### Start MidPoint (Linux) Source: https://github.com/evolveum/midpoint/blob/master/docs/deployment/stand-alone-deployment.adoc Use this script to start the MidPoint server on Linux/UNIX systems. Ensure you are in the installation directory. ```bash bin/start.sh ``` -------------------------------- ### Example: Get All Server Certificates in the Chain Source: https://github.com/evolveum/midpoint/blob/master/docs/security/crypto/ssl-connections-client-side-.adoc This example demonstrates retrieving the full certificate chain for 'google.com'. It includes the certificate details and the verification status, highlighting a common 'self signed certificate in certificate chain' error. ```bash openssl s_client -showcerts -servername google.com -connect google.com:443 Loading 'screen' into random state - done CONNECTED(00000260) depth=2 /C=US/O=Google Trust Services LLC/CN=GTS Root R1 verify error:num=20:unable to get local issuer certificate verify return:0 --- Certificate chain 0 s:/CN=*.google.com i:/C=US/O=Google Trust Services LLC/CN=GTS CA 1C3 -----BEGIN CERTIFICATE----- MIIPKDCCDhCgAwIBAgIQXZPVtDG27jgQT6mqCHHkAzANBgkqhkiG9w0BAQsFADBG MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM QzETMBEGA1UEAxMKR1RTIENBIDFDMzAeFw0yNDAyMTkwODAzNTRaFw0yNDA1MTMw ODAzNTNaMBcxFTATBgNVBAMMDCouZ29vZ2xlLmNvbTCCASIwDQYJKoZIhvcNAQEB BQADggEPADCCAQoCggEBAM13e70d+ZprybekMI9Vh+kanYwTAUYy0ziIpayXrSgf fCQLYi6WdoiGpL76ATZ1Nah3xonRK2VLo7SIMdztsBUfa6Pv0PrsJa34qc2ipr95 4K9NhUAI6dv1ka7qqAvYOIP4yQwIbFZs5b7YMr0LbvS29V3qnev7IT/Rpe1n2+nL R8DPXPYHuKtaIJTmBJ6zegf2v4x/G6MHlKQ+xMwkpoNCyqkKYRidy2f/ENxTZIFn Gq9nbebTzAozvTjYzwT/s2x1nRiGNhdcMp4pTeszmjQ9co/SBIyL2pGef39iw20p TfwYPGi1WG9kuFKkNUNzfhppQ9e5CNskKi0wM3BJE1sCAwEAAaOCDD8wggw7MA4G A1UdDwEB/wQEAwIFoDATBgNVHSUEDDAKBggrBgEFBQcDATAMBgNVHRMBAf8EAjAA MB0GA1UdDgQWBBSW6bOCv2Afuev4kI1nRbhRWOBz1DAfBgNVHSMEGDAWgBSKdH+v c3ulc09nNDiRhTzcTUdJzBqBggrBgEFBQcBAQReMFwwJwYIKwYBBQUHMAGGG2h0 dHA6Ly9vY3NwLnBraS5nb29nL2d0czFjMzAxBggrBgEFBQcwAoYlaHR0cDovL3Br aS5nb29nL3JlcG8vY2VydHMvZ3RzMWMzLmRlcjCCCe8GA1UdEQSCCeYwggniggwq Lmdvb2dsZS5jb22CFiouYXBwZW5naW5lLmdvb2dsZS5jb22CCSouYmRuLmRldoIV Ki5vcmlnaW4tdGVzdC5iZG4uZGV2ghIqLmNsb3VkLmdvb2dsZS5jb22CGCouY3Jv d2Rzb3VyY2UuZ29vZ2xlLmNvbYIYKi5kYXRhY29tcHV0ZS5nb29nbGUuY29tggsq Lmdvb2dsZS5jYYILKi5nb29nbGUuY2yCDiouZ29vZ2xlLmNvLmlugg4qLmdvb2ds ZS5jby5qcIIOKi5nb29nbGUuY28udWuCDyouZ29vZ2xlLmNvbS5hcoIPKi5nb29n bGUuY29tLmJ1gg8qLmdvb2dsZS5jb20uY24IPKi5nb29nbGUuY29tLm14gg8qLmdv b2dsZS5jb20udHKCDyouZ29vZ2xlLmNvbS52boILKi5nb29nbGUuZGWCCyouZ29v Z2xlLmVzggsqLmdvb2dsZS5mcoILKi5nb29nbGUuaHWCCyouZ29vZ2xlLml0ggsq Lmdvb2dsZS5ubIILKi5nb29nbGUucGyCCyouZ29vZ2xlLnB0gg8qLmdvb2dsZWFw aXMuY26CESouZ29vZ2xldmlkZW8uY29tggwqLmdzdGF0aWMuY26CECouZ3N0YXRp Yy1jbi5jb22CD2dvb2dsZWN0bmFwcHMuY26CEWdvb2dsZWFwcHMtY24uY29tghMq Lmdvb2dsZWFwcHMtY24uY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmN1 ghJnb29nbG Vkb3dubG9hZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNh cHRjaGEubmV0LmNughIqLnJlY2FwdGNoYS5uZXQuY26CEHJlY2FwdGNoYS1jbi5u ZXSCEioucmVjYXB0Y2hhLWNuLm5ldIILZ29vZ2xlY25hcHBzLmNvbYIUKi5nb29n bGVjbmFwcHMuY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29n bG Vkb3dubG9hZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEu bmV0LmNughIqLnJlY2FwdGNoYS5uZXQuY26CEHJlY2FwdGNoYS1jbi5uZXSCEiou cmVjYXB0Y2hhLWNuLm5ldIILZ29vZ2xlY25hcHBzLmNvbYIUKi5nb29nbGVjbmFw cHMuY29tggxna2VjbmFwcHMuY26CDiouZ2tlY25hcHBzLmNughJnb29nbGVkb3du bG9hZHMuY26CFCouZ29vZ2xlZG93bmxvYWRzLmNughByZWNhcHRjaGEubmV0LmNu ghIqLnJlY2FwdGNoYS5uZXQuY26CEHJlY2FwdGNoYS1jbi5uZXSCEioucmVjYXB0 Y2hhLWNuLm5ldIIWZ29vZ2xlYW5hbHl0aWNzLWNuLmNvbYIYKi5nb29nbGVhbmFs eXRpY3MtY24uY29tghVnb29nbGVhZHNlcnZpY2VzLWNuLmNvbYIaKi5nb29nbGVh ZHNlcnZpY2VzLWNuLmNvbYIRZ29vZ2xldmFkcy1jbi5jb22CEyouZ29vZ2xldmFk cy1jbi5jb22CFWdvb2dsZW9wdGltaXplLWNuLmNvbYIXKi5nb29nbGVvcHRpbWl6 ZS1jbi5jb22CEmRvdWJsZWNsaWNrLWNuLm5ldIIUKi5kb3VibGVjbGljay1jbi5u