Use the Search Users REST Service to search users in the configured
authentication provider (LDAP or OIDC) to add them to the IBM® Security Guardium® Key Lifecycle Manager server.
- Operation
GET
- URL
- https://host:port/SKLM/rest/v1/ckms/usermanagement/search
By default, Guardium Key Lifecycle Manager server
listens to the secure port 9443 (HTTPS) for communication.
During IBM Security Guardium Key Lifecycle Manager installation, you can modify this
default port.
Request parameters
Parameter |
Description |
host |
Specify the IP address or host name of the IBM Security Guardium Key Lifecycle Manager server. |
port |
Specify the port number on which the IBM Security Guardium Key Lifecycle Manager server listens for requests. |
Request Headers
Header name |
Value |
Content-Type |
application/json |
Accept |
application/json |
Authorization |
SKLMAuth userAuthId=<authIdValue> |
Accept-Language |
Any valid locale that is supported by IBM Security Guardium Key Lifecycle Manager. For example, en or
de. |
Request body
Parameter |
Description |
name |
Specify the name of the user for which you want to retrieve the
details. |
partial |
Specify a part of the user name for which you want to retrieve the
details. |
Response Headers
Header name |
Value and description |
Status Code |
- 200 OK
- The request was successful. The response body contains the requested representation.
- 400 Bad Request
- The authentication information was not provided in the correct format.
- 401 Unauthorized
- The authentication credentials were missing or incorrect.
- 404 Not Found Error
- The processing of the request fails.
- 500 Internal Server Error
- The processing of the request fails because of an unexpected condition on the server.
|
Content-Type |
application/json |
Content-Language |
Locale for the response message. |
Success response body
JSON object with the following specification:
JSON property name |
Description |
uid |
Returns the unique identifier of the user. |
displayName |
Returns the name of the user. |
Error Response Body
JSON object with the following specification.
JSON property name |
Description |
code |
Returns the application error code. |
message |
Returns a message that describes the error. |
Examples
- Service request to search users by name
-
GET https://localhost:port/SKLM/rest/v1/ckms/usermanagement/search?name=user1
-
- Success response
-
Status Code : 200 OK
-
- Response body
-
[
{
"uid": "uid=123,c=in,ou=host,o=ibm.com",
"displayName": "User1"
},
{
"uid": "uid=456,c=in,ou=bluepages,o=ibm.com",
"displayName": "User2"
},
- Service request to search users by partial name
-
https://localhost:port/SKLM/rest/v1/ckms/usermanagement/search?partial=user
-
- Success response
-
Status Code : 200 OK
-
- Response body
-
[
{
"uid": "uid=123,c=in,ou=host,o=ibm.com",
"displayName": "User1"
},
{
"uid": "uid=456,c=in,ou=bluepages,o=ibm.com",
"displayName": "User2"
},
- Invalid service request (when the user has not authenticated)
-
https://localhost:port/SKLM/rest/v1/ckms/usermanagement/search?partial=user
-
- Error response
-
{
"code": "CTGKM6002E",
"message": "CTGKM6002E Bad Request: Invalid user authentication ID or invalid request format."
}
Table 1. Topic
change log
Date |
Change description |
05 Oct 2021 |
Added the Search Users REST Service. |
10 Sept 2021 |
Initial version. |