
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"userName": "bjensen@example.com",
"name":
{
"familyName": "Jensen"
},
"userType": "Contractor",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User":
{
"organization": "Xellerate Users",
"homeOrganization":
{
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1"
}
}
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:User": {
"userLoginAttemptsCounter": 0,
"passwordIsExpired": "0",
"ldapCommonNameGenerated": 0,
"userPasswordResetAttemptsCounter": 0,
"passwordWarnDate": "2015-04-29T03:24:16.000-07:00",
"homeOrganization": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1"
},
"passwordCreateDate": "2015-01-06T03:24:16.000-08:00",
"provisionedDate": "2015-01-06T03:24:16.000-08:00",
"passwordPolicyDescription": [],
"userMustChangePasswordAtNextLogin": "1",
"disabled": false,
"organizations": [
{
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/1",
"display": "Xellerate Users"
}
]
},
"displayName": "Babs Jensen",
"id": "145",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:User": {
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"passwordExpireDate": "2015-05-06T03:24:16.000-07:00",
"locked": {
"duration": 0,
"value": "0",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/0"
}
},
"userName": "BJENSEN@EXAMPLE.COM",
"emails": [
{
"value": "bjensen@example.com",
"type": "work"
}
],
"active": true,
"userType": "Contractor",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"employeeNumber": "701984",
"manager": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1",
"displayName": "new display"
},
"department": "Tour Operations",
"organization": "Xellerate Users"
},
"preferredLanguage": "en-US",
"phoneNumbers": [
{
"value": "555-555-4444",
"type": "mobile"
},
{
"value": "555-555-5555",
"type": "work"
}
],
"name": {
"middleName": "Jane",
"familyName": "Jensen",
"givenName": "Barbara",
"honorificSuffix": "III"
},
"addresses": [
{
"region": "CA",
"streetAddress": "100 Universal City Plaza",
"formatted": "100 Universal City Plaza\nHollywood, CA 91608 USA",
"postalCode": "91608",
"locality": "Hollywood",
"country": "USA",
"type": "work"
},
{
"formatted": "456 Hollywood Blvd\nHollywood, CA 91608 USA",
"type": "home"
}
],
"groups": [
{
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/3",
"type": "direct"
}
],
"timezone": "America/Los_Angeles",
"title": "Tour Guide",
"meta": {
"lastModified": "2015-01-06T03:24:17.000-08:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/145",
"created": "2015-01-06T03:24:17.000-08:00",
"resourceType": "User"
}
}
リクエスト:
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordResetterWithChallenges
ヘッダー:
Content-Type: application/json
認可: NA
本文:
{
"schemas":
["urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordResetterWithChallenges"],
"userName": "JDOE",
"challenges":
[
{
"challenge":"What is the name of your pet?",
"response":"name"
},
{
"challenge":"What is the city of your birth?",
"response":"city"
},
{
"challenge":"What is your favorite color?",
"response":"color"
}
],
"password": "Welcome3"
}
レスポンス:
レスポンスは空です。
ステータス: HTTP/1.1 204 No Content
リクエスト:
次のリクエストは、潜在的なパスワードを検証します。パスワードの検証リクエストの正常なレスポンスは、パスワードが有効であることを意味します。
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordValidator
ヘッダー:
Content-Type: application/json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordValidator"
],
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1",
"password": "jijijSSij1"
}
レスポンス:
ステータス: HTTP/1.1 204 No Content
リクエスト:
ユーザー名の検証リクエストの正常なレスポンスは、パスワードが有効であることを意味します。次に、リクエストを示します。
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/UserNameValidator
ヘッダー:
Content-Type: application/json
認可: Bearer h480djs93hd8
本文:
{
"schemas":["urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:UserNameValidator"],
"userName": "aUserName"
}
レスポンス:
ステータス: HTTP/1.1 204 No Content
リクエスト:
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/UserNameGenerator
ヘッダー:
Content-Type: application/json
認可: Bearer h480djs93hd8
本文:
{
"schemas":["urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:UserNameGenerator"],
"name":
{
"formatted": "Ms. Barbara J Doe III",
"familyName": "Doe",
"givenName": "Barbara",
"middleName": "Jane",
"honorificSuffix": "III"
}
}
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:UserNameGenerator"
],
