Querying the Mapping List¶

Function¶

This API is used to query the mapping list.

URI¶

GET /v3/OS-FEDERATION/mappings

Request Parameters¶

Parameters in the request header
Parameter
Mandatory
Type
Description
Content-Type
Yes
String
Fill application/json;charset=utf8 in this field.
X-Auth-Token
Yes
String
Authenticated token.

Parameter	Mandatory	Type	Description
Content-Type	Yes	String	Fill application/json;charset=utf8 in this field.
X-Auth-Token	Yes	String	Authenticated token.

Example request

curl -i -k -H 'Accept:application/json' -H 'Content-Type:application/json;charset=utf8' -H "X-Auth-Token:$token" -X GET https://sample.domain.com/v3/OS-FEDERATION/mappings

Response Parameters¶

Parameters in the response body
Parameter
Mandatory
Type
Description
mappings
Yes
Array
List of mappings.
links
Yes
Object
Mapping resource link.

Parameter	Mandatory	Type	Description
mappings	Yes	Array	List of mappings.
links	Yes	Object	Mapping resource link.

mappings parameter description

Parameter	Mandatory	Type	Description
id	Yes	String	Mapping ID.
rules	Yes	Object	Rule used to map federated users to local users Example rule for SAML: "rules": [ { "local": [ { "user": { "name": "{0}" } }, { "group": { "name": "0cd5e9" } } ], "remote": [ { "type": "UserName" }, { "type": "orgPersonType", "not_any_of": [ "Contractor", "Guest" ] } ] } ] local: indicates the information about a federated user in the cloud system. user: indicates the name of a federated user in the cloud system. {0} indicates the first attribute of the user information in remote. group: indicates the user group to which a federated user belongs in the cloud system. remote: indicates the information about a federated user in the IdP. This expression is a combination of assertion attributes and operators. The value of remote is determined based on the assertion. "type": "UserName" indicates an attribute in an IdP assertion. "type": "orgPersonType" indicates an attribute in an IdP assertion. not_any_of: The rule is not matched if any of the specified strings appear in the attribute type. The condition result is Boolean, not the argument that is passed as input.
links	Yes	Object	Mapping resource link.

Parameter

Mandatory

Type

Description

Yes

String

Mapping ID.

rules

Yes

Object

Rule used to map federated users to local users

Example rule for SAML:

"rules": [
           {
               "local": [
                   {
                       "user": {
                           "name": "{0}"
                       }
                   },
                   {
                       "group": {
                           "name": "0cd5e9"
                       }
                   }
               ],
               "remote": [
                   {
                       "type": "UserName"
                   },
                   {
                       "type": "orgPersonType",
                       "not_any_of": [
                           "Contractor",
                           "Guest"
                       ]
                   }

               ]
           }
       ]

local: indicates the information about a federated user in the cloud system.

user: indicates the name of a federated user in the cloud system. {0} indicates the first attribute of the user information in remote.
group: indicates the user group to which a federated user belongs in the cloud system.

remote: indicates the information about a federated user in the IdP. This expression is a combination of assertion attributes and operators. The value of remote is determined based on the assertion.

"type": "UserName" indicates an attribute in an IdP assertion.
"type": "orgPersonType" indicates an attribute in an IdP assertion.
not_any_of: The rule is not matched if any of the specified strings appear in the attribute type. The condition result is Boolean, not the argument that is passed as input.

links

Yes

Object

Mapping resource link.

Example response

{
    "links": {
        "next": null,
        "previous": null,
        "self": "https://example.com/v3/OS-FEDERATION/mappings"
    },
    "mappings": [
        {
            "id": "ACME",
            "links": {
                "self": "https://example.com/v3/OS-FEDERATION/mappings/ACME"
            },
            "rules": [
                {
                    "local": [
                        {
                            "user": {
                                "name": "{0}"
                            }
                        },
                        {
                            "group": {
                                "id": "0cd5e9"
                            }
                        }
                    ],
                    "remote": [
                        {
                            "type": "UserName"
                        },
                        {
                            "type": "orgPersonType",
                            "any_one_of": [
                                "Contractor",
                                "SubContractor"
                            ]
                        }
                    ]
                }
            ]
        }
    ]
}

Status Codes¶

Status Code	Description
200	The request is successful.
400	The server failed to process the request.
401	Authentication failed.
403	Access denied.
404	The requested resource cannot be found.
405	The method specified in the request is not allowed for the requested resource.
413	The request entity is too large.
500	Internal server error.
503	Service unavailable.

last updated: 2024-11-08 14:24 UTC - commit: 2d5e2c1f97c685df3090da66769505f099a4c992