Hi Johann,
I think it would be better to have the options in the deep dive page and
direct to a different page for a developer who wishes to understand how
this feature working with all required configurations as you suggested.
Also, I believe it would be better to reduce the manual configuration steps
where ever we can so that even for a developer, the product would be more
appealing.
Regards,
Sashika
On Sun, Nov 5, 2017 at 11:06 AM, Johann Nallathamby <joh...@wso2.com> wrote:
> Again I think we've missed the point to explain why we need to define
> claims to get this feature working. If that was explained, naturally a user
> will think when he is sending a request using SCIM APIs whether he has
> included these claims also. And then he will follow that by thinking if he
> has done the claim mappings properly; if he understands how IS and claim
> mappings work. Making him understand that is not part of this section; what
> we can do here is, may be link to the section on claim management. This
> will keep this section concise and clear. Because it won't scale if we go
> to give instructions for every protocol/dialect we have. And I think in
> another conversation we said we will remove anything related to APIs from
> the deep dive pages and have it only in the developer section.
>
> If you still think we may need more hand holding of the user then we can
> have a tutorial section for this - "Identity Administration with SCIM".
>
> Regards,
> Johann.
>
> On Fri, Nov 3, 2017 at 9:37 PM, Sathya Bandara <sat...@wso2.com> wrote:
>
>> Hi Sashika,
>>
>> I guess the documentation is missing some configuration details. The
>> askPassword and verifyEmail extension attributes should be configured in
>> $SERVER_HOME/repository/conf/scim-schema-extension.config file in
>> addition to the other extension attributes which are already defined there,
>> as follows.
>>
>> {
>> "attributeURI":"urn:scim:schemas:extension:wso2:1.0:wso2Exte
>> nsion.askPassword",
>> "attributeName":"askPassword",
>> "dataType":"boolean",
>> "multiValued":"false",
>> "multiValuedAttributeChildName":"null",
>> "description":"The User's manager",
>> "schemaURI":"urn:scim:schemas:extension:wso2:1.0",
>> "readOnly":"false",
>> "required":"false",
>> "caseExact":"false",
>> "subAttributes":"null"
>> },
>>
>>
>> {
>> "attributeURI":"urn:scim:schemas:extension:wso2:1.0:wso2Exte
>> nsion.verifyEmail",
>> "attributeName":"verifyEmail",
>> "dataType":"boolean",
>> "multiValued":"false",
>> "multiValuedAttributeChildName":"null",
>> "description":"The User's manager",
>> "schemaURI":"urn:scim:schemas:extension:wso2:1.0",
>> "readOnly":"false",
>> "required":"false",
>> "caseExact":"false",
>> "subAttributes":"null"
>> },
>>
>> These two attributes should be added to the list of subAttributes of the
>> urn:scim:schemas:extension:wso2:1.0 entry which can be find at the end
>> of the scim-schema-extension.config file as shown below.
>>
>> {
>> "attributeURI":"urn:scim:schemas:extension:wso2:1.0",
>> "attributeName":"wso2Extension",
>> "dataType":"null",
>> "multiValued":"false",
>> "multiValuedAttributeChildName":"null",
>> "description":"SCIM wso2 User Schema Extension",
>> "schemaURI":"urn:scim:schemas:extension:wso2:1.0",
>> "readOnly":"false",
>> "required":"false",
>> "caseExact":"false",
>> "subAttributes":"employeeNumber costCenter organization division
>> department manager askPassword verifyEmail"
>> }
>>
>>
>> Also The correct approach to create claim mappings for SCIM extension
>> attributes is by configuring external claims for the default SCIM dialect
>> (scim:schemas:core:1.0) and not by creating a separate dialect for the
>> extension schema (scim:schemas:extension:wso2:1.0:wso2Extension). This
>> is already identified in [1] and the relevant documents has been updated.
>> Please refer Claim Mapping section in [2]. Also I will create a Doc JIRA to
>> improve the documentation with necessary configuration details in [3].
>>
>>
>> [1] https://wso2.org/jira/browse/DOCUMENTATION-4647
>> [2] https://docs.wso2.com/display/IS530/Extensible+SCIM+User+Sch
>> emas+With+WSO2+Identity+Server
>> [3] https://docs.wso2.com/display/IS530/Creating+Users+using+the
>> +Ask+Password+Option
>>
>> Thanks,
>> Sathya
>>
>>
>>
>> On Fri, Nov 3, 2017 at 2:46 PM, Sashika Wijesinghe <sash...@wso2.com>
>> wrote:
>>
>>> Hi All,
>>>
>>> I want to create users with ask password option using SCIM 1.1. I have
>>> configured the server as documented in [1].
>>>
>>> The below curl command is used to create the user. After executing the
>>> curl command, the user created successfully but did not receive any email
>>> notification for the given email address. This works when I created a user
>>> from the management console and SOAP admin service.
>>>
>>> Do we need any further configurations to get this done with SCIM 1.1?
>>>
>>> curl -v -k --user admin:admin --data "{"schemas":[],"userName":"nee
>>> ls","password":"password","wso2Extension":{"askPassword":"tr
>>> ue"},"emails":"sash...@wso2.com"}" --header
>>> "Content-Type:application/json" https://localhost:9444/wso2/scim/Users
>>>
>>> [1] https://docs.wso2.com/display/IS530/Creating+Users+using
>>> +the+Ask+Password+Option
>>>
>>> Thanks
>>> Sashika
>>>
>>>
>>>
>>>
>>> --
>>>
>>> *Sashika WijesingheSoftware Engineer - QA Team*
>>> Mobile : +94 (0) 774537487
>>> sash...@wso2.com
>>>
>>
>>
>>
>> --
>> Sathya Bandara
>> Software Engineer
>> WSO2 Inc. http://wso2.com
>> Mobile: (+94) 715 360 421 <+94%2071%20411%205032>
>>
>> <+94%2071%20411%205032>
>>
>
>
>
> --
> Thanks & Regards,
>
> *Johann Dilantha Nallathamby*
> Senior Lead Solutions Engineer
> WSO2, Inc.
> lean.enterprise.middleware
>
> Mobile - *+94777776950*
> Blog - *http://nallaa.wordpress.com <http://nallaa.wordpress.com>*
>
--
*Sashika WijesingheSoftware Engineer - QA Team*
Mobile : +94 (0) 774537487
sash...@wso2.com
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
