Manage Social Identity Providers Over REST
You can identify the current status of configured social identity providers with the following REST call:
curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
http://localhost:8080/openidm/authentication
The output that you see includes JSON information from each configured social identity provider, as described in the identityProvider-provider file in your project's conf/ subdirectory.
One key line from this output specifies whether the social identity provider is enabled:
"enabled" : true
If the SOCIAL_PROVIDERS authentication module is disabled, you'll see the following output from that REST call:
{
"providers" : [ ]
} For more information, see "Configure the Social Providers Authentication Module".
If the SOCIAL_PROVIDERS module is disabled, you can still review the standard configuration of each social provider (enabled or not) by running the same REST call on a different endpoint (do not forget the s at the end of identityProviders):
curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
http://localhost:8080/openidm/identityProviders
Note
If you have not configured a social identity provider, you'll see the following output from the REST call on the openidm/identityProviders endpoint:
{
"providers" : [ ]
}
You can still get information about the available configuration for social identity providers on a slightly different endpoint:
curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
http://localhost:8080/openidm/config/identityProviders
The config in the endpoint refers to the configuration, starting with the identityProviders.json configuration file. Note how it matches the corresponding term in the endpoint.
You can review information for a specific provider by including the name with the endpoint. For example, if you've configured LinkedIn as described in "LinkedIn Social Identity Provider", run the following command:
curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
http://localhost:8080/openidm/config/identityProvider/linkedIn
The above command differs in subtle ways. The config in the endpoint points to configuration data. The identityProvider at the end of the endpoint is singular, which matches the corresponding configuration file, identityProvider-linkedIn.json. And linkedIn includes a capital I in the middle of the word.
In a similar fashion, you can delete a specific provider:
curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request DELETE \
http://localhost:8080/openidm/config/identityProvider/linkedIn
If you have the information needed to set up a provider, such as the output from the previous two REST calls, you can use the following command to add a provider:
curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--header "Content-type: application/json" \
--request PUT \
--data '{
<Include content from an identityProvider-linkedIn.json file>
}' \
http://localhost:8080/openidm/config/identityProvider/linkedIn
IDM incorporates the given information in a file named for the provider, in this case, identityProvider-linkedIn.json.
You can even disable a social identity provider with a PATCH REST call, as shown:
curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--header "Content-type: application/json" \
--request PATCH \
--data '[
{
"operation":"replace",
"field" : "enabled",
"value" : false
}
]' \
http://localhost:8080/openidm/config/identityProvider/linkedIn
You can reverse the process by substituting true for false in the previous PATCH REST call.
You can manage the social identity providers associated with individual users over REST, as described in "Manage Social Identity Providers Over REST".
Manage Social Identity Providers Over REST
You can identify the current status of configured social identity providers with the following REST call:
The output that you see includes JSON information from each configured social identity provider, as described in the
identityProvider-providerfile in your project'sconf/subdirectory.One key line from this output specifies whether the social identity provider is enabled:
If the
SOCIAL_PROVIDERSauthentication module is disabled, you'll see the following output from that REST call:{ "providers" : [ ] }For more information, see "Configure the Social Providers Authentication Module".
If the
SOCIAL_PROVIDERSmodule is disabled, you can still review the standard configuration of each social provider (enabled or not) by running the same REST call on a different endpoint (do not forget thesat the end ofidentityProviders):Note
If you have not configured a social identity provider, you'll see the following output from the REST call on the
openidm/identityProvidersendpoint:You can still get information about the available configuration for social identity providers on a slightly different endpoint:
The
configin the endpoint refers to the configuration, starting with theidentityProviders.jsonconfiguration file. Note how it matches the corresponding term in the endpoint.You can review information for a specific provider by including the name with the endpoint. For example, if you've configured LinkedIn as described in "LinkedIn Social Identity Provider", run the following command:
The above command differs in subtle ways. The
configin the endpoint points to configuration data. TheidentityProviderat the end of the endpoint is singular, which matches the corresponding configuration file,identityProvider-linkedIn.json. AndlinkedInincludes a capitalIin the middle of the word.In a similar fashion, you can delete a specific provider:
If you have the information needed to set up a provider, such as the output from the previous two REST calls, you can use the following command to add a provider:
IDM incorporates the given information in a file named for the provider, in this case,
identityProvider-linkedIn.json.You can even disable a social identity provider with a
PATCHREST call, as shown:You can reverse the process by substituting
trueforfalsein the previousPATCHREST call.You can manage the social identity providers associated with individual users over REST, as described in "Manage Social Identity Providers Over REST".