Manage ContainerPermissions with SCIM endpoints
This topic provides examples of common requests supported by the scim/ContainerPermissions endpoint.
Send requests to scim/ContainerPermissions to manage Safe members for Privilege Cloud Safes. This endpoint currently supports the following methods:
- GET
- POST
- DELETE
- PUT
Examples
Refer to the following examples for common requests to ContainerPermissions.
GET
GET https://mytenant.idaptive.app/scim/ContainerPermissions
Tip
You can narrow your responses with a pagination query parameter. For example:
GET https://mytenant.idaptive.app/scim/ContainerPermissions?startIndex=1&count=5would show five results starting with the first resource returned.
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 2,
"itemsPerPage": 2,
"startIndex": 1,
"Resources": [
{
"container": {
"value": "1",
"$ref": "https://mytenant.idaptive.app/scim/v2/Containers/myContainer",
"name": "myContainer",
"display": "myContainer"
},
"user": {
"value": "1",
"$ref": "https://mytenant.idaptive.app/scim/v2/Users/1",
"display": "myuser1"
},
"rights": [
"useAccounts",
"retrieveAccounts",
"listAccounts",
"addAccounts",
"updateAccountContent",
"updateAccountProperties",
"initiateCPMAccountManagementOperations",
"specifyNextAccountContent",
"renameAccounts",
"deleteAccounts",
"unlockAccounts",
"manageSafe",
"manageSafeMembers",
"backupSafe",
"viewAuditLog",
"viewSafeMembers",
"accessWithoutConfirmation",
"createFolders",
"deleteFolders",
"moveAccountsAndFolders",
"requestsAuthorizationLevel1"
],
"schemas": [
"urn:ietf:params:scim:schemas:pam:1.0:ContainerPermission"
],
"id": "myContainer:myUser",
"meta": {
"resourceType": "ContainerPermission",
"created": "2021-04-14T15:33:05.5981119Z",
"lastModified": "2021-04-14T15:33:05.5981119Z",
"location": "https://mytenant.idaptive.app/scim/v2/ContainerPermissions/myContainer:myUser"
}
},
{
"container": {
"value": "2",
"$ref": "https://mytenant.idaptive.app/scim/v2/Containers/myContainer",
"name": "myContainer",
"display": "myContainer"
},
"group": {
"value": "1",
"$ref": "https://mytenant.idaptive.app/scim/v2/Groups/1",
"display": "myGroup"
},
"rights": [
"listAccounts",
"unlockAccounts"
],
"schemas": [
"urn:ietf:params:scim:schemas:pam:1.0:ContainerPermission"
],
"id": "myContainer:myGroup",
"meta": {
"resourceType": "ContainerPermission",
"created": "2021-04-14T15:33:05.5981119Z",
"lastModified": "2021-04-14T15:33:05.5981119Z",
"location": "https://mytenant.idaptive.app/scim/v2/ContainerPermissions/myContainer:myGroup"
}
}
]
}
Sort results when you GET all ContainerPermissions.
GET https://mytenant.idaptive.app/scim/ContainerPermissions?sortby=id&sortorder=descending
GET https://mytenant.idaptive.app/scim/ContainerPermissions?sortby=id&sortorder=descending
GET {{baseURL}}/scim/ContainerPermissions [Available with 12.2 version of PVWA.]
{
"container": {
"value": "myContainer",
"$ref": "https://myTenant.idaptive.app/scim/v2/Containers/myContainer",
"name": "myContainer",
"display": "myContainer"
},
"user": {
"value": "1",
"$ref": "https://myTenant.idaptive.app/Scim/v2/Users/1",
"display": "myUser"
},
"rights": [
"useAccounts",
"retrieveAccounts",
"listAccounts",
"addAccounts",
"updateAccountContent",
"updateAccountProperties",
"initiateCPMAccountManagementOperations",
"specifyNextAccountContent",
"renameAccounts",
"deleteAccounts",
"unlockAccounts",
"manageSafe",
"manageSafeMembers",
"backupSafe",
"viewAuditLog",
"viewSafeMembers",
"accessWithoutConfirmation",
"createFolders",
"deleteFolders",
"moveAccountsAndFolders",
"requestsAuthorizationLevel1"
],
"schemas": [
"urn:ietf:params:scim:schemas:pam:1.0:ContainerPermission"
],
"id": "myContainer:myUser",
"meta": {
"resourceType": "ContainerPermission",
"created": "2021-07-19T11:19:59.8058658Z",
"lastModified": "2021-07-19T11:19:59.8058658Z",
