1. Inbound User Provisioning Service API Guide
  2. Resources
  3. Resource Schema
  4. Users

Users

URI ® urn:scim:schemas:core:2.0:User

Table 3-4 Supported SCIM Schema Attributes for Users

SCIM Attribute Constraint: Mutability Constraint: Uniqueness Constraint: Required Description

id

Read Only

Unique on the server across tenants.

True (generated by service provider).

32-character GUID generated by Oracle Life Sciences IAMS.

Example:

"id":"82be808061044f9e9cef4c8f08d53ef0"

externalId

Read

Write

Unique on the server within a tenant.

False

Generated by the client. Must be unique within a tenant.

Oracle Life Sciences IAMS internally stores the externalId with tenant prefix.

The combination of tenant plus externalId must not exceed 255 characters.

Example:

"externalId":"john.doe@customer.com"

username

Read

Write

Unique on the server within a tenant.

True

The non-tenant-qualified username. Oracle Life Sciences IAMS internally stores the username with tenant prefix. This username is used to log into applications that are protected by Oracle Life Sciences IAMS.

The tenancy of the user is derived from the request URL of the resource.

Valid usernames are any combination of the following characters: [a-z], [A-Z], [0-9], space ( ), dash (-), and period (.). If the username is a valid email address, the at-sign (@) is permitted.

The username must contain at least 4 characters. The combination of tenant plus username must not exceed 255 characters.

Example:

"userName": "JOHN.DOE"

name.givenName

Read

Write

None

True

User's first name.

Length must be between 1 and 150 characters.

Example:

"name":{
    "familyName":"Doe",
    "givenName":"John"
}

name.familyName

Read

Write

None

True

User's last name.

Length must be between 1 and 150 characters.

Example:

"name":{
    "familyName":"Doe",
    "givenName":"John"
}

emails [work]

Read

Write

None

True

Oracle Life Sciences IAMS supports a single value of the work type.

Example:

"emails":[{
   "value":"john.doe@customer.com",
    "type":"work"
}]

phoneNumbers [work]

Read

Write

None

False

Oracle Life Sciences IAMS supports a single value of the work type.Example: 

"phoneNumbers":[
        {
            "value": "555-555-5555",
            "type":"work"
        }

active

Read

Write

None

False

Account Status.

SCIM:TRUE ® IAMS: Active, SCIM:FALSE ® IAMS: Disable

A user status can be Disabled in Oracle Life Sciences IAMS if:

  • User has been disabled via a PATCH SCIM request. The user status is marked as disabled without removing any of the user's prior roles.
  • User has been issued a DELETE SCIM request. The user status is marked as disabled after removing any of the user's existing roles.

You can only specify this attribute in a PATCH request. It must be specified alone (without any other user attributes).

Example:

"active":true

password

Write Only

None

False

Auto-generated if a value is not specified in the POST request.

A password change is not allowed in a PUT request.

A PATCH request must be specified alone (without any other user attributes).

Updating the password (via PATCH) also unlocks the user account if it has been locked.

Must adhere to Oracle Life Sciences IAMS password policies.

Example:

"password":"P@ssW0r3"

groups

Read Only

None

False

Lists the authorized business services of the current user. Example:

"groups":[
      {
       "value": "<tenant>*.bizsvcrole",
 
"display":"bizsvcrole"
       }
      ]

*<tenant> is the owner of the service.

meta

Read Only

None

False

Includes the user creation date, last update date, and location. Example:

"meta":{
                "created": "2014-05-29T18:00:35Z",
                "lastModified": "2014-05-29T18:00:35Z",
                "location": "http://hs-identity-api.oracleindustry.com /scim/v1/mypharms/User/54dc4a653ee71a34e3a783883c744",
                "resourceType":"User"
            }

Parent topic: Resource Schema