Use the Search Users REST Service to search users in the configured
authentication provider (LDAP or OIDC) to add them to the IBM® Guardium® Key Lifecycle Manager server.
- Operation
GET- URL
- https://host:port/GKLM/rest/v1/ckms/usermanagement/search
By default, IBM Guardium Key Lifecycle Manager server
listens to the secure port 9443 (HTTPS) for communication.
During IBM Guardium Key Lifecycle Manager installation, you can modify this
default port.
Request parameters
| Parameter |
Description |
| host |
Specify the IP address or host name of the IBM Guardium Key Lifecycle Manager server. |
| port |
Specify the port number on which the IBM Guardium Key Lifecycle Manager server listens for requests. |
Request Headers
| Header name |
Value |
| Content-Type |
application/json |
| Accept |
application/json |
| Authorization |
SKLMAuth userAuthId=<authIdValue> |
| Accept-Language |
Any valid locale that is supported by IBM Guardium Key Lifecycle Manager. For example, en or
de. |
Request body
| Parameter |
Description |
| name |
Specify the name of the user for which you want to retrieve the
details. |
| partial |
Specify a part of the user name for which you want to retrieve the
details. |
Response Headers
| Header name |
Value and description |
| Status Code |
- 200 OK
- The request was successful. The response body contains the requested representation.
- 400® Bad Request
- The authentication information was not provided in the correct format.
- 401 Unauthorized
- The authentication credentials were missing or incorrect.
- 404 Not Found Error
- The processing of the request fails.
- 500 Internal Server Error
- The processing of the request fails because of an unexpected condition on the server.
|
| Content-Type |
application/json |
| Content-Language |
Locale for the response message. |
Success response body
JSON object with the following specification:
| JSON property name |
Description |
| uid |
Returns the unique identifier of the user. |
| displayName |
Returns the name of the user. |
Error Response Body
JSON object with the following specification.
| JSON property name |
Description |
| code |
Returns the application error code. |
| message |
Returns a message that describes the error. |
Examples
- Service request to search users by name
-
GET https://localhost:port/GKLM/rest/v1/ckms/usermanagement/search?name=user1
-
- Success response
-
Status Code : 200 OK
-
- Response body
-
[
{
"uid": "uid=123,c=in,ou=host,o=ibm.com",
"displayName": "User1"
},
{
"uid": "uid=456,c=in,ou=bluepages,o=ibm.com",
"displayName": "User2"
},
- Service request to search users by partial name
-
https://localhost:port/GKLM/rest/v1/ckms/usermanagement/search?partial=user
-
- Success response
-
Status Code : 200 OK
-
- Response body
-
[
{
"uid": "uid=123,c=in,ou=host,o=ibm.com",
"displayName": "User1"
},
{
"uid": "uid=456,c=in,ou=bluepages,o=ibm.com",
"displayName": "User2"
},
- Invalid service request (when the user has not authenticated)
-
https://localhost:port/GKLM/rest/v1/ckms/usermanagement/search?partial=user
-
- Error response
-
{
"code": "CTGKM6002E",
"message": "CTGKM6002E Bad Request: Invalid user authentication ID or invalid request format."
}
Table 1. Topic
change log
| Date |
Change description |
| 05 Oct 2021 |
Added the Search Users REST Service. |
| 10 Sept 2021 |
Initial version. |