Hi, 1. In WSO2 Identity Server, when filtering roles/groups through SCIM API, internal roles are not filtered. Ex: internal roles -*Internal*/system -*Application*/myapp
Sample filter request: *curl -v -k --user admin:admin 'https://localhost:9443/scim2/Groups?filter=displayName+sw+Application <https://localhost:9443/scim2/Groups?filter=displayName+sw+Application>'* We need to support for above type of filtering. 2. When considering role types in WSO2 Identity Server. There are mainly 2 types. 1.userstore domain based roles ex: PRIMARY/myrole 2. internal/hybrid roles ex:Application/myapp We have introduced a new parameter to filter users and roles using a 'domain' parameter recently. *Ex: curl -v -k --user admin:admin 'https://localhost:9443/scim2/Groups?filter=displayName+sw+myrole&; <https://localhost:9443/scim2/Groups?filter=displayName+sw+myrole&;>domain=Primary'* Here users and roles can be filtered according to the userstore domain. *So, my question is do we have to support this new domain based filter for internal roles as well?* *ex: curl -v -k --user admin:admin 'https://localhost:9443/scim2/Groups?filter=displayName+sw+app&; <https://localhost:9443/scim2/Groups?filter=displayName+sw+app&;>domain=Application'* one concern I have is, 1.Application domain is not necessarily a userstore domain. Therefore whether it is correct to mix those domains. Please provide your thoughts on this. Thanks, -- Denuwanthi De Silva Associate Technical Lead; WSO2 Inc.; http://wso2.com, Email: denuwan...@wso2.com Blog: https://denuwanthi.wordpress.com/ https://medium.com/@denuwanthi.hasanthika Contact No: 0771391097
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
