{"type":"doc","content":[{"type":"layoutSection","content":[{"type":"layoutColumn","attrs":{"width":66.66},"content":[{"type":"heading","attrs":{"level":1},"content":[{"text":"Algemeen ","type":"text"}]},{"type":"paragraph","content":[{"text":"System for Cross-domain Identity Management (","type":"text"},{"text":"SCIM","type":"text","marks":[{"type":"link","attrs":{"href":"http://www.simplecloud.info/"}}]},{"text":") is een open standaard voor het uitwisselen van identiteitsgegevens tussen IT-systemen via RESTful webservices. ","type":"text"},{"type":"hardBreak"},{"text":"WebIDM implementeert","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"SCIM 2.0 protocol RFC 7644","type":"text","marks":[{"type":"link","attrs":{"href":"https://tools.ietf.org/html/rfc7644"}}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"SCIM Core Schema RFC 7643","type":"text","marks":[{"type":"link","attrs":{"href":"https://tools.ietf.org/html/rfc7643"}}]}]}]}]},{"type":"paragraph","content":[{"text":"Dit document dient enkel ter verduidelijking van de SCIM implementatie door WebIDM. Het gedrag van de web service wordt uitgebreid beschreven in RFC 7644. ","type":"text"}]},{"type":"paragraph","content":[{"text":"Aandachtspunten bij de SCIM implementatie van WebIDM:","type":"text","marks":[{"type":"strong"}]},{"text":" ","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Er wordt geen gebruik gemaakt van het PATCH verb om resources te wijzigen, enkel PUT wordt gebruikt waarmee de resource volledig wordt vervangen door de nieuwe waarde. ","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Enkel het User schema werd geïmplementeerd. Er wordt ","type":"text"},{"text":"geen","type":"text","marks":[{"type":"underline"}]},{"text":" gebruik gemaakt van het Group schema. Meer informatie: ","type":"text"},{"text":"RFC 7642","type":"text","marks":[{"type":"link","attrs":{"href":"https://tools.ietf.org/html/rfc7642"}}]},{"text":".","type":"text"},{"type":"hardBreak"}]}]}]},{"type":"paragraph","content":[{"text":"WebIDM is in de context van bovenstaande RFC de Enterprise Cloud Subscriber (ECS). ","type":"text"},{"type":"hardBreak"},{"text":"De applicatie die informatie ontvangt van WebIDM neemt hier de rol van Cloud Service Provider (CSP) op, verder Service Provider genoemd. ","type":"text"}]},{"type":"heading","attrs":{"level":1},"content":[{"text":"Business proces ","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Aanmaak van een gebruiker ","type":"text"}]},{"type":"paragraph","content":[{"text":"Een gebruiker wordt aangemaakt wanneer deze minstens één werkrelatie heeft met een toegekend recht in WEBIDM.","type":"text"}]},{"type":"paragraph","content":[{"text":"Volgende informatie wordt ","type":"text"},{"text":"minstens ","type":"text","marks":[{"type":"strong"}]},{"text":"doorgegeven: ","type":"text"}]},{"type":"table","attrs":{"layout":"full-width","width":1673.4366,"localId":"9365be44-cf45-4d74-b127-03b4b46da0a8"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"background":"#f0f0f0","rowspan":1,"colwidth":[90.0]},"content":[{"type":"paragraph","content":[{"text":"Categorie","type":"text","marks":[{"type":"strong"}]},{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f0f0f0","rowspan":1,"colwidth":[122.0]},"content":[{"type":"paragraph","content":[{"text":"WebIDM attribuut","type":"text","marks":[{"type":"strong"}]},{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f0f0f0","rowspan":1,"colwidth":[488.0]},"content":[{"type":"paragraph","content":[{"text":"Beschrijving","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f0f0f0","rowspan":1,"colwidth":[88.0]},"content":[{"type":"paragraph","content":[{"text":"Verplicht","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f0f0f0","rowspan":1,"colwidth":[118.0]},"content":[{"type":"paragraph","content":[{"text":"SCIM property","type":"text","marks":[{"type":"strong"}]},{"type":"hardBreak"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":4,"colwidth":[90.0]},"content":[{"type":"paragraph","content":[{"text":"Medewerker info ","type":"text"}]},{"type":"paragraph","content":[{"text":" ","type":"text"}]},{"type":"paragraph","content":[{"text":" ","type":"text"}]},{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[122.0]},"content":[{"type":"paragraph","content":[{"text":"VO-id/ ","type":"text"}]},{"type":"paragraph","content":[{"text":"VirtualIdentity UUID ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[488.0]},"content":[{"type":"paragraph","content":[{"text":"Unieke id binnen een doelgroep (GID, Economische actoren, Lokale Besturen, Onderwijs) ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[88.0]},"content":[{"type":"taskList","attrs":{"localId":""},"content":[{"type":"taskItem","attrs":{"state":"DONE","localId":"15"},"content":[{"text":" ","type":"text"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[118.0]},"content":[{"type":"paragraph","content":[{"text":"externalId","type":"text"},{"type":"hardBreak"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[122.0]},"content":[{"type":"paragraph","content":[{"text":"Voornaam ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[488.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[88.0]},"content":[{"type":"taskList","attrs":{"localId":""},"content":[{"type":"taskItem","attrs":{"state":"DONE","localId":"16"},"content":[{"text":" ","type":"text"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[118.0]},"content":[{"type":"paragraph","content":[{"text":"name.givenName","type":"text"},{"type":"hardBreak"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[122.0]},"content":[{"type":"paragraph","content":[{"text":"Achternaam ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[488.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[88.0]},"content":[{"type":"taskList","attrs":{"localId":""},"content":[{"type":"taskItem","attrs":{"state":"DONE","localId":"17"},"content":[{"text":" ","type":"text"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[118.0]},"content":[{"type":"paragraph","content":[{"text":"name.familyName","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[122.0]},"content":[{"type":"paragraph","content":[{"text":"Status","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[488.0]},"content":[{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[88.0]},"content":[{"type":"taskList","attrs":{"localId":""},"content":[{"type":"taskItem","attrs":{"state":"DONE","localId":"18"},"content":[{"text":" ","type":"text"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[118.0]},"content":[{"type":"paragraph","content":[{"text":"active ","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":2,"colwidth":[90.0]},"content":[{"type":"paragraph","content":[{"text":"Link medewerker – organisatie info (werkrelatie) ","type":"text"}]},{"type":"paragraph","content":[{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[122.0]},"content":[{"type":"paragraph","content":[{"text":"Organisatiecode ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[488.0]},"content":[{"type":"paragraph","content":[{"text":"Unieke sleutel van de organisatie (zoals OVO, KBO nummer,…).","type":"text"}]},{"type":"paragraph","content":[{"text":"Wordt toegevoegd aan e-mailadressen, rechten of contexten. ","type":"text"}]},{"type":"paragraph","content":[{"text":"*","type":"text","marks":[{"type":"strong"}]},{"text":"Verplicht wanneer e-mailadres, recht of context geprovisioneerd wordt.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[88.0]},"content":[{"type":"taskList","attrs":{"localId":""},"content":[{"type":"taskItem","attrs":{"state":"DONE","localId":"2"},"content":[{"text":"*","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[118.0]},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[122.0]},"content":[{"type":"paragraph","content":[{"text":"Gebruikersrechten ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[488.0]},"content":[{"type":"paragraph","content":[{"text":"Het recht voor een bepaalde organisatie (werkrelatie).","type":"text"}]},{"type":"paragraph","content":[{"text":"Formaat:","type":"text"},{"text":" ","type":"text","marks":[{"type":"strong"}]},{"text":"Fully Qualified of Simple ","type":"text"},{"type":"hardBreak"}]},{"type":"paragraph","content":[{"text":"Fully Qualified: ","type":"text"},{"text":"[Organisatiecode]-[Categorie key]:[Categorie waarde],[Account type key:Account type waarde,…]-[Recht]","type":"text","marks":[{"type":"em"}]},{"text":" ","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Categorie key: afhankelijk van doelgroep van de werkrelatie. Bv doelgroep GID: Categorie","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Categorie waarde: afhankelijk van doelgroep van de werkrelatie en geselecteerde waarde. Bv doelgroep GID: Vlaamse Overheid Ambtenaar","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Type acccount key: afhankelijk van doelgroep van de werkrelatie. Bv doelgroep GID: Gebruikerstype","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Account type waarde: afhankelijk van doelgroep van de werkrelatie en geselecteerde waarde(s) op de werkrelatie. Bv doelgroep GID: Normale accounts","type":"text"}]}]}]},{"type":"nestedExpand","attrs":{"title":"Voorbeeld"},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"paragraph","content":[{"type":"inlineExtension","attrs":{"extensionType":"com.atlassian.confluence.migration","extensionKey":"__confluenceADFMigrationUnsupportedContentInternalExtension__","text":"","parameters":{"cxhtml":"

OVO001827-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts,Gebruikerstype:Geprivilegieerde accounts-DKB_Traject_GID_CompEnt_Gebruiker

2165906862-Categorie:Werknemer,Type:Standaard-LV_eLoket_LB_CompEnt_Gebruiker

0207500123-Categorie:Werknemer,Type:Standaard-LV_eLoket_LB_CompEnt_Gebruiker

OVO001827-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts,Gebruikerstype:Geprivilegieerde accounts-DKB_Traject_GID_CompEnt_Gebruiker:normale gebruiker

2165906862-Categorie:Werknemer,Type:Standaard-LV_eLoket_LB_CompEnt_Gebruiker:BetalingRaadpleger

0207500123-Categorie:Werknemer,Type:Standaard-LV_eLoket_LB_CompEnt_Gebruiker:BetalingBeheerder

OVO001827-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts,Gebruikerstype:Geprivilegieerde accounts-DKB_Traject_GID_CompEnt_Gebruiker:normale gebruiker

OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker:BetalingRaadpleger

