Web services API
This API consists of multiple web services, which are grouped
by function. The services are listed alphabetically except the
This service is listed first since it is the first service that is
called by any application. The session object that is returned by
its login method is used as a parameter in all subsequent services.
WSSessionServiceweb service provides authentication, session creation, and password challenge authentication. A client calls
WSSessionServicebefore you start any other web services.
WSSessionServicereturns a session (handle) object that must be passed to the other web service calls to maintain a threaded conversation. The service provides the following operations:
You can also use the
service for other operations.
WSAccessServiceweb service provides the following operations:
- Create a user access.
- Retrieve existing user access of a person.
- Remove user access.
- Search access entitlements available to a person.
- Create and modify accesses.
- Do access searches.
WSAccountServiceweb service provides the following operations to do account-related tasks:
- Create, modify, and other simple account operations.
- Retrieve default account attributes for a new account as specified by the provisioning policy.
- Retrieve the account profile name for a service.
service provides a framework to extend the existing web services that
are used by users. The service provides the users to create an operation
to show a new Identity Manager API.
The detailed steps to create an extension service are specified in
the ITIMWS.odt file, which is in the extensions.zip file.
From the Appliance Dashboard on the Identity Manager virtual appliance console, click . From the All Files tab, go to directories/utilities and download the extensions.zip file and extract it. View the ITIMWS.odt file in \extensions\7.0\doc\ws.
WSGroupServiceweb service provides group management functions. The service provides the following operations:
- Create and remove groups.
- Search groups.
- Manage group membership.
service provides Identity Manager organization
tree traversal and retrieval methods.
WSPasswordServiceweb service provides password management functions. The service provides the following operations:
- Validates the password as per the password policy rules.
- Enables change or generate password.
WSPersonServiceweb service provides person-object related methods. The service provides the following operations:
- Create, modify, suspend, restore, delete, and other simple person operations.
- Retrieve the services to which a person is entitled in Identity Manager or accounts.
- Do person searches.
- Retrieve the person object of the Principal.
WSProvisioningPolicyServiceweb service deals with the provisioning policy. The service provides the following operations:
- Search provisioning policies.
- Create, modify, and delete provisioning policies.
WSRequestServiceweb service provides the Identity Manager request related functions. The service provides the following operations:
- Search for completed requests.
- Retrieve pending requests.
- Retrieve the request object that is based on the process ID or request ID.
WSRoleServiceweb service provides role-based capabilities in the Identity Manager. The service provides the following operations:
- Create and modify roles.
- Do role searches.
- Manage role hierarchy.
WSSearchDataServiceweb service provides functions to search various Identity Manager directory objects. The search method does not enforce the Identity Manager ACIs, but a valid Identity Manager session is required to call these methods. The service provides the following operations:
- Search for persons from
- Search for persons that are having an Identity Manager account.
- Search for the possible delegates within Identity Manager for the logged-in user.
- Retrieve the searchable attributes of an entity in Identity Manager.
- Retrieve common searchable attributes for the Identity Manager entity.
WSServiceServiceweb service provides Identity Manager-based managed services (end-point configuration) functions. The service provides the following operations:
- Retrieve support data. For example, group data for UNIX, Linux®, or Microsoft Windows services.
- Determine whether a password is required when provisioning on a service.
- Retrieve services that are configured on Identity Manager.
WSSharedAccessServiceweb service provides many functions for the shared access module that is introduced in Identity Manager . The web service clients must call the login method before it calls any other web services. The service provides the following operations:
- Retrieve authorized shared accesses.
- Retrieve the credentials.
- Check in or checkout credentials.
WSSystemUserServiceweb service provides the functions that are related to system users. The service provides the following operations:
- Manage delegates, that is, add, modify, or delete delegates.
- Retrieve all the system roles.
- Configure challenge response.
- Search for system users who have an Identity Manager account.
WSToDoServiceweb service provides the functions to manage the different activities available in Identity Manager. The service provides the following operations:
- Approve or reject activities.
- Retrieve or Submit Request for information activity details.
- Retrieve the pending activities of the logged-in user.
WSUnauthServiceweb service provides an interface for all the web service APIs that do not require the Identity Manager authentication. The service provides the following operations:
- Version information.
- Reset password by using the challenge responses.
- Password policies.