Embedded Cloud Identity API calls in an Info Map mechanism

We can embed Cloud Identity (CI) API calls in Info Map mechanism instances with a new client, CI Client. Configure a CI Server connection to make calls with the CI Client.

The client ID and client secret configured in the CI Server Connection are made available to the CI Client using the Server Connection Factory. The CI Client then automatically manages the client credentials token.

For information about configuring the CI Server Connection, see Server connection properties. For example:

importPackage(Packages.com.ibm.security.access.ciclient);
importPackage(Packages.com.ibm.security.access.server_connections);
importClass(Packages.com.tivoli.am.fim.trustserver.sts.utilities.IDMappingExtUtils);

IDMappingExtUtils.traceString("entry Cloud Identity Mapping Rule");

var connection = ServerConnectionFactory.getCiConnectionByName("milano");

var id = CiClient.getUserId(connection, "testuser@ibm.com");
if (id != null) {
    IDMappingExtUtils.traceString("CI User ID: " + id);
} else {
    IDMappingExtUtils.traceString("CI User does not exist.");
}

Available CI Client methods include:

getUser(CiServerConnection connection, String username)
Retrieve a user object (via SCIM) by username

getUserId(CiServerConnection connection, String username)
Retrieve the user's IUI (via SCIM) by username

registerAuthenticator(CiServerConnection connection, String json)
Initiate device registration (to be completed by the user's authenticator app)

getAuthenticators(CiServerConnection connection, String username)
Get all authenticators for the given user

getAuthenticator(CiServerConnection connection, String id)
Get a specific authenticator based on ID

updateAuthenticator(CiServerConnection connection, String id, String json)
Update a specific authenticator based on ID

deleteAuthenticator(CiServerConnection connection, String id)
Delete a specific authenticator based on ID

getAuthMethods(CiServerConnection connection, String username)
Get all auth methods for the given user

getAuthMethod(CiServerConnection connection, String id)
Get a specific auth method based on ID

updateAuthMethod(CiServerConnection connection, String id, String json)
Update a specific auth method based on ID

deleteAuthMethod(CiServerConnection connection, String id)
Delete a specific auth method based on ID

createTransaction(CiServerConnection connection, String authenticatorId, String json)
Create a new transaction for the given authenticator ID

getTransactions(CiServerConnection connection, String authenticatorId)
Get all transactions for the given authenticator ID

getTransaction(CiServerConnection connection, String authenticatorId, String id)
Get a specific transaction for the given authenticator ID

getRequest(CiServerConnection connection, String url)
Generic GET request on the given URL

postRequest(CiServerConnection connection, String url, String json)
Generic POST request on the given URL

putRequest(CiServerConnection connection, String url, String json)
Generic PUT request on the given URL

deleteRequest(CiServerConnection connection, String url)
Generic DELETE request on the given URL


Parent topic: Configure an Info Map authentication mechanism