Identity Manager connector - UserManager endpoint

Connected Services Framework
The UserManager endpoint is called by the IdentityManagerClient consumer class.  These methods are also available on the aggregate IdentityManager endpoint.

To Identity Manager connector UserManager

Response From Identity Manager connector UserManager

 

 

Request Method Message used in Request Register for Response Action Message used in Response

CreateUser

CreateUserRequest

CreateUserResponse

CreateUserResponse

DeleteUser

DeleteUserRequest

DeleteUserResponse

DeleteUserResponse

ReadUser

ReadUserRequest

ReadUserResponse

ReadUserResponse

ReadUsers

ReadUsersRequest

ReadUsersResponse

ReadUsersResponse

UpdateUser

UpdateUserRequest

UpdateUserResponse

UpdateUserResponse

UpdateUsers

UpdateUsersRequest

UpdateUsersResponse

UpdateUsersResponse

UserInGroup

CheckuserInGroupRequest

UserInGroupResponse

CheckuserInGroupResponse

UpdatePassword

UpdateUserPasswordRequest

UpdateUserPasswordResponse

UpdateUserPasswordResponse

SetPassword

SetUserPasswordRequest

SetUserPasswordResponse

SetUserPasswordResponse

User Manager method details

CreateUser is used to create a new user in CSF.

CreateUserRequest mesage

Parameter Description  

RequestContext

The application defined context, returned in the response to a request.

Optional

UserAccount The structure containing the user account information.  Of the fields in the structure, only the UserId is required.  The properties of the user are optional.  Required

UserName

The name of the user

Optional

OrganizationId The organization the user belongs to. Required
Password The password of the user. Required
Groups An array of groups the user belongs to. Optional

CreateUser  result codes.  These are returned in the response message:

ResultCode Description
0 Success
30000 Input message validation failed
30001 Unexpected system exception encountered
30008 User already exists
30010 Group does not exist
30014 Invalid suffix for the organization
30015 Organization does not exist
30021 Message header does not contain proper credential
30029 Domain controller is not reachable

CreateUser Sample XML:

 <UserManagerCreate xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.microsoft.com/csf/20/IdentityManager">
    <UserAccount>
        <UserId>test1@csf.com</UserId>
        <PropertyTable>
            <Properties>
                <PropertyElement>
                    <Name>company</Name>
                    <Value>Amazon</Value>
                    <OperationType>OverWrite</OperationType>
                </PropertyElement>
                <PropertyElement>
                    <Name>streetAddress</Name>
                    <Value>MARKETING Company</Value>
                    <OperationType>OverWrite</OperationType>
                /PropertyElement>
            </Properties>
        </PropertyTable>
    </UserAccount>

    <RequestContext>Request Context</RequestContext>
    <UserName>test1@csf.com</UserName>
    <OrganizationId>Customer-TestCustomer.com</OrganizationId>
    <Password>passw0rd!</Password>
    <Groups>
        <string>AllUsersLO@senthilRooT.com</string>
        <string>Developers@Customer-TestCustomer.com</string>
    </Groups>
</UserManagerCreate>

DeleteUser is used to delete a user from CSF.

DeleteUserRequest message

Parameter Description  

RequestContext

The application defined context, returned in the response to a request.

Optional

UserId

The Id of the user to delete.

Required

DeleteUser result codes.  These are returned in the response message:

ResultCode Description
0 Success
30000 Input message validation failed
30001 Unexpected system exception encountered
30011 User does not exist
30021 Message header does not contain proper credential
30029 Domain controller is not reachable

DeleteUser Sample XML:

<UserManagerDelete xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.microsoft.com/csf/20/IdentityManager">
    <RequestContext>Request Context</RequestContext>
    <UserId>UserLogonId@csf.com</UserId>
</UserManagerDelete>

ReadUser is used to get the details of a specific existing CSF user.

ReadUserRequest message

Parameter Description  

RequestContext

The application defined context, returned in the response to a request.

Optional

UserAccount The structure containing the user account information.  Of the fields in the structure, only the UserId is required.  The properties of the user specified will be filled out in the call and returned in the response  Required

ReadUser result codes.  These are returned in the response message:

ResultCode Description
0 Success
30000 Input message validation failed
30001 Unexpected system exception encountered
30011 User does not exist
30021 Message header does not contain proper credential
30029 Domain controller is not reachable

ReadUser Sample XML:

<UserManagerRead xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.microsoft.com/csf/20/IdentityManager">
    <UserAccount>
        <UserId>test1@csf.com</UserId>
        <RequestContext>Request Context</RequestContext>
        <PropertyTable>
            <Properties>
                <PropertyElement>
                    <Name>displayname</Name>
                    <OperationType>OverWrite</OperationType>
                </PropertyElement>
                <PropertyElement>
                    <Name>address</Name>
                    <OperationType>OverWrite</OperationType>
                </PropertyElement>
            </Properties>
        </PropertyTable>
    </UserAccount>
</UserManagerRead>

ReadUsers is used to search CSF for a groups of users specified in a selection criteria. 

ReadUsersRequest message

Parameter Description  

RequestContext

The application defined context, returned in the response to a request.

Optional

ServerTimeLimitInSecs The maximum time the server is allowed to spend on the request, specified in seconds. Optional
OrganizationName The organization the users belong to.  Optional
Scope The scope of the search.  The following are he valid values:

baseObject.  Returns the base object only.

singleLevel.  Returns the base object and all its children.

wholeTree.  Returned all objects in the base object tree.

Optional
Paging Info The selection criteria for the selection of a group of users.  Please see the "Using Optional Paging Info" in this document for details on this structure and how to fill it out. Required

ReadUsers result codes.  These are returned in the response message:

ResultCode Description
0 Success
30000 Input message validation failed
30001 Unexpected system exception encountered
30015 Organization does not exist
30021 Message header does not contain proper credential
30029 Domain controller is not reachable

ReadUsers Sample XML:

<UserManagerReadUsers xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ServerTimeLimitInSecs="-1" OrganizationName="MyTestOrg.com" scope="singleLevel" xmlns="http://www.microsoft.com/csf/21/IdentityManager">
    <RequestContext>Request Context</RequestContext>
    <PagingInfo>
        <CurrentPage>1</CurrentPage>
        <LastPage>1</LastPage>
        <PageSize>5</PageSize>
        <PageIsVolatile>false</PageIsVolatile>
        <FilterSet>
            <Filters xmlns="http://www.microsoft.com/csf/21/Utilities">
                <ANDFilter>
                    <FilterMatchCriteria>
                        <FilterMatch xsi:type="EqualityMatch">
                            <Name>objectCategory</Name>
                            <Value>person</Value>
                        </FilterMatch>
                        <FilterMatch xsi:type="EqualityMatch">
                            <Name>objectClass</Name>
                            <Value>user</Value>
                        </FilterMatch>
                        <FilterMatch xsi:type="EqualityMatch">
                            <Name>samaccountname</Name>
                            <Value>testmonkey1</Value>
                        </FilterMatch>
                    </FilterMatchCriteria>
                </ANDFilter>
            </Filters>
        </FilterSet>
        <FirstItem>0</FirstItem>
        <LastItem>0</LastItem>
        <TotalItems>0</TotalItems>
        <UserAccountTable>
            <UserAccounts />
        </UserAccountTable>
        <PropertyTable>
            <Properties>
                <Property OperationType="OverWrite">
                <Name>samaccountname</Name>
                <Values />
                </Property>
            </Properties>
        </PropertyTable>
    </PagingInfo>
</UserManagerReadUsers>

UpdateUser is used to update a specific CSF user.

UpdateUserRequest message

Parameter Description  

RequestContext

The application defined context, returned in the response to a request.

Optional

UserAccount The structure containing the user account information.  Of the fields in the structure, only the UserId is required.  The properties of the user specified will be updated with the values specified in this call. Required

UpdateUser result codes.  These are returned in the response message:

ResultCode Description
0 Success
30000 Input message validation failed
30001 Unexpected system exception encountered
30011 User does not exist
30021 Message header does not contain proper credential
30029 Domain controller is not reachable

UpdateUser Sample XML:

<UserManagerUpdate xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.microsoft.com/csf/20/IdentityManager">
    <UserAccount>
        <UserId>test1@csf.com</UserId>
        <RequestContext>Request Context</RequestContext>
        <PropertyTable>
            <Properties>
                <PropertyElement>
                    <Name>company</Name>
                    <Value>Amazon1</Value>
                    <OperationType>OverWrite</OperationType>
                </PropertyElement>
                <PropertyElement>
                    <Name>streetAddress</Name>
                    <Value>MARKETING Company1</Value>
                    <OperationType>OverWrite</OperationType>
                </PropertyElement>
            </Properties>
        </PropertyTable>
    </UserAccount>
</UserManagerUpdate>

UpdateUsers is used to update a collection of users in CSF based on a specific filter criteria.  Multiple properties may be updated in a single call and are specified in the property table.  A flag is provided to get back the old values if desired.

UpdateUsersRequest message

Parameter Description  

RequestContext

The application defined context, returned in the response to a request.

Optional

ServerTimeLimitInSecs The maximum time the server is allowed to spend on the request, specified in seconds. Optional
ReturnExistingValues A flag to indicate if the request should return the existing values for the users being updated.  True will return their existing values.  The default is false. Optional
OrganizationName The organization the users belong to.  Optional
Scope The scope of the search.  The following are he valid values:

baseObject.  Returns the base object only.

singleLevel.  Returns the base object and all its children.

wholeTree.  Returned all objects in the base object tree.

Optional
UpdateUsersInfo.FilterSet The selection criteria for the selection of a group of users.  This filter set is the same as is used in the PagingInfo class and may be filled out in the same way to select a group of users to update.  Please see the "Using Optional Paging Info" in this document for details on this structure and how to fill it out. Required
UpdateUsersInfo.PropertyTable This is a table of property values to update.  This property table contains an array of PropertyElementExtended structures.  Each of these structures contains the "Name" of the property, the array of "Values" of the property (multi value properties are supported) and the "OperationType".  The following OpertaionTypes are supported:

OverWrite.  Replace the exisiting value with the new value.

Append.  Add a new value to the list of existing values.  Only valid on multi value properties.

Remove.  Remove the property.  The specified property will be removed.

Clear.  Clear the property.  All values will be removed.  

Required

UpdateUsers result codes.  These are returned in the response message:

ResultCode Description
0 Success
30000 Input message validation failed
30001 Unexpected system exception encountered
30010 Group does not exist
30011 User does not exist
30015 Organization does not exist
30021 Message header does not contain proper credential
30029 Domain controller is no reachable

UpdateUsers Sample XML:

<UserManagerUpdateUsers xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.microsoft.com/csf/21/IdentityManager" OrganizationName="" ReturnExistingValues="true">
    <RequestContext>Request Context</RequestContext>
    <UpdateUsersInfo>
    <FilterSet>
        <Filters xmlns="http://www.microsoft.com/csf/21/Utilities">
            <ANDFilter>
                <FilterMatchCriteria>
                    <FilterMatch xsi:type="EqualityMatch">
                        <Name>objectCategory</Name>
                        <Value>person</Value>
                    </FilterMatch>
                    <FilterMatch xsi:type="EqualityMatch">
                        <Name>objectClass</Name>
                        <Value>user</Value>
                    </FilterMatch>
                    <FilterMatch xsi:type="EqualityMatch">
                        <Name>samaccountname</Name>
                        <Value>testmonkey2</Value>
                    </FilterMatch>
                </FilterMatchCriteria>
            </ANDFilter>
        </Filters>
    </FilterSet>
    <PropertyTable>
        <Properties>
            <Property OperationType="OverWrite">
                <Name>otherHomePhone</Name>
                <Values>
                    <Value>111</Value>
                    <Value>222</Value>
                    <Value>333</Value>
                    <Value>444</Value>
                    <Value>555</Value>
                    <Value>666</Value>
                </Values>
            </Property>
        </Properties>
    </PropertyTable>
    </UpdateUsersInfo>
</UserManagerUpdateUsers>

UserInGroup is used to check to see if a specified user is a member of a specified group.

CheckUserInGroupRequest message

Parameter Description  

RequestContext

The application defined context, returned in the response to a request.

Optional

UserId The id of the user to check. Required
GroupName The name of the group to search for the user. Required

UserInGroup result codes.  These are returned in the response message:

ResultCode Description
0 Success
30000 Input message validation failed
30001 Unexpected system exception encountered
30010 Group does not exist
30011 User does not exist
30021 Message header does not contain proper credential
30029 Domain controller is not reachable

UserInGroup Sample XML:

<UserManagerInGroup xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.microsoft.com/csf/20/IdentityManager">
    <RequestContext>Request Context</RequestContext>
    <UserId>test1@csf.com</UserId>
    <GroupName>AllUsers@Customer-TestCustomer.com</GroupName>
</UserManagerInGroup>

UpdatePassword is used to change the password of a user in CSF.  It requires the passing in of the old and new passwords and will validate both while changing the password.

UpdateUserPasswordRequest message

Parameter Description  

RequestContext

The application defined context, returned in the response to a request.

Optional

OrganizationName The organization the user belongs to. Optional
UpdatePasswordInfo The structure containing the details of the user to update.  The fields are "UserName", OldPassword" and NewPassword".  All are required for this call. Required

UpdatePassword result codes.  These are returned in the response message:

ResultCode Description
0 Success
30000 Input message validation failed
30001 Unexpected system exception encountered
30015 Organization does not exist
30021 Message header does not contain proper credential
30029 Domain controller is not reachable

UpdatePassword Sample XML:

<UserManagerUpdatePassword xmlns="http://www.microsoft.com/csf/21/IdentityManager">
    <RequestContext>Request Context</RequestContext>
    <OrganizationName>MyTestOrg.com</OrganizationName>
    <UpdatePasswordInfo>
        <UserName>testmonkey3@csf.com</UserName>
        <OldPassword>passw0rd!</OldPassword>
        <NewPassword>abc123</NewPassword>
    </UpdatePasswordInfo>
</UserManagerUpdatePassword>

SetPassword is used to change the password of a user in CSF.  It requires the passing in of the new password and does not use the old password.  It may be used to reset passwords when the old password is not known.

SetUserPasswordRequest message

Parameter Description  

RequestContext

The application defined context, returned in the response to a request.

Optional

OrganizationName The organization the user belongs to. Optional
SetPasswordInfo The structure containing the details of the user to update.  The fields are "UserName" and NewPassword".  All are required for this call. Required

SetPassword result codes.  These are returned in the response message:

ResultCode Description
0 Success
30000 Input message validation failed
30001 Unexpected system exception encountered
30015 Organization does not exist
30021 Message header does not contain proper credential
30029 Domain controller is not reachable

SetPassword Sample XML:

<UserManagerSetPassword xmlns="http://www.microsoft.com/csf/21/IdentityManager">
    <RequestContext>Request Context</RequestContext>
    <OrganizationName>MyTestOrg.com</OrganizationName>
    <SetPasswordInfo>
        <UserName>testmonkey1@csf.com</UserName>
        <Password>somePassword</Password>
    </SetPasswordInfo>
</UserManagerSetPassword>

Show: