Skip to main content

NETIQ IDM - Boost strap your start with identity application REST API



Boost strap your start with identity application REST API:


If you want to play out with NetIQ rest API within identity application (IDMProv), you can see a few examples here:

 these are the rest API protected by Oauth2 Authorization (resource owner password credentials grant):
The first step is to obtain token: ( you must have enabled client "rbpm" in the OSPF for the resource owner password credential grant) flow:

 An example is taken in c#: (postman)

 Get an access token:

 var client = new RestClient("https://<your host>/osp/a/idm/auth/oauth2/grant");  
 client.Timeout = -1;  
 var request = new RestRequest(Method.POST);  
 request.AddHeader("Content-Type", "application/x-www-form-urlencoded");  
 request.AddHeader("Authorization", "Basic Basic bas64 encoded string clientid<rbpm>:clientsecret>");  
 request.AddHeader("Content-Type", "application/x-www-form-urlencoded");  
 request.AddParameter("grant_type", "password");  
 request.AddParameter("client_id", "rbpm");  
 request.AddParameter("username", "ldap DN of authorizied user");  
 request.AddParameter("password", "ldap password for authorized user");  
 request.AddParameter("client_secret", "password of clientid(rbpm)");  
 IRestResponse response = client.Execute(request);  
 Console.WriteLine(response.Content);

once you acquired access_token;
Use it as a bearer token to test it with getting driver list API

 https://<your host>/IDMProv/rest/admin/driver

 var client = new RestClient("https://<host>/IDMProv/rest/admin/driver");  
 var request = new RestRequest(Method.GET);  
 request.AddHeader("Content-Type", "application/json");  
 request.AddHeader("Authorization", "bearer <acess_token>");  
 IRestResponse response = client.Execute(request);  
 Console.WriteLine(response.Content);

How to get a new access token from refresh token?

 var client = new RestClient("https://<your host>/osp/a/idm/auth/oauth2/grant");  
 client.Timeout = -1;  
 var request = new RestRequest(Method.POST);  
 request.AddHeader("Content-Type", "application/x-www-form-urlencoded");  
 request.AddHeader("Authorization", "Basic bas64 encoded string clientid:clientsecret");  
 request.AddHeader("Content-Type", "application/x-www-form-urlencoded");  
 request.AddParameter("grant_type", "refresh_token");  
 request.AddParameter("client_id", "rbpm");  
 request.AddParameter("client_secret", "secret of rbpm clientid");  
 request.AddParameter("refresh_token", "<refresh_token>");  
 IRestResponse response = client.Execute(request);  
 Console.WriteLine(response.Content);


More info:
https://www.netiq.com/documentation/identity-manager-developer/rest-api-documentation/idmappsdoc/#/




Comments

Post a Comment

Popular posts from this blog

My own developed - Active Directory Cache Inspector for AD Driver Novell Identity manager

Sometimes there is a need for us (Consultants) to see a snapshot of all the changes that happened on the Active directory side while the Novell AD IDM driver was stopped or was not running, before we decide to start the AD driver. Since Novell Identity Manager currently allows us to see all the events which happened in the Identity vault only, but not on the AD side, I decided to write such a tool myself, and of course wanted to share this tool with the consultants/community out there. It's a .NET 2.0 WinForm application, written in C# programming language. To run this tool you should have at minimum: .NET 2.0 framework installed, ( Not supported on the Linux platforms yet) This application must be run under the same user which is configured on the AD driver. Short Tutorial (How To): When you run the application (ADCView.exe), the application automatically discovers the current domain, a domain controller, and default domain naming context in the user logged in domain automatically
Post a Comment
Read more

NetIQ IDM - How to read Component type data from Query nodeset done from command transformation

Suppose query: <do-set-local-variable name="local.sub.ctp.QueryContacts" scope="policy"> <arg-node-set> <token-query class-name="User" scope="entry"> <arg-match-attr name="UPN"> <arg-value type="string"> <token-src-attr class-name="User" name="UPN"/> </arg-value> </arg-match-attr> <arg-match-attr name="contacts"> <arg-value type="string"> <token-text xml:space="preserve">get-contacts</token-text> </arg-value> </arg-match-attr> <arg-match-attr name="userid"> <arg-value type="string"> <token-association/> </arg-value> </arg-match-attr> </token-query> </arg-node-set> </do-set-local-variable> Outpu
Post a Comment
Read more