On Thu, Jul 25, 2019 at 12:39 PM Denuwanthi De Silva <[email protected]> wrote:
> Hi, > > 1. In WSO2 Identity Server, when filtering roles/groups through SCIM API, > internal roles are not filtered. > Ex: internal roles > -*Internal*/system > -*Application*/myapp > > Sample filter request: > *curl -v -k --user admin:admin > 'https://localhost:9443/scim2/Groups?filter=displayName+sw+Application > <https://localhost:9443/scim2/Groups?filter=displayName+sw+Application>'* > > We need to support for above type of filtering. > I suppose for SCIM specification there is no speciality with Internal roles. Hence +1 to support above feature. > > 2. > When considering role types in WSO2 Identity Server. There are mainly 2 > types. > 1.userstore domain based roles ex: PRIMARY/myrole > 2. internal/hybrid roles ex:Application/myapp > > We have introduced a new parameter to filter users and roles using a > 'domain' parameter recently. > > *Ex: curl -v -k --user admin:admin > 'https://localhost:9443/scim2/Groups?filter=displayName+sw+myrole&; > <https://localhost:9443/scim2/Groups?filter=displayName+sw+myrole&;>domain=Primary'* > > Here users and roles can be filtered according to the userstore domain. > > *So, my question is do we have to support this new domain based filter for > internal roles as well?* > *ex: curl -v -k --user admin:admin > 'https://localhost:9443/scim2/Groups?filter=displayName+sw+app&; > <https://localhost:9443/scim2/Groups?filter=displayName+sw+app&;>domain=Application'* > > one concern I have is, > 1.Application domain is not necessarily a userstore domain. Therefore > whether it is correct to mix those domains. > I think better approach is having two type of parameters for user store domains (domain) and for internal roles (say type). But type parameter should be able to support multiple values such as Internal, Application. > > > Please provide your thoughts on this. > > Thanks, > -- > Denuwanthi De Silva > Associate Technical Lead; > WSO2 Inc.; http://wso2.com, > Email: [email protected] > Blog: https://denuwanthi.wordpress.com/ > https://medium.com/@denuwanthi.hasanthika > Contact No: 0771391097 > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- Gayan
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