0207500123-Categorie:Werknemer,Type:Standaard-LV_eLoket_LB_CompEnt_Gebruiker:BetalingBeheerder

normale gebruiker

BetalingRaadpleger

BetalingBeheerder

","block-inline":true,"nestedContent":{"type":"doc","content":[{"type":"table","content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"normale gebruiker ","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"BetalingRaadpleger","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"BetalingBeheerder","type":"text"}]}]}]}]}],"version":1}}}}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[88.0]},"content":[{"type":"taskList","attrs":{"localId":""},"content":[{"type":"taskItem","attrs":{"state":"TODO","localId":"26"},"content":[{"text":" ","type":"text"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[144.0]},"content":[{"type":"paragraph","content":[{"text":"groups (lijst) ","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Wijzigen van een gebruiker ","type":"text"}]},{"type":"paragraph","content":[{"text":"Een update actie wordt uitgevoerd: ","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Als de gebruiker een nieuwe actieve toekenning van het recht krijgt onder een werkrelatie.","type":"text"},{"type":"hardBreak"},{"text":"Actief wilt hier zeggen:","type":"text"},{"type":"hardBreak"},{"text":"De start tijd van de werkrelatie is kleiner dan of gelijk aan vandaag.","type":"text"},{"type":"hardBreak"},{"text":"De eind tijd van de werkrelatie is groter dan of gelijk aan vandaag.","type":"text"},{"type":"hardBreak"},{"text":"De start tijd van de toekenning van het recht is kleiner dan of gelijk aan vandaag.","type":"text"},{"type":"hardBreak"},{"text":"De eind tijd van de toekenning van het recht is groter dan of gelijk aan vandaag.","type":"text"},{"type":"hardBreak"},{"text":"De werkrelatie is actief, niet gepauzeerd.","type":"text"},{"type":"hardBreak"},{"text":"De toekenning van het recht is actief, niet gepauzeerd.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Als de gegevens van een actieve toekenning van het recht wijzigt.","type":"text"},{"type":"hardBreak"},{"text":"Vb: Context (rol) wordt toegevoegd, verwijderd of aangepast","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Als een actieve toekenning van het recht verwijderd wordt.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Als de eind tijd van de toekenning van het recht kleiner is dan vandaag. Ofwel: de actieve toekenning van het recht verloopt.","type":"text"},{"type":"hardBreak"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Als de informatie van de gebruiker of van een bestaande werkrelatie (met actieve toekenning van het recht) wijzigt. ","type":"text"},{"type":"hardBreak"},{"text":"Vb: nieuw emailadres, nieuwe login, naamswijziging,… ","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Als de toekenning van het recht gepauzeerd wordt.","type":"text"},{"type":"hardBreak"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Als de werkrelatie met actieve toekenning van het recht gepauzeerd wordt.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Verwijderen van een gebruiker ","type":"text"}]},{"type":"paragraph","content":[{"text":"Een delete actie wordt uitgevoerd: ","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Als de gebruiker zijn laatste actieve toekenning van het recht verliest.","type":"text"},{"type":"hardBreak"}]}]}]},{"type":"paragraph","content":[{"text":"De Service Provider moet gebruikers op zijn minst ","type":"text"},{"text":"inactief ","type":"text","marks":[{"type":"strong"}]},{"text":"maken bij een delete en alle gekende rechten verwijderen. ","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Pauzeren ","type":"text"}]},{"type":"paragraph","content":[{"text":"WebIDM heeft een pauzeer-knop op niveau van de werkrelatie en recht. Dit laat de lokale beheerder toe om delen van een gebruiker tijdelijk te inactiveren, bv bij langdurige ziekte. ","type":"text"}]},{"type":"paragraph","content":[{"text":"Pauzeren zal lijken op toekenningen die verdwijnen in WebIDM: ","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Updates met daarin minder werkrelaties of rechten dan de Service Provider op dat moment kent. ","type":"text"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Actief/niet-actief vlag ","type":"text"}]},{"type":"paragraph","content":[{"text":"Op niveau van een gebruiker bestaat een vlag die enkel systeembeheerders kunnen aan- of uitzetten om gebruikers in uitzonderlijke gevallen dringend te deactiveren zonder deze helemaal te moeten verwijderen. ","type":"text"},{"type":"hardBreak"},{"text":"Het pauzeren van een volledige gebruiker zal een update uitvoeren met de SCIM active property op false. ","type":"text"},{"type":"hardBreak"},{"text":"Ook bij de Service Provider moeten a.d.h.v. deze vlag gebruikers ge-activeerd of gedeactiveerd worden. ","type":"text"},{"type":"hardBreak"},{"text":"Dit zijn update acties, geen delete acties. ","type":"text"}]},{"type":"heading","attrs":{"level":1},"content":[{"text":"Technisch implementatie ","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"SCIM Endpoint ","type":"text"}]},{"type":"paragraph","content":[{"text":"De targetapplicatie waar