Server Configuration

IDM stores configuration objects in the repository, and exposes them under the context path /openidm/config. Single instance configuration objects are exposed under /openidm/config/object-name.

Multiple instance configuration objects are exposed under /openidm/config/object-name/instance-name. The following table outlines these configuration objects and how they can be accessed through the REST interface.

URIHTTP OperationDescription
/openidm/configGETReturns a list of configuration objects
/openidm/config/accessGETReturns the current access configuration
/openidm/config/auditGETReturns the current logging configuration
/openidm/config/provisioner.openicf/provisioner-nameGETReturns the configuration of the specified connector
/openidm/config/selfservice/functionGETReturns the configuration of the specified self-service feature, registration, reset, or username
/openidm/config/routerPUTChanges the router configuration. Modifications are provided with the --data option, in JSON format.
/openidm/config/objectPATCHChanges one or more fields of the specified configuration object. Modifications are provided as a JSON array of patch operations.
/openidm/config/objectDELETEDeletes the specified configuration object.
/openidm/config/object?_queryFilter=queryGET Queries the specified configuration object. You cannot create custom predefined queries to query the configuration.

IDM supports REST operations to create, read, update, query, and delete configuration objects.

For command-line examples of managing the configuration over REST, see "Configure the Server Over REST".

One entry is returned for each configuration object. To obtain additional information on the configuration object, include its pid or _id in the URL. The following example displays configuration information on the sync object, based on a deployment using the sync-with-csv sample:

curl \
--header "X-OpenIDM-Username: openidm-admin" \
--header "X-OpenIDM-Password: openidm-admin" \
--header "Accept-API-Version: resource=1.0" \
--request GET \
  "_id": "sync",
  "mappings": [
      "name": "systemCsvfileAccounts_managedUser",
      "source": "system/csvfile/account",
      "target": "managed/user",
      "correlationQuery": {
        "type": "text/javascript",
        "source": "var query = {'_queryId' : 'for-userName', 'uid' :};query;"
      "properties": [
          "source": "email",
          "target": "mail"
          "source": "firstname",
          "target": "givenName"
          "source": "lastname",
          "target": "sn"
          "source": "description",
          "target": "description"
          "source": "_id",
          "target": "_id"
          "source": "name",
          "target": "userName"
          "default": "Passw0rd",
          "target": "password"
          "source": "mobileTelephoneNumber",
          "target": "telephoneNumber"
          "source": "roles",
          "transform": {
            "type": "text/javascript",
            "source": "var _ = require('lib/lodash');','), function(role)
            { return {'_ref': 'internal/role/' + role} });"
          "target": "authzRoles"

Read a different version of :