Skip to end of metadata
Comment: Migrated to Confluence 4.0
Go to start of metadata

The RoleDataService provides operations to manage roles as well as determine which users and groups are associated with that role. The operations below can be found on the RoleDataSerivce.

RoleDataService Operations

  • getUserRolesAsFlatList
  • getAllAttributes
  • getRolesInDomain
  • removeGroupFromRole
  • getUserRolesByDomain
  • removeAllGroupsFromRole
  • updateAttribute
  • isUserInRole
  • addRole
  • getUsersInRole
  • removeRole
  • getUserRoles
  • getRole
  • getGroupsInRole
  • removeUserFromRole
  • removeAllAttributes
  • search
  • isGroupInRole
  • updateRole
  • getUserRolesDirect
  • getRolesInGroup
  • addAttribute
  • getAttribute
  • addGroupToRole
  • addUserToRole
  • removeAttribute
  • getAllRoles

Endpoint address:
http://<hostname>/

http://localhost:8080/openiam-idm-esb/idmsrvc/RoleDataWebService



Wsdl:
{urn:idm.openiam.org/srvc/role/service}RoleDataWebService

Target namespace:
urn:idm.openiam.org/srvc/role/service


 

Service Operations

Operation Name: addRole(Role role)

Parameters:

  • Role role

Return:

  • RoleResponse

Operation adds a new Role and related attributes into the OpenIAM repository as part of a single transaction. The returned role, which is found in the RoleResponse object will contain the Role ID as well as the attributes that are associated with the request. The role ID must be specified as part of the request. It is NOT system generated. However, if attributes are associated with the request, then  attribute Id's should not be included in the request as they are system generated.

Roles are hierarchical. To create a child role, provide the id of a parent role in the parentRoleId element in the request shown below.

Sample Request:


Sample Response:

Operation Name: addUserToRole(String domainId, String roleId, String userId)

Parameters:

  • String domainId - Security Domain that this role is associated with
  • String roleId - Role Id that this user should be associated to
  • String userId - UserId that should be associated with this role.

Return:

  • RoleResponse

Associates a user to a role. Both the role and the user must be created prior to this association.

Sample Request:

Operation Name: getRole(String domainId, String roleId)

Parameters:

  • String domainId
  • String roleId

Return:

  • RoleResponse

Returns the Role object that is specified by the operations parameters. If the roleId is not found, then the status indicator in the response object will be set to FAILURE.

Sample Request:

Sample Response:


Operation Name: getUserInRoles(String userId)

Parameters:

  • String userId

Return:

  • RoleListResponse

Returns List of Roles that a user belongs to. Since roles can be hierarchical, its possible that additional roles will be found in the childRoles property. This operation will traverse the role hierarchy from the bottom up to return the list of roles a user belongs to.

Sample Request:


Operation Name: getUserRolesAsFlatList(String userId)

Parameters:

  • String userId

Return:

  • RoleListResponse

Returns List of Roles that a user belongs to. The list of Roles is returned as flat list. This operation will traverse the role hierarchy from the bottom up to return the list of roles a user belongs to.

Sample Request:


Operation Name: isUserInRole(String userId)

Parameters:

  • String domainId
  • String roleId
  • String userId

Return:

  • Response

Determines if the userId is associated with the roleId.

Sample Request:



Labels:
None
Edit Labels