Web services API

This API consists of multiple web services, which are grouped by function. The services are listed alphabetically except the WSSessionService. This service is listed first since it is the first service that is called by any application. The session object that is returned by its login method is used as a parameter in all subsequent services.

WSSessionService

The WSSessionService web service provides authentication, session creation, and password challenge authentication. A client calls WSSessionService before you start any other web services. WSSessionService returns a session (handle) object that must be passed to the other web service calls to maintain a threaded conversation. The service provides the following operations:
  • Login.
  • Logout.

You can also use the WSUnauthService web service for other operations.

WSAccessService

The WSAccessService web service provides the following operations:
  • Create a user access.
  • Retrieve existing user access of a person.
  • Remove user access.
  • Search access entitlements available to a person.
The service provides following operations:
  • Create and modify accesses.
  • Do access searches.

WSAccountService

The WSAccountService web service provides the following operations to do account-related tasks:
  • Create, modify, and other simple account operations.
  • Retrieve default account attributes for a new account as specified by the provisioning policy.
  • Retrieve the account profile name for a service.

WSExtensionService

The WSExtensionService web service provides a framework to extend the existing web services that are used by users. The service provides the users to create an operation to show a new Security Identity Manager API. The detailed steps to create an extension service are specified in the ITIMWS.odt file, which is in the extensions.zip file.

From the Appliance Dashboard on the IBM® Security Identity Manager virtual appliance console, click Configure > Advanced Configuration > Custom File Management. From the All Files tab, go to directories/utilities and download the extensions.zip file and extract it. View the ITIMWS.odt file in \extensions\7.0\doc\ws.

WSGroupService

The WSGroupService web service provides group management functions. The service provides the following operations:
  • Create and remove groups.
  • Search groups.
  • Manage group membership.

WSOrganizationalContainerService

The WSOrganizationalContainerService web service provides Security Identity Manager organization tree traversal and retrieval methods.

WSPasswordService

The WSPasswordService web service provides password management functions. The service provides the following operations:
  • Validates the password as per the password policy rules.
  • Enables change or generate password.

WSPersonService

The WSPersonService web service provides person-object related methods. The service provides the following operations:
  • Create, modify, suspend, restore, delete, and other simple person operations.
  • Retrieve the services to which a person is entitled in Security Identity Manager or accounts.
  • Do person searches.
  • Retrieve the person object of the Principal.

WSProvisioningPolicyService

The WSProvisioningPolicyService web service deals with the provisioning policy. The service provides the following operations:
  • Search provisioning policies.
  • Create, modify, and delete provisioning policies.

WSRequestService

The WSRequestService web service provides the Security Identity Manager request related functions. The service provides the following operations:
  • Search for completed requests.
  • Retrieve pending requests.
  • Retrieve the request object that is based on the process ID or request ID.

WSRoleService

The WSRoleService web service provides role-based capabilities in the Security Identity Manager. The service provides the following operations:
  • Create and modify roles.
  • Do role searches.
  • Manage role hierarchy.

WSSearchDataService

The WSSearchDataService web service provides functions to search various Security Identity Manager directory objects. The search method does not enforce the Security Identity Manager ACIs, but a valid Security Identity Manager session is required to call these methods. The service provides the following operations:
  • Search for persons from root container.
  • Search for persons that are having an Security Identity Manager account.
  • Search for the possible delegates within Security Identity Manager for the logged-in user.
  • Retrieve the searchable attributes of an entity in Security Identity Manager.
  • Retrieve common searchable attributes for the Security Identity Manager entity.

WSServiceService

The WSServiceService web service provides Security Identity Manager-based managed services (end-point configuration) functions. The service provides the following operations:
  • Retrieve support data. For example, group data for UNIX, Linux®, or Microsoft Windows services.
  • Determine whether a password is required when provisioning on a service.
  • Retrieve services that are configured on Security Identity Manager.

WSSystemUserService

The WSSystemUserService web service provides the functions that are related to system users. The service provides the following operations:
  • Manage delegates, that is, add, modify, or delete delegates.
  • Retrieve all the system roles.
  • Configure challenge response.
  • Search for system users who have an Security Identity Manager account.

WSToDoService

The WSToDoService web service provides the functions to manage the different activities available in Security Identity Manager. The service provides the following operations:
  • Approve or reject activities.
  • Retrieve or Submit Request for information activity details.
  • Retrieve the pending activities of the logged-in user.

WSUnauthService

The WSUnauthService web service provides an interface for all the web service APIs that do not require the Security Identity Manager authentication. The service provides the following operations:
  • Version information.
  • Reset password by using the challenge responses.
  • Password policies.