"meta": {
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/UserNameGenerator",
"resourceType": "UserNameGenerator"
},
"urn:ietf:params:scim:schemas:core:2.0:User": {
"userName": "Barbara.Doe@example.com"
}
}
リクエスト:
リクエストは次のとおりです(認可ヘッダー、認証されていないフローなし)。
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/UserNameRecoverer
ヘッダー:
Content-Type: application/json
認可: NA
本文:
{
"schemas": ["urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:UserNameRecoverer"],
"email": "myemail@example.com"
}
レスポンス:
ステータス: HTTP/1.1 204 No Content
ユーザー名がユーザーの電子メール・アドレスに送信されます。
この項では、グループ・リソースの次の例を示します。
リクエスト:
操作とURI: GET http://HOST_NAME:PORT/idaas/im/scim/v1/Groups?attributes=id,displayName
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 4,
"Resources": [
{
"displayName": "Group1",
"id": "2"
},
{
"displayName": "SYSTEM ADMINISTRATORS",
"id": "3"
},
{
"displayName": "Group2",
"id": "4"
},
{
"displayName": "Group3",
"id": "5"
}
]
}
リクエスト:
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/Groups
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:core:2.0:Group",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group"
],
"displayName": "Group33",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group":
{
"email": "group33@example.com",
"description": "description1"
},
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group":
{
"namespace": "Default"
}
}
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group",
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group": {
"organizationsPublishedTo": [
{
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3"
}
],
"category": {
"name": "Default",
"value": 1
},
"namespace": "Default",
"catalog": {
"tags": "Group33 Group33 Default",
"requestable": true,
"certifiable": false,
"id": "151",
"categoryName": "Role",
"auditable": false,
"itemRisk": 3,
"hierarchicalDataAvailable": false
}
},
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group": {
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"description": "description1",
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"owner": {
"lastName": "Administrator",
"email": "donotreply@example.com",
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1",
"login": "XELSYSADM",
"firstName": "System",
"displayName": "NEW_NAME"
},
"email": "group33@example.com"
},
"meta": {
"lastModified": "2015-03-11T08:55:57.000-07:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/157",
"created": "2015-03-11T08:55:57.000-07:00",
"resourceType": "Group"
},
"displayName": "Group33",
"id": "157"
}
リクエスト:
操作とURI: PUT http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/157
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group",
"urn:ietf:params:scim:schemas:core:2.0:Group",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group"
],
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group": {
"organizationsPublishedTo": [
{
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3"
}
],
"category": {
"name": "Default",
"value": 1
},
"namespace": "Default"
},
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group": {
"description": "description1",
"localeNames": [
{
"name": "Group_group09_53_11.228163",
"locale": "base"
}
],
"email": "group_new@example.com"
},
"displayName": "Group_group09_53_11.228163"
}
レスポンス:
ステータス: HTTP/1.1 200 OK
場所: https://HOST_NAME:PORT/Groups/157
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group",
"urn:ietf:params:scim:schemas:core:2.0:Group",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group"
],
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group": {
"organizationsPublishedTo": [
{
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3"
}
],
"category": {
"name": "Default",
"value": 1
},
"namespace": "Default"
},
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group": {
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"description": "description1",
"localeNames": [
{
"name": "Group_group09_53_11.228163",
"locale": "base"
}
],
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"owner": {
"lastName": "Administrator",
"email": "donotreply@example.com",
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1",
"login": "XELSYSADM",
"displayName": "System Administrator",
"firstName": "System"
},
"email": "group_new@example.com"
},
"meta": {