WebIDM naar provisioneert, moet minstens volgende functionaliteit in zijn SCIM endpoints implementeren: ","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Find User","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Create User","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Update User","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Delete User","type":"text"},{"type":"hardBreak"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"OpenAPI specificatie","type":"text"}]},{"type":"paragraph","content":[{"text":"scim.yaml","type":"text","marks":[{"type":"link","attrs":{"href":"/wiki/download/attachments/6377407851/scim.yaml?version=1&modificationDate=1694616425884&cacheVersion=1&api=v2"}}]}]},{"type":"paragraph","content":[{"text":"Deze kan bekeken worden op ","type":"text"},{"text":"https://editor.swagger.io/","type":"text","marks":[{"type":"link","attrs":{"href":"https://editor.swagger.io/"}}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Find User ","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"ecfb2b40-88f1-4f44-a2cf-91f56052010f"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":3,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"GET v2/Users?filter=externalId Eq \"{externalId}\"","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"externalId","type":"text"},{"type":"hardBreak"},{"text":"string","type":"text","marks":[{"type":"em"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"4ad4896c-2f09-4906-ba25-32d5543bd71b","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":3,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Responses","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Code","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Example","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"200","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"OK","type":"text"},{"type":"hardBreak"},{"text":"(one result)","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"nestedExpand","attrs":{"title":"Find User one result response"},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"codeBlock","content":[{"text":"{\n \"schemas\": [\n \"urn:ietf:params:scim:api:messages:2.0:ListResponse\"\n ],\n \"totalResults\": 1,\n \"resources\": [\n {\n \"schemas\": [\n \"urn:ietf:params:scim:schemas:core:2.0:User\",\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:User\",\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:Cug\"\n ],\n \"id\": \"e65adc36-cb15-4b4d-b8df-cb6cba347f8c\",\n \"externalId\": \"4ad4896c-2f09-4906-ba25-32d5543bd71b\",\n \"userName\": null,\n \"name\": {\n \"formatted\": null,\n \"familyName\": \"B\",\n \"givenName\": \"Tim\",\n \"middleName\": null,\n \"honorificPrefix\": null,\n \"honorificSuffix\": null\n },\n \"displayName\": null,\n \"nickName\": null,\n \"profileUrl\": null,\n \"title\": null,\n \"userType\": null,\n \"preferredLanguage\": null,\n \"locale\": null,\n \"timezone\": null,\n \"active\": true,\n \"emails\": [\n {\n \"type\": \"OVO000089\",\n \"primary\": false,\n \"display\": null,\n \"value\": \"webidm@vlaanderen.be\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": null,\n \"primary\": false,\n \"display\": null,\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker\"\n }\n ],\n \"roles\": [\n {\n \"type\": null,\n \"primary\": false,\n \"display\": null,\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker:BetalingBeheerder\"\n },\n {\n \"type\": null,\n \"primary\": false,\n \"display\": null,\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker:BetalingRaadpleger\"\n }\n ],\n \"groups\": [],\n \"x509Certificates\": [],\n \"phoneNumbers\": [],\n \"ims\": [],\n \"photos\": [],\n \"addresses\": [],\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:User\": {\n \"closedUserGroupCode\": \"GID\",\n \"socialSecurityNumber\": \"1234567890\"\n },\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:Cug\": {\n \"code\": \"GID\",\n \"name\": \"VO-medewerkers\"\n },\n \"meta\": {\n \"resourceType\": \"User\",\n \"created\": \"2021-09-17T05:07:11.517Z\",\n \"lastModified\": \"2021-09-17T05:07:11.517Z\",\n \"location\": \"http://scim/wslenv/v2/users/e65adc36-cb15-4b4d-b8df-cb6cba347f8c\",\n \"version\": null\n }\n }\n ],\n \"startIndex\": 1,\n \"itemsPerPage\": 200\n}","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"200","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"OK","type":"text"},{"type":"hardBreak"},{"text":"(No results)","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"nestedExpand","attrs":{"title":"Find User no result response"},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"codeBlock","content":[{"text":"{\n \"schemas\": [\n \"urn:ietf:params:scim:api:messages:2.0:ListResponse\"\n ],\n \"totalResults\": 0\n}","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]}]}]},{"type":"heading","attrs":{"level":1},"content":[{"text":"Create User ","type":"text"}]},{"type":"paragraph","content":[{"text":"Het aanmaken van de User gebeurt d.m.v. een POST request om de User aan te maken. Deze POST bevat naast persoonsgegevens ook de rechten en indien geconfigureerd optionele attributen als e-mailadressen of rollen. ","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"d4a9507e-8fa7-4b14-b5c0-1ef68679fef5"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":3,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"POST v2/Users","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Body","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"nestedExpand","attrs":{"title":"Create User request"},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"codeBlock","content":[{"text":"{\n \"schemas\": [\n \"urn:ietf:params:scim:schemas:core:2.0:User\",\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:User\",\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:Cug\"\n ],\n \"externalId\": \"4ad4896c-2f09-4906-ba25-32d5543bd71b\",\n \"name\": {\n \"familyName\": \"B\",\n \"givenName\": \"Tim\"\n },\n \"active\": true,\n \"emails\": [\n {\n \"value\": \"webidm@vlaanderen.be\",\n \"type\": \"OVO000089\"\n }\n ],\n \"entitlements\": [\n {\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker\"\n }\n ],\n \"roles\": [\n {\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker:BetalingBeheerder\"\n },\n {\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker:BetalingRaadpleger\"\n }\n ],\n \"groups\": [],\n \"addresses\": [],\n \"phoneNumbers\": [],\n \"ims\": [],\n \"photos\": [],\n \"x509Certificates\": [],\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:User\": {\n \"closedUserGroupCode\": \"GID\",\n \"socialSecurityNumber\": \"1234567890\"\n },\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:Cug\": {\n \"code\": \"GID\",\n \"name\": \"VO-medewerkers\"\n }\n}","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":3,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Responses","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Code","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Example","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"201","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Created","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"De body bevat een volledige weergave van de aangemaakte resource. ","type":"text"}]},{"type":"nestedExpand","attrs":{"title":"Create User response"},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"codeBlock","content":[{"text":"{\n \"schemas\": [\n \"urn:ietf:params:scim:schemas:core:2.0:User\",\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:User\",\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:Cug\"\n ],\n \"id\": \"e65adc36-cb15-4b4d-b8df-cb6cba347f8c\",\n \"externalId\": \"4ad4896c-2f09-4906-ba25-32d5543bd71b\",\n \"userName\": null,\n \"name\": {\n \"formatted\": null,\n \"familyName\": \"B\",\n \"givenName\": \"Tim\",\n \"middleName\": null,\n \"honorificPrefix\": null,\n \"honorificSuffix\": null\n },\n \"displayName\": null,\n \"nickName\": null,\n \"profileUrl\": null,\n \"title\": null,\n \"userType\": null,\n \"preferredLanguage\": null,\n \"locale\": null,\n \"timezone\": null,\n \"active\": true,\n \"emails\": [\n {\n \"type\": \"OVO000089\",\n \"primary\": false,\n \"display\": null,\n \"value\": \"webidm@vlaanderen.be\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": null,\n \"primary\": false,\n \"display\": null,\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker\"\n }\n ],\n \"roles\": [\n {\n \"type\": null,\n \"primary\": false,\n \"display\": null,\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker:BetalingBeheerder\"\n },\n {\n \"type\": null,\n \"primary\": false,\n \"display\": null,\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker:BetalingRaadpleger\"\n }\n ],\n \"phoneNumbers\": [],\n \"ims\": [],\n \"photos\": [],\n \"addresses\": [],\n \"groups\": [],\n \"x509Certificates\": [],\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:User\": {\n \"closedUserGroupCode\": \"GID\",\n \"socialSecurityNumber\": \"1234567890\"\n },\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:Cug\": {\n \"code\": \"GID\",\n \"name\": \"VO-medewerkers\"\n },\n \"meta\": {\n \"resourceType\": \"User\",\n \"created\": \"2021-09-17T05:07:11.517760498Z\",\n \"lastModified\": \"2021-09-17T05:07:11.517760498Z\",\n \"location\": \"http://scim/wstest/v2/users/e65adc36-cb15-4b4d-b8df-cb6cba347f8c\",\n \"version\": null\n }\n}","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"409","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Conflict","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Als de service provider vaststelt dat de creatie van de User conflicteert met een bestaande User moet er een status 409 teruggegeven worden met een \"scimType\" error code van \"uniqueness\", as per Section 3.12.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Update User ","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"968ea652-12e4-4c67-8b96-84483054b8fe"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":3,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"PUT v2/Users/{id}","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"id","type":"text"},{"type":"hardBreak"},{"text":"String","type":"text","marks":[{"type":"em"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"e65adc36-cb15-4b4d-b8df-cb6cba347f8c","type":"text","marks":[{"type":"textColor","attrs":{"color":"#091e42"}}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Body","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"nestedExpand","attrs":{"title":"Update User request"},"content":[{"type":"paragraph","content":[{"text":"Volgende gewijzigd ten opzichte van ","type":"text"},{"text":"Create User","type":"text","marks":[{"type":"link","attrs":{"href":"https://vlaamseoverheid.atlassian.net/wiki/display/81034/SCIM+doelsysteem+documentatie#SCIMdoelsysteemdocumentatie-CreateUser"}}]},{"text":" : familyName en emails aangepast, roles BetalingBeheerder verwijderd.","type":"text"}]},{"type":"codeBlock","content":[{"text":"{\n \"schemas\": [\n \"urn:ietf:params:scim:schemas:core:2.0:User\",\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:User\",\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:Cug\"\n ],\n \"id\": \"e65adc36-cb15-4b4d-b8df-cb6cba347f8c\",\n \"externalId\": \"4ad4896c-2f09-4906-ba25-32d5543bd71b\",\n \"name\": {\n \"familyName\": \"C\",\n \"givenName\": \"Tim\"\n },\n \"active\": true,\n \"emails\": [\n {\n \"value\": \"new-webidm@vlaanderen.be\",\n \"type\": \"OVO000089\"\n }\n ],\n \"entitlements\": [\n {\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker\"\n }\n ],\n \"roles\": [\n {\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker:BetalingRaadpleger\"\n }\n ],\n \"groups\": [],\n \"addresses\": [],\n \"phoneNumbers\": [],\n \"ims\": [],\n \"photos\": [],\n \"x509Certificates\": [],\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:User\": {\n \"closedUserGroupCode\": \"GID\",\n \"socialSecurityNumber\": \"1234567890\"\n },\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:Cug\": {\n \"code\": \"GID\",\n \"name\": \"VO-medewerkers\"\n }\n}","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":3,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Responses","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Code","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Example","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"200","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"OK","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"De body bevat een volledige weergave van de resource.","type":"text"}]},{"type":"nestedExpand","attrs":{"title":"Update User response"},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"codeBlock","content":[{"text":"{\n \"schemas\": [\n \"urn:ietf:params:scim:schemas:core:2.0:User\",\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:User\",\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:Cug\"\n ],\n \"id\": \"e65adc36-cb15-4b4d-b8df-cb6cba347f8c\",\n \"externalId\": \"4ad4896c-2f09-4906-ba25-32d5543bd71b\",\n \"userName\": null,\n \"name\": {\n \"formatted\": null,\n \"familyName\": \"C\",\n \"givenName\": \"Tim\",\n \"middleName\": null,\n \"honorificPrefix\": null,\n \"honorificSuffix\": null\n },\n \"displayName\": null,\n \"nickName\": null,\n \"profileUrl\": null,\n \"title\": null,\n \"userType\": null,\n \"preferredLanguage\": null,\n \"locale\": null,\n \"timezone\": null,\n \"active\": true,\n \"emails\": [\n {\n \"type\": \"OVO000089\",\n \"primary\": false,\n \"display\": null,\n \"value\": \"new-webidm@vlaanderen.be\"\n }\n ],\n \"entitlements\": [\n {\n \"type\": null,\n \"primary\": false,\n \"display\": null,\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker\"\n }\n ],\n \"roles\": [\n {\n \"type\": null,\n \"primary\": false,\n \"display\": null,\n \"value\": \"OVO000089-Categorie:Vlaamse Overheid Ambtenaar,Gebruikerstype:Normale accounts-LV_eLoket_GID_CompEnt_Gebruiker:BetalingRaadpleger\"\n }\n ],\n \"phoneNumbers\": [],\n \"ims\": [],\n \"photos\": [],\n \"addresses\": [],\n \"groups\": [],\n \"x509Certificates\": [],\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:User\": {\n \"closedUserGroupCode\": \"GID\",\n \"socialSecurityNumber\": \"1234567890\"\n },\n \"urn:ietf:params:scim:schemas:extension:idm:2.0:Cug\": {\n \"code\": \"GID\",\n \"name\": \"VO-medewerkers\"\n },\n \"meta\": {\n \"resourceType\": \"User\",\n \"created\": \"2021-09-17T05:07:11.517760498Z\",\n \"lastModified\": \"2021-09-17T05:07:11.517760498Z\",\n \"location\": \"http://scim/wstest/v2/users/e65adc36-cb15-4b4d-b8df-cb6cba347f8c\",\n \"version\": null\n }\n}\n\n","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Delete User ","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"594f4601-fd72-437d-a3b2-8496960bd959"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":3,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"DELETE v2/Users/{id}","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"id","type":"text"},{"type":"hardBreak"},{"text":"String","type":"text","marks":[{"type":"em"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"e65adc36-cb15-4b4d-b8df-cb6cba347f8c","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":3,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Responses","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Code","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Example","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"204","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"No content","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"De Service Provider zet de User minstens op inactief als er voor gekozen wordt om de resource niet definitief te verwijderen.