on 08-21-2016 12:40 PM
Hello experts,
Require your assistance in with the following query. We have designed an CUSTOM UI application instead of IDM STD UI for end users.
We have a defined Password reset functionality.
Identity can himself reset his password for the systems he has or his manager can reset his password. this functionality we have defined.
The systems which the identity has is displaying currently. But when we the identity manager try to reset the identity password, the systems lists are displaying the identity managers but not identity.
when investigated further found that we are not passing the identity mskey in the REST API. when i trying to pass, mskey but systems list is not being fetched using doRESTGet method.
Current URI which we are using to retrieve the systems which user is having access to. HEI_IDEN_TEMP_RESET_PWD_REPOSITORIES is a multivalue attriute which holds the systems the user the user is having
/idmrestapi/v2/service/TASK_ATTRIBUTES(ATTRIBUTE_NAME='HEI_IDEN_TEMP_RESET_PWD_REPOSITORIES',TASK_GUID=guid'5796CCF1-0522-4CFE-BAEC-3DFB5DCA22A9')/ALLOWED_VALUES
The above URI is working as expected when identity login and reset the password which he is having but when identity manager logs in try search systems, the manger systems are being displayed but not the identities. when used the below URI there is not response being recieved
idmrestapi/v2/service/ET_MX_PERSON(ID=352,TASK_GUID=guid'5796CCF1-0522-4CFE-BAEC-DFB5DCA22A9')/MV_HEI_IDEN_TEMP_RESET_PWD_REPOSITORIES
Above is the UI task which we are using to retrive the values
Look forward for the assistance
Regards,
DP
Dear Experts,
When checked with SAP they mentioned that, "the standard IdM product does not deliver such UIs
and therefore these must be designed. I am not sure of how the logic of this task MV_PWD_REPOSITORIES has been designed as it is not SAP standard product interface (possibly this is a Rapid Deployment Solution RDS configured in some way)".
Is it possible to add the mskey for the below URI? the below URI is working fine and returning the values, but i wanted it to return based identity mskey.
/idmrestapi/v2/service/TASK_ATTRIBUTES(ATTRIBUTE_NAME='PWD_REPOSITORIES',TASK_GUID=guid'5796CCF1-0522-4CFE-BAEC-3DFB5DCA22A9')/ALLOWED_VALUES
So Can i try the below option does it work?
/idmrestapi/v2/service/ALLOWED_VALUES?$filter=ATTRIBUTE_NAME eq 'PWD_REPOSITORIES' and TASK_GUID eq guid'35B264BF-A75A-447D-A4EA-7894725245CE' and UserMskey eq '"+mskey+"'";
Regards,
DP
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi DB,
as you have mentioned, you receive the values of the value help for that attribute to determine the users systems. So I guess in the query of the value help for this attribute, the %ADMINMSKEY% is used - which is the person which is opening the form - or %MSKEY% is used, which is ther person the form is opened for.
In your case it would need to be %MSKEY% and you actually need to add the MSKEY of the user to the URL - otherwise the system thinks it is the user calling the API - which is the manager.
You have to add UserMskey = <MSKEY of the user> to the URL which you use to receive the value help.
Regards
Norman
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Norman,
Thanks for your response. Yes norman we tried to add the user mskey to the URI but its not returning any values. Below is the one which i tried
idmrestapi/v2/service/ET_MX_PERSON(ID=352,TASK_GUID=guid'5796CCF1-0522-4CFE-BAEC-DFB5DCA22A9')/MV_HEI_IDEN_TEMP_RESET_PWD_REPOSITORIES
Regards,
DP
while using this i am not receiving any records.
/idmrestapi/v2/service/ET_MX_PERSON(ID=3689,TASK_GUID=guid'5796CCF1-0522-4CFE-BAEC-DFB5DCA22A9')/MV_HEI_IDEN_TEMP_RESET_PWD_REPOSITORIES
Above is the ui task which we are referring too. When checked in the browser
the response for the URI is null.
Regards,
DP
User | Count |
---|---|
84 | |
10 | |
10 | |
9 | |
7 | |
6 | |
6 | |
5 | |
4 | |
4 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.