REST API limitations for IBM Security Identity Manager

We can configure cross-origin resource sharing (CORS) to control which origins can work with ISIM REST APIs.

To support CORS in the virtual appliance:

1. Log on to ISIM virtual appliance console.

2. From the top-level menu of the Appliance Dashboard, select Configure > Advanced Configuration > Update Property

3. In the Update Property page, select All properties.

4. Select Identity server property files.

5. Select rest.properties.

6. Click New to open the Add Property window.

7. Provide the value in the Property name field as ui.CORSOrigin.

8. Provide the value in the Property value field to one of the following values.
   • *
   • http://www.myhost.com:port Use white spaces to separate multiple property values.

9. Click Save Configuration.

After you edit the ui.CORSOrigin property, restart ISIM Server to reflect the changes. Do these steps.

1. From the Appliance Dashboard, go to the Server Control widget.

2. Select Security Identity Manager server.

3. Click Restart.

If we do not want to allow cross domain request to access Identity Service Center REST APIs, do not configure the ui.CORSOrigin property in the virtual appliance.

If you already configured rest.properties with the ui.CORSOrigin property, delete the ui.CORSOrigin property.

1. Log on to ISIM virtual appliance console.

2. From the top-level menu of the Appliance Dashboard, select Configure > Advanced Configuration > Update Property

3. In the Update Property page, select Modified properties.

4. Select Identity server.

5. Select rest.properties.

6. Click Delete.

7. Click Yes to confirm.

• REST APIs are one of the new functions in ISIM 7.0.0.2 release. The What's new in this release section of ISIM Knowledge Center for Version 7.0.0.2 does not contain information about REST APIs. However, the REST API information is available at REST APIs.

• The path that is described for the REST API code samples in ISIM Knowledge Center for Version 7.0.0.2 requires a change. The REST API code samples are available at extensions/7.0/examples/restapi.

  On the Custom File Management page of the Appliance Dashboard, go to directories/utilities and download the extensions.zip file.

• As described in the previous bullet, the REST API code samples are available at extensions/7.0/examples/restapi. To know more about how to authenticate to ISIM Server and then start a specific REST API, see extensions/7.0/examples/restapi/examples/api/SearchPeople.java.
• Filter configuration for REST services is possible using the supported operators. See Filter configuration for REST search services. However, the definitions of the supported operators are not described in ISIM Knowledge Center topic for Version 7.0.0.2. We can use the following definitions for the supported operators to configure the filter expressions for the REST services.

  Logical operators	Comparison operators
  and - &	Equal - =
  or - |	Not equal - !=
  	Approximately equal - ~=
  	Greater than or equal - >=
  	Less than or equal - <=
  	Greater than - >
  	Less than - <

• IBM Security Identity Manager virtual appliance contains an OAuth provider. Therefore, you need not configure OAuth separately for the virtual appliance.

Parent topic: Troubleshooting virtual appliance problems