Function

This API is used to query the information about a mapping.

URI

URI format
GET /v3/OS-FEDERATION/mappings/{id}

URI parameters
Parameter

Mandatory

Type

Description

id

Yes

String

Mapping ID.

Parameter	Mandatory	Type	Description
id	Yes	String	Mapping ID.

Request Parameters

Parameters in the request header
Parameter

Mandatory

Type

Description

Content-Type

Yes

String

Fill application/json;charset=utf8 in this field.

X-Auth-Token

Yes

String

Authenticated token.

Parameter	Mandatory	Type	Description
Content-Type	Yes	String	Fill application/json;charset=utf8 in this field.
X-Auth-Token	Yes	String	Authenticated token.

Example request

curl -i -k -H 'Accept:application/json' -H 'Content-Type:application/json;charset=utf8' -H "X-Auth-Token:$token" -X GET https://sample.domain.com/v3/OS-FEDERATION/mappings/ACME

Response Parameters

Parameters in the response body

Parameter	Mandatory	Type	Description
id	Yes	String	Mapping ID.
rules	Yes	Object	Rule used to map federated users to local users Example rule for SAML: "rules": [ { "local": [ { "user": { "name": "{0}" } }, { "group": { "name": "0cd5e9" } } ], "remote": [ { "type": "UserName" }, { "type": "orgPersonType", "not_any_of": [ "Contractor", "Guest" ] } ] } ] local: indicates the information about a federated user in the cloud system. user: indicates the name of a federated user in the cloud system. {0} indicates the first attribute of the user information in remote. group: indicates the user group to which a federated user belongs in the cloud system. remote: indicates the information about a federated user in the IdP. This expression is a combination of assertion attributes and operators. The value of remote is determined based on the assertion. "type": "UserName" indicates an attribute in an IdP assertion. "type": "orgPersonType" indicates an attribute in an IdP assertion. not_any_of: The rule is not matched if any of the specified strings appear in the attribute type. The condition result is Boolean, not the argument that is passed as input.
links	Yes	Object	Mapping resource link.

Parameter

Mandatory

Type

Description

Yes

String

Mapping ID.

rules

Yes

Object

Rule used to map federated users to local users

Example rule for SAML:

 "rules": [
            {
                "local": [
                    {
                        "user": {
                            "name": "{0}"
                        }
                    },
                    {
                        "group": {
                            "name": "0cd5e9"
                        }
                    }
                ],
                "remote": [
                    {
                        "type": "UserName"
                    },
                    {
                        "type": "orgPersonType",
                        "not_any_of": [
                            "Contractor",
                            "Guest"
                        ]
                    }

                ]
            }
        ]

local: indicates the information about a federated user in the cloud system.

user: indicates the name of a federated user in the cloud system. {0} indicates the first attribute of the user information in remote.
group: indicates the user group to which a federated user belongs in the cloud system.

remote: indicates the information about a federated user in the IdP. This expression is a combination of assertion attributes and operators. The value of remote is determined based on the assertion.

"type": "UserName" indicates an attribute in an IdP assertion.
"type": "orgPersonType" indicates an attribute in an IdP assertion.
not_any_of: The rule is not matched if any of the specified strings appear in the attribute type. The condition result is Boolean, not the argument that is passed as input.

links

Yes

Object

Mapping resource link.

Example response

{
    "mapping": {
        "id": "ACME",
        "links": {
            "self": "https://example.com/v3/OS-FEDERATION/mappings/ACME"
        },
        "rules": [
            {
                "local": [
                    {
                        "user": {
                            "name": "{0}"
                        }
                    },
                    {
                        "group": {
                            "name": "0cd5e9"
                        }
                    }
                ],
                "remote": [
                    {
                        "type": "UserName"
                    },
                    {
                        "type": "orgPersonType",
                        "not_any_of": [
                            "Contractor",
                            "Guest"
                        ]
                    }
                ]
            }
        ]
    }
}

Status Codes

Status Code	Description
200	The request is successful.
400	The server failed to process the request.
401	Authentication failed.
403	Access denied.
404	The requested resource cannot be found.
405	The method specified in the request is not allowed for the requested resource.
413	The request entity is too large.
500	Internal server error.
503	Service unavailable.

Querying a Mapping

Function

URI

Request Parameters

Response Parameters

Status Codes