Invocation Parameters

The following parameters are passed in the resource API parameters map. These parameters can override the static configuration (if present) on a per-invocation basis.


The target URL to invoke, in string format.


The HTTP action to invoke, in string format.

Possible actions include POST, GET, PUT, DELETE, and OPTIONS.

headers (optional)

The HTTP headers to set, in a map format from string (header-name) to string (header-value). For example, Accept-Language: en-US.

contentType (optional)

The media type of the data that is sent, for example "contentType" : "application/json". This parameter is applied only if no Content-Type header is included in the request. (If a Content-Type header is included, that header takes precedence over this contentType parameter.) If no Content-Type is provided (in the header or with this parameter), the default content type is application/json; charset=utf-8.

body (optional)

The body or resource representation to send (for PUT and POST operations), in string format.

base64 (boolean, optional)

Indicates that the body is base64-encoded, and should be decoded prior to transmission.

forceWrap (boolean, optional)

Indicates that the response must be wrapped in the headers/body JSON message format, even if the response was JSON, and would otherwise have been passed through unchanged.

If you need to disambiguate between HTTP 20x response codes, you must invoke the external REST service with forceWrap=true. For failure cases, the HTTP status code is present within the wrapped response embedded in the exception detail, or through the resource exception itself. For example:

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Content-Type: application/json" \
--header "Accept-API-Version: resource=1.0" \
--request POST \
--data '{
  "url": "",
  "method": "GET",
  "forceWrap": true}' \
  "headers": {
    "Access-Control-Allow-Origin": [
    "Cache-Control": [
    "Content-Length": [
    "Content-Type": [
    "Date": [
      "Fri, 17 Jul 2020 10:55:54 GMT"
    "Server": [
      "Google Frontend"
    "X-Cloud-Trace-Context": [
  "code": 203,
  "body": [
      "key": "value"

The authentication type, and the details with which to authenticate.

IDM supports the following authentication types:

  • basic authentication with a username and password, for example:

    "authenticate" : {
        "type": "basic",
        "user" : "john",
        "password" : "Passw0rd"
  • bearer authentication, with an OAuth token instead of a username and password, for example:

    "authenticate" : {
        "type": "bearer",
        "token" : "ya29.iQDWKpn8AHy09p....."

If no authenticate parameter is specified, no authentication is used.

Read a different version of :