Azure Active Directory SCIM 映射
[英]Azure Active Directory SCIM Mapping
问题描述
I am trying to implement SCIM in AAD and am having a hard time mapping the fields.
我正在尝试在 AAD 中实现 SCIM 并且很难映射字段。 When a user is added to a group.将用户添加到组时。 In this example i want the following to happen:在这个例子中,我希望发生以下情况:
(pretty much what scim does) (几乎是 scim 所做的)
User is provisioned, the user is created.
提供用户,创建用户。User deprovisioned, user deleted
用户已取消配置,用户已删除User is added to group, the group changes
用户添加到组,组更改User is removed from group, the group changes.
用户从组中删除,组更改。
here is the api information这是api信息
getUsers获取用户
Method: get方法: get
URL: /scim/v2/Users?filter=userName+eq+%22example%40example.com%22网址:/ /scim/v2/Users?filter=userName+eq+%22example%40example.com%22
response:回复:
{
"totalResults": 1,
"startIndex": 1,
"itemsPerPage": 1,
"schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ],
"Resources": [
{
"emails": [ { "value": "example@example.com" } ],
"appGroups": [ "Unicorn Team" ],
"schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User" ],
"name": { "familyName": "Family", "givenName": "Given" }, // SCIM requires names, but no real names are stored; you'll always get back these placeholder values
"active": true,
"id": "example@example.com",
"userName": "example@example.com",
"status": "success"
},
... // more users
]
}
addUsers添加用户
Method: post方法: post
url /scim/v2/Users网址/scim/v2/Users
body身体
{
"userName": "example@example.com",
"appGroups": [ "Unicorn Team", "Rainbow Team" ],
"active": true
}
response:回复:
{
"emails": [
{
"value": "example@example.com"
}
],
"appGroups": [
"Unicorn Team",
"Rainbow Team"
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"name": {
"familyName": "Family",
"givenName": "Given"
},
"active": true,
"id": "example@example.com",
"userName": "example@example.com",
"status": "success"
}
User Config:用户配置:
"users": [
{
"email": "example@example.com",
"groups": ["Unicorn Team", "Rainbow Team"]
},
],
"groups": [
{
name: "Unicorn Team",
},
{
name: "Rainbow Team",
},
{
name: "X",
},
{
name: "Y",
},
{
name: "Z",
},
]
putUsers放置用户
method: put方法: put
URL: /scim/v2/Users/example%40example.com网址: /scim/v2/Users/example%40example.com
body:身体:
{
"userName": "example@example.com",
"appGroups": [ "Unicorn Team", "X" ],
"active": true
}
User Config:用户配置:
"users": [
{
"email": "example@example.com",
"groups": ["Unicorn Team", "X"]
},
],
"groups": [
{
name: "Unicorn Team",
},
{
name: "Rainbow Team",
},
{
name: "X",
},
{
name: "Y",
},
{
name: "Z",
},
]
patchUsers补丁用户
method: patch方法: patch
URL: /scim/v2/Users/example%40example.com网址: /scim/v2/Users/example%40example.com
body:身体:
{
"active": false
}
response:回复:
{
"emails": [
{
"value": "example@example.com"
}
],
"appGroups": [
"Unicorn Group"
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"name": {
"familyName": "Family",
"givenName": "Given"
},
"active": false,
"id": "example@example.com",
"userName": "example@example.com",
"status": "success"
}
User Config用户配置
"users": [
],
"groups": [
{
name: "Unicorn Team",
},
{
name: "Rainbow Team",
},
{
name: "X",
},
{
name: "Y",
},
{
name: "Z",
},
]
Azure Docs: https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups Azure 文档: https : //docs.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups
1 个解决方案
解决方案1
0 2021-11-30 22:33:59
In order to add user to group in SCIM AZURE AD implementation, you have to implement /Groups endpoint, as appears here:为了在 SCIM AZURE AD 实现中将用户添加到组,您必须实现 /Groups 端点,如下所示:
https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups#update-group-add-members HTTP Patch request as appears in the reference. https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups#update-group-add-members出现的 HTTP 补丁请求在参考。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.