-
Notifications
You must be signed in to change notification settings - Fork 23
Janssen User and Group Management using jans cli
scim-cli is bundled with jans-cli and it is useful to perform CRUD operations (create, read, update and delete) on user data. This article focuses on user management using scim-cli. The scim-cli menu has following options:
Main Menu
---------
1 User
2 Group
3 Discovery
4 Fido Devices
5 Fido2 Devices
6 Search
User
----
1 Query User resources (see section 3.4.2 of RFC 7644)
2 Allows creating a User resource via POST (see section 3.3 of RFC 7644)
3 Retrieves a User resource by Id (see section 3.4.1 of RFC 7644)
4 Updates a User resource (see section 3.5.1 of RFC 7644). Update works in a replacement fashion;
every attribute value found in the payload sent will replace the one in the existing resource
representation. Attributes not passed in the payload will be left intact.
5 Deletes a user resource
6 Updates one or more attributes of a User resource using a sequence of additions, removals, and
replacements operations. See section 3.5.2 of RFC 7644
7 Query User resources (see section 3.4.2 of RFC 7644)
To query the details regarding existing user resources select option 1. In this option press enter for all the questions and it will details of all users. Use the count field to limit the number of users to be displayed.
Use option 2 to add new users. In this option just press enter for the id/ inum field as it will be automatically generated. The add user option asks several questions including Id (inum), resourceType, created, lastModified, location, externalId, userName, familyName, givenName, middleName, honorificPrefix, honorificSuffix, formatted, displayName, nickName, profileUrl, title, userType, preferredLanguage, locale, timezone, active [false], password.
It also gives options to add Email, PhoneNumber, InstantMessagingAddress, Photo, Address, Group, Entitlement, Role and X509Certificate.
After getting input for all the questions the CLI will display the input values and take user's confirmation to continue creating the user.
The update and delete user operations uses inum/ id to update/ delete the user.
Group
-----
1 Query Group resources (see section 3.4.2 of RFC 7644)
2 Allows creating a Group resource via POST (see section 3.3 of RFC 7644)
3 Retrieves a Group resource by Id (see section 3.4.1 of RFC 7644)
4 Updates a Group resource (see section 3.5.1 of RFC 7644). Update works in a replacement fashion;
every attribute value found in the payload sent will replace the one in the existing resource
representation. Attributes not passed in the payload will be left intact.
5 Deletes a group resource (see section 3.6 of RFC 7644)
6 Updates one or more attributes of a Group resource using a sequence of additions, removals, and
replacements operations. See section 3.5.2 of RFC 7644
7 Query Group resources (see section 3.4.2 of RFC 7644)
To query the details regarding existing group resources select option 1. In this option press enter for all the questions and it will details of all the existing groups.
Use option 2 to add new gruop. In this option just press enter for the id/ inum field as it will be automatically generated. The add group option asks several questions including id, resourceType, created, lastModified, location, displayName, Add Member($ref, type, display, value), Add another Member?.
After getting input for all the questions the CLI will display the input values and take user's confirmation to continue creating the group.
This sub-menu also has option for update and delete group using id/ inum.