This is a very basic HOWTO showing how could one obtain a list of users and their roles via a REST call.
Basically, there are two ways: via bulk actions and via simple query.
Bulk actions (midPoint scripting)
This method is the most powerful, but also quite complex.
Execute this command:
Command to return users and their information
curl.exe --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "http://localhost:8080/midpoint/ws/rest/rpc/executeScript" -d @query-all-users-bulk.xml
query-all-users-bulk.xml file
<?xml version="1.0"?> <s:executeScript xmlns:s="http://midpoint.evolveum.com/xml/ns/public/model/scripting-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"> <s:pipeline> <s:search> <s:type>c:UserType</s:type> <s:options> <c:option> <c:selector> <c:path>roleMembershipRef</c:path> </c:selector> <c:options> <c:resolveNames>true</c:resolveNames> </c:options> </c:option> </s:options> </s:search> <s:filterContent> <s:remove>metadata</s:remove> <s:remove>assignment/metadata</s:remove> <s:remove>operationExecution</s:remove> <s:remove>credentials/password/value</s:remove> </s:filterContent> </s:pipeline> <s:options> <s:hideOperationResults>true</s:hideOperationResults> </s:options> </s:executeScript>
Simple query
This is not so powerful and flexible as bulk actions, but may suffice on many occassions.
Execute this command:
Command to return users and their information; with all references resolved to object names
curl.exe --user administrator:5ecr3t -H "Content-Type: application/xml" -X POST "http://localhost:8080/midpoint/ws/rest/users/search?options=resolveNames&exclude=metadata&exclude=operationExecution&exclude=credentials/password/value&exclude=assignment/metadata" -d @query-all-users.xml
Referencing this file:
Query to select users (all users in this case)
<?xml version="1.0"?> <q:query xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"> <!-- empty query = return all records --> </q:query>