ZXSCGCouZmxzLmRvdWJsZWNsaWNrLWNuLm5ldIIWKi5nLmRvdWJsZWNsaWNrLWNu Lm5ldIIOZG91YmxlY2xpY2suY26CECouZG91YmxlY2xpY2suY26CFCouZmxzLmRv dWJsZWNsaWNrLmNughIqLmcuZG91YmxlY2xpY2suY26CEWRhcnRzZWFyY2gtY24u bmV0ghMqLmRhcnRzZWFyY2gtY24ubmV0gh1nb29nbGV0cmF2ZWxhZHNlcnZpY2Vz LWNuLmNvbYIfKi5nb29nbGV0cmF2ZWxhZHNlcnZpY2VzLWNuLmNvbYIYZ29vZ2xl dGFnc2VydmljZXMtY24uY29tghoqLmdvb2dsZXRhZ3NlcnZpY2VzLWNuLmNvbYIX Z29vZ2xldGFnbWFuYWdlci1jbi5jb22CGSouZ29vZ2xldGFnbWFuYWdlci1jbi5j b22CGGdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIaKi5nb29nbGVzeW5kaWNhdGlv bi1jbi5jb22CJCouc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLWNuLmNvbYIW YXBwLW1lYXN1cmVtZW50LWNuLmNvbYIYKi5hcHAtbWVhc3VyZW1lbnQtY24uY29t ggtndnQxLWNuLmNvbYINKi5ndnQxLWNuLmNvbYILZ3Z0Mi1jbi5jb22CDSouZ3Z0 Mi1jbi5jb22CCzJtZG4tY24ubmV0gg0qLjJtZG4tY24ubmV0ghRnb29nbGVmbGln aHRzLWNuLm5ldIIWKi5nb29nbGVmbGlnaHRzLWNuLm5ldIIIMmFkbW9iLWNuLmNv bYIOKi5hZG1vYi1jbi5jb22CFGdvb2dsZXNhbmRib3gtY24uY29tghQqLmdvb2ds ZXNhbmRib3gtY24uY29tgh5zYWZlbnVwLmdvb2dsZXNhbmRib3gtY24uY29tgg0q LmdzdGF0aWMuY29tgg4qLm1ldHJpYy5nc3RhdGljLmNvbYIKKi5ndnQxLmNvbQES Ki5nY3BjZG4uZ3Z0MS5jb20KCiouZ3Z0Mi5jb20KDiouZ2NwLmR2dDIuY29t ``` -------------------------------- ### Example Output of Get Resource Object Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/examples/raw/get-resource.adoc This is a sample JSON output for a retrieved resource object. Note that some properties may be omitted for brevity. ```json { "resource" : { "oid" : "ef2bc95b-76e0-59e2-86d6-9999cccccccc", "version" : "1", "name" : "Test CSV: username", "description" : "Simple CSV resource that is using single identifier (username)", "metadata" : {}, "operationExecution" : {}, "iteration" : 0, "iterationToken" : "", "connectorRef" : { "oid" : "01aa0a9e-dfe0-47c8-8fca-4446894a348c", "relation" : "org:default", "type" : "c:ConnectorType", "filter" : { "equal" : { "path" : "c:connectorType", "value" : "com.evolveum.polygon.connector.csv.CsvConnector" } } }, "connectorConfiguration" : { "@ns" : "http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3", "configurationProperties" : { "@ns" : "http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.connector-csv/com.evolveum.polygon.connector.csv.CsvConnector", "multivalueDelimiter" : ";", "fieldDelimiter" : ",", "filePath" : "target/midpoint.csv", "encoding" : "utf-8", "passwordAttribute" : "password", "uniqueAttribute" : "username" } }, "schemaHandling" : { "objectType" : { "@id" : 1, "displayName" : "Default Account", "default" : true, "objectClass" : "ri:AccountObjectClass", "attribute" : [ { "@id" : 2, "ref" : "ri:username", "outbound" : { "source" : { "path" : "$user/name" } } }, { "@id" : 3, "ref" : "ri:firstname", "outbound" : { "source" : { "path" : "$user/givenName" } } }, { "@id" : 4, "ref" : "ri:lastname", "outbound" : { "source" : { "path" : "$user/familyName" } } } ], "activation" : { "administrativeStatus" : { "outbound" : { "@id" : 5 } } }, "credentials" : { "password" : { "outbound" : { "@id" : 6 } } } } }, "capabilities" : { "configured" : { "activation" : { "status" : { "attribute" : "ri:disabled", "enableValue" : "false", "disableValue" : "true" } } } } } } ``` -------------------------------- ### Get User Object Example Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/endpoints/users.adoc Example of retrieving a single user object by its OID using the REST API. This is a standard GET operation. ```http GET /users/00000000-0000-0000-0000-000000000001 ``` -------------------------------- ### Example Native Repository Configuration Source: https://github.com/evolveum/midpoint/blob/master/docs/repository/configuration.adoc An example XML configuration for setting up a native midPoint repository, including database connection details. ```xml ${midpoint.home}/import native <1> jdbc:postgresql://localhost:5432/midpoint midpoint password ``` -------------------------------- ### Get