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"404","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Not found","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"User was voorheen deleted/op inactief gezet.","type":"text"}]},{"type":"nestedExpand","attrs":{"title":"Delete onbestaande user response"},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"codeBlock","content":[{"text":"{\n \"schemas\": [\n \"urn:ietf:params:scim:api:messages:2.0:Error\"\n ],\n \"detail\": \"Resource e65adc36-cb15-4b4d-b8df-cb6cba347f8c not found\",\n \"status\": \"404\"\n}","type":"text"}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Health check ","type":"text"}]},{"type":"paragraph","content":[{"text":"Een ","type":"text"},{"text":"health check service","type":"text","marks":[{"type":"strong"}]},{"text":" moet geïmplementeerd worden door de Service Provider. WebIDM beslist aan de hand van de respons of er een provisionering kan gestart worden. ","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"6d192863-785a-47d2-8978-e92a63eded32"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":3,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"GET https://[","type":"text","marks":[{"type":"strong"}]},{"text":"yourScimEndpoint","type":"text","marks":[{"type":"strong"},{"type":"em"}]},{"text":"]/statuscheck","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":3,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Responses","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Code","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Result","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"200","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"OK","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"provisionering kan starten","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"4xx","type":"text"},{"type":"hardBreak"},{"text":"5xx","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"provisionering on hold, er worden door WebIDM geen gegevens uitgeleverd aan de Service Provider","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":1},"content":[{"text":"Beveiliging ","type":"text"}]},{"type":"paragraph","content":[{"text":"Voor het beveiligen van de communicatie tussen WebIDM en de SCIM Service Provider ondersteunen we MutualTLS (mTLS)-authenticatie of OAuth2.0. ","type":"text"},{"type":"hardBreak"},{"text":"Naast deze beveiligingsmaatregelen, moeten mogelijks ook de nodige datastromen voorzien worden tussen WebIDM en de Service Provider. ","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"MutualTLS","type":"text"}]},{"type":"paragraph","content":[{"text":"Voor een veilige verbinding, zowel over het lokaal netwerk binnen VO als over het internet, kunnen WebIDM (via Datapower) en de SCIM Service Provider MutualTLS authenticatie implementeren, waarbij beide partijen zich authenticeren tegenover elkaar d.m.v. X509 certificaten. ","type":"text"},{"type":"hardBreak"},{"text":"De SCIM Service Provider moet het client certificaat van WebIDM (Datapower) vertrouwen. Daarnaast moet de SCIM Service Provider een GlobalSign of VO PKI SSL server certificaat voorzien dat WebIDM (Datapower) kan vertrouwen. ","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"OAuth2.0","type":"text"}]},{"type":"paragraph","content":[{"text":"In plaats van authenticatie d.m.v. certificaten via MutualTLS, is het ook mogelijk om de authenticatie d.m.v. OAuth-tokens in te regelen. WebIDM zal thans de OAuth Client Credentials Grant volgen (","type":"text"},{"text":"info","type":"text","marks":[{"type":"link","attrs":{"href":"https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fauthenticatie.vlaanderen.be%2Fdocs%2Fbeveiligen-van-api%2Foauth-rest%2Frest-server2server%2F&data=05%7C02%7Crogier.clarisse%40vlaanderen.be%7Cb2ad89ae7f5b421f8fc808dd315ecde4%7C0c0338a695614ee8b8d64e89cbd520a0%7C0%7C0%7C638721005421630207%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=YGqIGv4Khvp%2BGHhiOFQ9a496NCNz7BXTeuCe%2Bl1Xx0o%3D&reserved=0"}}]},{"text":"): WebIDM vraagt een access token aan bij de identity provider (i.e. ACM), en zal dat access token gebruiken om het extern doelsysteem te bevragen. Het extern doelsysteem functioneert in deze context dus als resource server (API). De registratie van het doelsysteem als een met ACM geïntegreerde resource server maakt deel uit van het integratietraject: het doelsysteem zal geregistreerd worden in het Beheerportaal (","type":"text"},{"text":"info","type":"text","marks":[{"type":"link","attrs":{"href":"https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fvlaamseoverheid.atlassian.net%2Fwiki%2Fspaces%2FGAEP%2Fpages%2F6377410197%2FModule%2BOAuth%2BClient%2BCredentials%2BGrant%2BAPI%2Bbeheren&data=05%7C02%7Crogier.clarisse%40vlaanderen.be%7Cb2ad89ae7f5b421f8fc808dd315ecde4%7C0c0338a695614ee8b8d64e89cbd520a0%7C0%7C0%7C638721005421643126%7CUnknown%7CTWFpbGZsb3d8eyJFbXB0eU1hcGkiOnRydWUsIlYiOiIwLjAuMDAwMCIsIlAiOiJXaW4zMiIsIkFOIjoiTWFpbCIsIldUIjoyfQ%3D%3D%7C0%7C%7C%7C&sdata=lC2e2M4grWxZVU6N68%2BjUg03%2FOYoX6BrVQuGmihRIhg%3D&reserved=0"}}]},{"text":"). In