"lastModified": "2015-01-05T06:59:25.000-08:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/157",
"created": "2015-01-05T06:55:14.000-08:00",
"resourceType": "Group"
},
"displayName": "Group_group09_53_11.228163",
"id": "157"
}
リクエスト:
操作とURI: PATCH http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/153
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations":
[
{
"op":"replace" ,
"path":"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group:description",
"value":"description3"
}
]
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group",
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group": {
"organizationsPublishedTo": [
{
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3"
}
],
"category": {
"name": "Default",
"value": 1
},
"namespace": "Default",
"catalog": {
"tags": "replace_catalog_requestable_6587843 replace_catalog_requestable_6587843 Default",
"requestable": true,
"certifiable": false,
"id": "147",
"categoryName": "Role",
"auditable": false,
"itemRisk": 3,
"hierarchicalDataAvailable": false
}
},
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group": {
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"description": "description3",
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"owner": {
"lastName": "Administrator",
"email": "donotreply@example.com",
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1",
"login": "XELSYSADM",
"firstName": "System",
"displayName": "NEW_NAME"
}
},
"meta": {
"lastModified": "2015-03-11T08:59:16.000-07:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/153",
"created": "2015-03-11T08:13:11.000-07:00",
"resourceType": "Group"
},
"displayName": "replace_catalog_requestable_6587843",
"id": "153"
}
リクエスト:
操作とURI: DELETE http://HOST_NAME:PORT/idaas/im/scim/v1/Groups/153
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
レスポンス:
ステータス: HTTP/1.1 204 No Content
この項では、PATCH操作タイプを使用した「ロールの削除」操作の例を紹介します。次の項目が含まれます。
リクエスト
操作とURI: PATCH http://HOST_NAME:PORT/iam/governance/scim/v1/Groups/<role_id>
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations":
[
{
"op":"remove",
"path":"urn:ietf:params:scim:schemas:core:2.0:Group:members",
"value":[
{
"value":"<usr_key>",
"$ref":"http://HOST_NAME:PORT/idaas/im/scim/v1/Users/<usr_key>"
}
]
}
]
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group",
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group",
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"urn:ietf:params:scim:schemas:extension:oracle:2.0:OIG:Group": {
"namespace": "Default",
"organizationsPublishedTo": [
{
"value": "3",
"$ref":
"http://HOST_NAME:PORT/iam/governance/scim/v1/Organizations/3"
}
],
"category": {
"name": "Default",
"value": 1
},
"ldapDn": "cn=tesrole1,cn=groups,dc=isc,dc=com",
"catalog": {
"auditable": true,
"hierarchicalDataAvailable": false,
"id": "101",
"requestable": true,
"itemRisk": 3,
"certifiable": true,
"categoryName": "Role",
"tags": "tesrole1 tesrole1 Default"
}
},
"urn:ietf:params:scim:schemas:extension:oracle:2.0:IDM:Group": {
"createBy": {
"$ref": "http://HOST_NAME:PORT/iam/governance/scim/v1/Users/1",
"value": "1"
},
"owner": {
"firstName": "System",
"lastName": "Administrator",
"displayName": "System Administrator",
"login": "XELSYSADM",
"value": "1",
"$ref": "http://HOST_NAME:PORT/iam/governance/scim/v1/Users/1",
"email": "donotreply@oracle.com"
},
"updateBy": {
"value": "5",
"$ref": "http://HOST_NAME:PORT/iam/governance/scim/v1/Users/5"
}
},
"members": [
{
"value": "7002",
"$ref": "http://HOST_NAME:PORT/iam/governance/scim/v1/Users/7002"
}
],
"meta": {
"created": "2018-11-13T08:48:49.000+05:30",
"location":
"http://HOST_NAME:PORT/iam/governance/scim/v1/Groups/<role_id>",
"lastModified": "2018-11-13T08:53:58.000+05:30",
"resourceType": "Group"
},
"displayName": "<role name>",
"id": "<role_d>"
}
この項では、組織リソースの次の例を示します。
リクエスト:
操作とURI: GET http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/148
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
レスポンス:
ステータス: HTTP/1.1 200 OK
場所: https://HOST_NAME:PORT/Organization/148
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization"
],
"parent": {
"name": "Top",
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3"
},
"name": "org_pcu3_1426086587854",
"passwordPolicy": {
"name": "ppchg_1426086587854",
"value": "94"
},
"id": "148",
"meta": {
