Jira Account
Overview
Account resource in IDHub maps to User in Jira.
After creating a directory in the Jira Admin account for a specific domain, the provisioning APIs for the User Resource can be called using the directory ID, it gives access at the organizational level.
Account Resource Schema Configuration
Resource Type
To fetch User resource type schema from SCIM service provider, call https://api.atlassian.com/scim/directory/{directoryId}/ResourceTypes/User API with Authorization and Accept request header. The response of the API is as follows
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ResourceType"
],
"id": "User",
"name": "User",
"description": "User Account",
"endpoint": "/Users",
"schema": "urn:ietf:params:scim:schemas:core:2.0:User",
"meta": {
"location": "https://api.atlassian.com/scim/directory/{directoryId}/ResourceTypes/User",
"resourceType": "ResourceType"
},
"schemaExtensions": [
{
"schema": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
"required": false
}
]
}
CODE
User Schema
To fetch User resource schema from SCIM provider, call https://api.atlassian.com/scim/directory/{directoryId}/Schemas/urn:ietf:params:scim:schemas:core:2.0:User API with Authorization and Accept request header. The response of the API is as follows
{
"id": "urn:ietf:params:scim:schemas:core:2.0:User",
"name": "User",
"description": "User Account",
"attributes": [
{
"name": "userName",
"description": "Unique identifier for the User. REQUIRED.",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": true
},
{
"name": "name",
"description": "The components of the user's real name.",
"mutability": "readWrite",
"type": "complex",
"multiValued": false,
"returned": "default",
"required": false,
"subAttributes": [
{
"name": "formatted",
"description": "The full name, including all middle names, titles, and suffixes as appropriate, formatted for display (e.g., 'Ms. Barbara J Jensen, III').",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "familyName",
"description": "The last name/family name of the User",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "givenName",
"description": "The first name/given name of the User",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "middleName",
"description": "The middle name(s) of the User",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "honorificPrefix",
"description": "The honorific prefix(es) of the User(e.g., 'Ms.')",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "honorificSuffix",
"description": "The honorific suffix(es) of the User, or suffix in most Western languages (e.g., 'III' given the full name 'Ms. Barbara J Jensen, III').",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
}
]
},
{
"name": "displayName",
"description": "The name of the User to be displayed",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "nickName",
"description": "The casual way to address the user in real life",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "title",
"description": "The user's job title, such as \"Vice President.\"",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "preferredLanguage",
"description": "Indicates the User's preferred written or spoken language. Generally used for selecting a localized user interface; e.g., 'en_US' specifies the language English and country US.",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "timezone",
"description": "The User's time zone in the 'Olson' time zone database format, e.g., 'America/Los_Angeles'.",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "active",
"description": "A Boolean value indicating the User's administrative status.",
"mutability": "readWrite",
"type": "boolean",
"multiValued": false,
"returned": "default",
"required": false
},
{
"name": "emails",
"description": "Email addresses for the user",
"mutability": "readWrite",
"type": "complex",
"multiValued": true,
"returned": "default",
"required": true,
"subAttributes": [
{
"name": "value",
"description": "Email addresses for the user",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "type",
"description": "A label indicating the attribute's function, e.g., 'work' or 'home'.",
"canonicalValues": [
"work",
"home",
"other"
],
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "primary",
"description": "A Boolean value indicating the primary email address",
"mutability": "readWrite",
"type": "boolean",
"multiValued": false,
"returned": "default",
"required": false
}
]
},
{
"name": "phoneNumbers",
"description": "Phone numbers for the User",
"mutability": "readWrite",
"type": "complex",
"multiValued": true,
"returned": "default",
"required": false,
"subAttributes": [
{
"name": "value",
"description": "Phone number of the User.",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "type",
"description": "A label indicating the attribute's function, e.g., 'work', 'home', 'mobile'.",
"canonicalValues": [
"work",
"home",
"mobile",
"fax",
"pager",
"other"
],
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
}
]
},
{
"name": "groups",
"description": "A list of groups to which the user belongs, either through direct membership, through nested groups, or dynamically calculated.",
"mutability": "readOnly",
"type": "complex",
"multiValued": true,
"returned": "default",
"required": false,
"subAttributes": [
{
"name": "value",
"description": "The identifier of the User's group.",
"mutability": "readOnly",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "$ref",
"referenceTypes": [
"User",
"Group"
],
"description": "The URI of the corresponding 'Group' resource to which the user belongs.",
"mutability": "readOnly",
"type": "reference",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "display",
"description": "A human-readable name, primarily used for display purposes. READ-ONLY.",
"mutability": "readOnly",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "type",
"description": "A label indicating the attribute's function, e.g., 'direct' or 'indirect'.",
"canonicalValues": [
"direct",
"indirect"
],
"mutability": "readOnly",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
}
]
},
{
"name" : "meta",
"multiValued" : false,
"description" : "A complex attribute containing resource metadata.",
"mutability" : "readOnly",
"subAttributes" : [
{
"name" : "resourceType",
"multiValued" : false,
"description" : "The name of the resource type of the resource.",
"mutability" : "readOnly",
"caseExact" : true
},
{
"name" : "created",
"multiValued" : false,
"type" : "dateTime",
"description" : "The \"DateTime\" that the resource was added to the service provider."
