Skip to content
This repository has been archived by the owner on Mar 14, 2019. It is now read-only.

SCIM 2.0 API

Jump to bottom
Álvaro Alonso edited this page Aug 31, 2015 · 6 revisions

DEPRECATED - Important: This wiki documentation is deprecated. Please use the documentation included in the main README of this project

Authentication and Authorization

The IDM provides several authentication mechanisms. Any of them is valid to access the SCIM 2.0 API.

The access to the SCIM 2.0 API (except ServiceProvider calls) is only allowed for administrators, access attempts performed by non-admin users will be answered with HTTP 401 (Unauthorized).

In this case, we will be using version 2.0 of the API, but version 1.1 is compatible. To use version 1.1, replace in the examples below v2 with v1. In the case of the organizations, only v2 is available.

The endpoint of SCIM API in FIWARE Lab environment is:

http://cloud.lab.fiware.org:4730/v3/OS-SCIM

Users SCIM API

List users

GET /v2/Users/

{"totalResults": 12, "Resources": [...], "schemas": ["urn:scim:schemas:core:2.0", "urn:scim:schemas:extension:keystone:2.0"]}

Get info about a user

GET /v2/Users/:actorID

{"userName": "[email protected]", "urn:scim:schemas:extension:keystone:2.0": {"domain_id": "default"}, "active": true, "id": "user1", "schemas": ["urn:scim:schemas:core:2.0", "urn:scim:schemas:extension:keystone:2.0"]}

Create a User

POST /v2/Users/

Params example:

{ 
 "userName": "alice",
 "displayName": "Alice 
 "password": "passw0rd",
 "emails": [
     {
       "value": "[email protected]"
      }
 ]
}

Edit a user

PUT /v2/Users/:actorID

Destroy a user

DELETE /v2/Users/:actorID

Organizations SCIM API

List Organizations

GET /v2/Organizations/

{"totalResults": 24, "Resources": [...], "schemas": ["urn:scim:schemas:core:2.0", "urn:scim:schemas:extension:keystone:2.0"]}

Get info about an organization

GET /v2/Organizations/:actorID

{"name": "org1", "is_default": true, "urn:scim:schemas:extension:keystone:2.0": {"domain_id": "default"}, "active": true, "id": "22928e07c0bd4063a7f0bb8c826b0a18", "schemas": ["urn:scim:schemas:core:2.0", "urn:scim:schemas:extension:keystone:2.0"]}

Create an organization

POST /v2/Organizations/

Params example:

{
"name": "Name of organization", 
"is_default": true,
"domain_id": "domain",
"active": true, 
"id": "ID", 
}

Edit an organization

PUT /v2/Organizations/:actorID

Destroy an organization

DELETE /v2/Organizations/:actorID

Service Provider SCIM API

GET /v2/ServiceProviderConfigs

{
"sort": {
	"supported": false
}, 
"bulk": {
	"maxPayloadSize": 0, 
	"supported": false, 
	"maxOperations": 0
}, 
"changePassword": {
	"supported": true
}, "xmlDataFormat": {
	"supported": false
}, 
"information": {
	"basicUsers": 1, 
	"totalCloudOrganizations": 12, 
	"totalUserOrganizations": 24, 
	"communityUsers": 0, 
	"totalUsers": 12, 
	"trialUsers": 0, 
	"totalResources": 48
}, 
"documentationUrl": "https://test.com/README.md", 
"patch": {
	"supported": true
}, 
"filter": {
	"supported": true, 
	"maxResults": 9223372036854775807
}, 
"etag": {
	"supported": false
}, 
"schemas": ["urn:scim:schemas:core:2.0:ServiceProviderConfig"], 
"authenticationSchemes": [{
	"name": "Keytone Authentication", 
	"documentationUrl": "http://keystone.openstack.org/", 
	"primary": true, 
	"specUrl": "http://specs.openstack.org/openstack/keystone-specs", 
	"type": "keystonetoken", 
	"description": "Authentication using Keystone"
}]}

Where information provides the number of total users, total organizations (not counting the default organizations), cloud organizations, and the number of each type of user (basic, trial and community).

Clone this wiki locally