Web services API
This API consists of multiple web services, which are grouped by function. The services
are listed alphabetically except the WSSessionService
. This service is listed first
since it is the first service that is called by any application. The session object that is returned
by its login method is used as a parameter in all subsequent services.
WSSessionService
The
WSSessionService
web service provides authentication, session creation, and
password challenge authentication. A client calls WSSessionService
before you start
any other web services. WSSessionService
returns a session (handle) object that
must be passed to the other web service calls to maintain a threaded conversation. The service
provides the following operations:- Login.
- Logout.
You can also use the WSUnauthService
web service for other operations.
WSAccessService
The
WSAccessService
web service provides the following operations:- Create a user access.
- Retrieve existing user access of a person.
- Remove user access.
- Search access entitlements available to a person.
- Create and modify accesses.
- Do access searches.
WSAccountService
The
WSAccountService
web service provides the following operations to do
account-related tasks:- Create, modify, and other simple account operations.
- Retrieve default account attributes for a new account as specified by the provisioning policy.
- Retrieve the account profile name for a service.
WSExtensionService
The
WSExtensionService
web service provides a framework to extend the existing
web services that are used by users. The service provides the users to create an operation to show a
new Identity Manager API. The
detailed steps to create an extension service are specified in the IMWS.pdf
file. The file is located in the following locations:- Software stack deployments
-
The file is in the IM_INSTALL_DIR/extensions/10.0/doc/ws directory. IM_INSTALL_DIR is the directory where Identity Manager is installed.
WSGroupService
The
WSGroupService
web service provides group management functions. The service
provides the following operations:- Create and remove groups.
- Search groups.
- Manage group membership.
WSOrganizationalContainerService
The WSOrganizationalContainerService
web service provides Identity Manager organization tree
traversal and retrieval methods.
WSPasswordService
The
WSPasswordService
web service provides password management functions. The
service provides the following operations:- Validates the password as per the password policy rules.
- Enables change or generate password.
WSPersonService
The
WSPersonService
web service provides person-object related methods. The
service provides the following operations:- Create, modify, suspend, restore, delete, and other simple person operations.
- Retrieve the services to which a person is entitled in Identity Manager or accounts.
- Do person searches.
- Retrieve the person object of the Principal.
WSProvisioningPolicyService
The
WSProvisioningPolicyService
web service deals with the provisioning policy.
The service provides the following operations:- Search provisioning policies.
- Create, modify, and delete provisioning policies.
WSRequestService
The
WSRequestService
web service provides the Identity Manager request related
functions. The service provides the following operations:- Search for completed requests.
- Retrieve pending requests.
- Retrieve the request object that is based on the process ID or request ID.
WSRoleService
The
WSRoleService
web service provides role-based capabilities in the Identity Manager. The service provides
the following operations:- Create and modify roles.
- Do role searches.
- Manage role hierarchy.
WSSearchDataService
The
WSSearchDataService
web service provides functions to search various
Identity Manager directory
objects. The search method does not enforce the Identity Manager ACIs, but a valid
Identity Manager session is
required to call these methods. The service provides the following operations:- Search for persons from
root
container. - Search for persons that are having an Identity Manager account.
- Search for the possible delegates within Identity Manager for the logged-in user.
- Retrieve the searchable attributes of an entity in Identity Manager.
- Retrieve common searchable attributes for the Identity Manager entity.
WSServiceService
The
WSServiceService
web service provides Identity Manager-based managed services
(end-point configuration) functions. The service provides the following operations: - Retrieve support data. For example, group data for UNIX, Linux®, or Microsoft Windows services.
- Determine whether a password is required when provisioning on a service.
- Retrieve services that are configured on Identity Manager.
WSSystemUserService
The
WSSystemUserService
web service provides the functions that are related to
system users. The service provides the following operations:- Manage delegates, that is, add, modify, or delete delegates.
- Retrieve all the system roles.
- Configure challenge response.
- Search for system users who have an Identity Manager account.
WSToDoService
The
WSToDoService
web service provides the functions to manage the different
activities available in Identity Manager. The service provides the following operations:- Approve or reject activities.
- Retrieve or Submit Request for information activity details.
- Retrieve the pending activities of the logged-in user.
WSUnauthService
The
WSUnauthService
web service provides an interface for all the web service
APIs that do not require the Identity Manager authentication. The service provides the following operations:- Version information.
- Reset password by using the challenge responses.
- Password policies.