Page Comparison

virtual

Boolean

false

Defines whether the organization is virtual.

organizationId

String

X

Unique name of the organization to be created.

friendlyName

String

X

Human readable name of the organization.

organizationClass (or organizationType)

String from Configured Set

Organization type defining the initial configuration of the created organization. We support both the old parameter name (organizationClass) and the new parameter name (organizationType).

"custom attribute"

String

X

Organization's custom attribute and a value (multiple values are separated with comma). For example, vatnumber=12345

recursive

Boolean

false

Allow deleting organizations with sub-organizations.

friendlyName

String

Human readable name of the organization.

organizationClass (or organizationType)

String from Configured Set

Organization type defining the initial configuration of the created organization. We support both the old parameter name (organizationClass) and the new parameter name (organizationType).

"custom attribute"

String

X

Organization's custom attribute and a value (multiple values are separated with comma). These attributes must have been defined in eidm2.properties (data.organization.fields or ui.admin.organizationinfo.fields.order) For example, organizationid=12345

uid

String

User login name.

email

String

User email address.

firstname

String

First name of the user.

surname

String

Surname of the user.

mobile

String

Mobile phone number.

hetu

String

Social Security Number (henkilötunnus)

pwd

String

New password.

otp.state (Deprecated)

String

New OTP state. This parameter is deprecated. OTP related REST services will be provided by OTP Server.

pwd.activated

Boolean

Defines if the password authentication method is actived for the user or not.

sms.activated (Deprecated)

Boolean

Defines if the SMS OTP authentication method is actived for the user or not. This parameter is deprecated. SMS OTP related REST services will be provided by OTP Server.

otp.activated (Deprecated)

Boolean

Defines if the OTP authentication method is actived for the user or not. This parameter is deprecated. OTP related REST services will be provided by OTP Server.

create

Boolean

Allow create

disable

Boolean

Disable User

enable

Boolean

Enable User

roles.remove

Boolean

Remove roles

mandates.remove

Boolean

Remove Mandates

"custom attribute"

String

X

User's custom attribute and a value (multiple values are separated with comma). These attributes must have been defined in eidm2.properties (data.user.fields, ui.selfservice.userinfo.fields.order, ui.admin.userinfo.fields.order or ui.admin.approvalinfo.fields.order) For example, age=45

user

Entity Name

X

User who the role is assigned for.

user

Entity Name

X

User who the role is deassign from.

memberOf

String

The created role will be member of this role

uid

String

X (depending on configuration)

User login name.

email

String

X

User email address.

firstname

String

X

First name of the user.

surname

String

X

Surname of the user.

mobile

String

Mobile phone number.

hetu

String

Social Security Number (henkilötunnus)

pwd

String

Initialize the default password authentication method for the user with the specified password. If missing, the password method is not initialized for the user.

pwd.activated

Boolean

Defines if the password authentication method is actived for the user or not.

sms.activated (Deprecated)

Boolean

false

Defines if the SMS OTP authentication method is actived for the user or not. This parameter is deprecated. SMS OTP related REST services will be provided by OTP Server.

otp.activated (Deprecated)

Boolean

false

Defines if the OTP authentication method is actived for the user or not. This parameter is deprecated. OTP related REST services will be provided by OTP Server.

locale

String

Locale definition. It is used when selecting the right language for email notifications.

"custom attribute"

String

X

User's custom attribute and a value (multiple values are separated with comma). These attributes must have been defined in eidm2.properties (data.user.fields, ui.selfservice.userinfo.fields.order, ui.admin.userinfo.fields.order or ui.admin.approvalinfo.fields.order) For example, age=45

resetRepository

Boolean

false

Removes all organizations, users, and roles from the repository.

initializeDatabase

Boolean

false

Creates the missing mandatory repository structures and roles. Also, updates the repository to reflect the changed configuration.

synchronizeData

Boolean

false

Try to create those items into SQL database that are missing from it but present in LDAP.

initializeOrganizations

Boolean

false

Create roles to organizations based on organization type definitions. Only creates the missing roles but does not remove anything.

clearUniqueFields

Boolean

false

Clears unique field data from validators.

updateSamlApMetadata

Boolean

false

Write SAML AP metadata generated based on the identity file to SSO authentication method configuration.

refreshRoleHierarchyRules

Boolean

false

Updates roles' memberships with other roles to comply with the current Role Hierarchy Rules. Should be run if Role Hierarchy Rules are changed.

disableUsers

Boolean

Disables all users in organization.

enableUsers

Boolean

Enables all users in organization.

deleteUsers

Boolean

Removes all users in organization.

removeRoles

Boolean

Removes all roles and mandate delegations from all users in organization.

removeMandates

Boolean

Removes mandates these users have assigned to other users, mandate delegations received and direct mandate receivals.

entities

Boolean

false

Return list of entities instead of id list.

recursive

Boolean

false

Include users from the suborganizations.

email

String

Include only users with matching email address. Wildcard '*' is allowed.

mobile

String

Include only users with matching mobile phone number. Wildcard '*' is allowed.

maxResults

Integer

No Limit

Limit the maximum number of results. Exceeding the limit results in request error with error code 12. A value of zero means no limit.

assignments

Boolean

false

Include role assignments. Effective only if entities is true.

authInfo

Boolean

false

Include authentication credentials. Used for backup or provisioning. Effective only if entities is true.

assignments

Boolean

true

Retrieve role assignments.

groups

Boolean

true

Retrieve group assignments.

authInfo

Boolean

false

Include authentication credentials. Used for backup or provisioning.

entities

Boolean

false

Return list of entities instead of id list.

recursive

Boolean

false

Include organizations from the suborganizations.

internal

Boolean

false

Include CustomerID internal organizations.

roles

Boolean

false

List roles available in the organization.

assignments

Boolean

false

Discover users in roles. Effective only if roles is true.

assignmentEntities

Boolean

false

Return user-elements instead of userid-list. Effective only if assignments is true.

applicationCount

Boolean

false

Show pending user application count for organizations (and possibly it's suborganizations). Effective only if entities is true.

recursiveApplicationCount

Boolean

false

Whether to include applications in suborganizations to the count (see applicationCount above). Effective only if applicationCount is true.

friendlyName

String

Include only organizations with friendly name matching the specified filter. Wildcard '*' is allowed in filter string.

organizationType

String from Configured Set

Include only organizations of the specified organization Type. Wildcards are not allowed.

maxResults

Integer

No Limit

Limit the maximum number of results. Exceeding the limit results in request error with error code 12. A value of zero means no limit.

exportMode

Boolean

false

Include all information required for backups and provisioning. Effective only if entities is true.

roles

Boolean

false

Resolve roles available in the organization.

assignments

Boolean

false

Discover users in roles. Effective only if roles is true.

assignmentEntities

Boolean

false

Return user-elements instead of userid-list. Effective only if assignments is true.

applicationCount

Boolean

false

Return pending user application count for organization (and possibly it's suborganizations)

recursiveApplicationCount

Boolean

false

Whether to include applications in suborganizations to the count (see applicationCount above)

pendingOrganizations

Boolean

false

Returns data of new suborganizations (count, oldest, newest, url for processing) under the current organization, i.e. organizations where no user has yet been approved.

exportMode

Boolean

false

Include all information required for backups and provisioning.

Name

Accepted Values

Multivalued

Mandatory

Default

Description

assignments

Boolean

false

Discover users in the role. Also hierarchical role membership counts, so user A that is a member of role A that is a member of role B is returned when querying the role B.

assignmentEntities

Boolean

false

Return user-elements instead of userid-list. Effective only if assignments is true.