},
{
"name" : "lastModified",
"multiValued" : false,
"type" : "dateTime",
"description" : "The most recent DateTime that the details of this resource were updated at the service provider. If this resource has never been modified since its initial creation, the value MUST be the same as the value of \"created\"."
},
{
"name" : "location",
"multiValued" : false,
"description" : "The URI where the resource is available",
"mutability" : "readOnly",
"caseExact" : true
},
{
"name" : "version",
"multiValued" : false,
"description" : "The version of the resource being returned. This value must be the same as the entity-tag (ETag) HTTP response header (see Sections 2.1 and 2.3 of [RFC7232]). This attribute has \"caseExact\" as \"true\". Service provider support for this attribute is optional and subject to the service provider's support for versioning (see Section 3.14 of [RFC7644]). If a service provider provides \"version\" (entity-tag) for a representation and the generation of that entity-tag does not satisfy all of the characteristics of a strong validator (see Section 2.1 of [RFC7232]), then the origin server MUST mark the \"version\" (entity-tag) as weak by prefixing its opaque value with \"W/\" (case sensitive).",
"mutability" : "readOnly",
"caseExact" : true
}
]
},
{
"name" : "schemas",
"multiValued" : true,
"description" : "The \"schemas\" attribute is a REQUIRED attribute and is an array of Strings containing URIs that are used to indicate the namespaces of the SCIM schemas that define the attributes present in the current JSON structure. This attribute may be used by parsers to define the attributes present in the JSON structure that is the body to an HTTP request or response. Each String value must be a unique URI. All representations of SCIM schemas MUST include a non-empty array with value(s) of the URIs supported by that representation. The \"schemas\" attribute for a resource MUST only contain values defined as \"schema\" and \"schemaExtensions\" for the resource's defined \"resourceType\". Duplicate values MUST NOT be included. Value order is not specified and MUST NOT impact behavior.",
"mutability" : "readOnly",
"returned" : "always",
"caseExact" : true,
"required" : true
}
]
}
CODE
Sample User
A sample User created in Jira is given below
{
"schemas": [
"urn:scim:schemas:extension:atlassian-external:1.0",
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"urn:scim:schemas:extension:atlassian-external:1.0": {
"atlassianAccountId": "607d3d5ef74b3f006a03a61g"
},
"id": "ff2862db-864d-48db-93a4-162e2427ee7b",
"userName": "Jerome",
"name": {
"formatted": "Jerome A.",
"familyName": "Andrews",
"givenName": "Jerome"
},
"displayName": "Jerome",
"active": true,
"emails": [
{
"type": "WORK",
"value": "jerome@example.com",
"primary": true
}
],
"groups": [
{
"display": "Developers Group",
"type": "Group",
"value": "d84adcec-0818-4852-aad3-cbe79a614e1c",
"$ref": "https://api.atlassian.com/scim/directory/{groupId}/Groups/{directoryId}"
}
],
"meta": {
"created": "2021-06-14T13:54:45.689667Z",
"location": "https://api.atlassian.com/scim/directory/{directoryId}/Users/{userId}",
"lastModified": "2021-06-14T13:54:45.689667Z",
"resourceType": "User"
}
}
CODE
Implementation
The following methods of the target system connector interface defined in the connector SPI needs to be implemented for Account resource.
Get Schema
CODE
|
Get Resource Type
CODE
|
Get SCIM Resource Service Information
CODE
|
Get Health
CODE
|
Create Resource
CODE
|
Get Resource
CODE
|
Replace Resource
CODE
|
Update Resource
CODE
|
Delete Resource
CODE
|
Search Resource
public ListResponse searchResource(SearchRequest searchRequest) throws BadRequestException, PayloadTooLargeException, InternalServerErrorException, NotImplementedException {
if the filter parameter is empty
return all(*) instances of the given resource type are returned
otherwise
set query as per the requirement
call https://your-domain.atlassian.net/rest/api/2/user/search?query=query with Authorization and Accept as headers where query=<string> where the string can be a displayName, emailAddress or a substring of either displayName or emailAddress
and can be used for querying users
in case of multiple pages, pagination can be done using start and limit in query parameters
if searchRequest is unparsable, syntactically incorrect, or violates schema
throw BadRequestException
if payload size in bytes exceeds the max payload size
throw PayloadTooLargeException
if error occurs during resource search
throw InternalServerErrorException
if no logic is implemented
throw NotImplementedException
return the list of resource objects matching the searchRequest
}
CODE