BrokerDirectorySwitchProvisioningRequestMedia
BrokerDirectorySwitchProvisioningRequestMedia
Represents request details for switching provisioning type
JSON Example
{
"targetProvisioningType": "LDAP",
"brokerDirectoryId": "cb7acbfb-8202-4621-ad51-ade0ad49e2d1",
"preview": false,
"retentionPeriod": "P7D",
"jitPreProvisioningGroups": {
"preProvisionedGroupsEnabled": true,
"preProvisionedGroups": [
{
"domain": "mydomain1.com",
"groups": [
"[ 'group1', 'group2' ]"
]
}
]
},
"directoriesConfiguration": [
{
"ldapDirectoryConfig": {
"name": "example_ldap_dir_config_name",
"domainControllerHost": "string",
"domainControllerPort": 636,
"domainControllerSecondaryHost": "string",
"domainControllerSecondaryPort": 636,
"type": "ACTIVE_DIRECTORY_LDAP",
"certificate": {
"filename": "server.crt",
"certificate": "[\"-----BEGIN CERTIFICATE-----\\n<encoded-certificate>\\n-----END CERTIFICATE-----\\"
},
"secondaryServerCertificate": {
"filename": "server.crt",
"certificate": "[\"-----BEGIN CERTIFICATE-----\\n<encoded-certificate>\\n-----END CERTIFICATE-----\\"
},
"bindDn": "uid=admin,ou=system",
"baseDn": "dc=example,dc=org",
"bindDnPassword": "sample_password",
"directorySearchAttribute": "sAMAccountName",
"communicationMode": "SSL",
"groupsFilterQuery": "(objectClass=group)",
"usersFilterQuery": "(objectClass=user)",
"objectUuidAttribute": "entryUUID",
"bindUserFilterQuery": "(objectClass=user)",
"openLdapConfigurations": {
"directorySearchUserAttribute": "uid",
"directorySearchGroupAttribute": "memberOf",
"uniquelyIdentifiableAttributeForUser": "distinguishedName",
"uniquelyIdentifiableAttributeForGroup": "distinguishedName",
"userMembershipsFilterQuery": "uid",
"membershipAttribute": "member"
},
"provisioningResult": {
"numberOfMismatchUsers": 100,
"numberOfMismatchGroups": 100,
"migrationStatus": "COMPLETED",
"retentionPeriod": "P7D",
"retentionTimeLeft": "P30D",
"identityProviderId": "f4d49163-1cb3-4a8b-b966-03528c747097"
},
"brokerDirectoryId": "cb7acbfb-8202-4621-ad51-ade0ad49e2d1",
"isDomainChanged": false,
"_links": {
"self": {
"href": "https://example.com/path-to-self"
}
},
"id": "5e895ddb-c2ae-414a-9db3-a2d693ee0db1",
"useForAuthentication": true,
"syncProfileConfig": {
"identityInfo": {
"includeNestedGroupsAndMembers": false,
"identityGroupInfo": {
"identityGroupInfo": {
"mappedGroupData": [
{
"mappedGroup": {
"groupName": "groupName",
"dn": "dc=vidb,dc=com",
"objectGuid": "dfd3c968-0b6d-4750-a66e-405d4c04c245",
"groupBaseDN": "CN=Users,DC=vidb,DC=com",
"source": "DIRECTORY",
"isCompliant": false,
"validationResult": {
"invalidAttributes": [
"string"
],
"isDuplicateId": false
}
},
"selected": false
}
],
"numSelected": 1,
"numTotal": 0,
"selected": true
}
},
"identityUserInfo": {
"identityUserInfo": {
"users": [
{
"userId": "2d825955-c4bc-4ea0-8c79-d1a0ed9a9de6",
"user": "John Doe",
"userDn": "CN=Administrator,CN=Users,DC=vidb,DC=com",
"mail": "[email protected]",
"admin": false,
"selected": false
}
],
"numTotal": 0
}
},
"allGroupsSelectedGroupDns": [
"string"
],
"groupNameOnlyGroupDNs": [
"string"
],
"entitledGroupsGroupDNs": [
"string"
]
},
"syncSchedule": {
"frequency": "string",
"dayOfWeek": "string",
"hour": 0,
"minutes": 0,
"seconds": 0
},
"_links": {
"self": {
"href": "https://example.com/path-to-self"
}
}
}
},
"directory": {
"brokerDirectoryId": "cb7acbfb-8202-4621-ad51-ade0ad49e2d1",
"targetDomain": "myDomain.com"
}
}
],
"identityProvider": {
"idpId": "f4d49163-1cb3-4a8b-b966-03528c747097",
"oidcProfile": {
"oidcUserAttributeMapping": {
"email": "user_email"
},
"openIdUserIdentifierAttribute": "sub",
"internalUserIdentifierAttribute": "ExternalId"
},
"samlProfile": {
"samlNameIdUserAttributeMapping": {
"param1": "param1_value"
},
"samlIdentityUserAttributeMapping": {
"samlAttributeFormat": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic",
"samlAttributeName": "uid",
"idmAttribute": "userName"
},
"requestNameIdFormatType": "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
"jitGroupMembershipAttrName": "groups"
}
},
"_links": {
"self": {
"href": "https://example.com/path-to-self"
}
}
}
string
targetProvisioningType
Required
The target provisioning type of the directory
Possible values are :
LDAP,
JIT,
string As uuid
As uuid
brokerDirectoryId
Optional
The unique identifier of the associated SCIM directory
boolean
preview
Optional
If preview is true the switch provisioning process will not be started, only validation of ldap directory configuration will be performed. If there is an error, for example domain mismatch return warning message in the response. If preview is false then start switch provisioning process. Applicable for LDAP provisioning type
string
retentionPeriod
Optional
Retention period if applicable. Defines how many days will have to migrate users and groups after switching provisioning. When the period expires, the users and group that are not migrated will be deleted. Minimum period is 7 days. Maximum period is 30 days.Format spec: https://en.wikipedia.org/wiki/ISO_8601#Durations. Java doc: https://docs.oracle.com/javase/8/docs/api/java/time/Period.html
jitPreProvisioningGroups
Optional
Configuration for JIT pre-provisioning groups
identityProvider
Required
Represents the attribute mapping details for OIDC and SAML Identity Provider
object
_links
Optional
The resource HATEOAS links. Usually includes a "self" link for this resource