Skip to main content

Get user

GET 
/nevisidm/api/scim/v1/:clientExtId/Users/:id

Retrieves the full SCIM representation of a single user by internal ID. The user must belong to the client specified in the URL path.

Returns all user elements including credentials, profiles, authorizations, and custom properties.

Request

Path Parameters

    clientExtId stringrequired

    Client's external identifier.

    Example: 100
    id stringrequired

    User's internal identifier.

    Example: 100

Responses

SCIM user retrieved successfully

Schema
    schemas string[]required

    An array of Strings containing URIs that are used to indicate the namespaces of the SCIM schemas that define the attributes present in the current JSON structure.

    id stringrequired

    A unique identifier for a SCIM resource.

    externalId stringrequired

    An identifier for the resource as defined by the provisioning client.

    meta ScimMeta

    SCIM defined complex to hold meta information.

    resourceType stringrequired

    The name of the resource type of the resource.

    created date-time

    The date and time that the resource was added to the service provider.

    lastModified date-time

    The most recent date and time that the details of this resource were updated at the service provider.

    location uri

    The URI of the resource being returned.

    version string

    The version of the resource being returned.

    userName stringrequired

    Unique identifier for the User for the actual customer. This is mapped to the loginId property of User.

    name ScimName

    SCIM defined complex to hold name of user. Defined for ScimUser.

    formatted string

    The full name, including all middle names, titles, and suffixes. This is not mapped for input, just generated for output.

    familyName string

    The family name of the User, or Last Name in most Western languages. This is mapped to name property of User.

    givenName string

    The given name of the User, or First Name in most Western languages. This is mapped to firstName attribute of User.

    middleName string

    The middle name(s) of the User. This is not mapped to any property of User, yet.

    honorificPrefix string

    The honorific prefix(es) of the User, or Title in most Western languages. This is mapped to title property of User.

    displayName string

    The name of the User, suitable for display to end-users. This is generated like name.formatted. If empty the userName will be returned.

    preferredLanguage string

    Indicates the User's preferred written or spoken language. This is mapped to languageId property of User.

    locale string

    Used to indicate the User's default location for purposes of localizing items such as currency, date time format, numerical representations, etc. This is mapped to locality property of User.

    active booleanrequired

    A Boolean value indicating the User's administrative status. This it mapped to status property of User. 'true' => ACTIVE, 'false' => DISABLED; ACTIVE => 'true', otherwise 'false'.

    emails ScimMultiAttribute[]required

    E-mail addresses for the user. The Idm can accept only one email address. By default the email address is mandatory and must be unique. This is mapped to email and uniqueEmail properties of User.

  • Array [
    • value stringrequired

    Attribute value (eg. email address, prhone number. This part is mapped to the referred property of User.

    display string

    A human readable name, primarily used for display purposes. This part is not mapped, for output the value is repeated here.

    type string

    A label indicating the attribute's function; e.g. 'work', 'home', etc. For email this part is not mapped. For phone the following values are accepted and required: 'telephone', 'telefax' or 'mobile'. Other types are not supported, yet.

    primary boolean

    A Boolean value indicating the 'primary' or preferred. This part is not mapped, the first one always true the rest always false.

  • ]
    • phoneNumbers ScimMultiAttribute[]

    Phone numbers for the User. The Idm can accept three kind of phone numbers. Indicate the type as 'telephone', 'telefax' or 'mobile'. These values are mapped to properties indicated in type attribute.

  • Array [
    • value stringrequired

    Attribute value (eg. email address, prhone number. This part is mapped to the referred property of User.

    display string

    A human readable name, primarily used for display purposes. This part is not mapped, for output the value is repeated here.

    type string

    A label indicating the attribute's function; e.g. 'work', 'home', etc. For email this part is not mapped. For phone the following values are accepted and required: 'telephone', 'telefax' or 'mobile'. Other types are not supported, yet.

    primary boolean

    A Boolean value indicating the 'primary' or preferred. This part is not mapped, the first one always true the rest always false.