Role Object Example Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/endpoints/roles.adoc Example of fetching a single specific role object, in this case, the 'End user' role. This is a GET operation. ```curl curl -X GET -H "Accept: application/json" "http://localhost:8080/midpoint/ws/rest/roles/00000000-0000-0000-0000-000000000008" ``` -------------------------------- ### Print Help for All Commands Source: https://github.com/evolveum/midpoint/blob/master/docs/deployment/ninja/command/help.adoc Use this command to display general options and a list of all available commands. ```bash ./bin/ninja.sh help ``` -------------------------------- ### Get Operation Response Example Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/get-op-rest.adoc An example JSON response for a GET operation, illustrating the structure of user data including OID, name, assignments, and references. ```json { "user" : { "oid" : "00000000-0000-0000-0000-000000000002", "name" : "administrator", "indestructible" : true, "assignment" : [ { "@id" : 1, "identifier" : "superuserRole", "targetRef" : { "oid" : "00000000-0000-0000-0000-000000000004", "relation" : "org:default", "type" : "c:RoleType" }, "activation" : { "effectiveStatus" : "enabled" } }, { "@id" : 2, "identifier" : "archetype", "targetRef" : { "oid" : "00000000-0000-0000-0000-000000000300", "relation" : "org:default", "type" : "c:ArchetypeType" }, "activation" : { "effectiveStatus" : "enabled" } } ], "iteration" : 0, "iterationToken" : "", "archetypeRef" : { "oid" : "00000000-0000-0000-0000-000000000300", "relation" : "org:default", "type" : "c:ArchetypeType" }, "roleMembershipRef" : [ { "oid" : "00000000-0000-0000-0000-000000000300", "relation" : "org:default", "type" : "c:ArchetypeType" }, { ``` -------------------------------- ### System Configuration XML Example Source: https://github.com/evolveum/midpoint/blob/master/docs/concepts/system-configuration-object.adoc An example of the System Configuration object in XML format, including logging settings. ```xml SystemConfiguration File Appender INFO %date [%thread] %-5level (%logger{46}): %message%n target/test.log true ``` -------------------------------- ### Example ModuleSaml2KeyStoreKeyType Configuration Source: https://github.com/evolveum/midpoint/blob/master/docs/security/authentication/flexible-authentication/modules/saml2.adoc Shows how to configure a key using a KeyStore for SAML2 authentication. This includes paths, passwords, and aliases for accessing the private key. ```xml /home/lskublik/keyStore "password of keyStore" sp-signing-key-1 "password of private key" ``` -------------------------------- ### Get Case Object Example Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/endpoints/cases.adoc Example of how to retrieve a single specific Case object using the REST API. ```http GET /midpoint/ws/rest/cases/ ``` -------------------------------- ### Run Task Example (cURL) Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/task-specific-op-rest.adoc Example using cURL to run a task immediately. Ensure you have the correct authorization and content type headers. ```bash #!/bin/bash # Example: Run task with OID 12345678-1234-1234-1234-123456789012 immediately # Replace with your Midpoint server details and credentials MIDPOINT_HOST="localhost:8080" TASK_OID="12345678-1234-1234-1234-123456789012" USERNAME="admin" PASSWORD="password" # Base64 encode username:password AUTH_TOKEN=$(echo -n "$USERNAME:$PASSWORD" | base64) curl -X POST \ -H "Authorization: Basic $AUTH_TOKEN" \ -H "Content-Type: application/json" \ -H "Accept: application/json" \ "http://$MIDPOINT_HOST/midpoint/ws/rest/tasks/$TASK_OID/run" ``` -------------------------------- ### Example JAR Creation Output Source: https://github.com/evolveum/midpoint/blob/master/docs/resources/asynchronous/outbound/configuration/index.adoc