OpenIDM exposes configuration objects under the
/openidm/config context.
You can list the configuration on the local host by performing a GET
http://localhost:8080/openidm/config. The following
example shows the default configuration for an OpenIDM instance started
with Sample 1.
$ curl --request GET
--header "X-OpenIDM-Username: openidm-admin"
--header "X-OpenIDM-Password: openidm-admin"
http://localhost:8080/openidm/config
{
"configurations": [
{
"_id": "endpoint/getprocessesforuser",
"pid": "endpoint.788f364e-d870-4f46-982a-793525fff6f0",
"factoryPid": "endpoint"
},
{
"_id": "provisioner.openicf/xml",
"pid": "provisioner.openicf.90b18af9-fe27-45a2-a4ae-1056c04a4d31",
"factoryPid": "provisioner.openicf"
},
{
"_id": "ui/configuration",
"pid": "ui.36bb2bf4-8e19-43d2-9df2-a0553ffac590",
"factoryPid": "ui"
},
{
"_id": "managed",
"pid": "managed",
"factoryPid": null
},
{
"_id": "sync",
"pid": "sync",
"factoryPid": null
},
{
"_id": "router",
"pid": "router",
"factoryPid": null
},
{
"_id": "process/access",
"pid": "process.44743c97-a01b-4562-85ad-8a2c9b89155a",
"factoryPid": "process"
},
{
"_id": "endpoint/siteIdentification",
"pid": "endpoint.ef05a7f3-a420-4fbb-998c-02d283cae4d1",
"factoryPid": "endpoint"
},
{
"_id": "endpoint/securityQA",
"pid": "endpoint.e2d87637-c918-4056-99a1-20f25c897066",
"factoryPid": "endpoint"
},
{
"_id": "scheduler",
"pid": "scheduler",
"factoryPid": null
},
{
"_id": "ui/countries",
"pid": "ui.acde0f4c-808f-45fb-9627-d7d2ca702e7c",
"factoryPid": "ui"
},
{
"_id": "org.apache.felix.fileinstall/openidm",
"pid": "org.apache.felix.fileinstall.2dedea63-4592-4074-a709-ffa70f1e841d",
"factoryPid": "org.apache.felix.fileinstall"
},
{
"_id": "schedule/reconcile_systemXmlAccounts_managedUser",
"pid": "schedule.f53b235a-862e-4e18-a3cf-10ae3cbabc1e",
"factoryPid": "schedule"
},
{
"_id": "workflow",
"pid": "workflow",
"factoryPid": null
},
{
"_id": "endpoint/getavailableuserstoassign",
"pid": "endpoint.d19da94f-bae3-4101-922c-fe47ea8616d2",
"factoryPid": "endpoint"
},
{
"_id": "repo.orientdb",
"pid": "repo.orientdb",
"factoryPid": null
},
{
"_id": "audit",
"pid": "audit",
"factoryPid": null
},
{
"_id": "endpoint/gettasksview",
"pid": "endpoint.edcc1ff8-a7ba-4c46-8258-bf5216e85192",
"factoryPid": "endpoint"
},
{
"_id": "ui/secquestions",
"pid": "ui.649e2c65-0cc7-4a0d-a6b1-95f4c5168bdc",
"factoryPid": "ui"
},
{
"_id": "org.apache.felix.fileinstall/activiti",
"pid": "org.apache.felix.fileinstall.a0ba2f7d-bdb9-43b5-b84e-0e8feee6be72",
"factoryPid": "org.apache.felix.fileinstall"
},
{
"_id": "policy",
"pid": "policy",
"factoryPid": null
},
{
"_id": "endpoint/usernotifications",
"pid": "endpoint.e96d5319-6260-41db-af76-bd4e692b792d",
"factoryPid": "endpoint"
},
{
"_id": "org.apache.felix.fileinstall/ui",
"pid": "org.apache.felix.fileinstall.89f8c6dd-f54e-46a4-bfda-1e76ac044c33",
"factoryPid": "org.apache.felix.fileinstall"
},
{
"_id": "authentication",
"pid": "authentication",
"factoryPid": null
}
]
}Single instance configuration objects are located under
openidm/config/.
