This is a very basic HOWTO showing how could one obtain a list of users and their roles via a REST call.
Basically, there are two ways: via bulk actions and via simple query.
Bulk actions (midPoint scripting)
This method is the most powerful, but also quite complex.
Execute this command:
Command to return users and their information
curl.exe --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "http://localhost:8080/midpoint/ws/rest/rpc/executeScript" -d @query-all-users-bulk.xml
query-all-users-bulk.xml file
<?xml version="1.0"?>
<s:executeScript xmlns:s="http://midpoint.evolveum.com/xml/ns/public/model/scripting-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3">
<s:pipeline>
<s:search>
<s:type>c:UserType</s:type>
<s:options>
<c:option>
<c:selector>
<c:path>roleMembershipRef</c:path>
</c:selector>
<c:options>
<c:resolveNames>true</c:resolveNames>
</c:options>
</c:option>
</s:options>
</s:search>
<s:filterContent>
<s:remove>metadata</s:remove>
<s:remove>assignment/metadata</s:remove>
<s:remove>operationExecution</s:remove>
<s:remove>credentials/password/value</s:remove>
</s:filterContent>
</s:pipeline>
<s:options>
<s:hideOperationResults>true</s:hideOperationResults>
</s:options>
</s:executeScript>
Simple query
This is not so powerful and flexible as bulk actions, but may suffice on many occassions.
Execute this command:
Command to return users and their information; with all references resolved to object names
curl.exe --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "http://localhost:8080/midpoint/ws/rest/users/search?options=resolveNames&exclude=metadata&exclude=operationExecution&exclude=credentials/password/value&exclude=assignment/metadata" -d @query-all-users.xml
Referencing this file:
Query to select users (all users in this case)
<?xml version="1.0"?>
<q:query xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3">
<!-- empty query = return all records -->
</q:query>