This is the expected output when running the 'jar cvf jndi-config.jar jndi.properties' command. It confirms the JAR file creation and the inclusion of the properties file. ```text $ jar cvf jndi-config.jar jndi.properties added manifest adding: jndi.properties(in = 201) (out= 136)(deflated 32%) ``` -------------------------------- ### Start MidPoint (Windows) Source: https://github.com/evolveum/midpoint/blob/master/docs/deployment/stand-alone-deployment.adoc Use this batch script to start the MidPoint server on Windows systems. Ensure you are in the installation directory. ```batch bin\start.bat ``` -------------------------------- ### Search All System Configuration Objects Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/endpoints/system-configurations.adoc Example of how to search for all system configuration objects. This snippet is included from a separate file and demonstrates a common search operation. ```http GET /midpoint/rest/systemConfigurations Host: midpoint.example.com:8080 Accept: application/json ``` -------------------------------- ### YAML Query Filter Example Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/index.adoc An example of a query filter in YAML format to search for users whose names start with 'a'. ```yaml query: filter: text: "name startsWith \"a\"" ``` -------------------------------- ### XML Query Filter Example Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/index.adoc An example of a query filter in XML format to search for users whose names start with 'a'. ```xml name startsWith "a" ``` -------------------------------- ### Initial Projector Context Dump Source: https://github.com/evolveum/midpoint/blob/master/docs/diag/troubleshooting/mappings/index.adoc This is an example of a Model Context dump for the projector, showing projection values and credentials for a specific resource. Examine this output for the state of computation. ```log ---[ PROJECTOR (INITIAL) context projection values and credentials of resource:10000000-0000-0000-0000-000000000204(Dummy Resource Blue)(default) ]-------------------------------- ``` -------------------------------- ### JSON Query Filter Example Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/index.adoc An example of a query filter in JSON format to search for users whose names start with 'a'. ```json { "query": { "filter": { "text": "name startsWith \"a\"" } } } ``` -------------------------------- ### Search All Connectors Example Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/endpoints/connectors.adoc Example demonstrating how to search for all connector objects. This operation is useful for retrieving a comprehensive list of available connectors. ```curl curl -v -u aadmin@evolveum.com:password --header "Content-Type: application/json" --header "Accept: application/json" -X POST -d @search-all-connectors.json https://localhost:8080/midpoint/ws/rest/connectors/search ``` -------------------------------- ### Get Users Value Policy Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/examples/raw/user-get-value-policy.adoc This example demonstrates how to retrieve the value policy for a given user ID using a GET request. ```APIDOC ## GET /midpoint/ws/rest/users/{userId}/policy ### Description Retrieves the value policy associated with a specific user. ### Method GET ### Endpoint /midpoint/ws/rest/users/00000000-0000-0000-0000-000000000002/policy ### Parameters #### Path Parameters - **userId** (string) - Required - The unique identifier of the user. ### Request Example ```bash curl --user administrator:y0uR_P455woR*d \ -H "Accept: application/json" \ -X GET http://localhost:8080/midpoint/ws/rest/users/00000000-0000-0000-0000-000000000002/policy \ -v ``` ### Response #### Success Response (200) - **object** (object) - Contains the user's policy details. - **@type** (string) - The type