Person report

The DUM Engine allows getting report with information about a Onegini Consumer Identity Manager user. This guide will walk you though the process of getting report and also give you a better understanding about report.

Person report is a representation of data that contains the following information:

  • personal data (identifier, first name, last name, etc.)
  • policies that belongs to the person
  • groups in which the user has permissions

An example of using a report could be an external system that needs information about the user to be shown on the dashboard or used in its logic.

What you need

To successfully complete this topic guide you need to ensure following prerequisites:

  • have the DUM Engine application up and running
  • have access to DUM Engine APIs and know the Basic Authorization credentials

For the sake of this guide we assume that the DUM Engine is available at http://localhost:8080.

Get a report

To get a report you need to execute an API call to GET api/v1/persons/{personId}/report DUM Engine's endpoint.

curl -i --user client:password 
-H "Content-Type: application/json" 
-H "Accept: application/json" 
-X GET http://localhost:8080/api/v1/persons/a810b64f-2e4a-4bee-92ad-6e47951a1f0b/report

The service responds with HTTP/1.1 200 Ok status code and a Report representation for operation completed successfully.

Example response:

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8

{
  "person": {
    "idp_type": "CIM",
    "person_id": "a810b64f-2e4a-4bee-92ad-6e47951a1f0b",
    "first_name": "John",
    "last_name": "Doe"
  },
  "policies": [
    {
      "id": "0bf51ff2-8486-4b6b-a4af-f2738c5564fa",
      "name": "Organisation policy",
      "principal": {
        "idp_type": "LDAP",
        "person_id": "13db83a6-bb3f-493a-b614-e86a404c2142"
      },
      "subject": {
        "subject_id": "1f717fc5-f7e1-4c47-a81e-8caa75e2bb37",
        "type": "PERSON"
      },
      "assignee_id": "a810b64f-2e4a-4bee-92ad-6e47951a1f0b"
    },
    {
      "id": "bd3c35d3-47c1-47d9-b1f8-1e3cb63e070d",
      "name": "Organisation policy",
      "principal": {
        "idp_type": "LDAP",
        "person_id": "13db83a6-bb3f-493a-b614-e86a404c2142"
      },
      "subject": {
        "subject_id": "1f717fc5-f7e1-4c47-a81e-8caa75e2bb37",
        "type": "PERSON"
      },
      "assignee_id": "a810b64f-2e4a-4bee-92ad-6e47951a1f0b"
    }
  ],
  "group_permissions": [
    {
      "group": {
        "child_groups_ids": [
          "133ea844-baf7-4acc-8104-acbf1b4a240c",
          "41ea57b1-8f6f-4c14-b71f-4f2a60e13e28"
        ],
        "id": "be51f7a1-4b0d-4f80-bf03-3cabf270fd3a",
        "name": "ROOT_GROUP"
      },
      "permission": "POLICY_MANAGE"
    },
    {
      "group": {
        "child_groups_ids": [
          "133ea844-baf7-4acc-8104-acbf1b4a240c",
          "41ea57b1-8f6f-4c14-b71f-4f2a60e13e28"
        ],
        "id": "be51f7a1-4b0d-4f80-bf03-3cabf270fd3a",
        "name": "ROOT_GROUP"
      },
      "permission": "GROUP_MANAGE"
    }
  ]
}

To get more information about the endpoint signature please look into the API Documentation documentation.

Get a report for group

To get a report for specific group you need to execute an API call to GET api/v1/group/{groupId}/persons/{personId}/report DUM Engine's endpoint.

curl -i --user client:password 
-H "Content-Type: application/json" 
-H "Accept: application/json" 
-X GET http://localhost:8080/api/v1/groups/066d4479-4796-4ea9-aaec-d0e80c6036d3/persons/160d8767-b7fy-4706-9738-4dc221653368

The service responds with HTTP/1.1 200 Ok status code and a Report representation for operation completed successfully.

Example response

HTTP/1.1 201
Content-Type: application/json;charset=UTF-8

{
  "person_id" : "160d8767-b7fy-4706-9738-4dc221653368",
  "first_name" : "John",
  "last_name" : "Smith",
  "group_permissions" : [
    {
      "group" : 
        {
          "id": "066d4479-4796-4ea9-aaec-d0e80c6036d3",
          "policies": [
            "145fabf0-8b05-4a4d-be15-95c7b568da63",
            "fe987430-8f0f-4fe6-948c-3d77cf05279a",
            "7b10aea0-6ca5-40f6-8fd5-acd060dfad95"
          ],
          "child_groups": [
            "f530f30d-8322-47d1-93ff-19f4fea37c79",
            "7b10aea0-6ca5-40f6-8fd5-acd060dfad95"
          ],
          "parent_groups": [
            "f530f30d-8322-47d1-93ff-19f4fea37c79",
            "7b10aea0-6ca5-40f6-8fd5-acd060dfad95"
          ],
          "owners": [
            "160d8767-b7ea-4706-9738-4dc221658868",
            "146a47f0-31be-145d-aaef-900abc3753e1"
          ],
          "name": "Innosure Back Office"
        },
      "permission" : "ALL"
    }
  ],
  "policies" : [
    {
      "id" : "79db83a6-bb3f-493a-b614-e86a404c2142",
      "name" : "Organisation policy",
      "principal" : {
            "idp_type" : "LDAP",
            "principalId" : "146a47f0-31be-145d-aaef-900abc3753e1"
       },
      "scopes" : ["READ"],
      "subjectId" : "f530f30d-8322-47d1-93ff-19f4fea37c79",
      "assigneeId" : "146a47f0-31be-145d-aaef-900abc3753e1"
    }
  ]
}

To get more information about the endpoint signature please look into the API Documentation documentation.

Update a person name

To update a person first name and last name you need to execute an API call PUT api/v1/persons/{personId} to DUM Engine endpoint.

curl -i --user username:password 
-H "Content-Type: application/json" 
-H "Accept: application/json" -X POST -d 

'{
   "first_name": "John",
   "last_name": "Doe"
 }' 

http://localhost:8080/api/v1/persons/13db83a6-bb3f-493a-b614-e86a404c2142

The service responds with HTTP/1.1 200 Ok status code and a Person representation for operation completed successfully.

Example response:

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8

{
  "idp_type": "CIM",
  "person_id": "13db83a6-bb3f-493a-b614-e86a404c2142",
  "first_name": "John",
  "last_name": "Smith"
}

To get more information about the endpoint signature please look into the API documentation.