Reputation: 57
WSO2 scim can not get lastPasswordUpdateTime
Cannot get lastPasswordUpdateTime of user from WSO2 using SCIM
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:SearchRequest"
],
"attributes": [
"emails", "groups", "name", "userName","lastPasswordUpdateTime","urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"filter": "userName eq 111111111111_222222222222",
"domain": "PRIMARY",
"startIndex": 1,
"count": 10
}
Upvotes: 0
Views: 169
Answers (1)
Reputation: 3057
You are not getting the lastPasswordUpdateTime value in the SCIM response, since there is no SCIM claim mapped to the local claim http://wso2.org/claims/identity/lastPasswordUpdateTime
You can map http://wso2.org/claims/identity/lastPasswordUpdateTime to a SCIM claim and use by following these steps.(Refere https://anuradha-15.medium.com/how-to-add-scim-extended-attributes-in-wso2-identity-server-71621f62c5d3 for more details)
- Go to
scim2-schema-extension.configfile located in the<IS_HOME>/repository/conf/folder and add the attribute definition.
{
"attributeURI":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:lastPasswordUpdateTime",
"attributeName":"lastPasswordUpdateTime",
"dataType":"string",
"multiValued":"false",
"description":"Last password update time",
"required":"false",
"caseExact":"false",
"mutability":"readOnly",
"returned":"default",
"uniqueness":"none",
"subAttributes":"null",
"canonicalValues":[],
"referenceTypes":[]
}
In the same file, add
lastPasswordUpdateTimeas a subattribute ofurn:ietf:params:scim:schemas:extension:enterprise:2.0:UserRestart the server.
Login to the management console and add an external claim.
Dialect URI: urn:ietf:params:scim:schemas:extension:enterprise:2.0:User
External Claim URI: urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:lastPasswordUpdateTime
(Attribute URI defined in the previous step)
Mapped Local Claim: http://wso2.org/claims/identity/lastPasswordUpdateTime
Then your request body would be
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:SearchRequest"
],
"attributes": [
"emails", "groups", "name", "userName","urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.lastPasswordUpdateTime"
],
"filter": "userName eq 111111111111_222222222222",
"domain": "PRIMARY",
"startIndex": 1,
"count": 10
}
Upvotes: 1
Related Questions
- WSO2IS 5.10.0. lastLoginTime update in Custom Local Authenticator
- WSO2IS askPassword feature
- WSO2 IS whitespaces inside password policy
- WSO2-IS-5.6: LastPasswordUpdate & lastLogin in epoch format instead of ISO
- WSO2 SCIM2.0 API GET USERS empty result
- wso2 scim api for password checking
- WSO2 Scim2 Password Change
- WSO2 Identity Server. Error when processing request
- WSO2 Identity Server SCIM Authorization issue
- Set Password history policy in WSO2 IS