"lastModified": "2015-03-11T08:16:00.000-07:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/148",
"created": "2015-03-11T08:16:00.000-07:00",
"resourceType": "Organization"
},
"customerType": "Company",
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"enforceNewPasswordPolicy": "Yes",
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"status": "Active",
"members": [
{
"value": "353",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/353"
}
]
}
リクエスト:
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization"
],
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization":
{
"name": "organization16_08_50.141529",
"customerType": "Branch"
}
}
|
注意: customerType属性の有効な値は、Branch、CompanyおよびDepartmentです。 |
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization"
],
"parent": {
"name": "Top",
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3"
},
"name": "organization16_08_50.141529",
"id": "77",
"meta": {
"lastModified": "2015-02-06T07:06:46.000-08:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/77",
"created": "2015-02-06T07:06:46.000-08:00",
"resourceType": "Organization"
},
"customerType": "Branch",
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"enforceNewPasswordPolicy": "Yes",
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"status": "Active"
}
リクエスト:
操作とURI: PUT http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/77
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization"
],
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization":
{
"name": "organization16_08_53.883452",
"customerType": "Scim2"
}
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization"
],
"parent": {
"name": "Top",
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3"
},
"name": "organization16_08_53.883452",
"id": "77",
"meta": {
"lastModified": "2015-02-06T07:09:27.000-08:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/77",
"created": "2015-02-06T07:06:46.000-08:00",
"resourceType": "Organization"
},
"customerType": "Scim2",
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"enforceNewPasswordPolicy": "Yes",
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"status": "Active"
}
リクエスト:
操作とURI: PATCH http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/77
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations":
[
{
"op":"replace",
"path":"customerType",
"value":"Scim3"
}
]
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:Organization"
],
"parent": {
"name": "Top",
"value": "3",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/3"
},
"name": "organization16_08_53.883452",
"id": "77",
"meta": {
"lastModified": "2015-02-06T07:13:19.000-08:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/Organizations/77",
"created": "2015-02-06T07:06:46.000-08:00",
"resourceType": "Organization"
},
"customerType": "Scim3",
"createBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"enforceNewPasswordPolicy": "Yes",
"updateBy": {
"value": "1",
"$ref": "http://HOST_NAME:PORT/idaas/im/scim/v1/Users/1"
},
"status": "Active"
}
この項では、パスワード・ポリシー・リソースの次の例を示します。
リクエスト:
操作とURI: GET http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordPolicies?filter=(urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy:allowedChars co q)&attributes=id,description,name
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 3,
"Resources": [
{
"id": "2",
"name": "pwp1_1423213466123",
"description": "1"
},
{
"id": "6",
"name": "pwp_q_3466186",
"description": "pwp_q_3466186"
},
{
"id": "36",
"name": "p1214_1423213645161"
}
]
}
リクエスト:
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordPolicies
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy"
],
"urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy":
{
"name":"pwdpol0901258070",
"description":"complex password policy for ST org",
"passwordWarningAfterInDays": 20,
"passwordExpiresAfterInDays": 30,
"minPasswordAgeInDays": 10,
"userIdDisallowed": "false",
"minLength": 3,
"maxLength": 8,
"firstNameDisallowed": "true",
"challengeSource": 1,
"challengeMinQuestions": 3,
"challengeMinAnswers": 2,
"challengeResponseMinLength": 5,
"challengeAllowDuplicateResponses": "false",
"challengeMaxIncorrectAttempts": 5,
"challengeDefaultQuestions":
[
{
"value": "what is your favorite color"
},
{
"value": "what is name of your pet"
},
{
"value": "which is your favorite movie"
},
{
"value": "which is your favorite sport"
}
]
}
}
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy"
],
"challengesEnabled": false,
"id": "49",
"challengeSource": 1,
"minLength": 3,
"startsWithAlphabet": false,
"description": "complex password policy for ST org",
"name": "pwdpol0901258070",
"complexPolicy": false,
"challengeDefaultQuestions": [
{
"value": "what is your favorite color"
},
{
"value": "what is name of your pet"
},
{
"value": "which is your favorite movie"
},
{
"value": "which is your favorite sport"
}
],
"challengeAllAtOnce": true,
"minPasswordAgeInDays": 10,
"passwordWarningAfterInDays": 20,
"challengeResponseMinLength": 5,
"userIdDisallowed": false,
"maxLength": 8,
"challengeMinQuestions": 3,
"meta": {
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordPolicies/49",
"resourceType": "PasswordPolicy"
},
"challengeMaxIncorrectAttempts": 5,
"challengeMinAnswers": 2,
"passwordExpiresAfterInDays": 30,
"challengeAllowDuplicateResponses": false,
"lastNameDisallowed": false,
"firstNameDisallowed": true,
"dictionaryDelimiter": "\u0000"
}
リクエスト:
操作とURI: PUT http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordPolicies/49
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy"
],
"urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy":
{
"name":"pwdpol0905770857",
"description":"complex password policy for ST org",
"passwordWarningAfterInDays": 20,
"passwordExpiresAfterInDays": 30,
"minPasswordAgeInDays": 10,
"userIdDisallowed": "false",
"minLength": 3,
"maxLength": 8,
"firstNameDisallowed": "true",
"challengeSource": 1,
"challengeMinQuestions": 3,
"challengeMinAnswers": 2,
"challengeResponseMinLength": 5,
"challengeAllowDuplicateResponses": "false",
"challengeMaxIncorrectAttempts": 5,
"challengeDefaultQuestions":
[
{
"value": "what is your favorite car"
},
{
"value": "what is name of your truck"
},
{
"value": "which is your favorite bicycle"
},
{
"value": "which is your favorite shoe"
}
]
}
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy"
],
"challengesEnabled": false,
"id": "49",
"challengeSource": 1,
"minLength": 3,
"startsWithAlphabet": false,
"description": "complex password policy for ST org",
"name": "pwdpol0905770857",
"complexPolicy": false,
"challengeDefaultQuestions": [
{
"value": "what is your favorite car"
},
{
"value": "what is name of your truck"
},
{
"value": "which is your favorite bicycle"
},
{
"value": "which is your favorite shoe"
}
],
"challengeAllAtOnce": true,
"minPasswordAgeInDays": 10,
"passwordWarningAfterInDays": 20,
"challengeResponseMinLength": 5,
"userIdDisallowed": false,
"maxLength": 8,
"challengeMinQuestions": 3,
"meta": {
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordPolicies/49",
"resourceType": "PasswordPolicy"
},
"challengeMaxIncorrectAttempts": 5,
"challengeMinAnswers": 2,
"passwordExpiresAfterInDays": 30,
"challengeAllowDuplicateResponses": false,
"lastNameDisallowed": false,
"firstNameDisallowed": true,
"dictionaryDelimiter": "\u0000"
}
リクエスト:
操作とURI: PATCH http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordPolicies/49
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations":
[
{
"op":"replace",
"path":"firstNameDisallowed",
"value":"false"
}
]
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:IDM:PasswordPolicy"
],
"challengesEnabled": false,
"id": "49",
"challengeSource": 1,
"minLength": 3,
"startsWithAlphabet": false,
"description": "complex password policy for ST org",
"name": "pwdpol0905770857",
"complexPolicy": false,
"challengeDefaultQuestions": [
{
"value": "what is your favorite car"
},
{
"value": "what is name of your truck"
},
{
"value": "which is your favorite bicycle"
},
{
"value": "which is your favorite shoe"
}
],
"challengeAllAtOnce": true,
"minPasswordAgeInDays": 10,
"passwordWarningAfterInDays": 20,
"challengeResponseMinLength": 5,
"userIdDisallowed": false,
"maxLength": 8,
"challengeMinQuestions": 3,
"meta": {
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/PasswordPolicies/49",
"resourceType": "PasswordPolicy"
},
"challengeMaxIncorrectAttempts": 5,
"challengeMinAnswers": 2,
"passwordExpiresAfterInDays": 30,
"challengeAllowDuplicateResponses": false,
"lastNameDisallowed": false,
"firstNameDisallowed": false,
"dictionaryDelimiter": "\u0000"
}
この項では、通知テンプレート・リソースの次の例を示します。
リクエスト:
操作とURI: GET http://HOST_NAME:PORT/idaas/im/scim/v1/NotificationTemplates?attributes=id,name
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 4,
"Resources": [
{
"name": "AddProxyNotificationTemplate",
"id": "12"
},
{
"name": "BulkRequestCreation",
"id": "6"
},
{
"name": "CreateUserSelfServiceNotification",
"id": "7"
},
{
"name": "UserDeletedNotificationTemplate",
"id": "10"
}
]
}
リクエスト:
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/NotificationTemplates/
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate"
],
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate":
{
"name":"notificationtemplate16_09_14.724166_1",
"eventName":"AddProxy",
"description":"myTemplate",
"locales":
[
{
"locale": "dddd",
"subject": "Notification for contractors 1",
"encoding": "UTF-8",
"contentType": "text/html, charset=UTF-8",
"shortMessage": "short message1",
"longMessage": "long message1"
},
{
"locale": "eeee",
"subject": "Notification for contractors 2",
"encoding": "UTF-8",
"contentType": "text/html, charset=UTF-8",
"shortMessage": "short message2",
"longMessage": "long message2"
}
]
}
}
レスポンス:
ステータス: HTTP/1.1 201 Created
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate"
],
"meta": {
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/NotificationTemplates/25",
"resourceType": "NotificationTemplate"
},
"name": "notificationtemplate16_09_14.724166_1",
"eventName": "AddProxy",
"locales": [
{
"subject": "Notification for contractors 2",
"locale": "eeee",
"shortMessage": "short message2",
"encoding": "UTF-8",
"contentType": "text/html, charset=UTF-8",
"longMessage": "long message2"
},
{
"subject": "Notification for contractors 1",
"locale": "dddd",
"shortMessage": "short message1",
"encoding": "UTF-8",
"contentType": "text/html, charset=UTF-8",
"longMessage": "long message1"
}
],
"description": "myTemplate",
"id": "25"
}
リクエスト:
操作とURI: PUT http://HOST_NAME:PORT/idaas/im/scim/v1/NotificationTemplates/25
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate"
],
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate":
{
"name":"notificationtemplate16_09_17.742004_2",
"eventName":"AddProxy",
"description":"Template to notify contractors after password has been reset",
"locales":
[
{
"subject": "Notification for contractors 1",
"encoding": "UTF-8",
"contentType": "text/html, charset=UTF-8",
"shortMessage": "short message1",
"longMessage": "long message1",
"locale": "ffff"
},
{
"subject": "Notification for contractors 2",
"encoding": "UTF-8",
"contentType": "text/html, charset=UTF-8",
"shortMessage": "short message2",
"longMessage": "long message2",
"locale": "gggg"
}
]
}
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate"
],
"meta": {
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/NotificationTemplates/25",
"resourceType": "NotificationTemplate"
},
"name": "notificationtemplate16_09_14.724166_1",
"eventName": "AddProxy",
"locales": [
{
"subject": "Notification for contractors 2",
"locale": "gggg",
"shortMessage": "short message2",
"encoding": "UTF-8",
"contentType": "text/html, charset=UTF-8",
"longMessage": "long message2"
},
{
"subject": "Notification for contractors 1",
"locale": "ffff",
"shortMessage": "short message1",
"encoding": "UTF-8",
"contentType": "text/html, charset=UTF-8",
"longMessage": "long message1"
}
],
"description": "Template to notify contractors after password has been reset",
"id": "25"
}
リクエスト:
操作とURI: PATCH http://HOST_NAME:PORT/idaas/im/scim/v1/NotificationTemplates/25
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations":
[
{
"op":"replace",
"path":"description",
"value":"description3"
}
]
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:NotificationTemplate"
],
"meta": {
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/NotificationTemplates/25",
"resourceType": "NotificationTemplate"
},
"name": "notificationtemplate16_09_14.724166_1",
"eventName": "AddProxy",
"locales": [
{
"subject": "Notification for contractors 2",
"locale": "gggg",
"shortMessage": "short message2",
"encoding": "UTF-8",
"contentType": "text/html, charset=UTF-8",
"longMessage": "long message2"
},
{
"subject": "Notification for contractors 1",
"locale": "ffff",
"shortMessage": "short message1",
"encoding": "UTF-8",
"contentType": "text/html, charset=UTF-8",
"longMessage": "long message1"
}
],
"description": "description3",
