Groups
Handler to retrieve, create, update, and delete groups in i-net PDFC.
GET /api/scim/v2/groups/<GROUP ID>
Returns either a list, or, if the <GROUP ID>
is set, a single entry of user groups. The response conforms to Section 3.4.1 of RFC 7644. There is no filtering available for the Groups-resource. There is basic support for filtering response attributes.
Example Request
# Request GET /api/scim/v2/groups HTTP/1.1 Authorization: Bearer VGhpcyBpcyBqdXN0IGEgZGVtbyBhY2Nlc3MgdG9rZW4u # Response HTTP/1.1 200 OK Content-Type: application/scim+json { "totalResults": 13, "startIndex": 1, "itemsPerPage": 13, "Resources": [ { "meta": { "location": "https://127.0.0.1:9000/api/scim/v2/Groups/0cx28urjt4d7akrc1as6vbjad", "lastModified": "2024-08-13T09:34:04Z", "resourceType": "Group" }, "displayName": "Dispatcher", "members": [ { "display": "Bruce Scott", "value": "000000001ade633ff96c440b3", "$ref": "https://127.0.0.1:9000/api/scim/v2/Users/000000001ade633ff96c440b3" }, ... ] }, ... ], "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ] }
Application Example
# Browser access https://127.0.0.1:9000/api/scim/v2/groups # Shell access using curl curl -LsH "Authorization: Bearer <access_token>" "https://127.0.0.1:9000/api/scim/v2/groups" # Shell access using curl using username and password curl -Lsu username:password "https://127.0.0.1:9000/api/scim/v2/groups"
POST /api/scim/v2/groups
Create a new user group as per Section 3.3 of RFC 7644. After the group was created, it will be returned. Only standard groups can be created using the API.
Example Request
# Request POST /api/scim/v2/groups HTTP/1.1 Authorization: Bearer VGhpcyBpcyBqdXN0IGEgZGVtbyBhY2Nlc3MgdG9rZW4u { "displayName" : "Dispatcher", "schemas" : [ "urn:ietf:params:scim:schemas:core:2.0:Group" ] } # Response HTTP/1.1 201 OK Content-Type: application/scim+json { "meta": { "location": "https://127.0.0.1:9000/api/scim/v2/Groups/84rl13se4tnn40cz10vf6bdac", "lastModified": "2024-07-15T08:29:26Z", "resourceType": "Group" }, "displayName": "Dispatcher", "members": {}, "externalId": "84rl13se4tnn40cz10vf6bdac", "id": "84rl13se4tnn40cz10vf6bdac", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group" ] }
PUT /api/scim/v2/groups/<GROUP ID>
Update a user group as per Section 3.5.1 of RFC 7644. The group has to exist to be updated, as it will not be created. Updating a group allows renaming the group and provide new members. All previous members will be replaced with the new list of members provided in the request.
Example Request
# Request POST /api/scim/v2/groups/84rl13se4tnn40cz10vf6bdac HTTP/1.1 Authorization: Bearer VGhpcyBpcyBqdXN0IGEgZGVtbyBhY2Nlc3MgdG9rZW4u { "displayName" : "Provider", "members": [{ "value": "000000001ade633ff96c440b3" }], "schemas" : [ "urn:ietf:params:scim:schemas:core:2.0:Group" ] } # Response HTTP/1.1 201 OK Content-Type: application/scim+json { "meta": { "location": "https://127.0.0.1:9000/api/scim/v2/Groups/84rl13se4tnn40cz10vf6bdac", "lastModified": "2024-07-15T08:29:26Z", "resourceType": "Group" }, "displayName": "Provider", "members": {}, "externalId": "84rl13se4tnn40cz10vf6bdac", "id": "84rl13se4tnn40cz10vf6bdac", "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group" ] }
DELETE /api/scim/v2/groups/<GROUP ID>
Remove a user group as defined by section 3.6 of RFC 7644
Example Request
# Request DELETE /api/scim/v2/groups/84rl13se4tnn40cz10vf6bdac HTTP/1.1 Authorization: Bearer VGhpcyBpcyBqdXN0IGEgZGVtbyBhY2Nlc3MgdG9rZW4u # Response HTTP/1.1 204 OK Content-Type: application/scim+json
PATCH /api/scim/v2/groups/<GROUP ID>
Patch a given user as per section 3.5.2 of RFC 7644 with some restrictions:
-
Only the
members
field can be patched. -
There is no way to filter groups as defined in the RFC, you have to specify the
<GROUP ID>
for that. -
Only the operations
replace
,add
andremove
are supported. -
Only the value of the patch operation is used to look up the member user to be patched in the group,
Example Request
# Request PATCH /api/scim/v2/groups/84rl13se4tnn40cz10vf6bdac HTTP/1.1 Authorization: Bearer VGhpcyBpcyBqdXN0IGEgZGVtbyBhY2Nlc3MgdG9rZW4u { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations": [ { "op": "add", "path": "members", "value": [ { "value": "2819c223-7f76-453a-919d-413861904646" } ] } ] } # Response HTTP/1.1 200 OK Content-Type: application/scim+json { ... }