Identity Manager Public Data REST API
This article includes updates for Identity Manager 5.1.0.
This article describes the Identity Manager Public Data REST API which can be used to query data from Identity Manager Operator.
The Identity Manager Public Data REST API is not displayed by default and should remain disabled in production environments to avoid exposing unnecessary information.
Search configuration
Searching for data in Identity Manager is represented by a concept named SearchConfig. In general, performing a search through Identity Manager Public Data REST API will provide the same capabilities as using the GUI of Identity Manager Operator.
A SearchConfig encompasses the data source, the search filters/parameters and the resulting data output. It operates on the data structures CoreTemplate and DataPool which are basically a list of fields. The search filters allow to put constraints on fields while the data output is selected through result columns. A SearchConfig is configured via the Identity Manager Admin application.
Permissions
Every request to Identity Manager Public Data REST API requires an authentication. For convenience it supports Basic Auth, please ensure that the Authorization HTTP header is set accordingly. Alternatively you can use Mutual TLS which requires to setup an HTTP Connector.
Also the user needs a proper authorization in order to use the Public Data REST API in general. So please assign the Public Data ReST API: Search general runtime permission using the Roles or the User Administration in Identity Manager Admin.
Additionally, using a SearchConfig through the REST API requires 2 settings in Identity Manager Admin:
The purpose
Public REST Apimust be checked.The user needs the 'Execute' permission.
Endpoints
This section lists the available endpoints of Identity Manager Public Data REST API.
Be aware that the REST API delivers a snapshot of the data at the time of the HTTP request. The payloads are noted with JSON.
Authentication
HTTP Authentication, scheme: basic
Client Certificate
Open API
For development and testing purposes you may consult the OpenAPI documentation under http://{idm-operator-context}/ws/swagger-ui/index.html It supports the Basic Auth authorization and it is only available when the openapi Spring profile is active.
To enable the OpenAPI documentation, start the application with the following JVM (Java Virtual Machine) option:
-Dspring.profiles.active=openapiThe JVM Options can be modified by either modifying the JAVA_OPTS or CATALINA_OPTS.
For security reasons, make sure that the VM option is not present in a production environment.
Search endpoints
GET /data/search/{name}
Execute the given PRE-CONFIGURED search configuration and wait for the results.
Parameters
Name | In | Type | Required | Description |
|---|---|---|---|---|
name | path | string | true | The name of the search configuration |
page | query | integer(int32) | false | The page index (1..N) |
pageSize | query | integer(int32) | false | The size of the page to be returned |
tenantId | query | integer(int32) | true | The tenant ID |
Example responses
OK - The results of the given search.
{
"meta": {
"name": "SearchConfigPersons",
"date": "2025-06-05T14:49:48",
"totalSize": 40,
"page": 2,
"pageSize": 10
},
"result": {
"reference": {
"type": "CORE_TEMPLATE",
"name": "Person"
},
"rows": [
{
"FirstName": "John",
"LastName": "Smith"
}
]
},
"links": [
{
"rel": "self",
"href": "/data/search/SearchConfigPersons?page=2&pageSize=10"
},
{
"rel": "describedBy",
"href": "/data/resources/search/SearchConfigPersons"
},
{
"rel": "previous",
"href": "/data/search/SearchConfigPersons?page=1&pageSize=10"
},
{
"rel": "next",
"href": "/data/search/SearchConfigPersons?page=3&pageSize=10"
}
]
}Responses
Status | Meaning | Description | Schema |
|---|---|---|---|
200 | OK - The results of the given search. | None | |
400 | Bad Request - The given input (request body or query parameter) is not valid. | None | |
401 | Unauthorized - The request requires authentication to access the resource. | None | |
403 | Forbidden - The authenticated request requires permissions to access the resource. | None | |
406 | Not Acceptable - There is no representation of the resource for the given accept header. | None | |
422 | Unprocessable Content - The execution of the search failed (e.g. result size > max count). | None | |
500 | Internal Server Error - The execution of this request caused an unexpected error. | None |
POST /data/search/{name}
Execute the given CUSTOMIZED search configuration and wait for the results.
Body parameter
{
"search": {
"reference": {
"type": "CORE_TEMPLATE",
"name": "Person"
},
"filters": [
{
"name": "FirstName",
"value": "John",
"condition": "EQUALS"
},
{
"name": "LastName",
"value": "Smith",
"condition": "EQUALS"
}
]
},
"result": {
"reference": {
"type": "CORE_TEMPLATE",
"name": "Person"
},
"filters": [],
"columns": {
"fields": [
"FirstName",
"LastName"
],
"sort": [
"FirstName|ASC",
"LastName|DESC"
]
}
}
}Parameters
Name | In | Type | Required | Description |
|---|---|---|---|---|
name | path | string | true | The name of the search configuration |
page | query | integer(int32) | false | The page index (1..N) |
pageSize | query | integer(int32) | false | The size of the page to be returned |
tenantId | query | integer(int32) | true | The tenant ID |
body | body | false | The search request |
Example responses
OK - The results of the given search.
{
"meta": {
"name": "SearchConfigPersons",
"date": "2025-06-05T14:49:48",
"totalSize": 40,
"page": 2,
"pageSize": 10
},
"result": {
"reference": {
"type": "CORE_TEMPLATE",
"name": "Person"
},
"rows": [
{
"FirstName": "John",
"LastName": "Smith"
}
]
},
"links": [
{
"rel": "self",
"href": "/data/search/SearchConfigPersons?page=2&pageSize=10"
},
{
"rel": "describedBy",
"href": "/data/resources/search/SearchConfigPersons"
},
{
"rel": "previous",
"href": "/data/search/SearchConfigPersons?page=1&pageSize=10"
},
{
"rel": "next",
"href": "/data/search/SearchConfigPersons?page=3&pageSize=10"
}
]
}Responses
Status | Meaning | Description | Schema |
|---|---|---|---|
200 | OK - The results of the given search. | None | |
400 | Bad Request - The given input (request body or query parameter) is not valid. | None | |
401 | Unauthorized - The request requires authentication to access the resource. | None | |
403 | Forbidden - The authenticated request requires permissions to access the resource. | None | |
406 | Not Acceptable - There is no representation of the resource for the given accept header. | None | |
415 | Unsupported Media Type - A request body of the given media type is not supported. | None | |
422 | Unprocessable Content - The execution of the search failed (e.g. result size > max count). | None | |
500 | Internal Server Error - The execution of this request caused an unexpected error. | None |
POST /data/async-search/{name}
Trigger the asynchronous execution of the given CUSTOMIZED search configuration.
Body parameter
{
"search": {
"reference": {
"type": "CORE_TEMPLATE",
"name": "Person"
},
"filters": [
{
"name": "FirstName",
"value": "John",
"condition": "EQUALS"
},
{
"name": "LastName",
"value": "Smith",
"condition": "EQUALS"
}
]
},
"result": {
"reference": {
"type": "CORE_TEMPLATE",
"name": "Person"
},
"filters": [],
"columns": {
"fields": [
"FirstName",
"LastName"
],
"sort": [
"FirstName|ASC",
"LastName|DESC"
]
}
}
}Parameters
Name | In | Type | Required | Description |
|---|---|---|---|---|
name | path | string | true | The name of the search configuration |
page | query | integer(int32) | false | The page index (1..N) |
pageSize | query | integer(int32) | false | The size of the page to be returned |
tenantId | query | integer(int32) | true | The tenant ID |
body | body | false | The search request |
Example responses
202 Response
"55b78e0e-1623-4549-9e86-1c2287d50968"Responses
Status | Meaning | Description | Schema |
|---|---|---|---|
202 | Accepted - A search order has been initiated. Retrieve the results at the indicated location. | None | |
400 | Bad Request - The given input (request body or query parameter) is not valid. | None | |
401 | Unauthorized - The request requires authentication to access the resource. | None | |
403 | Forbidden - The authenticated request requires permissions to access the resource. | None | |
406 | Not Acceptable - There is no representation of the resource for the given accept header. | None | |
415 | Unsupported Media Type - A request body of the given media type is not supported. | None | |
500 | Internal Server Error - The execution of this request caused an unexpected error. | None | |
507 | Insufficient Storage - Currently, there is no memory availabe to hold the results of the asynchronous search. | None |
GET /data/async-search/{name}/result-set/{uuid}
Get the results of an asynchronous search.
Parameters
Name | In | Type | Required | Description |
|---|---|---|---|---|
name | path | string | true | The name of the search configuration |
uuid | path | string(uuid) | true | The UUID from the asynchronous search execution |
tenantId | query | integer(int32) | true | The tenant ID |
Example responses
OK - The result of the asynchronous search.
{
"meta": {
"name": "SearchConfigPersons",
"date": "2025-06-05T14:49:48",
"totalSize": 40,
"page": 2,
"pageSize": 10
},
"result": {
"reference": {
"type": "CORE_TEMPLATE",
"name": "Person"
},
"rows": [
{
"FirstName": "John",
"LastName": "Smith"
}
]
},
"links": [
{
"rel": "self",
"href": "/data/search/SearchConfigPersons?page=2&pageSize=10"
},
{
"rel": "describedBy",
"href": "/data/resources/search/SearchConfigPersons"
},
{
"rel": "previous",
"href": "/data/search/SearchConfigPersons?page=1&pageSize=10"
},
{
"rel": "next",
"href": "/data/search/SearchConfigPersons?page=3&pageSize=10"
}
]
}Responses
Status | Meaning | Description | Schema |
|---|---|---|---|
200 | OK - The result of the asynchronous search. | None | |
400 | Bad Request - The given input (request body or query parameter) is not valid. | None | |
401 | Unauthorized - The request requires authentication to access the resource. | None | |
403 | Forbidden - The authenticated request requires permissions to access the resource. | None | |
406 | Not Acceptable - There is no representation of the resource for the given accept header. | None | |
409 | Conflict - The asynchronous search is still ongoing. Retry after the suggest time. | None | |
410 | Gone - The asynchronous search is not available anymore. | None | |
416 | Range Not Satisfiable - The result does not belong to the given asynchronous search. | None | |
422 | Unprocessable Content - The execution of the search failed (e.g. result size > max count). | None | |
500 | Internal Server Error - The execution of this request caused an unexpected error. | None |
DELETE /data/async-search/{name}/result-set/{uuid}
Remove the result of an asynchronous search immediately.
Parameters
Name | In | Type | Required | Description |
|---|---|---|---|---|
name | path | string | true | The name of the search configuration |
uuid | path | string(uuid) | true | The UUID from the asynchronous search execution |
tenantId | query | integer(int32) | true | The tenant ID |
Responses
Status | Meaning | Description | Schema |
|---|---|---|---|
204 | No Content - The results are successfully removed. | None | |
400 | Bad Request - The given input (request body or query parameter) is not valid. | None | |
401 | Unauthorized - The request requires authentication to access the resource. | None | |
403 | Forbidden - The authenticated request requires permissions to access the resource. | None | |
406 | Not Acceptable - There is no representation of the resource for the given accept header. | None | |
416 | Range Not Satisfiable - The result does not belong to the given asynchronous search. | None | |
500 | Internal Server Error - The execution of this request caused an unexpected error. | None |
GET /data/resources/search
List the available searches.
<h3 id="listavailablesearches-parameters">Parameters</h3>
Name | In | Type | Required | Description |
|---|---|---|---|---|
tenantId | query | integer(int32) | true | The tenant ID |
Example responses
OK - The available searches.
{
"links": [
{
"rel": "self",
"href": "/data/resources/search"
}
],
"content": [
{
"name": "SearchConfigPersons",
"links": [
{
"rel": "describedBy",
"href": "/data/resources/search/SearchConfigPersons"
},
{
"rel": "search",
"href": "/data/search/SearchConfigPersons?page,pageSize"
},
{
"rel": "search",
"href": "/data/async-search/SearchConfigPersons?page,pageSize"
}
]
},
{
"name": "SearchConfigCertificates",
"links": [
{
"rel": "describedBy",
"href": "/data/resources/search/SearchConfigCertificates"
},
{
"rel": "search",
"href": "/data/search/SearchConfigCertificates?page,pageSize"
},
{
"rel": "search",
"href": "/data/async-search/SearchConfigCertificates?page,pageSize"
}
]
}
]
}Responses
Status | Meaning | Description | Schema |
|---|---|---|---|
200 | OK - The available searches. | None | |
401 | Unauthorized - The request requires authentication to access the resource. | None | |
403 | Forbidden - The authenticated request requires permissions to access the resource. | None | |
406 | Not Acceptable - There is no representation of the resource for the given accept header. | None | |
500 | Internal Server Error - The execution of this request caused an unexpected error. | None |
GET /data/resources/search/{name}
Get the configuration of the given search.
Parameters
Name | In | Type | Required | Description |
|---|---|---|---|---|
name | path | string | true | The name of the search configuration |
tenantId | query | integer(int32) | true | The tenant ID |
Example responses
OK - The search configuration
{
"search": {
"reference": {
"type": "CORE_TEMPLATE",
"name": "Person"
},
"filters": [
{
"name": "FirstName",
"value": "John",
"condition": "EQUALS"
},
{
"name": "LastName",
"value": "Smith",
"condition": "EQUALS"
}
]
},
"result": {
"reference": {
"type": "CORE_TEMPLATE",
"name": "Person"
},
"filters": [],
"columns": {
"fields": [
"FirstName",
"LastName"
],
"sort": [
"FirstName|ASC",
"LastName|DESC"
]
}
},
"links": [
{
"rel": "self",
"href": "/data/resources/search/SearchConfigPersons"
},
{
"rel": "search",
"href": "/data/search/SearchConfigPersons?page,pageSize"
},
{
"rel": "search",
"href": "/data/async-search/SearchConfigPersons?page,pageSize"
}
]
}{
"search": {
"reference": {
"type": "CORE_TEMPLATE",
"name": "Person"
},
"filters": [
{
"name": "FirstName",
"value": "John",
"condition": "EQUALS"
},
{
"name": "LastName",
"value": "Smith",
"condition": "EQUALS"
}
]
},
"result": {
"reference": {
"type": "CORE_TEMPLATE",
"name": "Person"
},
"filters": [],
"columns": {
"fields": [
"FirstName",
"LastName"
],
"sort": [
"FirstName|ASC",
"LastName|DESC"
]
}
},
"links": [
{
"rel": "self",
"href": "/data/resources/search/SearchConfigPersons"
},
{
"rel": "search",
"href": "/data/search/SearchConfigPersons?page,pageSize"
},
{
"rel": "search",
"href": "/data/async-search/SearchConfigPersons?page,pageSize"
}
]
}Responses
Status | Meaning | Description | Schema |
|---|---|---|---|
200 | OK - The search configuration | None | |
401 | Unauthorized - The request requires authentication to access the resource. | None | |
403 | Forbidden - The authenticated request requires permissions to access the resource. | None | |
404 | Not Found - The desired resource does not exist. | None | |
406 | Not Acceptable - There is no representation of the resource for the given accept header. | None | |
500 | Internal Server Error - The execution of this request caused an unexpected error. | None |