"id": "25"
}
この項では、システム・プロパティ・リソースの次の例を示します。
リクエスト:
操作とURI: GET http://HOST_NAME:PORT/idaas/im/scim/v1/SystemProperties?filter=(name eq AllowDisabledManagers)
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 1,
"Resources": [
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:SystemProperty"
],
"id": "40",
"meta": {
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/SystemProperties/40",
"resourceType": "SystemProperty"
},
"value": "FALSE",
"name": "AllowDisabledManagers",
"displayName": "Is disabled manager allowed"
}
]
}
リクエスト:
操作とURI: PATCH http://HOST_NAME:PORT/idaas/im/scim/v1/SystemProperties/27
ヘッダー:
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":
[
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations":
[
{
"op":"replace",
"path":"displayName",
"value":"new_displayName_for_systemProperty"
}
]
}
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:schemas:oracle:core:2.0:OIG:SystemProperty"
],
"id": "27",
"meta": {
"lastModified": "2015-02-05T08:44:04.000-08:00",
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/SystemProperties/27",
"created": "2015-02-05T08:44:04.000-08:00",
"resourceType": "SystemProperty"
},
"value": "NONE",
"name": "OIM.ChallengeQuestionModificationURL",
"displayName": "new_displayName_for_systemProperty"
}
リクエスト:
操作とURI: GET http://HOST_NAME:PORT/idaas/im/scim/v1/ServiceProviderConfigs
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 1,
"Resources": [
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig"
],
"patch": {
"supported": true
},
"meta": {
"location": "http://HOST_NAME:PORT/idaas/im/scim/v1/ServiceProviderConfigs",
"resourceType": "ServiceProviderConfig"
},
"bulk": {
"maxPayloadSize": 1048576,
"supported": false,
"maxOperations": 1000
},
"authenticationSchemes": [
{
"documentationUrl": "http://HOST_NAME/help/httpBasic.htm",
"specUrl": "http://www.ietf.org/rfc/rfc2617.txt",
"description": "Authentication Scheme using the Http Basic Standard",
"name": "HTTP Basic"
}
],
"documentationUrl": "http://HOST_NAME",
"changePassword": {
"supported": true
},
"etag": {
"supported": false
},
"sort": {
"supported": true
},
"filter": {
"supported": true,
"maxResults": 200
}
}
]
}
リクエスト:
操作とURI: GET http://HOST_NAME:PORT/idaas/im/scim/v1/ResourceTypes?attributes=name
レスポンス:
ステータス: HTTP/1.1 200 OK
本文:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 15,
"Resources": [
{
"name": "User"
},
{
"name": "PasswordValidator"
},
{
"name": "UserNameRecoverer"
},
{
"name": "Schema"
},
{
"name": "ServiceProviderConfig"
},
{
"name": "Organization"
},
{
"name": "Request"
},
{
"name": "Group"
},
{
"name": "PasswordPolicy"
},
{
"name": "SystemProperty"
},
{
"name": "NotificationTemplate"
},
{
"name": "ResourceType"
},
{
"name": "PasswordResetterWithChallenges"
},
{
"name": "UserNameValidator"
},
{
"name": "UserNameGenerator"
}
]
}
リクエストは、リソース検索の代替方法であるPOST [prefix]/.searchで発行されます。URLでパラメータを渡すかわりに、次の例に示すようにリクエスト・パラメータがPOST本文で渡されます。
リクエスト:
操作とURI: POST http://HOST_NAME:PORT/idaas/im/scim/v1/Users/.search
Content-Type: application/scim+json
認可: Bearer h480djs93hd8
本文:
{
"schemas":["urn:ietf:params:scim:api:messages:2.0:SearchRequest"],
"attributes": [ "id", "userName" ],
"filter": "userType eq \"Employee\" and (emails [type eq \"work\" and value co \"HOST_NAME\"] or name.givenName co \"doe\")",
"startIndex":1,
"count":2,
"sortBy": "userName",
"sortOrder": "ascending"
}
レスポンス:
本文:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 2,
"itemsPerPage": 2,
"startIndex": 1,
"Resources": [
{
"id": "10",
"userName": "John Doe"
},
{
"id": "89",
"userName": "Mary Doe"
}
]
}
Oracle Identity Manager RESTサービスでサポートされるスキーマを取得するには、次のSCIMリクエストを送信します。
GET /Schemas
SCIMリソースは、Oracle Identity Managerのインストールまたはアップグレード時にデフォルトで作成されるカスタムOracle Web Services Manager (OWSM)ポリシーoracle/multi_token_noauth_over_ssl_rest_service_policyで保護されます。このポリシーは変更できません。
このポリシーは、OWSMの定義済ポリシーoracle/multi_token_rest_service_policyとoracle/no_authentication_service_policyの機能を組み合せます。このポリシーは、トークンがクライアントによって送信されたときに次の認証ポリシーのいずれかを実行するか、トークンが指定されていない場合は匿名を許可します。
HTTP Basic
HTTPヘッダー内のSAML 2.0 Bearerトークン
HTTP OAMセキュリティ
SPNEGO over HTTPセキュリティ
HTTPヘッダー内のJWTトークン
SCIMおよびRESTサービス用のJWTサービスの詳細は、JSON Webトークン・サービスの使用を参照してください。
定義済OWSMポリシーの詳細は、『Webサービスのためのセキュリティおよび管理者ガイド』の次の項を参照してください。
oracle/multi_token_rest_service_policy
動作無効ポリシー
