Search Users REST Service

Use the Search Users REST Service to search users in the configured authentication provider (LDAP or OIDC) to add them to the IBM® Security Guardium® Key Lifecycle Manager server.

Operation
GET
URL
https://host:port/SKLM/rest/v1/ckms/usermanagement/search

By default, Guardium Key Lifecycle Manager server listens to the secure port 9443 (HTTPS) for communication. During IBM Security Guardium Key Lifecycle Manager installation, you can modify this default port.

Request

Request parameters
Parameter Description
host Specify the IP address or host name of the IBM Security Guardium Key Lifecycle Manager server.
port Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests.
Request Headers
Header name Value
Content-Type application/json
Accept application/json
Authorization SKLMAuth userAuthId=<authIdValue>
Accept-Language Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example, en or de.
Request body
Parameter Description
name Specify the name of the user for which you want to retrieve the details.
partial Specify a part of the user name for which you want to retrieve the details.

Response

Response Headers
Header name Value and description
Status Code
200 OK
The request was successful. The response body contains the requested representation.
400 Bad Request
The authentication information was not provided in the correct format.
401 Unauthorized
The authentication credentials were missing or incorrect.
404 Not Found Error
The processing of the request fails.
500 Internal Server Error
The processing of the request fails because of an unexpected condition on the server.
Content-Type application/json
Content-Language Locale for the response message.
Success response body

JSON object with the following specification:

JSON property name Description
uid Returns the unique identifier of the user.
displayName Returns the name of the user.
Error Response Body

JSON object with the following specification.

JSON property name Description
code Returns the application error code.
message Returns a message that describes the error.

Examples

Service request to search users by name
GET https://localhost:port/SKLM/rest/v1/ckms/usermanagement/search?name=user1
Success response
Status Code : 200 OK
Response body
[
  {
    "uid": "uid=123,c=in,ou=host,o=ibm.com",
    "displayName": "User1"
  },
  {
    "uid": "uid=456,c=in,ou=bluepages,o=ibm.com",
    "displayName": "User2"
  },
Service request to search users by partial name
https://localhost:port/SKLM/rest/v1/ckms/usermanagement/search?partial=user
Success response
Status Code : 200 OK
Response body
[
  {
    "uid": "uid=123,c=in,ou=host,o=ibm.com",
    "displayName": "User1"
  },
  {
    "uid": "uid=456,c=in,ou=bluepages,o=ibm.com",
    "displayName": "User2"
  },
Invalid service request (when the user has not authenticated)
https://localhost:port/SKLM/rest/v1/ckms/usermanagement/search?partial=user
Error response
{
  "code": "CTGKM6002E",
  "message": "CTGKM6002E Bad Request: Invalid user authentication ID or invalid request format."
}
Table 1. Topic change log
Date Change description
05 Oct 2021 Added the Search Users REST Service.
10 Sept 2021 Initial version.