On 5/31/2019 3:24 AM, KSEB wrote: > > Hi, > > IDAM system installed in windows server,We want to create new roles in > IDAM,Can please provide the documents for creating and managing roles in > IDAM.
You can create a Role via a SOAP call to createRole() in the https://server:port/IDMProv/role/service endpoint.
Fernando wrote a nice bash script that uses curl to send SOAP messages if you pass in sufficient info. I wrote a wrapper that reads a CSV and can bulk load data into his script so I can bulk load Roles if I need to. (Alas, exporting I have not done, getting the right format for import, though that would be useful).
You can use the GUI to do it in ID APps/User App.
You can call Create Role in IDM POlicy based on an event. (I.e. If a group is created, you could make a Role based on that event).
On 5/31/2019 8:06 AM, KSEB wrote: > > Hi, > > Thanks for response. > In that previous reply i am not able to open the > url:serverort/.../service. > requesting you can you please send correct url again.
Did you literally try https://serverort/ as the base URL or did you replace it with your servers DNS name and proper port?
Now, there is no UI at the end point, it is meant to listen for incoming HTTP PUT/POST requests for SOAP messaging.
The user interface prior to IDM 4.7.2 is YourServerIpHere:YourPortHere/IDMProv
4.7.2 and higher it changes to YourServerIpHere:YourPortHere/landing (or maybe /idmdash)
If you want to send a SOAP message, you can get the WSDL from: YourServerIpHere:YourPortHere/.../service (I think? Docs say the specific link).
Then you can open the SOAP WSDL in a tool like SOAP UI, look for createRole and see if you can fill in the fields. I agree this is not the simpler approach.
You may find it simpler to use Fernandos bash script he wrote to do this sort of call: /cyberres/idm/w/identity_mgr_tips/2314/bash-functions-to-perform-soap-calls-to-rbpm
Just checked, he does have createRole in there.
I wrote some articles explaining how this script works, and how you could extend it to add new functionality if you need it here: