By: Meghana Dhakephalkar user 16 Dec 2016 at 9 a.m. CST

10 Responses
Meghana Dhakephalkar gravatar
Hi! I was trying to get User endpoint using following URL with content type as "application/json" and with GET method https://gluu_server_2.4.4/identity/seam/resource/restv1/scim/v2/Users But I got the response as “Access to the requested resource has been denied”. Do I need to add authentication information to get the users? If yes, what information do I need to add? Also, do I need any authentication configuration on Gluu server side? I appreciate your help. Thanks! Meghana

By Aliaksandr Samuseu staff 16 Dec 2016 at 11:54 a.m. CST

Aliaksandr Samuseu gravatar
Hi, Meghana. SCIM endpoints are protected by UMA in Gluu. More about UMA [here](https://gluu.org/docs/integrate/uma/), full specifications are available over the Internet. You also could simplify your life a bit for the first time and follow [this guide](https://gluu.org/docs/integrate/scimuma-howto/#scim-20-test-mode-v244) to enable test mode of accessing the endpoints, it will give you an access token you could use for authorizing your requests. It's just shortcut and not suitable for production, of course

By Mohamad Taheri user 19 Dec 2016 at 2:39 a.m. CST

Mohamad Taheri gravatar
Hi, Please check SCIM Support in organization configuration.

By Meghana Dhakephalkar user 19 Dec 2016 at 2:55 a.m. CST

Meghana Dhakephalkar gravatar
Thanks for your inputs! I got the response as below for User Endpoint: /identity/seam/resource/restv1/scim/v2/Users?access_token=abc ``` Response: { "totalResults": 2, "itemsPerPage": 0, "startIndex": 0, "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "Resources": [] } ``` I can see total results as 2 but I can't see any resources listed. Am I missing something? Why resources came as empty? Also, can I enable outbound provisioning for external data store? If yes how can I do it using configuration? Thanks! Meghana

By Mohamad Taheri user 19 Dec 2016 at 3:44 a.m. CST

Mohamad Taheri gravatar
You should use `count` filter to show user information. ``` /identity/seam/resource/restv1/scim/v2/Users?count=100 ``` Maybe it's not true to retrieve all users. It's heavy.

By Meghana Dhakephalkar user 19 Dec 2016 at 4:58 a.m. CST

Meghana Dhakephalkar gravatar
Thanks Mohamad! It worked, but why do we need count filter to list all properties? Also, can I enable outbound provisioning for external data store? If yes how can I do it using configuration? Thanks! Meghana

By Mohamad Taheri user 19 Dec 2016 at 5:52 a.m. CST

Mohamad Taheri gravatar
Excuse me I can't understand what do you mean. what is it mean? ``` enable outbound provisioning for external data store ```

By Meghana Dhakephalkar user 19 Dec 2016 at 5:58 a.m. CST

Meghana Dhakephalkar gravatar
It means, Gluu server periodically polls external configured ldap store and syncs this external data store with its internal ldap store. Is this possible using Cache refresh configuration? Tahnks! Meghana

By Mohamad Taheri user 19 Dec 2016 at 6:07 a.m. CST

Mohamad Taheri gravatar
I don't know how this exactly works. :D Which LDAP server gluu use by default ?

By Aliaksandr Samuseu staff 19 Dec 2016 at 5:16 p.m. CST

Aliaksandr Samuseu gravatar
>Which LDAP server gluu use by default ? It's OpenDJ. > It means, Gluu server periodically polls external configured ldap store and syncs this external data store with its internal ldap store. Is this possible using Cache refresh configuration? Cache Refresh only pulls user data **from** external LDAP directory(s) **into** its own internal directory. It can't sync in reverse direction, by default. Without further details it's hard to recommend some solution to your cause. For example, if such sync must happen only during some user's login, you could write a custom auth script that does LDAP queries you need. Or, during normal CR cycle, you could also engage your custom CR script which would write each user it pulled into from external LDAP source to some other external LDAP directory. But if you need it to work completely independently from those features, you will need to write your own app, perhaps; which will pull data from Gluu via SCIM, or via LDAP, and write it to your other directory.

By Meghana Dhakephalkar user 22 Dec 2016 at 2:19 a.m. CST

Meghana Dhakephalkar gravatar
Thanks for your inputs!