On Wed, Nov 1, 2017 at 8:01 PM Farasath Ahamed <[email protected]> wrote:
> On Wed, Nov 1, 2017 at 7:38 PM, Ushani Balasooriya <[email protected]> > wrote: > >> Hi IAM team, >> >> I am trying to implement a thirdparty web app to manage users and roles >> functionalities as explained in this blog post [1] Solution 26. >> >> According to the solution, it says, >> >> *"The WSO2 Identity Server exposes a set of REST endpoints as well as >> SOAP-based services for user management, the web app just need to talk to >> these endpoints, without having to deal directly with underlying user >> stores (LDAP, AD, JDBC)."* >> >> This [2] is the only document I can find as the available API for user >> role management. >> >> Please verify whether my below understandings are correct to proceed with >> this solution. >> >> 1. Since WSO2IS does not provide any REST API for user/role management, >> there will not be a particular API where I can use as endpoint in my third >> party application. >> Therefore my web app should use a class as explained in this [2] >> document. >> >> 2. We should not consider SCIM as REST endpoint to manage users since it >> is used to provision users to external system. Therefore I cannot treat >> SCIM as a REST endpoint which can use to add users and roles. >> > No. As Farasath explains, we do support both inbound and outbound SCIM provisioning. You can treat SCIM endpoint as a well defined standard way to manage users from a third party application. IS 5.3.0 onwards identity server supports both SCIM 1.1 and SCIM2.0 (as a connector) Thanks Isura. > IMO this is not entirely correct. > SCIM inbound connector is used to provision users *in to* Identity Server > and the SCIM outbound connector can be used provision user to external > systems as you explained. > > SCIM inbound connector exposes a REST endpoint through which you can do > CRUD operation on users/groups. This can be considered as a REST endpoint > to manage users. Both SCIM and our SOAP APIs talk to the same underlying > user-core impelementation to achieve CRUD on users (user stores). > > Moreover SCIM simply provides a RESTful layer over our usercore > funcionality. So I don't see why we should not consider SCIM as a REST API > to manage users. > Infact we have customers using SCIM to achieve user registration, user > profile update etc. > >> >> >> [1] >> https://medium.facilelogin.com/thirty-solution-patterns-with-the-wso2-identity-server-16f9fd0c0389 >> >> [2] >> https://docs.wso2.com/display/IS530/Managing+Users+and+Roles+with+APIs#ManagingUsersandRoleswithAPIs-addRole() >> >> Thanks, >> -- >> *Ushani Balasooriya* >> Associate Technical Lead - EE; >> WSO2 Inc; http://www.wso2.com/. >> >> >> -- *Isura Dilhara Karunaratne* Associate Technical Lead | WSO2 Email: [email protected] Mob : +94 772 254 810 Blog : http://isurad.blogspot.com/
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
