Thanks Farsath and Isura for the clarification. On 1 Nov 2017 8:24 pm, "Isura Karunaratne" <[email protected]> wrote:
> > On Wed, Nov 1, 2017 at 8:01 PM Farasath Ahamed <[email protected]> wrote: > >> On Wed, Nov 1, 2017 at 7:38 PM, Ushani Balasooriya <[email protected]> >> wrote: >> >>> Hi IAM team, >>> >>> I am trying to implement a thirdparty web app to manage users and roles >>> functionalities as explained in this blog post [1] Solution 26. >>> >>> According to the solution, it says, >>> >>> *"The WSO2 Identity Server exposes a set of REST endpoints as well as >>> SOAP-based services for user management, the web app just need to talk to >>> these endpoints, without having to deal directly with underlying user >>> stores (LDAP, AD, JDBC)."* >>> >>> This [2] is the only document I can find as the available API for user >>> role management. >>> >>> Please verify whether my below understandings are correct to proceed >>> with this solution. >>> >>> 1. Since WSO2IS does not provide any REST API for user/role management, >>> there will not be a particular API where I can use as endpoint in my third >>> party application. >>> Therefore my web app should use a class as explained in this [2] >>> document. >>> >>> 2. We should not consider SCIM as REST endpoint to manage users since it >>> is used to provision users to external system. Therefore I cannot treat >>> SCIM as a REST endpoint which can use to add users and roles. >>> >> > No. As Farasath explains, we do support both inbound and outbound SCIM > provisioning. > > You can treat SCIM endpoint as a well defined standard way to manage users > from a third party application. > > IS 5.3.0 onwards identity server supports both SCIM 1.1 and SCIM2.0 (as a > connector) > > Thanks > Isura. > > > >> IMO this is not entirely correct. >> SCIM inbound connector is used to provision users *in to* Identity >> Server and the SCIM outbound connector can be used provision user to >> external systems as you explained. >> >> SCIM inbound connector exposes a REST endpoint through which you can do >> CRUD operation on users/groups. This can be considered as a REST endpoint >> to manage users. Both SCIM and our SOAP APIs talk to the same underlying >> user-core impelementation to achieve CRUD on users (user stores). >> >> Moreover SCIM simply provides a RESTful layer over our usercore >> funcionality. So I don't see why we should not consider SCIM as a REST API >> to manage users. >> Infact we have customers using SCIM to achieve user registration, user >> profile update etc. >> >>> >>> >>> [1] https://medium.facilelogin.com/thirty-solution-patterns-with-the- >>> wso2-identity-server-16f9fd0c0389 >>> >>> [2] https://docs.wso2.com/display/IS530/Managing+Users+ >>> and+Roles+with+APIs#ManagingUsersandRoleswithAPIs-addRole() >>> >>> Thanks, >>> -- >>> *Ushani Balasooriya* >>> Associate Technical Lead - EE; >>> WSO2 Inc; http://www.wso2.com/. >>> >>> >>> -- > > *Isura Dilhara Karunaratne* > Associate Technical Lead | WSO2 > Email: [email protected] > Mob : +94 772 254 810 <+94%2077%20225%204810> > Blog : http://isurad.blogspot.com/ > > > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
