Menu
▾
▴
Re: [Unity-idm-discuss] Push notifications on group changes
|
From: Krzysztof B. <kb...@un...> - 2020-01-14 07:56:58
|
Dear Sander, W dniu 13.01.2020 o 14:32, Sander Apweiler pisze: > Dear Krzysztof, > > on one of our unity instance we use the group management of unity and > service grant access/quotas based on group membership. Some of the > service use unity only for account creation and thereafter users have > access possibilities which bypass unity. In this cases the group > membership information needs to be updated regularly. > > The administrators of this services asked if unity is able to send push > notifications to the group membership as changed. AFAIK unity does not > offer this, but can it be covered by groovy script extensions? Yes, all of that should be possible. Groovy script can get triggered when user is added and removed from any group. After enabling low-level events and their logging check for events around GroupsManagement . addMemberFromParent and removeMember events. http://www.unity-idm.eu/documentation/unity-3.1.0/apidocs/index.html In context you will get EntityParam which you can use in groovy o obtain any information about a user you need. The only downside of it is that you need to check this after each unity update, we do not guarantee stability of those internal interfaces. Though good news is those basic ones change extremely rarely. > The administrators also ask if it would be possible to tell which > entity has changed and also to provide an access token. The service > will use this to update the local (service) user representation with > querying the user info endpoint. Would it be possible to put some of > this information in the (script based) notification? So regarding entity details it is possible. You can also push all relevant attributes of the user with the notification. I'm not sure about what access token you want here. Certainly it is possible to generate something, but I don't have understanding of requirements here (and why not to simply push required info without additional call) HTH Krzysztof |