The following example shows the default object-nameaudit
configuration.
$ curl
--header "X-OpenIDM-Username: openidm-admin"
--header "X-OpenIDM-Password: openidm-admin"
http://localhost:8080/openidm/config/audit
{
"eventTypes": {
"activity": {
"filter": {
"actions": [
"create",
"update",
"delete",
"patch",
"action"
]
}
},
"recon": {}
},
"logTo": [
{
"logType": "csv",
"location": "audit",
"recordDelimiter": ";"
},
{
"logType": "repository"
}
]
}Multiple instance configuration objects are found under
openidm/config/. The following example shows the
configuration for the XML connector provisioner.
object-name/instance-name
$ curl
--header "X-OpenIDM-Username: openidm-admin"
--header "X-OpenIDM-Password: openidm-admin"
http://localhost:8080/openidm/config/provisioner.openicf/xml
{
"name": "xmlfile",
"connectorRef": {
"bundleName":
"org.forgerock.openicf.connectors.file.openicf-xml-connector",
"bundleVersion": "",
"connectorName": "com.forgerock.openicf.xml.XMLConnector"
},
"producerBufferSize": 100,
"connectorPoolingSupported": true,
"poolConfigOption": {
"maxObjects": 10,
"maxIdle": 10,
"maxWait": 150000,
"minEvictableIdleTimeMillis": 120000,
"minIdle": 1
},
"operationTimeout": {
"CREATE": -1,
"TEST": -1,
"AUTHENTICATE": -1,
"SEARCH": -1,
"VALIDATE": -1,
"GET": -1,
"UPDATE": -1,
"DELETE": -1,
"SCRIPT_ON_CONNECTOR": -1,
"SCRIPT_ON_RESOURCE": -1,
"SYNC": -1,
"SCHEMA": -1
},
"configurationProperties": {
"xsdIcfFilePath": "samples/sample1/data/resource-schema-1.xsd",
"xsdFilePath": "samples/sample1/data/resource-schema-extension.xsd",
"xmlFilePath": "samples/sample1/data/xmlConnectorData.xml"
},
"objectTypes": {
"account": {
"$schema": "http://json-schema.org/draft-03/schema",
"id": "__ACCOUNT__",
"type": "object",
"nativeType": "__ACCOUNT__",
"properties": {
"description": {
"type": "string",
"nativeName": "__DESCRIPTION__",
"nativeType": "string"
},
"firstname": {
"type": "string",
"nativeName": "firstname",
"nativeType": "string"
},
"email": {
"type": "string",
"nativeName": "email",
"nativeType": "string"
},
"__UID__": {
"type": "string",
"nativeName": "__UID__"
},
"password": {
"type": "string",
"required": false,
"nativeName": "__PASSWORD__",
"nativeType": "JAVA_TYPE_GUARDEDSTRING",
"flags": [
"NOT_READABLE",
"NOT_RETURNED_BY_DEFAULT"
]
},
"name": {
"type": "string",
"required": true,
"nativeName": "__NAME__",
"nativeType": "string"
},
"lastname": {
"type": "string",
"required": true,
"nativeName": "lastname",
"nativeType": "string"
}
}
}
},
"operationOptions": {}
}You can change the configuration over REST by using an HTTP PUT request
to modify the required configuration object. The following example modifies
the router.json file to remove all filters, effectively
bypassing any policy validation.
$ curl
--header "X-OpenIDM-Username: openidm-admin"
--header "X-OpenIDM-Password: openidm-admin"
--request PUT
--data '{
"filters" : [
{
"onRequest" : {
"type" : "text/javascript",
"file" : "bin/defaults/script/router-authz.js"
}
}
]
}'
"http://localhost:8080/openidm/config/router"
See the REST API Reference appendix for additional details and examples using REST access to update and patch objects.
