Manage Groups and Roles with WSO2 Identity Server-5.11.0 onwards

Groups and Role Separation

Relationship with users-groups-roles-permissions

Relationship with Users-Groups-Roles-Permissions

User-Group:

  • A user can belong to zero or many(multiple) groups.
  • A group can have zero or many(multiple) users.

Group-Role:

  • A group can have zero or many(multiple) roles.
  • A role can be assigned to zero or many(multiple) groups.

User-Role:

  • A user can have zero or many(multiple) roles.
  • A role can be assigned to zero or many(multiple) users.

Role-Permission:

  • A role can have zero or many(multiple) permissions.
  • A permission can be assigned to zero or many(multiple) roles.

1. SCIM requests to manage Groups

1.1 Create a group without members

1.2 Create a group with members

1.3 Assign a member to the group

1.4 Remove a member from the group

  • Specify the member who needs to be removed by user id
  • Specify the member who needs to be removed by username

1.5 List all groups

  • List all groups including all details of every group
  • List all the groups excluding members details

1.6 Retrieve only specific group by id

1.7 Search groups

  • Search groups that contain “eng” in their name. Also, only need to return the display names of those groups.
  • Using GET request:
  • Using POST request:

1.8 Delete a group

2. SCIM requests to manage Roles

2.1 Create a role without users/groups/permissions

2.2 Create a role with users, groups and permissions

2.3 Assign a user to the role

2.4 Assign a group to the role

2.5 Remove a user from the role

  • Specify the user who needs to be removed by user id
  • Specify the user who needs to be removed by username

2.6 Remove a group from the role

  • Specify the group that needs to be removed by user id
  • Specify the group that needs to be removed by group’s name

2.7 Update permissions of the role

  • Adding/ Removing permissions are not allowed. Only replace operation is supported to update permissions of a role.

2.8 List all roles

2.9 Retrieve only specific role by id

2.10 Search roles

  • Using GET request
  • using POST request

2.11 Delete a role

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store