siemens.platformcore.identitymanagement
Module siemens.platformcore.identitymanagement
API
Definitions
ballerinax/siemens.platformcore.identitymanagement Ballerina library
Overview
This is a generated connector for Siemens Identity Management API v3.3.0 OpenAPI specification.
The Identity Management API provides a means form managing users, groups and OAuth clients.
The user and group management is based on SCIM (System for Cross-domain Identity Management).
Note: Unless stated otherwise the Identity Management APIs allow each caller only to act within the context of the tenant to which the caller belong's to.
Note2: UIAM stands for User Identity Access Management, since users and providers are separated in system. Therefore this API documentation is related to users generally.
Prerequisites
Before using this connector in your Ballerina application, complete the following:
- Create a Siemens MindSphere account.
- Obtain tokens by following this guide.
Clients
siemens.platformcore.identitymanagement: Client
This is a generated connector from Siemens identity management API OpenAPI Specification.
The Identity Management API provides a means form managing users, groups and OAuth clients.
The user and group management is based on SCIM (System for Cross-domain Identity Management).
Note: Unless stated otherwise the Identity Management APIs allow each caller only to act within the context of the tenant to which the caller belong's to.
Note2: UIAM stands for User Identity Access Management, since users and providers are separated in system. Therefore this API documentation is related to users generally.
Constructor
Gets invoked to initialize the connector
.
The connector initialization requires setting the API credentials.
Create a (Siemens MindSphere)(https://siemens.mindsphere.io/en) account and obtain tokens by following this guide
init (ConnectionConfig config, string serviceUrl)
- config ConnectionConfig - The configurations to be used when initializing the
connector
- serviceUrl string - URL of the target service
listGroups
function listGroups(string? filter, decimal count, decimal startIndex) returns ScimGroupSearchResults|error
List all the groups of a tenant.
Parameters
- count decimal (default 100.0) - Number of objects to be returned (defaults to 100)
- startIndex decimal (default 1.0) - The starting index of the search results when paginated. Index starts with 1.
Return Type
createGroup
function createGroup(ScimGroupPost payload) returns ScimGroup|error
Create group
Parameters
- payload ScimGroupPost - Details of group
getGroup
Get group
Parameters
- id string - Id of group
updateGroup
function updateGroup(string id, ScimGroupPost payload) returns ScimGroup|error
Update group.
deleteGroup
Delete group
Parameters
- id string - Id of the group
listGroupMembers
List members of a group
Parameters
- id string - Id of group
Return Type
- ScimGroupMemberList|error - OK
addMemberToGroup
function addMemberToGroup(string id, ScimGroupMember payload) returns ScimGroupMember|error
Add member to a group
Return Type
- ScimGroupMember|error - Created
removeMemberFromGroup
function removeMemberFromGroup(string id, string memberId) returns ScimGroupMember|error
Delete member from a group
Return Type
- ScimGroupMember|error - OK
list
function list(string? filter, string? attributes, string? sortBy, string sortOrder, decimal count, decimal startIndex, string? subtenant) returns ScimUserResponseSearchResults|error
List of users of a tenant.
Parameters
- filter string? (default ()) - "SCIM filter for searching see here. The available filter attributes are: id, username, email or emails.value, givenname, familyname, active, phonenumber, verified, origin, created or meta.created, lastmodified or meta.lastmodified, version or meta.version, groups.display. </br> <b>Note</b>: <i>groups.display</i> parameter cannot be used in complex filter expression and only <i>eq</i> operator is allowed eg. <i>filter=groups.display eq "MyGroupName"</i>
- attributes string? (default ()) - Comma separated list of attribute names to be returned, e.g., userName, name, meta. The attributes parameters does not support the parameter "subtenants".
- sortBy string? (default ()) - Sorting field name, like email or id
- sortOrder string (default "ascending") - Sort order, ascending/descending (defaults to ascending)
- count decimal (default 100.0) - Number of objects to be returned (defaults to 100)
- startIndex decimal (default 1.0) - The starting index of the search results when paginated. Index starts with 1 (defaults to 1).
- subtenant string? (default ()) - Filter for subtenant users
Return Type
create
function create(ScimUserPost payload) returns ScimUserPostResponse|error
Create user
Parameters
- payload ScimUserPost - Details of user
Return Type
- ScimUserPostResponse|error - Created
get
function get(string id) returns ScimUserResponse|error
Get user
Parameters
- id string - Id of user
Return Type
- ScimUserResponse|error - OK
update
function update(string id, ScimUserPut payload) returns ScimUserResponse|error
Update user
Return Type
- ScimUserResponse|error - OK
delete
function delete(string id) returns ScimUserResponse|error
Delete user
Parameters
- id string - Id of user
Return Type
- ScimUserResponse|error - OK
getUserRoles
Get list of groups starting with the prefix "mdsp:" in which the user is a member.
getProviderOAuthClient
function getProviderOAuthClient(string id) returns OAuthClient|error
Get OAuth client details
Parameters
- id string - Id of your client. It must be the same as the
client_id
claim in the bearer token.
