[英]Azure Active Directory SCIM Mapping
我正在嘗試在 AAD 中實現 SCIM 並且很難映射字段。 將用戶添加到組時。 在這個例子中,我希望發生以下情況:
(幾乎是 scim 所做的)
提供用戶,創建用戶。
用戶已取消配置,用戶已刪除
用戶添加到組,組更改
用戶從組中刪除,組更改。
這是api信息
獲取用戶
方法: get
網址:/ /scim/v2/Users?filter=userName+eq+%22example%40example.com%22
回復:
{
"totalResults": 1,
"startIndex": 1,
"itemsPerPage": 1,
"schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ],
"Resources": [
{
"emails": [ { "value": "example@example.com" } ],
"appGroups": [ "Unicorn Team" ],
"schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User" ],
"name": { "familyName": "Family", "givenName": "Given" }, // SCIM requires names, but no real names are stored; you'll always get back these placeholder values
"active": true,
"id": "example@example.com",
"userName": "example@example.com",
"status": "success"
},
... // more users
]
}
添加用戶
方法: post
網址/scim/v2/Users
身體
{
"userName": "example@example.com",
"appGroups": [ "Unicorn Team", "Rainbow Team" ],
"active": true
}
回復:
{
"emails": [
{
"value": "example@example.com"
}
],
"appGroups": [
"Unicorn Team",
"Rainbow Team"
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"name": {
"familyName": "Family",
"givenName": "Given"
},
"active": true,
"id": "example@example.com",
"userName": "example@example.com",
"status": "success"
}
用戶配置:
"users": [
{
"email": "example@example.com",
"groups": ["Unicorn Team", "Rainbow Team"]
},
],
"groups": [
{
name: "Unicorn Team",
},
{
name: "Rainbow Team",
},
{
name: "X",
},
{
name: "Y",
},
{
name: "Z",
},
]
放置用戶
方法: put
網址: /scim/v2/Users/example%40example.com
身體:
{
"userName": "example@example.com",
"appGroups": [ "Unicorn Team", "X" ],
"active": true
}
用戶配置:
"users": [
{
"email": "example@example.com",
"groups": ["Unicorn Team", "X"]
},
],
"groups": [
{
name: "Unicorn Team",
},
{
name: "Rainbow Team",
},
{
name: "X",
},
{
name: "Y",
},
{
name: "Z",
},
]
補丁用戶
方法: patch
網址: /scim/v2/Users/example%40example.com
身體:
{
"active": false
}
回復:
{
"emails": [
{
"value": "example@example.com"
}
],
"appGroups": [
"Unicorn Group"
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"name": {
"familyName": "Family",
"givenName": "Given"
},
"active": false,
"id": "example@example.com",
"userName": "example@example.com",
"status": "success"
}
用戶配置
"users": [
],
"groups": [
{
name: "Unicorn Team",
},
{
name: "Rainbow Team",
},
{
name: "X",
},
{
name: "Y",
},
{
name: "Z",
},
]
Azure 文檔: https : //docs.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups
為了在 SCIM AZURE AD 實現中將用戶添加到組,您必須實現 /Groups 端點,如下所示:
https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups#update-group-add-members出現的 HTTP 補丁請求在參考。
Azure Active Directory SCIM:取消配置組的成員不起作用
[英]Azure Active Directory SCIM: Deprovision member of a group not working
Workday 到 On-Prem Active Directory:多值屬性從 Workday 通過 Azure 同步到通過 SCIM 的 On-prem AD 的問題
[英]Workday to On-Prem Active Directory: Issue with Multi-valued attributes syncing from Workday through Azure to On-prem AD via SCIM
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.