Note: this component stores cluster-wide configuration data and is mirrored across all servers in the topology within the the same cluster.
Note: changes to cluster-wide configuration objects are immediately and automatically mirrored across all servers within the same cluster, so offline changes are not supported.
Pass Through SCIM Resource Types expose a primary Store Adapter's data as core attributes of a SCIM 2.0 resource and expose each secondary Store Adapter's data as schema extensions whose attributes are namespaced by the schema's URI. If a referenced Store Adapter exposes a schema, that schema will be advertised as the core and/or extension schemas for the SCIM Resource Type. All schema enforcement is the responsibility of the Store Adapters.
↓Direct Subcomponents
↓Parent Component
↓Properties
↓dsconfig Usage
The following Pass Through SCIM Resource Types are available in the server :
These Pass Through SCIM Resource Types inherit from the properties described below.
The Pass Through SCIM Resource Type component inherits from the SCIM Resource Type
The properties supported by this managed object are as follows:
General Configuration Basic Properties: | Advanced Properties: |
---|---|
↓ description | None |
↓ enabled | |
↓ endpoint | |
↓ primary-store-adapter | |
↓ id-attribute | |
↓ lookthrough-limit | |
↓ schema-checking-option | |
Authorization and Policies Basic Properties: | Advanced Properties: |
None | ↓ disable-response-processing |
Property Group | General Configuration |
Description | A description for this SCIM Resource Type |
Default Value | None |
Allowed Values | A string |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | Indicates whether the SCIM Resource Type is enabled. If a SCIM Resource Type is not enabled, then its contents are not accessible when processing operations. |
Default Value | None |
Allowed Values | true false |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | The HTTP addressable endpoint of this SCIM Resource Type relative to the '/scim/v2' base URL. Do not include a leading '/'. |
Default Value | None |
Allowed Values | A HTTP addressable endpoint consisting only of letters, digits, '_' and '-' characters. |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | The primary Store Adapter to persist the data for this SCIM Resource Type. |
Default Value | None |
Allowed Values | The DN of any Store Adapter. The referenced Store Adapter must be enabled when this SCIM Resource Type is enabled. |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | Specifies the primary store adapter attribute to use as the value for the SCIM object ID. The object ID is a unique, immutable identifier for fetch, update and delete operations on an object. An object ID is obtained from an attribute value of the primary Store Adapter when a new object is created and this value is subsequently used to identify the object. Ideally, the object ID should be an immutable attribute. The 'entryUUID' attribute is a good choice for an LDAP Store Adapter. The 'entryDN' attribute may be used instead, however the LDAP entry DN is not immutable. It is also possible to specify the name of some other attribute provided during a create operation. A consideration in this latter case is that store adapter objects not created through the Store Adapter interface may not have a value for the ID attribute and cannot be managed through the Store Adapter. |
Default Value | entryUUID |
Allowed Values | The name of a store adapter attribute for the primary store adapter. |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | The maximum number of resources that the SCIM Resource Type should "look through" in the course of processing a search request. This setting is provided as a way to bound the upper-limit on searches, so that clients do not exhaust the server resources. Every search operation requires that the full result set be passed through the policy engine to determine which subset of resources will be returned. This is also important in order to provide the client with paging information, such as how many total results they are allowed to access. If the number of raw search results for a given request exceeds this value, an error will be returned to the client indicating that the search matched too many results. |
Default Value | 500 |
Allowed Values | An integer value. Lower limit is 1. Upper limit is 100000 . |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | Options to alter the way schema checking is performed during create or modify requests. |
Default Value | None |
Allowed Values | allow-undefined-attributes - Allow undefined attributes in the SCIM resource. The default SCIM 2.0 compliant behavior is to reject create or modify requests containing undefined attributes. allow-undefined-sub-attributes - Allow undefined sub-attributes in one or more values of a complex attribute. SCIM 2.0 compliant behavior is to reject create or modify requests containing undefined sub-attributes. |
Multi-Valued | Yes |
Required | No |
Admin Action Required | None. Modification requires no further action |
disable-response-processing (Advanced Property)
Property Group | Authorization and Policies |
Description | Prevents the SCIM service from performing policy processing for responses. For create, modify, and replace requests, this will skip the subsequent "retrieve" policy call, always returning the created/modified resource after performing the operation. For search requests, this will skip the search result processing and return the list as it was received from the backend server. |
Default Value | false |
Allowed Values | true false |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
To list the configured SCIM Resource Types:
dsconfig list-scim-resource-types [--property {propertyName}] ...
To view the configuration for an existing SCIM Resource Type:
dsconfig get-scim-resource-type-prop --type-name {name} [--tab-delimited] [--script-friendly] [--property {propertyName}] ...
To update the configuration for an existing SCIM Resource Type:
dsconfig set-scim-resource-type-prop --type-name {name} (--set|--add|--remove) {propertyName}:{propertyValue} [(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To create a new Pass Through SCIM Resource Type:
dsconfig create-scim-resource-type --type-name {name} --type pass-through --set enabled:{propertyValue} --set endpoint:{propertyValue} --set primary-store-adapter:{propertyValue} [--set {propertyName}:{propertyValue}] ...
To delete an existing SCIM Resource Type:
dsconfig delete-scim-resource-type --type-name {name}