How To
ForgeRock Identity Platform
Does not apply to Identity Cloud

How do I remove elements of a string array using the REST Patch operation in IDM (All versions)?

Last updated Apr 8, 2021

The purpose of this article is to provide information on removing elements of a string array using the REST Patch operation in IDM. Alternatives using REST Delete operations are also given.


Removing elements of a string array

It is not possible to remove elements of a string array by relationship map. However, you can use one of the following approaches to remove elements instead:

Patch operations

For the following example managed user object:

{    "_id": "f3796bd2-1ec5-4220-bb69-8be34a83de4c",     "_rev": "10",     "userName": "jdoe",     "givenName": "Joe",     "sn": "Doe",     "mail": "jdoe@example.com",     "accountStatus": "active",     "groups": [         "employee",         "contractor"     ],     "authzRoles" : [       {          "_ref" : "internal/role/openidm-admin"       },       {          "_ref" : "internal/role/openidm-authorized"       }    ] }
  • You can remove an element by value; for example to remove employee from the groups array: $ curl -X PATCH -H 'Content-type:application/json' -u openidm-admin:openidm-admin -d '[{"operation":"remove","field":"/groups","value":"employee"}]' http://localhost:8080/openidm/managed/user/f3796bd2-1ec5-4220-bb69-8be34a83de4c
  • You can remove an element by the array index of the element; for example to remove the first value from the authzRoles array ("_ref" : "internal/role/openidm-admin"): $ curl -X PATCH -H 'Content-type:application/json' -u openidm-admin:openidm-admin -d '[{"operation":"remove","field":"/authzRoles/0"}]' http://localhost:8080/openidm/managed/user/f3796bd2-1ec5-4220-bb69-8be34a83de4c
Note

The _ref values shown for authzRoles use the endpoint applicable for IDM 6.5 and later. In previous versions, the endpoint was prefixed with repo/, for example: "repo/internal/role/openidm-admin".

Delete operations

  • You can remove an element by the ID of the relationship, for example: $ curl -X DELETE -H 'Content-type:application/json' -u openidm-admin:openidm-admin http://localhost:8080/openidm/managed/user/f3796bd2-1ec5-4220-bb69-8be34a83de4c/authzRoles/eedb8c82-6041-4493-b877-266931ff4c76
  • You can remove an element by removing the managed user from the role by specifying the relationship reference (f81f6bec-8712-4fe6-a7f8-a767d57a2016 in the following example): $ curl -X DELETE -H 'Content-type:application/json' -u openidm-admin:openidm-admin http://localhost:8080/openidm/managed/role/059b3554-807d-454a-9b11-c3a7085c6c4c/members/f81f6bec-8712-4fe6-a7f8-a767d57a2016
Note

If you are attempting to remove elements from a managed object property, you must ensure the string array is correctly defined in the managed.json file (this is located in the /path/to/idm/conf directory).

See Also

How do I maintain relationships for a managed user in IDM (All versions) using REST Patch operations?

FAQ: REST API in IDM

Using the REST API in IDM

Object Modeling Guide › Managed Objects

Related Training

N/A

Related Issue Tracker IDs

N/A


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.