LDAP Group Management

Retrieve a list of groups with filter

GET /api/v1/ldap/(string: ldap_id)/tenants/(string: tenant_id)/groups/

Gets a list of LDAP groups for the selected LDAP backend and tenant ID. This list may include groups details as per Service LDAP backend configuration. As such, output of the service is not fixed and may vary according to LDAP backend Data configuration (section groupMapping). Output may also be filtered out using a special filter structure.

Example request:

GET /api/v1/ldap/Customer_LDAP_Concentrator/tenants/ldap_tenant_1/groups/ HTTP/1.1
Host: example.com
Content-Type: "application/json"

{
   "filter": {
      "mode": "and",
      "criteria": [
         {
            "attribute": "groupId",
            "operation": "exists"
         }
      ]
   }
}
Request JSON Object:

Example response:

HTTP/1.1 200 OK
Content-Type: "application/json"

{
   "groups": [
      {
         "id": "ldap_group_1",
         "ou": "ou=ldap_group_1,ou=ldap_tenant_1,ou=Instance1,dc=vendor,dc=intra",
         "groupId": "this_is_a_test"
     }
   ]
}
Response JSON Object:
Status Codes:

Retrieve a list of groups with custom filter

GET /api/v1/ldap/(string: ldap_id)/tenants/(string: tenant_id)/groups/

Works the same way as previous API but with a pre-defined custom filter at LDAP backend configuration level .

Example request:

GET /api/v1/ldap/Customer_LDAP_Concentrator/tenants/ldap_tenant_1/groups/ HTTP/1.1
Host: example.com
Content-Type: "application/json"

{
   "custom_filter": "not_in_bwks"
}
Request JSON Object:

  • custom_filter (string) – (Optional) a reference to a custom filter expression defined by LDAP backend configuration

Example response:

HTTP/1.1 200 OK
Content-Type: "application/json"

{
   "groups": [
      {
         "id": "ldap_group_3",
         "ou": "ou=ldap_group_3,ou=ldap_tenant_3,ou=Instance1,dc=vendor,dc=intra"
     }
   ]
}
Response JSON Object:
Status Codes:

Retrieve one specific group

GET /api/v1/ldap/(string: ldap_id)/tenants/(string: tenant_id)/groups/(string: group_id)/

Gets the requested group ID for the selected LDAP backend and tenant ID. This group ID is the one returned by the id attribute when reading.

Example request:

GET /api/v1/ldap/Customer_LDAP_Concentrator/tenants/ldap_tenant_1/groups/ldap_group_1/ HTTP/1.1
Host: example.com

Example response:

HTTP/1.1 200 OK
Content-Type: "application/json"

{
   "group": {
      "id": "ldap_group_1",
      "ou": "ou=ldap_group_1,ou=ldap_tenant_1,ou=Instance1,dc=vendor,dc=intra",
      "groupId": "this_is_a_test"
   }
}
Response JSON Object:
Status Codes:

Create a new group

POST /api/v1/ldap/(string: ldap_id)/tenants/groups/

Creates a new LDAP group for the selected LDAP backend and tenant ID. Parameters set as input of the service are not fixed and may vary according to LDAP backend Service Data configuration (section groupMapping).

Authorization Right: System Admin.

Example request:

POST /api/v1/ldap/Customer_LDAP_Concentrator/tenants/ldap_tenant_1/groups/ HTTP/1.1
Host: example.com
Content-Type: "application/json"

{
   "id": "ldap_group_1",
   "groupId": "bwks_group_1"
}
Request JSON Object:

  • id (string) – the LDAP ID of the group to create - this is the only required parameter

  • <ldap_attribute> (object) – any valid attribute defined by LDAP Object Details

Example response:

HTTP/1.1 200 OK
Content-Type: "application/json"

{
   "created": {
      "group": "ou=ldap_group_1,ou=ldap_tenant_1,ou=Instance1,dc=vendor,dc=intra"
   }
}
Response JSON Object:

  • created (object) – contains the complete LDAP OU reference of the created group

Status Codes:

  • 200 OK – no error.

  • 400 Bad Request – format of the JSON input data not valid or group already exists.

Modify an existing group

PUT /api/v1/ldap/(string: ldap_id)/tenants/(string: tenant_id)/groups/(string: group_id)/

Modifies attributes of an existing LDAP group for the selected LDAP backend and tenant ID. Parameters set as input of the service are not fixed and may vary according to LDAP backend Service Data configuration (section groupMapping).

Authorization Right: System Admin.

Example request:

PUT /api/v1/ldap/Customer_LDAP_Concentrator/tenants/ldap_tenant_1/groups/ldap_group_1/ HTTP/1.1
Host: example.com
Content-Type: "application/json"

{
   "groupId": "new_group_id"
}
Request JSON Object:

  • <ldap_attribute> (object) –

    any valid attribute defined by LDAP Object Details

    Note

    If you want to delete an attribute, put this attribute in the request body and use JSON value null

Example response:

HTTP/1.1 200 OK
Content-Type: "application/json"

{
   "results": {
      "groupId": "modified"
   }
}
Response JSON Object:

  • results (object) – a summary of performed actions on every passed attribute

Status Codes:

Delete a group

DELETE /api/v1/ldap/(string: ldap_id)/tenants/(string: tenant_id)/groups/(string: group_id)/

Deletes an LDAP group by its ID. This ID is the one returned by the id attribute when reading.

Authorization Right: System Admin.

Example request:

DELETE /api/v1/ldap/Customer_LDAP_Concentrator/tenants/ldap_tenant_1/groups/ldap_group_1/ HTTP/1.1
Host: example.com

Example response:

HTTP/1.1 200 OK
Content-Type: "application/json"

{
   "deleted": {
      "group": "ou=ldap_group_1,ou=ldap_tenant_1,ou=Instance1,dc=vendor,dc=intra"
   }
}
Response JSON Object:

  • deleted (object) – contains the complete LDAP OU reference of the deleted group

Status Codes: