Configure the Server Over REST
IDM exposes configuration objects under the /openidm/config context path.
To list the configuration on the local host, perform a GET request on http://localhost:8080/openidm/config.
The following REST call includes excerpts of the default configuration for an IDM instance started with the sync-with-csv sample:
curl \ --request GET \ --header "X-OpenIDM-Username: openidm-admin" \ --header "X-OpenIDM-Password: openidm-admin" \ --header "Accept-API-Version: resource=1.0" \ http://localhost:8080/openidm/config{ "_id": "", "configurations": [ { "_id": "router", "pid": "router", "factoryPid": null }, { "_id": "info/login", "pid": "info.f01fc3ed-5871-408d-a5f0-bef00ccc4c8f", "factoryPid": "info" }, { "_id": "provisioner.openicf/csvfile", "pid": "provisioner.openicf.9009f4a1-ea47-4227-94e6-69c345864ba7", "factoryPid": "provisioner.openicf" }, { "_id": "endpoint/usernotifications", "pid": "endpoint.e2751afc-d169-4a23-a88e-7211d340bccb", "factoryPid": "endpoint" }, ... ] }
Single instance configuration objects are located under openidm/config/object-name.
The following example shows the audit configuration of the sync-with -csv sample.
curl \ --header "X-OpenIDM-Username: openidm-admin" \ --header "X-OpenIDM-Password: openidm-admin" \ --header "Accept-API-Version: resource=1.0" \ "http://localhost:8080/openidm/config/audit"{ "_id": "audit", "auditServiceConfig": { "handlerForQueries": "json", "availableAuditEventHandlers": [ "org.forgerock.audit.handlers.csv.CsvAuditEventHandler", "org.forgerock.audit.handlers.elasticsearch.ElasticsearchAuditEventHandler", "org.forgerock.audit.handlers.jms.JmsAuditEventHandler", "org.forgerock.audit.handlers.json.JsonAuditEventHandler", "org.forgerock.audit.handlers.json.stdout.JsonStdoutAuditEventHandler", "org.forgerock.openidm.audit.impl.RepositoryAuditEventHandler", "org.forgerock.openidm.audit.impl.RouterAuditEventHandler", "org.forgerock.audit.handlers.splunk.SplunkAuditEventHandler", "org.forgerock.audit.handlers.syslog.SyslogAuditEventHandler" ], "filterPolicies": { "field": { "excludeIf": [], "includeIf": [] } }, "caseInsensitiveFields": [ "/access/http/request/headers", "/access/http/response/headers" ] }, "eventHandlers": [ { "class": "org.forgerock.audit.handlers.json.JsonAuditEventHandler", "config": { "name": "json", "logDirectory": "&{idm.data.dir}/audit", "buffering": { "maxSize": 100000, "writeInterval": "100 millis" }, "topics": [ "access", "activity", "sync", "authentication", "config" ] } }, { "class": "org.forgerock.openidm.audit.impl.RepositoryAuditEventHandler", "config": { "name": "repo", "enabled": false, "topics": [ "access", "activity", "sync", "authentication", "config" ] } } ], "eventTopics": { "config": { "filter": { "actions": [ "create", "update", "delete", "patch", "action" ] } }, "activity": { "filter": { "actions": [ "create", "update", "delete", "patch", "action" ] }, "watchedFields": [], "passwordFields": [ "password" ] } }, "exceptionFormatter": { "type": "text/javascript", "file": "bin/defaults/script/audit/stacktraceFormatter.js" } }
Multiple instance configuration objects are found under openidm/config/object-name/instance-name.
