Die BPC Version 3.5 wird nicht mehr gewartet.

Sollten Sie diese BPC Version nutzen, empfehlen wir Ihnen eine Migration auf eine aktuelle Version. Die Dokumentation zur neusten BPC Version finden Sie hier. Sollten Sie Fragen haben, wenden Sie sich bitte an unseren Support.

Identity Management - REST Interface

Independent from the used identity provider there are some REST like endpoints to read & manage users, organisations, roles and rights. Please note, that not all functions are supported by all identity providers. In case a function is not supported, a UnsupportedOperationException gets thrown. All calls are logged in the audit log.

API

To use the API endpoints, a valid session or better an API-Key is necessary. Since BPC 3, the requesting user must have appropriate roles and rights.

Method Endpoint Role Right Description

GET

/cxf/bpc-core/im/users

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USERS_READ

Returns a JSON-list with all users.

JSON response 
[
  {
    "id": "bpcadmin",
    "userName": "bpcadmin",
    "displayName": "bpcadmin",
    "firstName": "Timo",
    "lastName": "Virt",
    "email": "bpcadmin@example.com"
  },
  {
    "id": "of",
    "userName": "of",
    "displayName": "of",
    "firstName": "Oliver",
    "lastName": "Fürniß",
    "email": "of@virtimo.de"
  }
]

POST

/cxf/bpc-core/im/users

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USERS_ADD

Creates a new user.

JSON body 
{
  "id": "42",
  "password": "1234567890",
  "firstName": "Hans",
  "lastName": "Schmidt",
  "email": "hans.schmidt@example.com"
}

GET

/cxf/bpc-core/im/users/{userId}

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USER_READ

Get user info.

JSON body 
{
  "id": "66",
  "userName": "of",
  "firstName": "",
  "lastName": "",
  "displayName": "of",
  "email": "",
  "organisations": [
    "virtimo"
  ],
  "roles": [
    "bpcadmin"
  ],
  "rights": [
    "loadModule_vam",
    "loadModule_monitor",
    "loadModule_dashboard"
  ]
}

PUT

/cxf/bpc-core/im/users/{userId}

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USERS_UPDATE

Updates a user.

JSON body 
{
  "firstName": "Hans",
  "lastName": "Test",
  "email": "hans.test@example.com"
}

PATCH

/cxf/bpc-core/im/users/{userId}

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USERS_UPDATE

Updates the password of a user.

Form parameter 
password=<new password>

DELETE

/cxf/bpc-core/im/users/{userId}

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USERS_UPDATE

Deletes a user.

GET

/cxf/bpc-core/im/organisations

-

-

Returns a JSON-list with all organisations.

JSON response 
[
"virtimo",
"users",
"admins"
]

GET

/cxf/bpc-core/im/roles

-

-

Returns a JSON-list with all roles.

JSON response 
[
  "offline_access",
  "uma_authorization",
  "uma_protection",
  "bpcadmin",
  "bpcuser"
]

GET

/cxf/bpc-core/im/rights

-

-

Returns a JSON-list with all rights.

JSON response 
[
  "IDENTITY_MANAGER_USER_ORGANISATIONS_READ",
  "CUSTOM_RIGHT"
]

GET

/cxf/bpc-core/im/users/{userId}/organisations

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USER_ORGANISATIONS_READ

Returns a JSON-list with the organisations the user belongs to.

JSON response 
[
"virtimo"
]

POST

/cxf/bpc-core/im/users/{userId}/organisations

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USERS_UPDATE

Adds a user to an organisation.

JSON body 
{
  "id": "virtimo"
}

DELETE

/cxf/bpc-core/im/users/{userId}/organisations/{organisationName}

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USERS_UPDATE

Removed the user from an organisation.

GET

/cxf/bpc-core/im/users/{userId}/roles

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USER_ROLES_READ

Returns a JSON-list with the roles of a user.

JSON response 
[
  "EAI Developer",
  "System Administrator"
]

POST

/cxf/bpc-core/im/users/{userId}/roles

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USERS_UPDATE

Adds a role to a user.

JSON body 
{
  "id": "EAI Developer"
}

DELETE

/cxf/bpc-core/im/users/{userId}/roles/{roleName}

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USERS_UPDATE

Removes a role from a user.

GET

/cxf/bpc-core/im/users/{userId}/rights

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USER_RIGHTS_READ

Returns a JSON-list with the rights of a user.

JSON response 
[
  "CUSTOM_RIGHT1",
  "CUSTOM_RIGHT2"
]

POST

/cxf/bpc-core/im/users/{userId}/rights

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USERS_UPDATE

Adds a right to a user.

JSON body 
{
  "id": "CUSTOM_RIGHT3"
}

DELETE

/cxf/bpc-core/im/users/{userId}/rights/{rightName}

IDENTITY_MANAGER_ADMIN

IDENTITY_MANAGER_USERS_UPDATE

Removes a right from a user.

Special case Bosch IM3

When accessing the Bosch IM3 it is necessary to use/set a user with the mandatory rights to access the data. By default, it is the 'Admin'-user with the password 'Admin' and the tenant 'DEFAULT'. This can be done by using the Karaf-console (exactly that user gets set in the example below):

Set IM3 user
virtimo@virtimo()> config:edit de.virtimo.bpc.core
virtimo@virtimo()> config:property-set de.virtimo.bpc.core.im3.admin.tenant DEFAULT
virtimo@virtimo()> config:property-set de.virtimo.bpc.core.im3.admin.username Admin
virtimo@virtimo()> config:property-set de.virtimo.bpc.core.im3.admin.password Admin
virtimo@virtimo()> config:update
Keywords:
Press Esc to exit full screen
Modal image placeholder
Press Esc to exit full screen