Return Type
- OAuthClient|error - OK
updateSecret
function updateSecret(string id, ChangeSecretRequest payload, string? currentSecret) returns ChangedSecretResponse|error
Update OAuth client's secret
Parameters
- id string - Client identifier
- payload ChangeSecretRequest - Parameters of the new secret.
- currentSecret string? (default ()) - Required, unless your have
prv.oc.sec.admin
scope. It is used to make sure the requestor has permission to modify the given client's secret.
Return Type
- ChangedSecretResponse|error - Secret has been changed successfully.
createSecret
function createSecret(string id, ChangeSecretRequest payload, string? currentSecret) returns ChangedSecretResponse|error
Add new OAuth client's secret
Parameters
- id string - Client identifier
- payload ChangeSecretRequest - Parameters of the new secret.
- currentSecret string? (default ()) - Required, unless your have
prv.oc.sec.admin
scope. It is used to make sure the requestor has permission to modify the given client's secret.
Return Type
- ChangedSecretResponse|error - Secret has been added successfully.
deleteSecret
Delete old OAuth client's secret
Records
siemens.platformcore.identitymanagement: ChangedSecretResponse
Fields
- secret string? - the new secret.
siemens.platformcore.identitymanagement: ChangeSecretRequest
Fields
- newSecret string? - New secret for the client. Must meet the following requirements:
- alphabet is a-zA-Z0-9
- minimum 43 characters
- maximum 255 characters If parameter is missing, then new secret will be generated.
siemens.platformcore.identitymanagement: ClientHttp1Settings
Provides settings related to HTTP/1.x protocol.
Fields
- keepAlive KeepAlive(default http:KEEPALIVE_AUTO) - Specifies whether to reuse a connection for multiple requests
- chunking Chunking(default http:CHUNKING_AUTO) - The chunking behaviour of the request
- proxy ProxyConfig? - Proxy server related options
siemens.platformcore.identitymanagement: ConnectionConfig
Provides a set of configurations for controlling the behaviours when communicating with a remote HTTP endpoint.
Fields
- auth BearerTokenConfig|OAuth2RefreshTokenGrantConfig - Configurations related to client authentication
- httpVersion HttpVersion(default http:HTTP_2_0) - The HTTP version understood by the client
- http1Settings ClientHttp1Settings? - Configurations related to HTTP/1.x protocol
- http2Settings ClientHttp2Settings? - Configurations related to HTTP/2 protocol
- timeout decimal(default 60) - The maximum time to wait (in seconds) for a response before closing the connection
- forwarded string(default "disable") - The choice of setting
forwarded
/x-forwarded
header
- poolConfig PoolConfiguration? - Configurations associated with request pooling
- cache CacheConfig? - HTTP caching related configurations
- compression Compression(default http:COMPRESSION_AUTO) - Specifies the way of handling compression (
accept-encoding
) header
- circuitBreaker CircuitBreakerConfig? - Configurations associated with the behaviour of the Circuit Breaker
- retryConfig RetryConfig? - Configurations associated with retrying
- responseLimits ResponseLimitConfigs? - Configurations associated with inbound response size limits
- secureSocket ClientSecureSocket? - SSL/TLS-related options
- proxy ProxyConfig? - Proxy server related options
- validation boolean(default true) - Enables the inbound payload validation functionality which provided by the constraint package. Enabled by default
siemens.platformcore.identitymanagement: Email
Fields
- value string - The email address.
siemens.platformcore.identitymanagement: Group
Fields
- display string -
- 'type string? -
- value string? -
siemens.platformcore.identitymanagement: NameRequest
Name request
Fields
- familyName string - Family name
- givenName string - Given name
siemens.platformcore.identitymanagement: NameResponse
Fields
- familyName string? -
- givenName string? -
siemens.platformcore.identitymanagement: OAuth2RefreshTokenGrantConfig
OAuth2 Refresh Token Grant Configs
Fields
- Fields Included from *OAuth2RefreshTokenGrantConfig
- refreshUrl string(default "http://UAA_DOMAIN/oauth/token") - Refresh URL
siemens.platformcore.identitymanagement: OAuthClient
Fields
- clientId string? - Identifier of the client, unique within the identity zone
- authorizedGrantTypes string[]? - List of grant types that can be used to obtain a token with this client. Can include authorization_code, password, implicit, and/or client_credentials.