of the policy object. - **password** (object) - Policy details related to passwords. - **minOccurs** (string) - Minimum occurrences. - **lockoutMaxFailedAttempts** (integer) - Maximum failed login attempts before lockout. - **lockoutFailedAttemptsDuration** (string) - Duration for which failed attempts are counted. - **lockoutDuration** (string) - Duration of the account lockout. - **valuePolicyRef** (object) - Reference to the value policy. - **oid** (string) - Object ID of the referenced policy. - **relation** (string) - Relation type. - **type** (string) - Type of the referenced policy. - **targetName** (string) - Name of the referenced policy. #### Response Example ```json { "@ns" : "http://prism.evolveum.com/xml/ns/public/types-3", "object" : { "@type" : "c:CredentialsPolicyType", "password" : { "minOccurs" : "0", "lockoutMaxFailedAttempts" : 3, "lockoutFailedAttemptsDuration" : "PT3M", "lockoutDuration" : "PT15M", "valuePolicyRef" : { "oid" : "00000000-0000-0000-0000-000000000003", "relation" : "org:default", "type" : "c:ValuePolicyType", "targetName" : "Default Password Policy" } } } } ``` ``` -------------------------------- ### Example Output: List of Cases (JSON) Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/examples/raw/search-case-open-user.adoc This is an example of the response received after searching for open cases. It includes details of both parent and child cases, their states, and associated user information. ```json { "@ns" : "http://prism.evolveum.com/xml/ns/public/types-3", "object" : { "@type" : "http://midpoint.evolveum.com/xml/ns/public/common/api-types-3#ObjectListType", "object" : [ { "@type" : "c:CaseType", "oid" : "e2f64612-c616-4e08-bace-e9308232553f", "version" : "0", "name" : { "orig" : "Approving and executing change of user \"Jack\" (started Mar 7, 2024, 10:10:59 AM)", "norm" : "approving and executing change of user jack started mar 7 2024 101059 am", "translation" : { "key" : "ApprovingAndExecuting.ChangeOf", "argument" : [ { "translation" : { "key" : "ObjectSpecification", "argument" : [ { "translation" : { "key" : "ObjectTypeLowercase.UserType", "fallback" : "UserType" } }, { "value" : "Jack" } ] } }, { "value" : "Mar 7, 2024, 10:10:59 AM" } ] } }, "metadata" : { }, "assignment" : { }, "archetypeRef" : { }, "objectRef" : { "oid" : "a9885c61-c442-42d8-af34-8182a8653e3c", "relation" : "org:default", "type" : "c:UserType", "targetName" : "Jack" }, "requestorRef" : { "oid" : "a9885c61-c442-42d8-af34-8182a8653e3c", "relation" : "org:default", "type" : "c:UserType", "targetName" : "Jack" }, "state" : "open", "modelContext" : { "state" : "primary", "channel" : "http://midpoint.evolveum.com/xml/ns/public/common/channels-3#rest", "focusContext" : { "objectOldRef" : { "oid" : "a9885c61-c442-42d8-af34-8182a8653e3c", "relation" : "org:default", "type" : "c:UserType", "targetName" : "Jack" }, "objectNewRef" : { "oid" : "a9885c61-c442-42d8-af34-8182a8653e3c", "relation" : "org:default", "type" : "c:UserType", "targetName" : "Jack" }, "objectTypeClass" : "com.evolveum.midpoint.xml.ns._public.common.common_3.UserType", "oid" : "a9885c61-c442-42d8-af34-8182a8653e3c", "iteration" : 0, "iterationToken" : "", "fresh" : true, "secondaryDeltas" : { } }, "focusClass" : "com.evolveum.midpoint.xml.ns._public.common.common_3.UserType", "doReconciliationForAllProjections" : false, "executionPhaseOnly" : false, "projectionWave" : 1, "executionWave" : 0, "lazyAuditRequest" : false, "requestAudited" : false, "executionAudited" : false, "requestAuthorized" : true, "stats" : { }, "requestMetadata" : {} } }, { "@type" : "c:CaseType", "oid" : "b0de0420-7848-4981-88f8-c21b415fcabb", "version" : "1", "name" : { "orig" : "Assigning role \"Basic Employee\" to user \"Jack\"", "norm" : "assigning role basic employee to user jack", "translation" : { "key" : "DefaultPolicyConstraint.Short.assignmentModification.toBeAdded", "argument" : [ { "translation" : { "key" : "ObjectSpecification", "argument" : [ { "translation" : { "key" : "ObjectTypeLowercase.RoleType", "fallback" : "RoleType" } }, { "value" : "Basic Employee" } ] } }, { "translation" : { "key" : "ObjectSpecification", "argument" : [ { "translation" : { "key" : "ObjectTypeLowercase.UserType", "fallback" : "UserType" } } ] } ] } } } ] } } ``` -------------------------------- ### Get Organizational Unit Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/examples/raw/get-ou-projects.adoc This example demonstrates how to fetch an organizational unit's details, which includes its associated projects, using a GET request. ```APIDOC ## GET /midpoint/ws/rest/orgs/{oid} ### Description Retrieves the details of a specific organizational unit. ### Method GET ### Endpoint /midpoint/ws/rest/orgs/{oid}?options=raw ### Parameters #### Path Parameters - **oid** (string) - Required - The unique identifier of the organizational unit. #### Query Parameters - **options** (string) - Optional - Specifies additional options, such as 'raw' to get the full object. ### Request Example ```bash curl --user administrator:y0uR_P455woR*d \ -H "Accept: application/json" \ -X GET http://localhost:8080/midpoint/ws/rest/orgs/e5ae2f30-141c-4990-8387-4c8e7433132d?options=raw \ -v ``` ### Response #### Success Response (200) - **org** (object) - Contains the organizational unit details. - **oid** (string) - The unique identifier of the organizational unit. - **version** (string) - The version of the organizational unit. - **name** (string) - The name of the organizational unit. - **displayName** (string) - The display name of the organizational unit. #### Response Example ```json { "org" : { "oid" : "e5ae2f30-141c-4990-8387-4c8e7433132d", "version" : "1", "name" : "P0000", "metadata" : {}, "operationExecution" : {}, "iteration" : 0, "iterationToken" : "", "activation" : {}, "displayName" : "Projects" } } ``` ``` -------------------------------- ### Example Output of Pre-Upgrade Check Source: https://github.com/evolveum/midpoint/blob/master/docs/deployment/ninja/use-case/upgrade-with-ninja.adoc Sample output from the `ninja.sh -v pre-upgrade-check` command, showing potential errors or warnings. ```bash /opt/midpoint/bin/ninja.sh -v pre-upgrade-check ``` -------------------------------- ### Import accounts starting with 'b' Source: https://github.com/evolveum/midpoint/blob/master/docs/tasks/synchronization-tasks/import-and-reconciliation/index.adoc Imports accounts from a resource where the identifier starts with 'b'. This example combines implicit query definition with a custom filter. ```xml Import: Example Resource ``` -------------------------------- ### Account Creation Message Example Source: https://github.com/evolveum/midpoint/blob/master/docs/resources/asynchronous/outbound/configuration/index.adoc Example of a formatted message for account creation, displaying operation, login, full name, and description. ```text operation: add login: jack fullName: Jack Sparrow description: This is 'jack' called 'Jack Sparrow' ``` -------------------------------- ### Example Location Header Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/examples/raw/create-user-jack.adoc Upon successful user creation, the response includes a Location header that points to the newly created user's resource URL. ```bash # Location: http://localhost:8080/midpoint/ws/rest/users/e4b0c81e-7fc7-462d-a92c-b3e0b10b8b49 ``` -------------------------------- ### Get Default Administrator Object Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/examples/get-user-unique-id.adoc This example demonstrates how to retrieve the default administrator object using cURL. It shows basic authentication and the HTTP GET method. ```APIDOC ## GET /users/{id} ### Description Retrieves