• Identity and Access Management

iam
  1. Help Center
  2. Identity and Access Management
  3. API Reference
  4. Federated Identity Authentication Management
  5. Mapping
  6. Querying the Mapping List

Querying the Mapping List

Function Description

This interface is used to query the mapping list.

URI

URI format

GET /v3/OS-FEDERATION/mappings

Request

  • Request header parameter description

    Parameter

    Mandatory

    Type

    Description

    Content-Type

    Yes

    String

    Fill application/json;charset=utf8 in this field.

    X-Auth-Token

    Yes

    String

    Authenticated token.

  • Sample request
    curl -i -k -H 'Accept:application/json' -H 'Content-Type:application/json;charset=utf8' -H "X-Auth-Token:$token" -X GET https://10.185.190.118:31943/v3/OS-FEDERATION/mappings

Response

  • Response body parameter description

    Parameter

    Mandatory

    Type

    Description

    mappings

    Yes

    Array

    List of mappings.

    links

    Yes

    Object

    Resource links of mappings.

  • mappings parameter description

    Parameter

    Mandatory

    Type

    Description

    id

    Yes

    String

    Mapping ID.

    rules

    Yes

    Object

    List of rules used to map federated users into local users.

    Example:

     "rules": [
                {
                    "local": [
                        {
                            "user": {
                                "name": "{0}"
                            }
                        },
                        {
                            "group": {
                                "name": "0cd5e9"
                            }
                        }
                    ],
                    "remote": [
                        {
                            "type": "UserName"
                        },
                        {
                            "type": "orgPersonType",
                            "not_any_of": [
                                "Contractor",
                                "Guest"
                            ]
                        }
                    ]
                }
            ]

    local: indicates the information about a federated user in the cloud system.

    • user: indicates the name of a federated user in the cloud system. {0} indicates the first attribute of the user information in remote.
    • group: indicates the user group to which a federated user belongs in the cloud system.

    remote: indicates the information about a federated user in the IdP. This expression is a combination of assertion attributes and operators. The value of remote is determined based on the assertion.

    • "type": "UserName" indicates an attribute in an IdP assertion.
    • "type": "orgPersonType" indicates an attribute in an IdP assertion.
    • not_any_of: The condition is valid only if the input attributes do not include specified value, and a Boolean value is returned. The returned value cannot be used to replace the placeholder in the local block.

    links

    Yes

    Object

    Resource links of mappings.

  • Sample response
    {
        "links": {
            "next": null,
            "previous": null,
            "self": "https://example.com/v3/OS-FEDERATION/mappings"
        },
        "mappings": [
            {
                "id": "ACME",
                "links": {
                    "self": "https://example.com/v3/OS-FEDERATION/mappings/ACME"
                },
                "rules": [
                    {
                        "local": [
                            {
                                "user": {
                                    "name": "{0}"
                                }
                            },
                            {
                                "group": {
                                    "id": "0cd5e9"
                                }
                            }
                        ],
                        "remote": [
                            {
                                "type": "UserName"
                            },
                            {
                                "type": "orgPersonType",
                                "any_one_of": [
                                    "Contractor",
                                    "SubContractor"
                                ]
                            }
                        ]
                    }
                ]
            }
        ]
    }

Status Codes

Status Code

Description

200

The request is successful.

400

The server failed to process the request.

401

You must enter a username and password to access the requested page.

403

You are forbidden to access the requested page.

404

The server could not find the requested page.

405

You are not allowed to use the method specified in the request.

413

The request entity is too large.

500

Failed to complete the request because of an internal service error.

503

Failed to complete the request because the service is unavailable.