| Permission Level |
Service |
Operations |
| /admin |
UserStoreConfigAdminService |
- addUserStore
- changeUserStoreState
- deleteUserStore
- deleteUserStoresSet
- editUserStore
- editUserStoreWithDomainName
- getAvailableUserStoreClasses
- getSecondaryRealmConfigurations
- getUserStoreManagerProperties
|
| /admin/manage/identity |
RemoteAuthorizationManagerService |
- authorizeRole
- authorizeUser
- clearAllRoleAuthorization
- clearAllUserAuthorization
- clearResourceAuthorizations
- clearRoleActionOnAllResources
- clearRoleAuthorization
- clearUserAuthorization
- denyRole
- denyUser
- getAllowedRolesForResource
- getAllowedUIResourcesForUser
- getDeniedRolesForResource
- getExplicitlyAllowedUsersForResource
- getExplicitlyDeniedUsersForResource
- isRoleAuthorized
- isUserAuthorized
- resetPermissionOnUpdateRole
|
| RemoteClaimManagerService |
- addNewClaimMapping
- deleteClaimMapping
- getAllClaimMappings
- getAllClaimUris
- getAllRequiredClaimMappings
- getAllSupportClaimMappingsByDefault
- getAttributeName
- getAttributeNameFromDomain
- getClaim
- getClaimMapping
- updateClaimMapping
|
| RemoteProfileConfigurationManagerService |
- addProfileConfig
- deleteProfileConfig
- getAllProfiles
- getProfileConfig
- updateProfileConfig
|
| RemoteUserStoreManagerService |
- addRole
- addUser
- addUserClaimValue
- addUserClaimValues
- authenticate
- deleteRole
- deleteUser
- deleteUserClaimValue
- deleteUserClaimValues
- getAllProfileNames
- getHybridRoles
- getPasswordExpirationTime
- getProfileNames
- getProperties
- getRoleListOfUser
- getRoleNames
- getTenantId
- getTenantIdofUser
- getUserClaimValue
- getUserClaimValues
- getUserClaimValuesForClaims
- getUserId
- getUserList
- getUserListOfRole
- isExistingRole
- isExistingUser
- isReadOnly
- listUsers
- setUserClaimValue
- setUserClaimValues
- updateCredential
- updateCredentialByAdmin
- updateRoleListOfUser
- updateRoleName
- updateUserListOfRole
|
| SCIMConfigAdminService |
- addGlobalProvider
- deleteGlobalProvider
- getAllGlobalProviders
- getGlobalProvider
- updateGlobalProvider
|
| UserAdmin |
- addInternalRole
- addRemoveRolesOfUser
- addRemoveUsersOfRole
- addRole
- bulkImportUsers
- deleteRole
- getAllSharedRoleNames
- getAllUIPermissions
- getRolePermissions
- getRolesOfUser
- isSharedRolesEnabled
- listUserByClaim
- setRoleUIPermission
- updateRoleName
- updateRolesOfUser
- updateUsersOfRole
|
| /admin/configure/ security/rolemgt |
UserAdmin |
|
| /admin/configure/ security/usermgt |
MultipleCredentialsUserAdmin |
- addUserWithUserId
- authenticate
- deleteUserClaimValue
- deleteUserClaimValues
- getUserClaimValue
- getUserClaimValues
- getUserId
- setUserClaimValue
- setUserClaimValues
|
| /admin/configure/security/ usermgt/passwords |
MultipleCredentialsUserAdmin |
- addCredential
- deleteCredential
- getCredentials
- updateCredential
|
| UserAdmin |
|
| /admin/configure/security/ usermgt/provisioning |
SCIMConfigAdminService |
- addUserProvider
- deleteUserProvider
- getAllUserProviders
- getUserProvider
- updateUserProvider
|
| /admin/configure/security/ usermgt/users |
MultipleCredentialsUserAdmin |
- addUser
- addUsers
- deleteUser
|
| UserAdmin |
|
| /admin/login |
AccountCredentialMgtConfigService |
- getEmailConfig
- saveEmailConfig
|
| EntitlementService |
- getAllEntitlements
- getBooleanDecision
- getDecision
- getDecisionByAttributes
- getEntitledAttributes
- XACMLAuthzDecisionQuery
|
| IdentityProviderAdminService |
- addOpenID
- extractPrimaryUserName
- getAllOpenIDs
- getPrimaryOpenID
- removeOpenID
- getAllIdPs
|
| IWAAuthenticator |
|
| LoggedUserInfoAdmin |
|
| MultipleCredentialsUserAdmin |
|
| OAuthAdminService |
- getAppsAuthorizedByUser
- revokeAuthzForAppsByResoureOwner
|
| UserAdmin |
- changePasswordByUser
- getRolesOfCurrentUser
- getUserRealmInfo
- hasMultipleUserStores
|
| UserInformationRecoveryService |
- confirmUserSelfRegistration
- getAllChallengeQuestions
