Show pageBacklinksAdd to bookExport to PDFDW EditBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. CKG Edit ====== SCIM module - Creating a user with group assigned ====== {{tag> scim}} [[devel:documentation:modules_scim | SCIM]] module was added in CzechIdM 8.1.0. The aim of this tutorial is to create a new group (~ IdM role), a user (~ IdM identity) with contract (~ IdM identity contract). Then assign him a group (~IdM identity role). ===== What do you need before you start ===== * We need to install CzechIdM 8.1.0 (and higher). In the example below, we use localhost:8080 as url on which the CzechIdM run. * We need to install [[devel:documentation:modules_scim|Scim module]] into CzechIdM. * Create an identity, which has permission to create and read reports. We are using the default ''admin:admin'' identity. Note: [[devel:documentation:modules_scim#swagger|Swagger]] can be used in the example. ===== 01 Create user ===== Only ''userName'' attribute is required for creating a user: <code bash> curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'Authorization: Basic YWRtaW46YWRtaW4=' -d '{ "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User" ], "userName": "scimOne" }' 'http://localhost:8080/idm/api/v1/scim/Users' </code> ===== 02 Create contract ===== Default contract is created automatically for new user (if default contract is enabled by [[.:application_configuration:dev:backend#identity|configuration]]). Created contracts for user can be found: <code bash> curl -X GET --header 'Accept: application/json' --header 'Authorization: Basic YWRtaW46YWRtaW4=' 'http://localhost:8080/idm/api/v1/scim/Users/scimOne/Contracts' </code> But if we want to create new contract: <code bash> curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'Authorization: Basic YWRtaW46YWRtaW4=' -d '{ "schemas": [ "urn:ietf:params:scim:schemas:CzechIdM:8.1:Contract" ], "user": "scimOne", "position": "test" }' 'http://localhost:8080/idm/api/v1/scim/Contracts' </code> We will use returned contract ''id'' attribute in next requests. ===== 03 Create group with member ===== Now we have user and contract. Now we will create new role with this role assigned to user's contract. We can create and assing role with one request: <code bash> curl -X POST --header 'Content-Type: application/json' --header 'Accept: application/json' --header 'Authorization: Basic YWRtaW46YWRtaW4=' -d '{ "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group" ], "displayName": "roleScimOne", "members": [{ "$ref": "/Users/scimOne/Contracts/5ea857ff-2ec1-4c29-813b-c0d37fc23065" } ] }' 'http://localhost:8080/idm/api/v1/scim/Groups' </code> <note tip>Congratulations, you can see from response, group is assigned to given user.</note> ===== Advanced ===== [[.:scim_form_value]] by tomiskar Log In