idaas.nl

Users

There is no absolute need to create users on your idaas.nl tenant. In a federated setup you might want to rely on third parties for providing user data, such as ADFS, Google, Facebook or Microsoft.

On idaas.nl you can manage users via the graphical user interface and via the SCIM 2.0 api.

This documentation only describes how to manage users via SCIM 2.0.

SCIM 2.0 provides many possibilities for eaching. The example below provides an overview of the capabilities.

GET /api/scim/v2/Users?sortBy=id&sortOrder=descending&count=20&startIndex=0&filter=emails.value%20co%20%22ri%22 HTTP/1.1
Host: login.manage.idaas.nl
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6IjZiMmU0Y2M2OThiMmQ5ZGQ5ZmIzNDUzMTMzYjM4YTc0M2MyYmNiNTNhMGRkN2NkNzg2Yzc0NmFiYWZmNzMxZWZkNDgxNDJkNWFlZGVkZGRhIn0.eyJhdWQiOiI4ZWMzM2RiZi1kZDZlLTQxNDctYmYyMS0xZWNkM2MzNmUzMTEiLCJqdGkiOiI2YjJlNGNjNjk4YjJkOWRkOWZiMzQ1MzEzM2IzOGE3NDNjMmJjYjUzYTBkZDdjZDc4NmM3NDZhYmFmZjczMWVmZDQ4MTQyZDVhZWRlZGRkYSIsImlhdCI6MTU3OTU0ODY5NiwibmJmIjoxNTc5NTQ4Njk2LCJleHAiOjE1Nzk1NTIyOTUsInN1YiI6IjhmYThiYmUxLTg2OGUtNDVjZC1iMDI1LTBlMTgzYWU3YWE2ZCIsInNjb3BlcyI6WyJvcGVuaWQiLCJhcHBsaWNhdGlvbnM6bWFuYWdlIl19.KSKcExtSjwK7vNspfBLEAZgXFNwUgITwgTK66dYJc0b649aewr8Os2fZNSykljl4bvj5xPT7f7uoiNyajladSu175jZWU-j0Otb57EyGVvA-Sn6Zt5zWHVMaqnsrwrcKs4LGhBW21PB0WEXbSFfHGP72PTHAGbr8DqYS6J0wiyfA1omMzWlVTp2-jVBk_TOHUDohSQtJ9w_7e8mej1EnoyJonksp9-DN36oMR95DQLeid47IXqg265z5PdQT95YDbvn1yWrB9jsRmwhFYt_AiZQqOvQKTF2jQ9Uy25hFQ2h25hQyJ2mMamOI77pkyF64STWCTX84GiSJWgfQy4OfPQ

Create

Create an user by executing a POST HTTP request to the designated endpoint.

POST /api/scim/v2/Users HTTP/1.1
Host: login.manage.idaas.nl
content-type: application/scim+json
Authorization: Bearer ...

{
    "schemas": [
        "urn:ietf:params:scim:schemas:core:2.0:User"
    ],
    "urn:ietf:params:scim:schemas:core:2.0:User": {
        "userName": "johndoe",
        "password": "password123",
        "active": false,
        "emails": [
            {
                "value": "johndoe@example.com"
            }
        ]
    }
}

Update

For updating an user you can choose between PATCH and PUT requests. The first allows updating a single attribute. The latter allows replacing the complete User object. Depending on your use case you should pick one of them, or in some scenarios, use both.

Example for how to activate the user created in the previous example with PUT.

PUT /api/scim/v2/Users/8624242 HTTP/1.1
Host: login.manage.idaas.nl
content-type: application/scim+json
Authorization: Bearer ...

{
    "schemas": [
        "urn:ietf:params:scim:schemas:core:2.0:User"
    ],
    "urn:ietf:params:scim:schemas:core:2.0:User": {
        "userName": "johndoe",
        "password": "password123",
        "active": true,
        "emails": [
            {
                "value": "johndoe@example.com"
            }
        ]
    }
}

Delete

DELETE /api/scim/v2/Users/8fa8bc07-3c93-4d11-a3f5-c843436da9e4 HTTP/1.1
Host: login.manage.idaas.nl
Authorization: Bearer ...

A deleted user cannot be restored. Therefore, it is sometimes better to choose to de-activate an user instead.

Attributes

Both when creating and updating a user you may provide a set of attributes. Out of the box, idaas.nl supports the following attributes.

User Name

A username the user can log in with.

urn:ietf:params:scim:schemas:core:2.0:User:userName

Display Name

Shown in the user listing.

E-mail

Used to log in

Phone number

Retrievable via the scope `phone.

Extra identifier

User Metadata

Active

Preferred Language

Roles

Multi-factor authentication

Group memberships

Set a new password

Groups