Identity Cloud

Access data objects using the REST API

Identity Cloud provides access to data objects through the ForgeRock REST API. To access objects over REST, you can use a browser-based REST client, such as the Simple REST Client for Chrome or RESTClient for Firefox. Alternatively, you can use the curl command-line utility.

Refer to the REST API for a comprehensive overview.

To obtain a managed object through the REST API, perform an HTTP GET on the corresponding URL; for example:

http://<tenant-env-fqdn>/openidm/managed/realm-name_organization/mysampleorg
Performing an HTTP GET on the corresponding URL is dependent on your security settings and authentication configuration.

By default, the HTTP GET returns a JSON representation of the object.

In general, you can map any HTTP request to the corresponding openidm.method call. For more information, refer to Scripting function reference.

The following example shows how the parameters provided in an openidm.query request correspond with the key-value pairs you would include in a similar HTTP GET request. It shows the same call using the Resource API and the REST API:

  • Resource API

  • REST API

Reading an object using the Resource API:

openidm.query("managed/realm-name_user", { "_queryFilter": "true" }, ["userName","sn"])

Reading an object using the REST API:

curl \
--header "Authorization: Bearer <token>" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
"http://<tenant-env-fqdn>/openidm/managed/realm-name_user?_queryFilter=true&_fields=userName,sn"
Copyright © 2010-2023 ForgeRock, all rights reserved.