OData Gateway
Overview
UNIFYBroker can act as an OData server, enabling interactions with target identity managers over OData v4.
Usage
An OData gateway enables create/read/update/delete operations against the adapter entity contexts in UNIFYBroker using the OData v4 protocol. For details on the protocol, see OData Version 4.0 Protocol.
Entity Contexts
The entity contexts can be accessed at http://{servername}:{port}/Adapters({adapterId})/Entities.
Schemas
The OData schema is located at http://{servername}:{port}/$metadata. Adapter entities are represented as open types which have at minimum the following attributes: EntityId, PartitionId, DN, Class, ContainerId, CreatedTime, ModifiedTime. The attributes as defined by the adapter schema are undeclared.
Changes
You can find recently changed entities simply by filtering an entity collection on the ModifiedTime property, e.g. by searching http://{servername}:{port}/Adapters({adapterId})/Entities?$filter=ModifiedTime gt 2017-01-01T00:00:00Z.
Configuration
In addition to the common gateway configuration shared by all gateways, the OData gateway requires the following by way of configuration:
| Name | Description |
|---|---|
| Address | The endpoint address to which the OData server should bind. This should be of the form http://{servername}:{port} |
| Authentication | The type of authentication to use to secure the OData server. |
| Tenancy |
Only required when Authentication is AzureActiveDirectoryBearer The Azure Active Directory tenancy, e.g. yourdomain.onmicrosoft.com |
| Audience |
Only required when Authentication is AzureActiveDirectoryBearer The Azure Active Directory audience, e.g. yourdomain.onmicrosoft.com/3b67f7a3-64cd-48a8-9f25-4ae9b8628148 |
Customer support service by UserEcho
An example URL is "http://localhost:59992/Adapters(cd1a188b-a722-4dab-b1d0-d62c2205487a)/Entities". I had to specify an "Accept: application/json" header or else a 404 error was returned by Invoke-RESTMethod in PowerShell.