  • ]
    • addresses ScimPhysicalAddress[]

    Physical mailing addresses for this User. The Idm can accept only one address.This is mapped to country, city, postalcode, addressline2 and addressline1 properties of User.

  • Array [
    • formatted string

    The full mailing address, formatted for display or for label. This is not mapped for input, just generated for output.

    streetAddress string

    The full street address component. This part is mapped to addressline1 and addressline2 properties of User with separating new line character (only one supported).

    locality string

    The city or locality component. This part is mapped to city property of User.

    region string

    The state or region component. This part is not mapped to any property of User, yet.

    postalCode string

    The zipcode or postal code component. This part is mapped to postalcode property of User.

    country string

    The country name component. This part is mapped to country property of User.

    type string

    A label indicating the attribute's function; e.g. 'work' or 'home'. This part is not mapped to any property of User, yet.

    primary boolean

    A Boolean value indicating the 'primary' or preferred. This part is not mapped to any property of User, yet.

  • ]
    • urn:nevis:idm:scim:schemas:v1:extension:User ScimUserExtension

    SCIM User IDM extension for properties in IDM "User" that has not been covered by the ScimUser. Schema: "urn:nevis:idm:scim:schemas:v1:extension:User".

    remarks string

    Description for the user.

    sex string

    Gender of the user.

    birthDate date-time

    Birthdate of the user.

    validFrom date-time

    Validity starting timestamp can be defined for the user.

    validTo date-time

    Validity ending timestamp can be defined for the user.

    technical booleanrequired

    Indicates if it the user is technical or not.

    street string

    Street name of user's address.

    houseNumber string

    House number of user's address.

    dwellingNumber string

    Property unit number of user's address.

    postOfficeBoxText string

    Post office box text of user's address.

    postOfficeBoxNumber int32

    Post office box number of user's address.

    templateCollectionName string

    Name of template collection assigned to the user.

    credentials ScimCredential[]required

    List of credential a assigned to the user.

  • Array [
    • clientExtId string
    extId stringrequired

    External identifier for the credential. Must be unique.

    type stringrequired

    Possible values: [PASSWORD, GENERIC, FIDO2, TICKET, MTAN, RECOVERY_CODE, TEMPSTRONGPASSWORD, SAFEWORDUSER, SECURID, PUK, FIDO_UAF, CONTEXTPASSWORD, CERTIFICATE, KERBEROS, VASCO, URLTICKET, MOBILESIGNATURE, SAMLFEDERATION, DEVICEPASSWORD, OATH, OTP, SECURITYQUESTIONS, UNSUPPORTED]

    Type of the credential.

    name string

    Name attribute for the credential.

    state stringrequired

    Possible values: [INITIAL, ACTIVE, TMP_LOCKED, FAIL_LOCKED, RESET_CODE, ADMIN_CHANGED, DISABLED, ARCHIVED]

    Enumeration value indicating the credential's administrative status.

    validFrom date-timerequired

    Validity starting timestamp for the credential.

    validTo date-timerequired

    Validity ending timestamp for the credential.

    properties object

    Name value pairs map of Credential's custom properties.

    property name* string

    Name value pairs map of Credential's custom properties.

    credentialLoginInfo ScimCredentialLoginInfo

    SCIM defined complex to hold IDM credential login information. Defined for ScimCredential.

    lastLogin date-time

    Timestamp of last login of user.

    loginSuccessCount int32

    Counter for successful login attempts.

    lastFailure date-time

    Timestamp of last login failure of user.

    loginFailureCount int32

    Counter for failed login attempts.

    policyExtId string

    The external ID of the used policy.

  • ]
    • profiles ScimProfile[]required

    List of assigned profiles to the user. At least one is mandatory.

