Skip to content
This repository has been archived by the owner on Oct 12, 2022. It is now read-only.

Janssen User and Group Management using jans cli

Jump to bottom
HemantKMehta edited this page Jan 29, 2021 · 7 revisions

scim-cli is bundled with jans-cli and it is useful to perform CRUD operations (create, read, update and delete) on user data. This article focuses on user management using scim-cli. The scim-cli menu has following options:

 Main Menu

 ---------

 1 User

 2 Group

 3 Discovery

 4 Fido Devices

 5 Fido2 Devices

 6 Search

The User sub-menu has following options:

User
----
1 Query User resources (see section 3.4.2 of RFC 7644)
2 Allows creating a User resource via POST (see section 3.3 of RFC 7644)
3 Retrieves a User resource by Id (see section 3.4.1 of RFC 7644)
4 Updates a User resource (see section 3.5.1 of RFC 7644). Update works in a replacement fashion; 
  every attribute value found in the payload sent will replace the one in the existing resource 
  representation. Attributes not passed in the payload will be left intact.
5 Deletes a user resource
6 Updates one or more attributes of a User resource using a sequence of additions, removals, and 
  replacements operations. See section 3.5.2 of RFC 7644
7 Query User resources (see section 3.4.2 of RFC 7644)

To query the details regarding existing user resources select option 1. In this option press enter for all the questions and it will display details of all the existing users. Use the count field to limit the number of users to be displayed.

Use option 2 to add new users. In this option just press enter for the id/ inum field as it will be automatically generated. The add user option asks several questions including Id (inum), resourceType, created, lastModified, location, externalId, userName, familyName, givenName, middleName, honorificPrefix, honorificSuffix, formatted, displayName, nickName, profileUrl, title, userType, preferredLanguage, locale, timezone, active [false], password.

It also gives options to add Email, PhoneNumber, InstantMessagingAddress, Photo, Address, Group, Entitlement, Role and X509Certificate.

After getting input for all the questions the CLI will display the input values and take user's confirmation to continue creating the user.

The update and delete user operations uses inum/ id to update/ delete the user.

The Group sub-menu has following options:

Group
-----
1 Query Group resources (see section 3.4.2 of RFC 7644)
2 Allows creating a Group resource via POST (see section 3.3 of RFC 7644)
3 Retrieves a Group resource by Id (see section 3.4.1 of RFC 7644)
4 Updates a Group resource (see section 3.5.1 of RFC 7644). Update works in a replacement fashion;
  every attribute value found in the payload sent will replace the one in the existing resource 
  representation. Attributes not passed in the payload will be left intact.
5 Deletes a group resource (see section 3.6 of RFC 7644)
6 Updates one or more attributes of a Group resource using a sequence of additions, removals, and 
  replacements operations. See section 3.5.2 of RFC 7644
7 Query Group resources (see section 3.4.2 of RFC 7644)

To query the details regarding existing group resources select option 1. In this option press enter for all the questions and it will display details of all the existing groups.

Use option 2 to add new gruop. In this option just press enter for the id/ inum field as it will be automatically generated. The add group option asks several questions including id, resourceType, created, lastModified, location, displayName, Add Member($ref, type, display, value), Add another Member?.

After getting input for all the questions the CLI will display the input values and take user's confirmation to continue creating the group.

This sub-menu also has option for update and delete group using id/ inum.

Clone this wiki locally