- redirectUri string[]? -
- name string? - A human readable name for the client
- authorities string[]? - Scopes which the client is able to grant when creating a client. Defaults to "uaa.none". E.g. with client_credentials as authorized_grant_types, the client will get the scopes listed here.
- scopes string[]? - Scopes allowed for the client. Defaults to "uaa.none". E.g. with password as authorized_grant_types the user can get the intersection of his scopes and the scopes listed here.
- lastModified int? - Epoch (milliseconds) of the moment the client information was last altered. Not affected by secret changes.
- secretCreationTimes ClientSecretCreationTimes? - Epoch (milliseconds) of the moment the client secret was introduced. Array contains creation times in ascending order. Most of the time it should contain only one item, except during secret rotation - in that case, two items will be there.
siemens.platformcore.identitymanagement: ProxyConfig
Proxy server configurations to be used with the HTTP client endpoint.
Fields
- host string(default "") - Host name of the proxy server
- port int(default 0) - Proxy server port
- userName string(default "") - Proxy server username
- password string(default "") - Proxy server password
siemens.platformcore.identitymanagement: ScimGroup
Fields
- id string? - The globally unique group ID
- description string? - Human readable description of the group, displayed e.g. when approving scopes
- displayName string? - The identifier specified upon creation of the group, unique within the identity zone
- members ScimGroupMember[]? -
- meta ScimMeta? -
siemens.platformcore.identitymanagement: ScimGroupMember
Fields
- 'type string - Either "USER" or "GROUP"
- value string - Globally unique identifier of the member, either a user ID or another group ID
siemens.platformcore.identitymanagement: ScimGroupPost
Fields
- description string? - Human readable description of the group, displayed e.g. when approving scopes
- displayName string - The identifier specified upon creation of the group, unique within the identity zone
- members ScimGroupMember[]? - If given members array is empty, all members will be deleted.
siemens.platformcore.identitymanagement: ScimGroupSearchResults
Fields
- itemsPerPage int? -
- resources ScimGroup[]? -
- schemas string[]? -
- startIndex int? -
- totalResults int? -
siemens.platformcore.identitymanagement: ScimMeta
Fields
- created string? -
- lastModified string? -
- 'version int? -
siemens.platformcore.identitymanagement: ScimUserPost
Fields
- active boolean? - False means a soft delete.
- name NameRequest? - Name request
- userName UserName - The e-mail address of the user.
- subtenants SubtenantId[]? -
siemens.platformcore.identitymanagement: ScimUserPostResponse
Fields
- schemas string[]? -
- id string? -
- userName string? - The e-mail address of the user.
- name NameResponse? -
- groups Group[]? -
- emails Email[]? -
- active boolean? -
- meta ScimMeta? -
- subtenants SubtenantId[]? -
siemens.platformcore.identitymanagement: ScimUserPut
Name object can be null. Example: "name": {}. Name attributes are fetched from WebKey during authentication.
Fields
- active boolean? - False means a soft delete.
- name NameRequest - Name request
- userName UserName - The e-mail address of the user.
- emails Email[] - An array of emails
- subtenants SubtenantId[]? - An array of subtenants.
siemens.platformcore.identitymanagement: ScimUserResponse
Fields
- schemas string[]? -
- id string? -
- userName string? - The e-mail address of the user.
- name NameResponse? -
- groups Group[]? -
- emails Email[]? -
- active boolean? -
- meta ScimMeta? -
- subtenants SubtenantId[]? -
siemens.platformcore.identitymanagement: ScimUserResponseSearchResults
Fields
- itemsPerPage int? -
- resources ScimUserResponse[]? -
- schemas string[]? -
- startIndex int? -
- totalResults int? -
siemens.platformcore.identitymanagement: SubtenantId
Fields
- id string - The ID / name of the subtenant.
String types
siemens.platformcore.identitymanagement: UserName
UserName
The e-mail address of the user.
Import
import ballerinax/siemens.platformcore.identitymanagement;
Metadata
Released date: almost 2 years ago
Version: 1.4.0
License: Apache-2.0
Compatibility
Platform: any
Ballerina version: 2201.2.1
GraalVM compatible: Yes
Pull count
Total: 0
Current verison: 0
Weekly downloads
Keywords
IT Operations/Security & Identity Tools
Cost/Freemium
Contributors
Dependencies