Updated on 2024-11-18 GMT+08:00

Querying Mapping Details

Function

This API is used to query the details of a mapping.

The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.

Debugging

You can debug this API in API Explorer.

URI

GET /v3/OS-FEDERATION/mappings/{id}

Table 1 URI parameters

Parameter

Mandatory

Type

Description

id

Yes

String

ID of the mapping to be queried.

Request Parameters

Table 2 Parameters in the request header

Parameter

Mandatory

Type

Description

Content-Type

Yes

String

Fill application/json;charset=utf8 in this field.

X-Auth-Token

Yes

String

Access token issued to a user to bear its identity and permissions.

For details about the permissions required by the token, see Actions.

Response Parameters

Table 3 Parameters in the response body

Parameter

Type

Description

mapping

Object

Mapping information.

Table 4 mapping

Parameter

Type

Description

id

String

Mapping ID.

links

Object

Mapping resource link information.

rules

Array of objects

Rule used to map federated users to local users.

Table 6 mappings.rules

Parameter

Type

Description

local

Array of RulesLocal objects

Federated user information on the cloud platform. user indicates the name of a federated user on the cloud platform. group indicates the group which a federated user belongs to on the cloud platform.

remote

Array<Object>

Federated user information in the IdP system. This field is an expression consisting of assertion attributes and operators. The value of this parameter is determined by the assertion.

Table 7 mappings.rules.local

Parameter

Type

Description

user

user object

Name of a federated user on the cloud platform.

group

group object

User group which a federated user belongs to on the cloud platform.

Table 8 mappings.rules.local.user

Parameter

Type

Description

name

String

Name of a federated user on the cloud platform.

Table 9 mappings.rules.local.group

Parameter

Type

Description

name

String

User group which a federated user belongs to on the cloud platform.

Table 10 mapping.rules.remote

Parameter

Type

Description

type

String

IdP assertion (SAML) or ID token (OIDC)

any_one_of

Array of strings

The rule is matched only if the specified strings appear in the attribute type. The condition result is Boolean rather than the argument that is passed as input. In a remote array, any_one_of and not_any_of are mutually exclusive and cannot be set at the same time.

not_any_of

Array of strings

The rule is matched only if the specified strings do not appear in the attribute type. The condition result is Boolean rather than the argument that is passed as input. any_one_of and not_any_of are mutually exclusive and cannot be set at the same time.

Example Request

Request for querying mapping details

GET https://iam.myhuaweicloud.com/v3/OS-FEDERATION/mappings/{id}

Example Response

Status code: 200

The request is successful.

{
    "mapping": {
        "rules": [
            {
                "local": [
                    {
                        "user": {
                            "name": "LocalUser"
                        }
                    },
                    {
                        "group": {
                            "name": "LocalGroup"
                        }
                    }
                ],
                "remote": [
                    {
                        "type": "UserName"
                    },
                    {
                        "type": "orgPersonType",
                        "not_any_of": [
                            "Contractor",
                            "Guest"
                        ]
                    }
                ]
            }
        ],
        "id": "ACME",
        "links": {
            "self": "https://iam.myhuaweicloud.com/v3/OS-FEDERATION/mappings/ACME"
        }
    }
}

Status Codes

Status Code

Description

200

The request is successful.

400

Invalid parameters.

401

Authentication failed.

403

Access denied.

404

The requested resource cannot be found.

405

The method specified in the request is not allowed for the requested resource.

413

The request entity is too large.

500

Internal server error.

503

Service unavailable.

Error Codes

None