a user object based on its unique identifier. ### Method GET ### Endpoint /users/00000000-0000-0000-0000-000000000002 ### Parameters #### Path Parameters - **id** (string) - Required - The unique identifier of the user. ### Request Example ```bash # Authenticating with the credentials "administrator" and password "5ecr3t" on a localhost instance running on port 8080 curl --user administrator:5ecr3t -X GET http://localhost:8080/midpoint/ws/rest/users/00000000-0000-0000-0000-000000000002 ``` ``` -------------------------------- ### Get user value policy example Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/user-specific-op-rest.adoc Example of retrieving the value policy for a user using curl. Replace {host}, {port}, and {oid} with actual values. ```bash curl -X PUT "http://localhost:8080/midpoint/ws/rest/users/{oid}/policy" \ -H "Authorization: Basic {Base64EncodedCredentials}" ``` -------------------------------- ### Example ModuleSaml2SimpleKeyType Configuration Source: https://github.com/evolveum/midpoint/blob/master/docs/security/authentication/flexible-authentication/modules/saml2.adoc Demonstrates the structure for configuring a simple key for SAML2 signing and encryption. Ensure to replace placeholder values with actual key material. ```xml sp-signing-key "primary key" "password" "certificate" ``` -------------------------------- ### Search for All Users With Name That Starts With 'a' Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/examples/raw/search-name-users.adoc This example demonstrates how to search for all users whose names start with the letter 'a' using a POST request to the users search endpoint. ```APIDOC ## POST /users/search ### Description Searches for users based on provided criteria. This example specifically searches for users whose names start with 'a'. ### Method POST ### Endpoint http://localhost:8080/midpoint/ws/rest/users/search ### Request Headers - `Accept`: `application/json` - `Content-Type`: `application/json` ### Request Body This endpoint accepts a JSON payload for search criteria. The example uses a file `./samples/rest/query-gen-name.json` which is expected to contain the search query. ### Request Example ```bash curl --user administrator:y0uR_P455woR*d \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -X POST http://localhost:8080/midpoint/ws/rest/users/search \ -v \ --data-binary @./samples/rest/query-gen-name.json ``` ### Response #### Success Response (200) Returns a JSON object containing a list of users matching the search criteria. ``` -------------------------------- ### Example Output: Access Certification Campaign List Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/examples/raw/search-all-acc.adoc This is an example of the response when searching for access certification campaigns. It returns a list of campaign objects, each containing details like OID, name, description, and stage information. ```json { "@ns": "http://prism.evolveum.com/xml/ns/public/types-3", "object": { "@type": "http://midpoint.evolveum.com/xml/ns/public/common/api-types-3#ObjectListType", "object": [ { "@type": "c:AccessCertificationCampaignType", "oid": "3a0fb4a2-ffbd-4e72-bbff-47327df054c4", "version": "0", "name": "User's assignemnts according to the manager 1", "description": "Certifies all users' assignments. Everything is certified by the administrator.", "iteration": 1, "definitionRef": { "oid": "8f37ee15-9945-4872-8b90-8cb75f304b41", "relation": "org:default", "type": "c:AccessCertificationDefinitionType", "targetName": "User's assignemnts according to the