  • Array [
    • state stringrequired

    Possible values: [ACTIVE, DISABLED, ARCHIVED]

    An enumeration value indicating the profile's administrative status.

    name stringrequired

    Name of the profile.

    remarks string

    Description for the profile.

    extId stringrequired

    External identifier for the profile. Must be unique.

    defaultProfile booleanrequired

    Indicates it is the default profile of user or not. One and only one must true.

    validFrom date-time

    Validity starting timestamp can be defined for the profile.

    validTo date-time

    Validity ending timestamp can be defined for the profile.

    deputedProfileExtId string

    External identifier of deputed profile if exists.

    unitExtId string

    Unit external identifier belonging to the client that the profile refers. By default the configured default unit for the client is used to.

    properties object

    Name value pairs map of Profile's custom properties.

    property name* string

    Name value pairs map of Profile's custom properties.

    idmAuthorizations ScimIdmAuthorization[]required

    IDM role assignments for the profile.

  • Array [
    • extId stringrequired

    External identifier for the enterprise authorization of profile. Must be unique.

    validFrom date-time

    Validity starting timestamp can be defined for the enterprise authorization of profile.

    validTo date-time

    Validity ending timestamp can be defined for the enterprise authorization of profile.

    roleExtId stringrequired

    The assigned role external identifier for the authorization of profile.

    authorizedForAllClients booleanrequired

    The user is authorized to manage all clients in the system.

    authorizedForAllUnits booleanrequired

    The user is authorized to manage all units in the system.

    authorizedForAllApplications booleanrequired

    The user is authorized to manage all applications in the system.

    authorizedForAllEnterpriseRoles booleanrequired

    The user is authorized to manage all enterprise roles in the system.

    authorizedClientExtIds string[]

    The user is authorized to manage the selected clients in case all clients flag is false.

    authorizedApplicationExtIds string[]

    The user is authorized to manage the selected applications in case all applications flag is false.

    authorizedUnitExtIdSetForClients object

    The user is authorized to manage the selected client:units associations in case all units flag is false.

    property name* string[]

    The user is authorized to manage the selected client:units associations in case all units flag is false.

  • Array [

    • string

  • ]
    • authorizedEnterpriseRoleExtIdSetForClients object

    The user is authorized to manage the selected client:enterprise-roles associations in case all roles flag is false.

    property name* string[]

    The user is authorized to manage the selected client:enterprise-roles associations in case all roles flag is false.

  • Array [

    • string

  • ]
  • ]
    • appAuthorizations ScimAppAuthorization[]required

    Application role assignments for the profile.

  • Array [
    • extId stringrequired

    External identifier for the enterprise authorization of profile. Must be unique.

    validFrom date-time

    Validity starting timestamp can be defined for the enterprise authorization of profile.

    validTo date-time

    Validity ending timestamp can be defined for the enterprise authorization of profile.

    roleExtId stringrequired

    The assigned role external identifier for the authorization of profile.

    properties object

    Name value pairs map of Authorization's custom properties.

    property name* string

    Name value pairs map of Authorization's custom properties.

  • ]
    • enterpriseAuthorizations ScimEnterpriseAuthorization[]required

    Enterprise role assignments for the profile.

  • Array [
    • extId stringrequired

    External identifier for the enterprise authorization of profile. Must be unique.

    validFrom date-time

    Validity starting timestamp can be defined for the enterprise authorization of profile.

    validTo date-time

    Validity ending timestamp can be defined for the enterprise authorization of profile.

    roleExtId stringrequired

    The assigned role external identifier for the authorization of profile.

  • ]
  • ]
    • properties object

    Name value pairs map of User's custom properties.

    property name* string

    Name value pairs map of User's custom properties.

    loginInfo ScimLoginInfo

    SCIM defined complex to hold IDM user login information. Defined for ScimUserExtension.

    lastLogin date-time

    Timestamp of last login of user.

    lastFailure date-time

    Timestamp of last login failure of user.

    extensions object

    Possible list of extensions. Only the 'urn:nevis:idm:scim:schemas:v1:extension:User' extension is supported.

    description
    title
Loading...
Last updated on