- getCaptcha
- getUserChallengeQuestion
- getUserChallengeQuestionIds
- getUserIdentitySupportedClaims
- registerUser
- sendRecoveryNotification
- updatePassword
- verifyAccount
- verifyConfirmationCode
- verifyUser
- verifyUserChallengeAnswer
|
| XMPPConfigurationService |
- addUserXmppSettings
- editXmppSettings
- getUserIM
- getXmppSettings
- hasXMPPSettings
- isXMPPSettingsEnabled
|
| /admin/manage |
ClaimManagementService |
- addNewClaimDialect
- addNewClaimMapping
- getClaimMappingByDialect
- getClaimMappings
- removeClaimDialect
- removeClaimMapping
- updateClaimMapping
|
| EntitlementAdminService |
- clearAllAttributeCaches
- clearAllResourceCaches
- clearAttributeFinderCache
- clearAttributeFinderCacheByAt tributes
- clearCarbonAttributeCache
- clearCarbonResourceCache
- clearDecisionCache
- clearPolicyCache
- clearResourceFinderCache
- doTestRequest
- doTestRequestForGivenPolicies
- getGlobalPolicyAlgorithm
- getPDPData
- getPIPAttributeFinderData
- getPIPResourceFinderData
- getPolicyFinderData
- refreshAttributeFinder
- refreshPolicyFinders
- refreshResourceFinder
- setGlobalPolicyAlgorithm
|
| EntitlementPolicyAdminService |
- addPolicies
- addPolicy
- addSubscriber
- deleteSubscriber
- dePromotePolicy
- enableDisablePolicy
- getAllPolicies
- getAllPolicyIds
- getEntitlementData
- getEntitlementDataModules
- getLightPolicy
- getPolicy
- getPolicyByVersion
- getPolicyVersions
- getPublisherModuleData
- getStatusData
- getSubscriber
- getSubscriberIds
- importPolicyFromRegistry
- orderPolicy
- publish
- publishPolicies
- publishToPDP
- removePolicies
- removePolicy
- rollBackPolicy
- updatePolicy
- updateSubscriber
|
| IdentityApplicationManagementService |
- createApplication
- deleteApplication
- getAllApplicationBasicInfo
- getAllIdentityProviders
- getAllLocalAuthenticators
- getAllLocalClaimUris
- getAllRequestPathAuthenticators
- getApplication
- getIdentityProvider
- updateApplication
|
| IdentityProviderMgtService |
- addIdP
- deleteIdP
- getAllFederatedAuthenticators
- getAllLocalClaimUris
- getAllProvisioningConnectors
- getEnabledAllIdPs
- getIdPByName
- getResidentIdP
- updateIdP
- updateResidentIdP
|
| IdentitySAMLSSOConfigService |
- addRPServiceProvider
- getCertAliasOfPrimaryKeyStore
- getClaimURIs
- getServiceProviders
- removeServiceProvider
|
| IdentitySTSAdminService |
- readCardIssuerConfiguration
- updateCardIssueConfiguration
|
| KeyStoreAdminService |
- addKeyStore
- addTrustStore
- deleteStore
- getKeyStores
- getKeystoreInfo
- getPaginatedKeystoreInfo
- getStoreEntries
- importCertToStore
- removeCertFromStore
|
| STSAdminService |
- addTrustedService
- getCertAliasOfPrimaryKeyStore
- getProofKeyType
- getTrustedServices
- removeTrustedService
- setProofKeyType
|
| OAuth2TokenValidationService |
- findOAuthConsumerIfTokenIsValid
- validate
- buildIntrospectionResponse
|
| OAuthAdminService |
- getAllOAuthApplicationData
- getAllowedGrantTypes
- getOAuthApplicationData
- getOAuthApplicationDataByAppName
- registerOAuthApplicationData
- registerOAuthConsumer
- removeOAuthApplicationData
- updateConsumerApplication
|
| UserIdentityManagementAdminService |
- changeUserPassword
- deleteUser
- getAllChallengeQuestions
- getAllPromotedUserChallenge
- getAllUserIdentityClaims
- getChallengeQuestionsOfUser
- isReadOnlyUserStore
- lockUserAccount
- resetUserPassword
- setChallengeQuestions
- setChallengeQuestionsOfUser
- unlockUserAccount
- updateUserIdentityClaims
- disableUserAccount
- enableUserAccount
|
| UserProfileMgtService |
- associateID
- deleteUserProfile
- getAssociatedIDs
- getInstance
- getNameAssociatedWith
- getProfileFieldsForInternalStore
- getUserProfile
- getUserProfiles
- isAddProfileEnabled
- isAddProfileEnabledForDomain
- isReadOnlyUserStore
- removeAssociateID
- setUserProfile
|
| wsxacml |
|
| /admin/manage/ modify/service |
ProfilesAdminService |
- getUserProfile
- putUserProfile
|