stackoom
  简体   繁体   中英

How to validate ask password confirmation code wso2 SCIM 2 API

 原文  2020-03-16 10:22:10       wso2/ wso2-identity-server

Question

I am using SCIM api for registering a user

curl -v -k --user admin:admin --data '{"schemas":[],"name":{"familyName":"Smith","givenName":"Paul"},"userName":"Paul","password":"password","emails":[{"primary":true,"value":"paul@somemail.com"}],"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User":{askPassword:"true"}}' --header "Content-Type:application/json" https://localhost:9443/scim2/Users

I got a

Create Password for New Account

email to my primary email address with a confirmation code.

How to validate this confirmation code with wso2is using SCIM 2?

In REST API there is an option to validate code .

I tried REST API

curl -k -v -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d '{ "code": "84325529-8aa7-4851-8751-5980a7f2d9f7","properties": []}' "https://localhost:9443/api/identity/user/v1.0/validate-code"

it returns in case of invalid code

{
    "code": "18001",
    "message": "Bad Request",
    "description": "Invalid Code '84325529-8aa7-4851-8751-5980a7f2d9f7'"
}

in the case valid code it returns

{
    "code": "18001",
    "message": "Bad Request",
    "description": "Invalid Code '%s.'"
}

no console error

Validate code worked with REST API work flow

3 answers

solution1
 1  2020-03-16 10:45:55

There is no such SCIM APIs in WSO2 Identity Server to validate the confirmation codes. WSO2 Identity Server has a soap API (UserInformationRecoveryService-verifyConfirmationCode) and a REST API (/validate-code) that can fulfill your requirement.

You can find the SOAP API here .

solution2
 1  2020-12-30 12:09:40

I am editing my answer here since I talked with the developers and I realised there is a different API that you need to use for validating the confirmation code: documentation .

So you need to send the following request:

curl -k -v -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d '{ "code": "84325529-8aa7-4851-8751-5980a7f2d9f7","step": "UPDATE_PASSWORD","properties": []}' "https://localhost:9443/api/identity/recovery/v0.9/validate-code"

and the response should be

"HTTP/1.1 202 Accepted"

I tried it and it works.

solution3
 0  2022-08-29 19:45:33

Note: if you are using SCIM identity through a system like a self-managed GitLab, GitLab 15.3 (August 2022) offers a better integration:

User SCIM identity visible in UI

Previously, the SCIM identity for a user could only be accessed using the SCIM API .

Now, a user's SCIM identity is visible to GitLab administrators in the Identities tab of the User list. With this, troubleshooting of SCIM-related issues is simplified. Administrators can validate what identity, if any, is being used for a specific account without requiring GitLab Support or an API query.

See Documentation and Issue .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How create user in wso2 is via scim2 api with external claims& How to extend user schema using WSO2 charon scim library Unable to validate account confirmation in WSO2 version 6.0 Unable to create user in WSO2 IS via SCIM2 API with external claims In WSO2 IS 5.9.0 how to configure Password Policies And Login Policies with help of an API? In wso2 IS XACML policy how to validate role and its permissions WSO2 API Manager, Websocket API how to disable the security How to ADD an API on WSO2 API Manager 3.1.0? How to Get List of Possible Policies from WSO2 API manager How to handle content-length header in wso2 api manager
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM