khazelton

Verifying that +khazelton is my blockchain ID. https://onename.com/khazelton

khazelton

swagger: '2.0'
schemes:
  - http
  - https
host: tierapi.getsandbox.com
basePath: /tier/v2
info:
  contact:
    email: tier-api@internet2.edu
    name: TIER API Working Group

khazelton

[
    {
        "id": "urn:ietf:params:scim:schemas:core:2.0:User",
        "name": "User",
        "description": "User Account",
        "attributes": [{
            "name": "externalId",
            "type": "string",
            "multiValued": false,
            "required": false,

khazelton

[

{   "id" : "urn:ietf:params:scim:schemas:core:2.0:User",
    "name" : "User",
    "description" : "User Account",
    "attributes" : [
      {
        "name" : "userName",
        "type" : "string",
        "multiValued" : false,

khazelton

IdM and Provisioning Functionality

Required Functionality	Already Met	Current Gap	Provided by [midPoint]

khazelton

provConnect.adoc

---

2019-04-15 Provisioning and De-provisioning Technologies: Connectors, Transport Protocols, Apis and Event-Driven Messages

Provisioning engines push and/or pull information from connected systems. Today the most commonly encountered use is for provisioning user and account information but additional uses are emerging over time.

The actual connections between provisioning engine and provisioned system takes many forms. Shared access flat files, most commonly csv files, are the lowest common denominator for information exchange between systems. One step up would be database views provided by the provisioner to which the provisioned systems have read access. Another widely found approach is for an LDAP directory to be the primary provisioned system, and other systems needing user information get it via LDAP queries.

More recent approaches have embraced APIs and event-message passing between provisioning sources and recipients. All too frequently, the recipient and source systems co

khazelton

---

2019-05-16 21:09 2nd attempt to work with fedmgr api

curl -X GET "https://fmdev....internet2.edu/siteadmin/api/organizations/roles" \
 -H "accept: application/json" \
 -H "X-API-Key: 03...638" \
 > fmRoles.json

khazelton

package org.aktis;

import java.util.HashMap;
import java.util.Map;
import com.fasterxml.jackson.annotation.JsonAnyGetter;
import com.fasterxml.jackson.annotation.JsonAnySetter;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.annotation.JsonPropertyOrder;

khazelton

Running midPoint demo packages

Before starting the demo with docker-compose up, edit IdP and SP metadata (5 files) to change endpoints from localhost to actual host’s domain name. Otherwise you will be unable to log into the embedded Grouper instance.

cd opt/midPoint_container/demo/name/configs-and-secrets/grouper/shibboleth

vi idp-metadata.xml
:%s/localhost/host.domain.name/g

khazelton

API Discussion Starter

goals:

• make it easier for I2 developers and contractors to spin up tailor-made UIs for specific use cases

• make it easier for technical staff at adopting campuses to easily generate UIs to meet local needs

design lifcycle:

• Take user-experience as point of reference

• Take task-specific use cases as project drivers