SCIM Group API Basics

Liferay DXP 2024.Q1+ Beta Feature

Liferay provides a headless API to perform CRUD operations on SCIM groups to keep their information in sync with your company’s applications. SCIM groups are analogous to user groups in Liferay. Use the /scim endpoint from the API Explorer to manage SCIM groups.

Adding a Group

Start a new Liferay DXP instance by running

docker run -it -m 8g -p 8080:8080 liferay/dxp:2024.q2.11

Sign in to Liferay at http://localhost:8080 using the email address test@liferay.com and the password test. When prompted, change the password to learn.

Once Liferay is running,

1. Download and unzip SCIM Group API Basics.

   curl https://resources.learn.liferay.com/dxp/latest/en/installation-and-upgrades/securing-liferay/developer-guide/liferay-p9z7.zip -O
   

   unzip liferay-p9z7.zip
   

2. Use the cURL script to add a SCIM group in Liferay. On the command line, navigate to the curl folder. Execute the Group_POST_ToInstance.sh script.

   ./Group_POST_ToInstance.sh
   

   The JSON response shows the addition of a new SCIM group:

   {
      "displayName": "Foo",
      "meta": {
         "created": "2024-03-13T11:51:35Z",
         "location": "http://localhost:8080/o/scim/v1.0/v2/Groups/36449",
         "lastModified": "2024-03-13T11:51:35Z",
         "resourceType": "Group"
      },
      "schemas": [
         "urn:ietf:params:scim:schemas:core:2.0:Group"
      ],
      "externalId": "eef7340d-3bc8-201b-76ae-411ec3a4ed1e",
      "id": "36449"
   }
   

3. Verify this by opening the Global Menu (), and navigating to Control Panel → Users Groups. See that a new user group has been added.

   

4. Alternatively, call the REST service using the Java client. Navigate into the java folder and compile the source files:

   javac -classpath .:* *.java
   

5. Run the Group_POST_ToInstance class.

   java -classpath .:* Group_POST_ToInstance
   

Examine the cURL Command

The Group_POST_ToInstance.sh script calls the REST service with a cURL command.

curl \
   "http://localhost:8080/o/scim/v1.0/v2/Groups" \
   --data-raw '
      {
         "displayName": "Foo"
      }' \
   --header "Content-Type: application/scim+json" \
   --request "POST" \
   --user "test@liferay.com:learn"

Here are the command’s arguments:

Examine the Java Class

The Group_POST_ToInstance.java class adds a SCIM group by calling the GroupResource service.

public static void main(String[] args) throws Exception {
	GroupResource.Builder builder = GroupResource.builder();

	GroupResource groupResource = builder.authentication(
		"test@liferay.com", "learn"
	).build();

	groupResource.postV2Group(
		new Group() {
			{
				displayName = "Foo";
			}
		});
}

This class invokes the REST service using only three lines of code:

Note that the project includes the com.liferay.scim.rest.client.jar file as a dependency. You can find client JAR dependency information for all REST applications in the API explorer in your installation at /o/api (e.g., http://localhost:8080/o/api).

Groups_GET_FromInstance.sh

Command:

./Groups_GET_FromInstance.sh

Code:

curl \
   "http://localhost:8080/o/scim/v1.0/v2/Groups" \
   --user "test@liferay.com:learn"

Groups_GET_FromInstance.java

Command:

java -classpath .:* Groups_GET_FromInstance

Code:

public static void main(String[] args) throws Exception {
	GroupResource.Builder builder = GroupResource.builder();

	GroupResource groupResource = builder.authentication(
		"test@liferay.com", "learn"
	).build();

	System.out.println(groupResource.getV2Groups(null, null));
}

The Group objects of your Liferay instance are listed in JSON.

Read API Query Parameters for more information.

Get a Group

Get a specific group with the following cURL or Java command. Replace 1234 with the group’s ID.

Group_GET_ById.sh

Command:

./Group_GET_ById.sh 1234

Code:

curl \
   "http://localhost:8080/o/scim/v1.0/v2/Groups/${1}" \
   --user "test@liferay.com:learn"

Group_GET_ById.java

Command:

java -classpath .:* -DgroupId=1234 Group_GET_ById

Code:

public static void main(String[] args) throws Exception {
	GroupResource.Builder builder = GroupResource.builder();

	GroupResource groupResource = builder.authentication(
		"test@liferay.com", "learn"
	).build();

	System.out.println(
		groupResource.getV2GroupById(
			String.valueOf(System.getProperty("groupId"))));
}

The Group fields are listed in JSON.

Put a Group

Update an existing group with the following cURL and Java commands. Replace 1234 with your group’s ID.

Group_PUT_ById.sh

Command:

./Group_PUT_ById.sh 1234

Code:

curl \
   "http://localhost:8080/o/scim/v1.0/v2/Groups/${1}" \
   --data-raw '
      {
         "displayName": "Bar"
      }' \
   --header "Content-Type: application/scim+json" \
   --request "PUT" \
   --user "test@liferay.com:learn"

Group_PUT_ById.java

Command:

java -classpath .:* -DgroupId=1234 Group_PUT_ById

Code:

public static void main(String[] args) throws Exception {
	GroupResource.Builder builder = GroupResource.builder();

	GroupResource groupResource = builder.authentication(
		"test@liferay.com", "learn"
	).build();

	groupResource.putV2Group(
		String.valueOf(System.getProperty("groupId")),
		new Group() {
			{
				displayName = "Bar";
			}
		});
}

Delete a Group

Delete an existing group with the following cURL and Java commands. Replace 1234 with your group’s ID.

Group_DELETE_ById.sh

Command:

./Group_DELETE_ById.sh 1234

Code:

curl \
   "http://localhost:8080/o/scim/v1.0/v2/Groups/${1}" \
   --request "DELETE" \
   --user "test@liferay.com:learn"

Group_DELETE_ById.java

Command

java -classpath .:* -DgroupId=1234 Group_DELETE_ById

Code:

public static void main(String[] args) throws Exception {
	GroupResource.Builder builder = GroupResource.builder();

	GroupResource groupResource = builder.authentication(
		"test@liferay.com", "learn"
	).build();

	groupResource.deleteV2Group(
		String.valueOf(System.getProperty("groupId")));
}

The API Explorer lists all of the Group services and schemas and has an interface to try out each service.

Related Topics

• Consuming REST Services