The following example shows the configuration for the CSV connector from the sync-with-csv sample.
curl \ --header "X-OpenIDM-Username: openidm-admin" \ --header "X-OpenIDM-Password: openidm-admin" \ --header "Accept-API-Version: resource=1.0" \ "http://localhost:8080/openidm/config/provisioner.openicf/csvfile"{ "_id": "provisioner.openicf/csvfile", "connectorRef": { "bundleName": "org.forgerock.openicf.connectors.csvfile-connector", "bundleVersion": "[1.5.0.0,1.6.0.0)", "connectorName": "org.forgerock.openicf.csvfile.CSVFileConnector" }, "poolConfigOption": { "maxObjects": 10, "maxIdle": 10, "maxWait": 150000, "minEvictableIdleTimeMillis": 120000, "minIdle": 1 }, "operationTimeout": { "CREATE": -1, "VALIDATE": -1, "TEST": -1, "SCRIPT_ON_CONNECTOR": -1, "SCHEMA": -1, "DELETE": -1, "UPDATE": -1, "SYNC": -1, "AUTHENTICATE": -1, "GET": -1, "SCRIPT_ON_RESOURCE": -1, "SEARCH": -1 }, "configurationProperties": { "csvFile": "&{idm.instance.dir}/data/csvConnectorData.csv" }, "resultsHandlerConfig": { "enableAttributesToGetSearchResultsHandler": true }, "syncFailureHandler": { "maxRetries": 5, "postRetryAction": "logged-ignore" }, "objectTypes": { "account": { "$schema": "http://json-schema.org/draft-03/schema", "id": "__ACCOUNT__", "type": "object", "nativeType": "__ACCOUNT__", "properties": { "description": { "type": "string", "nativeName": "description", "nativeType": "string" }, "firstname": { "type": "string", "nativeName": "firstname", "nativeType": "string" }, "email": { "type": "string", "nativeName": "email", "nativeType": "string" }, "name": { "type": "string", "required": true, "nativeName": "__NAME__", "nativeType": "string" }, "lastname": { "type": "string", "required": true, "nativeName": "lastname", "nativeType": "string" }, "mobileTelephoneNumber": { "type": "string", "required": true, "nativeName": "mobileTelephoneNumber", "nativeType": "string" }, "roles": { "type": "string", "required": false, "nativeName": "roles", "nativeType": "string" } } } }, "operationOptions": {} }
You can change the configuration over REST by using an HTTP PUT or HTTP PATCH request to modify the required configuration object.
The following example uses a PUT request to modify the configuration of the scheduler service, increasing the maximum number of threads that are available for the concurrent execution of scheduled tasks:
curl \ --header "X-OpenIDM-Username: openidm-admin" \ --header "X-OpenIDM-Password: openidm-admin" \ --header "Content-Type: application/json" \ --header "Accept-API-Version: resource=1.0" \ --request PUT \ --data '{ "threadPool": { "threadCount": 20 }, "scheduler": { "executePersistentSchedules": { "$bool": "&{openidm.scheduler.execute.persistent.schedules}" } } }' \ "http://localhost:8080/openidm/config/scheduler"{ "_id": "scheduler", "threadPool": { "threadCount": 20 }, "scheduler": { "executePersistentSchedules": { "$bool": "&{openidm.scheduler.execute.persistent.schedules}" } } }
The following example uses a PATCH request to reset the number of threads to their original value.
curl \ --header "X-OpenIDM-Username: openidm-admin" \ --header "X-OpenIDM-Password: openidm-admin" \ --header "Content-Type: application/json" \ --header "Accept-API-Version: resource=1.0" \ --request PATCH \ --data '[ { "operation" : "replace", "field" : "/threadPool/threadCount", "value" : 10 } ]' \ "http://localhost:8080/openidm/config/scheduler"{ "_id": "scheduler", "threadPool": { "threadCount": 10 }, "scheduler": { "executePersistentSchedules": { "$bool": "&{openidm.scheduler.execute.persistent.schedules}" } } }
Note
Multi-version concurrency control (MVCC) is not supported for configuration objects so you do not need to specify a revision during updates to the configuration, and no revision is returned in the output.
For more information about using the REST API to update objects, see the REST API Reference.