Re: [Dev][IS][APIM] Providing a SCIM Id for admin user in SCIM

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Re: [Dev][IS][APIM] Providing a SCIM Id for admin user in SCIM

Bhathiya Jayasekara
Hi Isura,

On Tue, Jun 13, 2017 at 10:31 AM, Isura Karunaratne <[hidden email]> wrote:
Hi Tharika, 

On Mon, Jun 12, 2017 at 2:25 PM, Tharika Madurapperuma <[hidden email]> wrote:
Hi All,

   In APIM 3.0, we plan to have a feature for enabling Read, Update, Delete permissions for an API based on roles in API Publisher. For user validation purposes, we need to retrieve the list of roles for the loggedin user. This role list is retrieved using the user's SCIM Id. But since the admin user by default does not have an ID as per [1] and is not regarded as a SCIM user, we wont be able to retrieve the list of roles for the admin.

   There are two possible options for making this work.

   Option 1: Either from APIM 3.0 side we should make a call to the SCIM endpoint and update the admin user to have a SCIM ID as in [1], preferably during startup or
   Option 2: We can make the admin user have an Id by default from SCIM Implementation in IS.

   If we go with Option 1, it amounts to an additional call to the SCIM endpoint to update the user and a question arises as to where we should be updating it. The SCIM Id for the admin user is needed only in this scenario for retrieving roles currently, hence updating the admin user during startup is questionable.

   IMO Option 2 is preferrable because it will not result in an additional update as in Option 1 above.


   Will there be any plans to include this capability in IS 5.4.0?
This capability will not include in IS 5.4.0 release, if this is urgent, we can prioritize

Please do include. Otherwise we'll have to do hacks to get the basic functionalitties working for the default (admin) user.



   [1] [Dev] [IS] Admin/Tenant Admin Users cannot be filtered to get the SCIM ID


Tharika Madurapperuma
Software Engineer | WSO2, Inc.

Mobile : <a href="tel:+94%2077%20787%205624" value="+94777875624" target="_blank">+94777875624

Isura Dilhara Karunaratne
Senior Software Engineer | WSO2
Mob : <a href="tel:077%20225%204810" value="+94772254810" target="_blank">+94 772 254 810

Bhathiya Jayasekara
Associate Technical Lead,
WSO2 inc.,

Phone: +94715478185

Architecture mailing list
[hidden email]