Configuring the Identity Access API
Steps
-
Ensure that you have run the
scim-config-ds.dsconfig
script to configure the SCIM interface. Be sure to enable the entryDN virtual attribute. -
Set a combination of properties to allow the SCIM clients access to the raw LDAP data:
include-ldap-objectclass
,exclude-ldap-objectclass
,include-ldap-base-dn
, orexclude-ldap-base-dn
.Example:
$ bin/dsconfig set-http-servlet-extension-prop \ --extension-name SCIM --set 'include-ldap-objectclass:*' \ --set include-ldap-base-dn:ou=People,dc=example,dc=com
Result:
The SCIM clients now have access to the raw LDAP data via LDAP object class-based resources as well as core SCIM resources as defined in the
scim.resource.xml
file.