"location": "https://myTenant.idaptive.app/scim/v2/ContainerPermissions/myContainer:myUser"
}
}
POST
POST {{baseURL}/scim/ContainerPermissions
{
"schemas":[
"urn:ietf:params:scim:schemas:pam:1.0:ContainerPermission"
],
"user":{
"display":"myUser"
},
"container":{
"name":"myContainer"
},
"rights":[
"UseAccounts",
"RetrieveAccounts",
"UpdateAccountProperties",
"InitiateCPMAccountManagementOperations",
"SpecifyNextAccountContent",
"UnlockAccounts",
"ManageSafe",
"ManageSafeMembers",
"BackupSafe",
"ViewAuditLog",
"ViewSafeMembers",
"AccessWithoutConfirmation",
"CreateFolders",
"DeleteFolders",
"MoveAccountsAndFolders",
"RequestsAuthorizationLevel1"
]
}
{
"container":{
"value":"stsafe17",
"$ref":"https://mytenant.idaptive.app/Scim/Containers/stsafe17",
"name":"stsafe17",
"display":"stsafe17"
},
"user":{
"value":"70",
"$ref":"https://mytenant.idaptive.app/Scim/Users/70",
"display":"shweta89"
},
"rights":[
"useAccounts",
"retrieveAccounts",
"updateAccountProperties",
"initiateCPMAccountManagementOperations",
"specifyNextAccountContent",
"unlockAccounts",
"manageSafe",
"manageSafeMembers",
"backupSafe",
"viewAuditLog",
"viewSafeMembers",
"accessWithoutConfirmation",
"createFolders",
"deleteFolders",
"moveAccountsAndFolders",
"requestsAuthorizationLevel1"
],
"schemas":[
"urn:ietf:params:scim:schemas:pam:1.0:ContainerPermission"
],
"id":"stsafe17shweta89",
"meta":{
"resourceType":"ContainerPermission",
"created":"2021-01-05T08:32:38.5610648Z",
"lastModified":"2021-01-05T08:32:38.5610648Z",
"location":"\"\"
}
}"
DELETE
Delete the ContainerPermission using the ID attribute. For example:
DELETE {idaptivebaseurl}}/scim/ContainerPermissions/{{containerPermission_id}}
DELETE https://mytenant.idaptive.app/scim/ContainerPermissions/myContainer:myUser
PUT
Update the ContainerPermission using the ID attribute. For example:
PUT {idaptivebaseurl}}/scim/ContainerPermissions/{{containerPermission_id}}
PUT https://mytenant.idaptive.app/scim/ContainerPermissions/myContainer:myUser
Available with 12.2 version of PVWA.
- Create one Container Permissions
{
"schemas":["urn:ietf:params:scim:schemas:pam:1.0:ContainerPermission"],
"container": {
"name": "myContainer"
},
"user":{
"display":"myUser"
},
"rights": [
]
}
{
"container": {
"value": "myContainer",
"$ref": "https://mytenant.idaptive.app/Scim/v2/Containers/myContainer",
"name": "myContainer",
"display": "myContainer"
},
"user": {
"value": "28",
"$ref": "https://mytenant.idaptive.app/Scim/v2/Users/1",
"display": "myUser"
},
"schemas": [
"urn:ietf:params:scim:schemas:pam:1.0:ContainerPermission"
],
"id": "myContainer:myUser",
"meta": {
"resourceType": "ContainerPermission",
"created": "2021-05-12T09:27:38.145556Z",
"lastModified": "2021-05-12T09:27:38.145556Z",
"location": "https://mytenant.idaptive.app/scim/v2/ContainerPermissions/myContainer:myUser"
}
}
- Update Container Permissions
{
"container": {
"name": "myContainer"
},
"user": {
"display": "myUser"
},
"rights": [
"moveAccountsAndFolders",
"requestsAuthorizationLevel1",
"InitiateCPMAccountManagementOperations",
"ManageSafe"
],
"schemas": [
"urn:ietf:params:scim:schemas:pam:1.0:ContainerPermission"
]
}
{
"container": {
"value": "myContainer",
"$ref": "https://mytenant.idaptive.app/Scim/v2/Containers/myContainer",
"name": "myContainer",
"display": "myContainer"
},
"user": {
"value": "1",
"$ref": "https://mytenant.idaptive.app/Scim/v2/Users/1",
"display": "myUser"
},
"rights": [
"initiateCPMAccountManagementOperations",
"manageSafe",
"moveAccountsAndFolders",
"requestsAuthorizationLevel1"
],
"schemas": [
"urn:ietf:params:scim:schemas:pam:1.0:ContainerPermission"
],
"id": "myContainer:myUser",
"meta": {
"resourceType": "ContainerPermission",
"created": "2021-05-12T11:30:21.1087842Z",
"lastModified": "2021-05-12T11:30:21.1087842Z",
"location": "https://mytenant.idaptive.app/Scim/v2/ContainerPermissions/myContainer:myUser"
}
}
Updated over 1 year ago