manager" }, "ownerRef": { "oid": "00000000-0000-0000-0000-000000000002", "relation": "org:default", "type": "c:UserType", "targetName": "administrator" }, "handlerUri": "http://midpoint.evolveum.com/xml/ns/public/certification/handlers-3#direct-assignment", "scopeDefinition": { "@type": "c:AccessCertificationAssignmentReviewScopeType", "objectType": "#UserType", "searchFilter": { "org": { "@ns": "http://prism.evolveum.com/xml/ns/public/query-3", "path": "parentOrgRef", "orgRef": { "oid": "7d1e7065-455c-48d5-a469-1734fd255739", "scope": "SUBTREE" } } }, "itemSelectionExpression": { "script": [] }, "includeRoles": true, "includeOrgs": true, "includeResources": false }, "remediationDefinition": { "style": "automated" }, "stageDefinition": { "@id": 1, "number": 1, "name": "Manager's review", "description": "In this stage, the manager has to review all the assignments of users belonging to his org unit.", "duration": "P14D", "notifyBeforeDeadline": [ "PT48H", "PT12H" ], "notifyOnlyWhenNoDecision": true, "reviewerSpecification": { "useObjectManager": { "allowSelf": false } }, "timedActions": { "@id": 2, "time": { "value": [ "P7D" ] }, "actions": { "escalate": { "approverRef": { "oid": "00000000-0000-0000-0000-000000000002", "relation": "org:default", "type": "c:UserType", "targetName": "administrator" }, "delegationMethod": "addAssignees", "escalationLevelName": "Level1" } } } }, "state": "created", "stageNumber": 0 } ] } } ``` -------------------------------- ### Example Output of Get Shadow Owner Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/examples/raw/get-shadow-owner.adoc This is a sample JSON response for a successful GET /shadows/{id}/owner request. Note that some properties may be omitted for brevity. ```json { "user" : { "oid" : "a9885c61-c442-42d8-af34-8182a8653e3c", "version" : "", "name" : "Jack", "metadata" : {}, "operationExecution" : [ {}, {} ], "assignment" : [ {}, {} ], "iteration" : 0, "iterationToken" : "", "roleMembershipRef" : [ {}, {} ], "linkRef" : { "oid" : "062ac29f-f296-4824-aeab-9a0feb9e8bd3", "relation" : "org:default", "type" : "c:ShadowType" }, "activation" : {}, "emailAddress" : "jack@evolveum.com", "credentials" : {}, "givenName" : "Jack", "familyName" : "Sparrow" } } ``` -------------------------------- ### Search All Resources Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/operations/examples/raw/search-all-resource.adoc This example demonstrates how to search for all resources using a POST request to the /resources/search endpoint. ```APIDOC ## POST /midpoint/ws/rest/resources/search ### Description Searches for all resources in the system. ### Method POST ### Endpoint /midpoint/ws/rest/resources/search ### Request Headers - `Accept`: `application/json` - `Content-Type`: `application/json` ### Request Body - The request body should contain a JSON object specifying the search criteria. For searching all resources, this might be an empty object or a specific query structure. ### Request Example ```bash curl --user administrator:y0uR_P455woR*d \ -H "Accept: application/json" \ -H "Content-Type: application/json" \ -X POST http://localhost:8080/midpoint/ws/rest/resources/search \ -v \ --data-binary @./samples/rest/query-all.json ``` ### Response #### Success Response (200) - The response will be a JSON object containing a list of all found resources. ``` -------------------------------- ### Get User Object Source: https://github.com/evolveum/midpoint/blob/master/docs/interfaces/rest/endpoints/users.adoc This section describes how to retrieve a specific User object by its identifier using the REST API. It includes an example and a link to the general get operation documentation. ```APIDOC ## Get User Object ### Description This endpoint retrieves a single, specific User object. ### Method GET ### Endpoint /users/{id} ### Parameters #### Path Parameters - **id** (string) - Required - The unique identifier of the user to retrieve. ### Request Example (Refer to include::../operations/examples/raw/get-user-administrator.adoc[]) ### Response #### Success Response (200) - (Details not provided in source, refer to get-op-rest link) ```