Hi Ushani, Need your help to clarify the following: Do you feel there is a doc gap with regard to managing users/roles using REST APIs? If so we will move to update docs to avoid this. Looking forward to your reply.
[1] https://docs.wso2.com/display/IS540/SCIM+APIs Thanks & Regards Shavindri Dissanayake Senior Technical Writer WSO2 Inc. lean.enterprise.middleware On Wed, Nov 1, 2017 at 8:26 PM, Ushani Balasooriya <[email protected]> wrote: > Thanks Farsath and Isura for the clarification. > > On 1 Nov 2017 8:24 pm, "Isura Karunaratne" <[email protected]> wrote: > >> >> On Wed, Nov 1, 2017 at 8:01 PM Farasath Ahamed <[email protected]> >> wrote: >> >>> On Wed, Nov 1, 2017 at 7:38 PM, Ushani Balasooriya <[email protected]> >>> wrote: >>> >>>> Hi IAM team, >>>> >>>> I am trying to implement a thirdparty web app to manage users and roles >>>> functionalities as explained in this blog post [1] Solution 26. >>>> >>>> According to the solution, it says, >>>> >>>> *"The WSO2 Identity Server exposes a set of REST endpoints as well as >>>> SOAP-based services for user management, the web app just need to talk to >>>> these endpoints, without having to deal directly with underlying user >>>> stores (LDAP, AD, JDBC)."* >>>> >>>> This [2] is the only document I can find as the available API for user >>>> role management. >>>> >>>> Please verify whether my below understandings are correct to proceed >>>> with this solution. >>>> >>>> 1. Since WSO2IS does not provide any REST API for user/role management, >>>> there will not be a particular API where I can use as endpoint in my third >>>> party application. >>>> Therefore my web app should use a class as explained in this [2] >>>> document. >>>> >>>> 2. We should not consider SCIM as REST endpoint to manage users since >>>> it is used to provision users to external system. Therefore I cannot treat >>>> SCIM as a REST endpoint which can use to add users and roles. >>>> >>> >> No. As Farasath explains, we do support both inbound and outbound SCIM >> provisioning. >> >> You can treat SCIM endpoint as a well defined standard way to manage >> users from a third party application. >> >> IS 5.3.0 onwards identity server supports both SCIM 1.1 and SCIM2.0 (as a >> connector) >> >> Thanks >> Isura. >> >> >> >>> IMO this is not entirely correct. >>> SCIM inbound connector is used to provision users *in to* Identity >>> Server and the SCIM outbound connector can be used provision user to >>> external systems as you explained. >>> >>> SCIM inbound connector exposes a REST endpoint through which you can do >>> CRUD operation on users/groups. This can be considered as a REST endpoint >>> to manage users. Both SCIM and our SOAP APIs talk to the same underlying >>> user-core impelementation to achieve CRUD on users (user stores). >>> >>> Moreover SCIM simply provides a RESTful layer over our usercore >>> funcionality. So I don't see why we should not consider SCIM as a REST API >>> to manage users. >>> Infact we have customers using SCIM to achieve user registration, user >>> profile update etc. >>> >>>> >>>> >>>> [1] https://medium.facilelogin.com/thirty-solution-patterns- >>>> with-the-wso2-identity-server-16f9fd0c0389 >>>> >>>> [2] https://docs.wso2.com/display/IS530/Managing+Users+and+ >>>> Roles+with+APIs#ManagingUsersandRoleswithAPIs-addRole() >>>> >>>> Thanks, >>>> -- >>>> *Ushani Balasooriya* >>>> Associate Technical Lead - EE; >>>> WSO2 Inc; http://www.wso2.com/. >>>> >>>> >>>> -- >> >> *Isura Dilhara Karunaratne* >> Associate Technical Lead | WSO2 >> Email: [email protected] >> Mob : +94 772 254 810 <+94%2077%20225%204810> >> Blog : http://isurad.blogspot.com/ >> >> >> >> > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
