Again I think we've missed the point to explain why we need to define
claims to get this feature working. If that was explained, naturally a user
will think when he is sending a request using SCIM APIs whether he has
included these claims also. And then he will follow that by thinking if he
has done the claim mappings properly; if he understands how IS and claim
mappings work. Making him understand that is not part of this section; what
we can do here is, may be link to the section on claim management. This
will keep this section concise and clear. Because it won't scale if we go
to give instructions for every protocol/dialect we have. And I think in
another conversation we said we will remove anything related to APIs from
the deep dive pages and have it only in the developer section.
If you still think we may need more hand holding of the user then we can
have a tutorial section for this - "Identity Administration with SCIM".
Regards,
Johann.
On Fri, Nov 3, 2017 at 9:37 PM, Sathya Bandara <sat...@wso2.com> wrote:
> Hi Sashika,
>
> I guess the documentation is missing some configuration details. The
> askPassword and verifyEmail extension attributes should be configured in
> $SERVER_HOME/repository/conf/scim-schema-extension.config file in
> addition to the other extension attributes which are already defined there,
> as follows.
>
> {
> "attributeURI":"urn:scim:schemas:extension:wso2:1.0:
> wso2Extension.askPassword",
> "attributeName":"askPassword",
> "dataType":"boolean",
> "multiValued":"false",
> "multiValuedAttributeChildName":"null",
> "description":"The User's manager",
> "schemaURI":"urn:scim:schemas:extension:wso2:1.0",
> "readOnly":"false",
> "required":"false",
> "caseExact":"false",
> "subAttributes":"null"
> },
>
>
> {
> "attributeURI":"urn:scim:schemas:extension:wso2:1.0:
> wso2Extension.verifyEmail",
> "attributeName":"verifyEmail",
> "dataType":"boolean",
> "multiValued":"false",
> "multiValuedAttributeChildName":"null",
> "description":"The User's manager",
> "schemaURI":"urn:scim:schemas:extension:wso2:1.0",
> "readOnly":"false",
> "required":"false",
> "caseExact":"false",
> "subAttributes":"null"
> },
>
> These two attributes should be added to the list of subAttributes of the
> urn:scim:schemas:extension:wso2:1.0 entry which can be find at the end of
> the scim-schema-extension.config file as shown below.
>
> {
> "attributeURI":"urn:scim:schemas:extension:wso2:1.0",
> "attributeName":"wso2Extension",
> "dataType":"null",
> "multiValued":"false",
> "multiValuedAttributeChildName":"null",
> "description":"SCIM wso2 User Schema Extension",
> "schemaURI":"urn:scim:schemas:extension:wso2:1.0",
> "readOnly":"false",
> "required":"false",
> "caseExact":"false",
> "subAttributes":"employeeNumber costCenter organization division
> department manager askPassword verifyEmail"
> }
>
>
> Also The correct approach to create claim mappings for SCIM extension
> attributes is by configuring external claims for the default SCIM dialect
> (scim:schemas:core:1.0) and not by creating a separate dialect for the
> extension schema (scim:schemas:extension:wso2:1.0:wso2Extension). This is
> already identified in [1] and the relevant documents has been updated.
> Please refer Claim Mapping section in [2]. Also I will create a Doc JIRA to
> improve the documentation with necessary configuration details in [3].
>
>
> [1] https://wso2.org/jira/browse/DOCUMENTATION-4647
> [2] https://docs.wso2.com/display/IS530/Extensible+SCIM+User+
> Schemas+With+WSO2+Identity+Server
> [3] https://docs.wso2.com/display/IS530/Creating+Users+using+
> the+Ask+Password+Option
>
> Thanks,
> Sathya
>
>
>
> On Fri, Nov 3, 2017 at 2:46 PM, Sashika Wijesinghe <sash...@wso2.com>
> wrote:
>
>> Hi All,
>>
>> I want to create users with ask password option using SCIM 1.1. I have
>> configured the server as documented in [1].
>>
>> The below curl command is used to create the user. After executing the
>> curl command, the user created successfully but did not receive any email
>> notification for the given email address. This works when I created a user
>> from the management console and SOAP admin service.
>>
>> Do we need any further configurations to get this done with SCIM 1.1?
>>
>> curl -v -k --user admin:admin --data "{"schemas":[],"userName":"nee
>> ls","password":"password","wso2Extension":{"askPassword":"
>> true"},"emails":"sash...@wso2.com"}" --header
>> "Content-Type:application/json" https://localhost:9444/wso2/scim/Users
>>
>> [1] https://docs.wso2.com/display/IS530/Creating+Users+using
>> +the+Ask+Password+Option
>>
>> Thanks
>> Sashika
>>
>>
>>
>>
>> --
>>
>> *Sashika WijesingheSoftware Engineer - QA Team*
>> Mobile : +94 (0) 774537487
>> sash...@wso2.com
>>
>
>
>
> --
> Sathya Bandara
> Software Engineer
> WSO2 Inc. http://wso2.com
> Mobile: (+94) 715 360 421 <+94%2071%20411%205032>
>
> <+94%2071%20411%205032>
>
--
Thanks & Regards,
*Johann Dilantha Nallathamby*
Senior Lead Solutions Engineer
WSO2, Inc.
lean.enterprise.middleware
Mobile - *+94777776950*
Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