het Beheerportaal kan u dan, als u in IDM over het recht “API-beheerder en Client-beheerder” beschikt, uw resource server beheren – u kan de authenticatiemethode instellen, u kan de koppeling van uw doelsysteem met IDM goedkeuren, enz. Let wel; het verkeer tussen WebIDM en het doelsysteem zal ook in deze opzet nog steeds via DataPower verlopen; DataPower zal namelijk nog steeds de geldigheid en revocatie-status van de certificaten controleren.","type":"text"}]},{"type":"heading","attrs":{"level":1},"content":[{"text":"Verschillen tegenover vorige versie","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"WebIDM houdt de ID die wordt gecreëerd door de Service Provider bij. De Service Provider ondersteunt de Find User by externalId. Als WebIDM en de Service Provicer out of sync geraken wordt de Find User gebruikt om de Service Provider ID op te halen.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"WebIDM doet enkel calls naar de Service Provider indien er wijzigingen zijn. In de vorige versie kon het gebeuren dat er calls gemaakt werden naar de Service Provider ook al was er voor die specifieke User resource niets gewijzigd, maar wel in andere rechten van die Gebruiker.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Het aanmaken van een gebruiker gebeurt aan de hand van één enkele Create User call. In de vorige versie was dit 1 Create User call gevolgd door 1 of meedere Update User calls.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"De SCIM User property Groups wordt ondersteund. De waarde hiervan kan Fully Qualified of Simple zijn.","type":"text"}]}]}]},{"type":"paragraph"}]},{"type":"layoutColumn","attrs":{"width":33.33},"content":[{"type":"paragraph","content":[{"text":"Op deze pagina: ","type":"text","marks":[{"type":"strong"}]}]},{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"toc","parameters":{"macroParams":{},"macroMetadata":{"macroId":{"value":"b3870e02-d1be-4350-a8b4-558982e16a46"},"schemaVersion":{"value":"1"},"title":"Table of Contents"}},"localId":"1efd7111-7774-4faf-a204-bee54edd0c02"}},{"type":"table","attrs":{"layout":"full-width","width":1800.0,"localId":"daa42b07-368b-484d-8c8c-d012e0dbb2d0"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[440.0]},"content":[{"type":"paragraph","content":[{"text":"Relevante pagina's","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[440.0]},"content":[{"type":"paragraph","content":[{"text":"Attributen IDM","type":"text","marks":[{"type":"link","attrs":{"href":"https://vlaamseoverheid.atlassian.net/wiki/spaces/GAEP/pages/6377408076"}}]}]},{"type":"paragraph","content":[{"text":"EAWS Web service ","type":"text","marks":[{"type":"link","attrs":{"href":"https://vlaamseoverheid.atlassian.net/wiki/spaces/GAEP/pages/6377409457"}}]}]},{"type":"paragraph","content":[{"text":"Het Rechtenmodel van het Gebruikersbeheer","type":"text","marks":[{"type":"link","attrs":{"href":"https://vlaamseoverheid.atlassian.net/wiki/spaces/GAEP/pages/6377409290"}}]}]},{"type":"paragraph","content":[{"text":"Volledig informatiemodel","type":"text","marks":[{"type":"link","attrs":{"href":"https://vlaamseoverheid.atlassian.net/wiki/spaces/GAEP/pages/6377408315"}}]}]},{"type":"paragraph","content":[{"type":"inlineExtension","attrs":{"extensionType":"com.atlassian.confluence.macro.core","extensionKey":"livesearch","parameters":{"macroParams":{"spaceKey":{"value":"GAEP"},"placeholder":{"value":"Stel je vraag?"},"labels":{"value":"idm, gebruikersbeheer"}},"macroMetadata":{"macroId":{"value":"4d2e1e80-2714-43e7-a238-0b6266b8151a"},"schemaVersion":{"value":"1"},"placeholder":[{"type":"icon","data":{"url":"https://vlaamseoverheid.atlassian.net/wiki/download/resources/confluence.extra.livesearch/images/search.png"}}],"title":"Live Search"}},"localId":"80a11697-0eef-4817-a0b4-fd2108bfdbbe"}}]}]}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Vragen of suggesties, contacteer ons via: ","type":"text","marks":[{"type":"textColor","attrs":{"color":"#333333"}}]},{"text":"integraties@vlaanderen.be","type":"text","marks":[{"type":"textColor","attrs":{"color":"#333333"}},{"type":"link","attrs":{"href":"mailto:integraties@vlaanderen.be"}}]},{"text":" ","type":"text","marks":[{"type":"textColor","attrs":{"color":"#333333"}}]}]},{"type":"paragraph","content":[{"text":"Heb je nood aan ondersteuning bij het gebruik van de toepassing, contacteer de ","type":"text","marks":[{"type":"textColor","attrs":{"color":"#333333"}}]},{"text":"1700","type":"text","marks":[{"type":"link","attrs":{"href":"https://www.vlaanderen.be/over-vlaanderenbe/over-1700"}}]},{"text":".","type":"text","marks":[{"type":"textColor","attrs":{"color":"#333333"}}]}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}]}]},{"type":"table","attrs":{"layout":"default","width":238.0,"localId":"c92131c8-9265-4a52-95d1-12cf1bbb2c51"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Terug naar de handleidingen","type":"text","marks":[{"type":"strong"},{"type":"link","attrs":{"href":"https://vlaamseoverheid.atlassian.net/wiki/spaces/GAEP/pages/6377408163"}}]}]}]}]}]},{"type":"paragraph","content":[{"type":"hardBreak"}]}],"version":1}

Browser not supported