Updated on 2023-09-14 GMT+08:00

Listing Mappings

Function

This API is used to list all mappings.

The API can be called using both the global endpoint and region-specific endpoints.

URI

GET /v3/OS-FEDERATION/mappings

Request Parameters

Table 1 Parameters in the request header

Parameter

Mandatory

Type

Description

Content-Type

Yes

String

Fill application/json;charset=utf8 in this field.

X-Auth-Token

Yes

String

Access token issued to a user to bear its identity and permissions.

For details about the permissions required by the token, see Actions.

Response Parameters

Table 2 Parameters in the response body

Parameter

Type

Description

links

Links object

Resource link information.

mappings

Array of MappingResult objects

Mapping information.

Table 4 mappings

Parameter

Type

Description

id

String

Mapping ID.

links

Object

Mapping resource link information.

rules

Array of objects

Rule used to map federated users to local users.

Table 6 mappings.rules

Parameter

Type

Description

local

Array of RulesLocal objects

Federated user information on the cloud platform. user indicates the name of a federated user on the cloud platform. group indicates the group to which a federated user belongs on the cloud platform.

remote

Array<Object>

Federated user information in the IdP system. This field is an expression consisting of assertion attributes and operators. The value of this field is determined by the assertion.

Table 7 mappings.rules.local

Parameter

Type

Description

user

user object

Name of a federated user on the cloud platform.

group

group object

User group to which a federated user belongs on the cloud platform.

groups

String

User groups to which a federated user belongs on the cloud platform.

Table 8 mappings.rules.local.user

Parameter

Type

Description

name

string

Name of a federated user on the cloud platform.

Table 9 mappings.rules.local.group

Parameter

Type

Description

name

string

User group to which a federated user belongs on the cloud platform.

Table 10 mappings.rules.remote

Parameter

Type

Description

type

String

IdP assertion (SAML) or ID token (OIDC)

any_one_of

Array of strings

The rule is matched only if the specified strings appear in the attribute type. The condition result is Boolean rather than the argument that is passed as input. In a remote array, any_one_of and not_any_of are mutually exclusive and cannot be set at the same time.

not_any_of

Array of strings

The rule is matched only if the specified strings do not appear in the attribute type. The condition result is Boolean rather than the argument that is passed as input. any_one_of and not_any_of are mutually exclusive and cannot be set at the same time.

Example Request

Request for querying mappings

GET https://iam.myhuaweicloud.eu/v3/OS-FEDERATION/mappings

Example Response

Status code: 200

The request is successful.

{
    "mappings": [
        {
            "rules": [
                {
                    "local": [
                        {
                            "user": {
                                "name": "LocalUser"
                            }
                        },
                        {
                            "group": {
                                "name": "LocalGroup"
                            }
                        }
                    ],
                    "remote": [
                        {
                            "type": "UserName"
                        },
                        {
                            "type": "orgPersonType",
                            "not_any_of": [
                                "Contractor",
                                "Guest"
                            ]
                        }
                    ]
                }
            ],
            "id": "ACME",
            "links": {
                "self": "https://iam.myhuaweicloud.eu/v3/OS-FEDERATION/mappings/ACME"
            }
        }
    ],
    "links": {
        "self": "https://iam.myhuaweicloud.eu/v3/OS-FEDERATION/mappings",
        "previous": null,
        "next": null
    }
}

Status Codes

Status Code

Description

200

The request is successful.

400

Invalid parameters.

401

Authentication failed.

403

Access denied.

404

The requested resource cannot be found.

405

The method specified in the request is not allowed for the requested resource.

413

The request entity is too large.

500

Internal server error.

503

Service unavailable.

Error Codes

None