OData Gateway


UNIFYBroker can act as an OData server, enabling interactions with target identity managers over OData v4.


An OData gateway enables create/read/update/delete operations against the adapter entity contexts in UNIFYBroker using the OData v4 protocol. For details on the protocol, see OData Version 4.0 Protocol.

Entity Contexts

The entity contexts can be accessed at http://{servername}:{port}/Adapters({adapterId})/Entities.


The OData schema is located at http://{servername}:{port}/$metadata. Adapter entities are represented as open types which have at minimum the following attributes: EntityId, PartitionId, DN, Class, ContainerId, CreatedTime, ModifiedTime. The attributes as defined by the adapter schema are undeclared.


You can find recently changed entities simply by filtering an entity collection on the ModifiedTime property, e.g. by searching http://{servername}:{port}/Adapters({adapterId})/Entities?$filter=ModifiedTime gt 2017-01-01T00:00:00Z.


In addition to the common gateway configuration shared by all gateways, the OData gateway requires the following by way of configuration:

Image 4011

Name Description
Address The endpoint address to which the OData server should bind. This should be of the form http://{servername}:{port}
Authentication The type of authentication to use to secure the OData server.

Only required when Authentication is AzureActiveDirectoryBearer

The Azure Active Directory tenancy, e.g. yourdomain.onmicrosoft.com


Only required when Authentication is AzureActiveDirectoryBearer

The Azure Active Directory audience, e.g. yourdomain.onmicrosoft.com/3b67f7a3-64cd-48a8-9f25-4ae9b8628148

Is this article helpful for you?

An example URL is "http://localhost:59992/Adapters(cd1a188b-a722-4dab-b1d0-d62c2205487a)/Entities".  I had to specify an "Accept: application/json" header or else a 404 error was returned by Invoke-RESTMethod in PowerShell.