Identity Cloud

Define managed object schema

Managed objects and their properties are defined in the default IDM managed object schema.

The default schema includes these types of managed objects:

Each managed object type contains properties for storing information about objects of that type. For example, the user object type has properties for storing usernames, passwords, email addresses, and so forth.

You can extend the default IDM managed object schema to meet your needs:

To store custom data for users, you can add custom attributes (non-searchable) or adapt one of the general purpose extension attributes (searchable). Refer to Customize user identities.

ForgeRock recommends that you do not delete the default managed objects in your tenant. In many cases it can break your tenant.

The IDM admin UI depends on the presence of the default managed object types and the default properties nested within them. If you remove any of these schema elements, and you use the IDM admin UI to configure IDM, you must modify the IDM admin UI code accordingly. For example, if you remove the assignment object type from the managed object configuration, the UI will throw exceptions wherever it queries this schema element.

To interact with a managed object schema via REST, refer to Schema.

Copyright © 2010-2024 ForgeRock, all rights reserved.