You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 37 Next »

Table

cm_addresses

Description

Addresses

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

street

varchar(400)

Street

X.520 via RFC 4519 organizationalPerson

 

room

varchar(64)

Room

X.520 via RFC 4519 organizationalPerson

 

locality

varchar(128)

Locality (eg: city)

X.520 via RFC 4519 organizationalPerson

 

state

varchar(128)

State or Province

X.520 via RFC 4519 organizationalPerson

 

postal_code

varchar(16)

Postal Code

X.520 via RFC 4519 organizationalPerson

 

country

varchar(128)

Country

X.521 via RFC 4519 country

 

descriptionvarchar(128)Description Added in Registry v3.1.0.

type

varchar(2)

Type of mail, as enumerated

 

When attached to a CO Person, types may be configured on a per-CO basis. See Extending the Registry Data Model.

language

varchar(16)

Language encoding of this address

RFC 5646

For supported values, see lang.php

co_person_role_id

integer, foreign key

CO Person Record ID

cm_co_person_roles:id

Only one of co_person_idorg_identity_id, or co_department_id may be specified

org_identity_id

integer, foreign key

Org Identity Record ID

cm_org_identities:id

Only one of co_person_idorg_identity_id, or co_department_id may be specified

co_department_idinteger, foreign keyCO Department Record IDcm_co_departments:idOnly one of co_person_idorg_identity_id, or co_department_id may be specified. Added in Registry v3.1.0.
source_address_idinteger, foreign keyIf Pipelines are in use, the Address ID for the Org Identity Address that created this record.cm_addresses:idAdded in Registry v2.0.0.

Table

cm_api_users

Description

API (Programmatic) Users

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_idinteger, foreign keyCO IDcm_cos:id

If co_id is 1 (COmanage CO), the API User is a Platform API User

Added Registry v3.3.0

username

varchar(50)

User (login) name



password

varchar(40)

Hashed password

SHA1, as used by CakePHP

Will be renamed api_key in Registry v5.0.0

privilegedbooleanIf this API User is a "superuser" within its CO
  • true: API User is privileged
  • false: API User is not privileged
Added Registry v3.3.0
statusvarchar(2)API User status
  • A: Active
  • S: Suspended
Added Registry v3.3.0

valid_from

datetime

API User is valid from this time

If null, valid any time through valid_through

Added Registry v3.3.0

valid_through

datetime

API User is valid through (but not past) this time

If null, valid any time from valid_from

Added Registry v3.3.0
remote_ipvarchar(80)IP addresses this API User may connect fromDefined as regular expression, or null for any IP addressAdded Registry v3.3.0

Table

cm_applications

Description

Known applications

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

name

varchar(256)

Application name

 

 

enabled

boolean

Enabled applications are available to COs

  • 0: No
  • 1: Yes

 

Table

cm_cmp_enrollment_attributes

Description

CMP enrollment attribute configuration

  • There is no REST interface to this table since it is intended to configure the COmanage Registry UI.

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

cmp_enrollment_configuration_id

integer, foreign key

CMP Enrollment Configuration ID

cm_cmp_enrollment_configurations:id

 

attribute

varchar(80)

Organizational Identity attribute name

Attributes defined in cm_org_identities or related tables (such as cm_addresses)

 

type

varchar(2)

If attribute definition includes a type, associate this enrollment attribute with the specified type

 

 

required

integer

If the flow requires this attribute

  • 1: Required
  • 0: Not required (ie: optional)
  • -1: Not permitted

 

ldap_name

varchar(80)

Name of LDAP attribute used to populate this attribute

 

If enabled, attribute is authoritative to the originating organization. May be enabled along with saml_name.

saml_name

varchar(80)

Name of SAML attribute used to populate this attribute

 

If enabled, attribute is authoritative to the originating organization. May be enabled along with ldap_name.


Table

cm_cmp_enrollment_configurations

Description

CMP enrollment configuration

  • Although the data model permits multiple CMP enrollment configurations to be defined, COmanage Registry currently only permits one active configuration for the platform.
  • There is no REST interface to this table since it is intended to configure the COmanage Registry UI.
  • CO enrollment flows are handled via cm_co_enrollment_flows.

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


name

varchar(128)

Configuration Name



attrs_from_ldap

boolean

Should CMP enrollment attempt to pull attributes from an organizational LDAP server before prompting for attributes?

  • true: CMP enrollment attempts to query for LDAP attributes
  • false: CMP enrollment does not query LDAP

Deprecated

attrs_from_saml

boolean

If the enrollee must authenticate, should CMP enrollment attempt to extract attributes from a SAML assertion before prompting for attributes?

  • true: CMP enrollment attempts to extract SAML attributes
  • false: CMP enrollment does not examine SAML attributes

Deprecated

attrs_from_env

boolean

Should organizational identity attributes be extracted from the server environment? (eg: those that might be set by the web server auth module.)

  • true: Accept server environment variables as a source of organizational identity
  • false: Do not accept server environment variables as a source of organizational identity


attrs_from_coef

boolean

Should CO enrollment flows be able to prompt for organizational identity attributes? (These attributes will be considered less authoritative than if they had been obtained via LDAP or SAML.)

  • true: CO enrollment may prompt for organizational identity attributes
  • false: CO enrollment may not prompt for organizational identity attributes


pool_org_identities

boolean

Should organizational identities be pooled and made available to all COs on the CMP?

  • true: All org identities are available to all COs
  • false: Org identities are only available to the CO that invoked the enrollment

See CO-193 for additional information

sponsor_enroll

boolean

Do enrollees need to have a sponsor to enroll?

  • true: must have a sponsor to enroll
  • false: sponsor not necessary

Not implemented

sponsor_active

boolean

Do enrollees need to have a sponsor to stay enrolled?

  • true: must have a sponsor to stay enrolled
  • false: sponsor not necessary

Not implemented

eds_help_urlvarchar(256)For the Shibboleth Embedded Discovery Service, the help URL to publish

eds_preferred_idpstext(4000)For the Shibboleth Embedded Discovery Service, the entityIds to always show (one per line)

eds_hidden_idpstext(4000)For the Shibboleth Embedded Discovery Service, the entityIds to hide (one per line)

redirect_on_logoutvarchar(1024)Redirect URL when user logs out
Added in Registry v4.0.0
app_basevarchar(64)Cached application base for use in generating notification URLs
Added in Registry v4.0.0

status

varchar(2)

Configuration status

  • A: Active
  • S: Suspended

Only one CMP configuration may be active

Table

cm_co_applications

Description

Per-CO configured applications

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_id

integer, foreign key

CO Record ID

cm_cos:id

 

name

varchar(256)

Application name

 

 

provisioned

boolean

Provisioned applications are available in the CO

  • 0: No
  • 1: Yes

 

Table

cm_co_changelog_provisioner_targets

Description

Per-CO Changelog provisioning target configurations

Plugin

ChangelogProvisioner

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_provisioning_target_id

integer, foreign key

CO Provisioning Target ID

cm_co_provisioning_targets:id


logfile

varchar(256)

Logfile to write to



Table

cm_co_directory_permissions

Description

Per-CO restrictions on publishing of directory information

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

cm_org_person_id

integer, foreign key

Org Person Record ID

cm_org_identities:id

 

attribute

varchar(256)

Schema attribute name

Correlate to cm_co_person_roles columns

Use attribute '*' to apply to entire record

release

boolean

Released attributes are public

  • 0: No
  • 1: Yes

 

Table

cm_co_enrollment_attributes

Description

Per-CO enrollment flow attribute configurations

  • There is no REST interface to this table since it is intended to configure the COmanage Registry UI.

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_enrollment_flow_id

integer, foreign key

CO Enrollment Flow ID

cm_co_enrollment_flows:id

 

label

varchar(80)

Name of attribute as presented during enrollment

 

 

description

varchar(256)

Description of attribute, presented during enrollment

 

 

attribute

varchar(80)

CO Person, CO Person Role, or Org Identity attribute name

Attributes defined in cm_co_people, cm_co_person_rolescm_org_identities or related tables (such as cm_addresses), including cm_co_extended_attributes

 

type

varchar(2)

If attribute definition includes a type, associate this enrollment attribute with the specified type

 

 

required

integer

If the flow requires this attribute

  • 1: Required
  • 0: Not required (ie: optional)
  • -1: Not permitted

 

required_fields

varchar(160)

If this attribute has subfields, a comma separated list of which of those fields are required

 

Currently applies only to cm_names and cm_addresses
See also cm_co_settings

ordr

integer

Order attribute is presented (lower numbers = earlier)

 

 

hidden

boolean

Whether or not to display this attribute

  • true: Do not display this attribute
  • false: Display this attribute

Only honored when there is a non-modifiable default attribute value

copy_to_coperson

boolean

When the Petition is created, duplicate the value in the attribute from the Org Identity to the corresponding attribute in the CO Person or CO Person Role record

 

Applies only to Org Identity attributes.

ignore_authoritative

boolean

Whether or not to ignore authoritative values

  • true: Ignore authoritative values for this attribute
  • false: Allow authoritative values for this attribute

Deprecated, to be removed in Registry v4.0.0

default_envvarchar(80)If specified, the value held in this environment variable will be used as a default value for this attribute Added in Registry v3.1.0
loginbooleanFor attributes of type Identifier, whether or not to flag the Identifier as able to login to Registry
  • true: Identifier can be used to login to Registry
  • false: Identifier cannot be used to login to Registry
Correlates to cm_identifiers:login

language

varchar(16)

Language encoding of this attributes

RFC 5646

For supported values, see lang.php

Table

cm_co_enrollment_attribute_defaults

Description

Default values for CO enrollment flow attributes configuration

  • There is no REST interface to this table since it is intended to configure the COmanage Registry UI.

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_enrollment_attribute_id

integer, foreign key

CO Enrollment Flow ID

cm_co_enrollment_attributes:id

 

affiliation

varchar(32)

This default value applies when the enrollment CO Person Role affiliation matches

cm_co_person_roles:affiliation

Not yet implemented (CO-626)

value 

varchar(80)

Default value for this attribute

  • For all types except dates, default value
  • For dates
    • YYYY-MM-DD: Exact date
    • MM-DD: Next MM-DD
    • +#: # days from today

 

modifiable

boolean

Whether or not the Petitioner may change the default value when the petition is created

  • true: Value may be changed
  • false: Value may not be changed

 

Table

cm_co_enrollment_flows

Description

Per-CO enrollment flow configurations

  • There is no REST interface to this table since it is intended to configure the COmanage Registry UI.
  • CO enrollment flows are subject to the CMP enrollment configuration (cm_cmp_enrollment_configurations).

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


name

varchar(128)

Flow Name



sor_labelvarchar(40)SOR Label used in match requestsID Match APIAdded in Registry v4.1.0

co_id

integer, foreign key

CO Record ID

cm_cos:id


authz_level

varchar(2)

Authorization required to execute this enrollment flow

  • A: CO or COU admin (administrator enrollment)
  • N: No authorization required (open, self enrollment)
  • CA: CO admin (administrator enrollment)
  • CG: Member of specified CO group (self or delegated enrollment)
  • CP: CO Person (self or delegated enrollment)
  • UA: COU admin (administrator enrollment)
  • UP: CO Person in specified COU (self or delegated enrollment)


authz_cou_id

integer, foreign key

COU Record ID when authz_level is UA or UP

cm_cous:id


authz_co_group_id

integer, foreign key

CO Group Record ID when authz_level is CG

cm_co_groups:id


my_identity_shortcutbooleanWhether a link to this flow should be rendered in the "My Identity" menu
  • true: Render a link
  • false: Do not render a link
Added Registry v3.2.0
co_pipeline_idinteger, foreign keyCO Pipeline to run for Org Identities created using this Flowcm_co_pipelines:idUnused, removed as of Registry v3.3.0

match_policy

varchar(2)

Policy for matching against existing CO People

  • A: Advisory (suggestions are provided but not automatically selected)
  • E: External (using ID Match API)
  • N: None (no matching performed)
  • P: Select ("Pick" from existing CO People)
  • S: Self (can only re-enroll self)


match_server_idinteger, foreign keyMatch Server ID when match_policy is Externalcm_servers:idAdded Registry v4.1.0
enable_person_findbooleanEnable People Picker API for unregistered petitioners associated with this Enrollment Flow
  • true: People Picker API enabled
  • false: People Picker API disabled
Added Registry v3.3.0

approval_required

boolean

Is approval required before any provisioning may occur?

  • true: Approval required
  • false: Approval not requested

Approvers defined by CO:admin.approvers or CO:admin.approvers:COU group membership

approver_co_group_id

integer, foreign key

CO Group Record ID for group whose members are authorized to approve petitions created by this flow

cm_co_groups:id


verify_email

boolean

Do org identity email addresses need to be verified?

  • true: Verification required
  • false: Verification not requested

Verification sends an email to the address with a URL

Deprecated as of v2.0.0, use email_verification_mode instead

email_verification_modevarchar(2)If/how org identity email addresses should be verified
  • A: Automatic
  • R: Review
  • X: None

Added in v2.0.0

See also Email Verification

invitation_validity

integer

For invitations used to verify email addresses, the length of time (in minutes) the invitation is valid for


See also cm_co_settings

regenerate_expired_verificationbooleanAutomatically regenerate confirmation links on validation of an expired link?
  • true: Regenerate confirmations on validation of expired links
  • false: Do not regenerate confirmations on validation of expired links
Added in v4.1.0

require_authn

boolean

Is the authentication required by the enrollee?

  • true: Approval required
  • false: Approval not requested


notification_co_group_id

integer, foreign key

CO Group Record ID whose members will be notified when petitions generated from the enrollment flow trigger certain events

cm_co_groups:id


status

varchar(2)

Configuration status

  • A: Active
  • S: Suspended


notify_from

varchar(256)

Address to send notifications from

RFC 5322 Address

Used in coinvite as source email address when sending out notifications

verification_template_idinteger, foreign keyTemplate for verification emailcm_co_message_templates:id

verification_subject

varchar(256)

Subject for verification email


Deprecated as of v2.0.0, use message templates instead

verification_body

text(4000)

Body for verification email


Deprecated as of v2.0.0, use message templates instead

request_vettingbooleanRequest Vetting for the Enrollee
  • true: Vetting is requested
  • false: Vetting is not requested
Added in Registry v4.1.0

notify_on_approval

boolean

Notify the enrollee on Petition approval?

  • true: Notification is sent
  • false: Notification is not sent

As of v3.3.0, also triggers notification on denial

approval_template_idinteger, foreign keyTemplate for approval emailcm_co_message_templates:id

approval_subject

varchar(256)

Subject for approval email


Deprecated as of v2.0.0, use message templates instead

approval_body

text(4000)

Body for approval email


Deprecated as of v2.0.0, use message templates instead

approver_template_id

integer, foreign key

Template for approver email

cm_co_message_templates:id

Added in Registry v4.3.0

denial_template_idinteger, foreign keyTemplate for denial emailcm_co_message_templates:id
notify_on_finalizebooleanNotify the enrollee on Petition finalization?
  • true: Notification is sent
  • false: Notification is not sent

finalization_template_idinteger, foreign keyTemplate for finalization emailcm_co_message_templates:id

introduction_text

text(4000)

Introductory text displayed at the start of an Enrollment Flow



conclusion_text

text(4000)

Conclusion text displayed at the bottom of a Petition form



introduction_text_patext(4000)Introductory text displayed at the top of a Petition form
Added in Registry v4.1.0

t_and_c_mode

varchar(2)

Terms and Conditions mode

  • EC: Explicit Consent
  • IC: Implied Consent
  • S: Splash Page after enrollment
  • X: Ignore T&C during enrollment


redirect_on_submit

varchar(256)

After a Petition is submitted, a URL (relative or absolute) to redirect the browser to



redirect_on_confirm

varchar(256)

After the email address associated with a Petition is confirmed, a URL (relative or absolute) to redirect the browser to



redirect_on_finalizevarchar(256)After a Petition is finalized, a URL (relative or absolute) to redirect the browser to
Added in v3.1.0
return_url_allowlisttext(4000)Newline separated list of regular expressions representing permitted values to be passed into the petition as a URL to redirect to after the Petition is finalized
Added in v3.1.0, renamed from return_url_whitelist in v3.3.0

ignore_authoritative

boolean

Whether or not to ignore authoritative values

  • true: Ignore authoritative values for all attributes in this enrollment flow
  • false: Allow authoritative values for this attribute (subject to per-attribute override)


duplicate_modevarchar(2)How to handle a detected duplicate enrollment
  • C: Create a new role if in a different COU
  • D: Flag as duplicate
  • R: Create a new role

co_theme_idinteger, foreign keyTheme to use when executing this Enrollment Flowcm_co_themes:idAdded v2.0.0
theme_stackingvarchar(2)Whether to enable Theme Stacking for this Enrollment Flow.
  • A: Active
  • S: Suspended (disabled)
Added v4.0.0
establish_authenticatorsbooleanWhether to establish authenticators as part of enrollment
  • true: Establish authenticators, as per configuration
  • false: Do not establish authenticators
Added v3.3.0
establish_cluster_accountsbooleanWhether to establish cluster accounts as part of enrollment
  • true: Establish cluster accounts, as per configuration
  • false: Do not establish clusters
Added v3.3.0

Table

cm_co_extended_attributes

Description

Per-CO extended attribute definitions

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_id

integer, foreign key

CO Record ID

cm_cos:id

 

name

varchar(64)

Database column name for attribute

 

 

display_name

varchar(64)

Display name for attribute

 

 

type

varchar(32)

Database type for attribute

  • INTEGER
  • TIMESTAMP
  • VARCHAR(32)

Once set, type cannot be changed

index

boolean

Create database index for attribute
  • true: Index
  • false: Do not index

 

Table

cm_co_extended_types

Description

Per-CO attribute custom type configurations

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_id

integer, foreign key

CO ID

cm_cos:id

 

attribute

varchar(32)

Attribute this type name applies to

 

Only attributes that support extended types may be used here.

name

varchar(32)

Database value for type

 

As used by

display_name

varchar(64)

Display name for type

 

 

edupersonaffiliation

varchar(32)

Optional mapping to eduPersonAffiliation

eduPerson

Applies only when attribute is CoPersonRole.affiliation

status

varchar(2)

Type status

  • A: Active
  • S: Suspended

A deleted status cannot exist in any active attribute. A suspended status cannot be added to any new or updated attributes, but may continue to be used by existing active attributes.

Unable to render {include} The included page could not be found.

Table

cm_co_groups

Description

Per-CO group definitions

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_id

integer, foreign key

CO Record ID

cm_cos:id


cou_idinteger, foreign keyCOU Record IDcm_cous:idAdded v2.0.0. Initially intended for special groups, may be used for manual groups in the future.

name

varchar(128)

Group name



description

varchar(256)

Description



open

boolean

An open group allows anyone to self-subscribe

  • true: Open
  • false: Closed


status

varchar(2)

Group's status within CO

  • A: Active
  • S: Suspended


group_typevarchar(2)Group Type
  • A: Admins
  • M: All Members
  • MA: Active Members
  • S: Standard
Added v2.0.0.
autobooleanAutomatic Group
  • true: Group is automatically managed
  • false: Group is manually managed
Added v2.0.0.
nesting_mode_allbooleanNested Group Memberships calculation mode
  • true: Member must be a member of ALL nested groups
  • false: Member may be a member of ANY nested group
Added v4.0.0.

Table

cm_co_group_members

Description

Per-CO group memberships

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_group_id

integer, foreign key

CO Group Record ID

cm_co_groups:id


co_person_id

integer, foreign key

CO Person Record ID

cm_co_people:id


member

boolean

Person is a member of the group

  • true: Member
  • false: Not a member


owner

boolean

Person is an owner of the group

  • true: Owner
  • false: Not an owner


valid_from

datetime

CO Group Membership is considered valid from this time

If null, valid any time through valid_through

Added in v3.2.0

valid_through

datetime

CO Group Membership is considered valid through (but not past) this time

If null, valid any time from valid_from

Added in v3.2.0
source_org_identity_idinteger, foreign keyIf Pipelines are in use, the Org Identity ID of record that created this Group Membershipcm_org_identities:id
co_group_nesting_idinteger, foreign keyIf set, this membership was created via a Nested Group and cannot be manually editedcm_co_group_nestings:idAdded in v3.3.0

Table

cm_co_identifier_assignments

Description

Per-CO rules for identifier assignment

  • There is currently no REST interface to this table.

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_id

integer, foreign key

CO ID

cm_cos:id


statusvarchar(2)Identifier Assignment status
  • A: Active
  • S: Suspended
Added v3.3.0
contextvarchar(2)Context (object type) this Identifier Assignment applies to
  • CD: CoDepartment
  • CG: CoGroup
  • CP: CoPerson
Added v3.3.0
co_group_idinteger, foreign keyIf set, subject CO Person must be a member of this CO Group ID for for this Identifier Assignment to runcm_co_groups:idAdded v4.1.0

identifier_type

varchar(32)

Type of identifier

cm_identifiers:type

A given identifier type may be used more than once

email_type

varchar(32)

Type of email address to assign, if identifier_type is email

cm_email_addresses:type

If not blank and identifier type to be assigned is email, then an entry in cm_email_addresses will also be created, of this type

description

varchar(256)

Description



login

boolean

Registry login flag


Will be used to populate cm_identifiers:login

algorithm

varchar(2)

Algorithm to use to assign this identifier

  • R: Random assignment
  • S: Sequential assignment


pluginvarchar(64)Plugin to use for identifier assignment, if set
Added v4.1.0

format

varchar(256)

Format to use for this identifier



permitted

varchar(2)

Valid characters permitted to substitute into format

  • AD: Alphanumeric characters, dot, dash, and underscore
  • AL: All characters
  • AN: Alphanumeric characters
  • AQ: Alphanumeric characters, dot, dash, underscore, and apostrophe (single quote)


minimum

integer

Minimum value to assign (for numeric identifiers). For sequential, this is the first number to assign.



maximum

integer

Maximum value to assign. For sequential, if this number is reached identifier assignment will fail.



collision_resolution

varchar(64)

Collision resolution mechanism


Not implemented

exclusions

varchar(8)

Characters and words to avoid in assignments

  • C: Confusing (0 vs O, 1 vs l)
  • O: Offensive
  • S: Superstitions (4, 13, etc)

Not implemented

ordr

integer

Order identifier assignment is run (lower numbers = earlier)


Added v3.3.0, need only be unique within context

Table

cm_co_invites

Description

Per-CO invitations to join

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_person_id

integer, foreign key

CO Person Record ID

cm_co_people:id


mail

varchar(256)

Email address invited

cm_email_addresses:mail

Copied rather than linked since the linked reference could change

skip_invitebooleanWhether to skip the invitation step due to an already verified email address being present
Added in Registry v4.0.0 as a workaround for SkipIfVerified mode

email_address_id

integer, foreign key

Email Address ID to confirm

cm_email_addresses:id

If set, the invite is intended to verify the linked email address

invitation

varchar(16)

Randomly generated activation key



expires

datetime

Time at which invitation is no longer valid




Table

cm_co_ldap_provisioner_attributes

Description

Per-CO per-LDAP target attribute grouping definitions

Plugin

LdapProvisioner

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_ldap_provisioner_target_id

integer, foreign key

CO LDAP Provisioner Target ID

cm_co_ldap_provisioner_targets:id


grouping

varchar(80)

Grouping of LDAP attributes


eg: "Address" includes street, l, st, and postal_code

type

varchar(32)

When populating attributes within this grouping, the type to use (or use all types if null/empty)




Table

cm_co_ldap_provisioner_attributes

Description

Per-CO per-LDAP target attribute definitions

Plugin

LdapProvisioner

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_ldap_provisioner_target_id

integer, foreign key

CO LDAP Provisioner Target ID

cm_co_ldap_provisioner_targets:id


attribute

varchar(80)

LDAP attribute name



objectclass

varchar(80)

Associated object class


Some attributes can occur in more than one object class (eg: cn can appear in person and groupOfNames)

type

varchar(32)

For attributes populated from typed sources, the type to use (or null/empty for all types)



export

boolean

If true, export this attribute



use_org_value

boolean

If true, use the appropriate Organizational Identity value instead of the CO Person value


Only applies to supported models (currently Identifier)


 Table

cm_co_ldap_provisioner_dns

Description

Per-CO per-LDAP target DN map

Plugin

LdapProvisioner

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_ldap_provisioner_target_id

integer, foreign key

CO LDAP Provisioner Target ID

cm_co_ldap_provisioner_targets:id


co_person_id

integer, foreign key

CO Person ID

cm_co_people:id


dn

varchar(256)

Assigned Distinguished Name

RFC 4514



Table

cm_co_ldap_provisioner_targets

Description

Per-CO LDAP provisioning target configurations

Plugin

LdapProvisioner

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_provisioning_target_id

integer, foreign key

CO Provisioning Target ID

cm_co_provisioning_targets:id


serverurl

varchar(256)

URL describing LDAP server to provision

RFC 4516

Use to describe hostname, port, and SSL (use ldaps scheme for SSL)

binddn

varchar(128)

DN to bind as

RFC 4514


password

varchar(64)

Password to bind with

RFC 4513

This column should be encrypted

basedn

varchar(128)

Base DN to provision People entries under

RFC 4514


dn_attribute_name

varchar(32)

When constructing the DN, the attribute name to use for the unique component

RFC 4514


dn_identifier_type

varchar(32)

When constructing the DN, the indentifier type to use to populate the attribute value for the unique component

cm_identifiers:type


group_basedn

varchar(128)

Base DN to provision Group entries under

RFC 4514


person_ocsvarchar(256)Additional objectclasses to attach to a person recordRFC 4512Added v1.0.3
group_ocsvarchar(256)Additional objectclasses to attach to a group recordRFC 4512Added v1.0.3

attr_opts

boolean

Enable attribute option support

RFC 4512

Added v3.2.0

scope_suffixvarchar(128)For eduPerson attributes requiring scope, the scope to appendeduPersonAdded v2.0.0
unconf_attr_modevarchar(2)How to handle unconfigured attributes within a schema
  • I: Ignore
  • R: Remove
Added v2.0.0

oc_eduperson

boolean

Enable eduPerson schema support

eduPerson


oc_edumember

boolean

Enable eduMember schema support

eduMember


oc_groupofnames

boolean

Enable groupOfNames schema support

RFC 4519


oc_posixaccountbooleanEnable posixAccount schema supportRFC 2307
oc_posixgroupbooleanEnable posixGroup schema supportRFC 2307Added v3.3.0
oc_voposixaccountbooleanEnable voPosixAccount schema supportvoPersonAdded v3.3.0
oc_voposixgroupbooleanEnable voPosixGroup schema supportvoPersonAdded v3.3.0
cluster_idinteger, foreign keyCluster to provision for posixAccount/posixGroup purposescm_clusters:id

Currently only Unix Clusters are supported

Added v3.3.0

oc_ldappublickeybooleanEnable ldapPublicKey schema supportldapPublicKey
oc_vopersonbooleanEnabled voPerson schema supportvoPersonAdded v3.2.0

Table

cm_co_localizations

Description

Per-CO text localizations

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_id

integer, foreign key

CO Record ID

cm_cos:id

 

lkey

varchar(40)

Text key

Corresponds to key in $cm_texts (lang.php)


language

varchar(16)

Language rendering for this key

Corresponds to $cm_lang (lang.php)

 

text

varchar(256)

Localization to replace the default text

 

 

Table

cm_co_name_identifier_assignments

Description

Per-Identifier tracking of assigned name-based sequences
This table is obsolete

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_identifier_assignment_id

integer, foreign key

CO Identifier Assignment ID

cm_co_identifier_assignments:id

 

sequence

varchar(256)

Name-based sequence

 

eg: pat.q.lee or pql

last

integer

Last value used to assign this identifier

 

 

Table

cm_co_nsf_demographics

Description

Demographics for statistics

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_person_id

integer, foreign key

CO Person ID

cm_co_people:id

 

gender

varchar(2)

self-asserted gender

  • M: Male
  • F: Female

 

citizenship

varchar(2)

self-asserted citizenship

 

ethnicity

varchar(2)

self-asserted ethnicity, may have multiple values selected

  • H: Hispanic or Latino - a person of Mexican, Puerto Rican, Cuban, South or Central American, or other Spanish culture or origin, regardless of race.
  • N: Not Hispanic or Latino

 

race

varchar(5)

self-asserted race, may have multiple values selected

  • A: Asian - a person having origins in any of the original peoples of the Far East, Southeast Asia, or the Indian subcontinent including, for example, Cambodia, China, India, Japan, Korea, Malaysia, Pakistan, the Philippine Islands, Thailand, and Vietnam.
  • I: American Indian or Alaskan Native - a person having origins in any of the original peoples of North and South America (including Central America), and who maintains tribal affiliation or community attachment.
  • B: Black or African American - a person having origins in any of the black racial groups of Africa.
  • N: Native Hawaiian or Pacific Islander - a person having origins in any of the original peoples of Hawaii, Guan, Samoa, or other Pacific Islands
  • W: White - a person having origins in any of the original peoples of Europe, the Middle East, or North Africa.

 

disability

varchar(4)

self-asserted disability, may have multiple values selected

  • H: Hearing Impaired 
  • V: Visual Impaired 
  • M: Mobility/Orthopedic Impairment 
  • O: Other Impairment

 

Table

cm_co_org_identity_links

Description

Link from CO person role to Org identity

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_person_id

integer, foreign key

CO Person Record ID

cm_co_people:id

 

org_identity_id

integer, foreign key

Organization Person Record ID

cm_org_identities:id

 

Table

cm_co_people

Description

Per-CO People

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_id

integer, foreign key

CO ID

cm_cos:id


timezonevarchar(80)Person's preferred timezoneIANA Timezone Database
date_of_birthdatePerson's date of birth
Added in Registry v3.3.0

status

varchar(2)

Person's status within CO

    • A: Active
    • C: Confirmed
    • D: Deleted
    • D2: Duplicate
    • GP: Grace Period
    • I: Invited
    • L: Locked
    • N: Denied
    • P: Pending
    • PA: Pending Approval
    • PC: Pending Confirmation
    • PV: Pending Vetting
    • S: Suspended
    • X: Declined
    • XP: Expired
    • Y: Approved



Table

cm_co_person_roles

Description

Per-CO person roles

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_person_id

integer, foreign key

CO Person ID

cm_co_people:id


manager_co_person_idinteger, foreign keyCO Person ID of Managercm_co_people:idAdded in Registry v4.1.0

sponsor_co_person_id

integer, foreign key

CO Person ID of Sponsor for continued membership

cm_co_people:id

not necessarily the same as the enrollment sponsor in cm_co_petitions

cou_id

integer, foreign key

COU ID

cm_cous:id


affiliation

varchar(8)

Broad affiliation to CO

eduPerson person

Extended Type

title

varchar(128)

Title at CO

X.520 via RFC 4519 person


o

varchar(128)

CO

X.520 via RFC 4519 person


ou

varchar(128)

Departmental affiliation at CO

X.520 via RFC 4519 person


valid_from

datetime

Person Role is valid member of CO from this time

If null, valid any time through valid_through


valid_through

datetime

Person Role is valid member of CO through (but not past) this time

If null, valid any time from valid_from


ordrintegerOrder/Rank/Priority of this Person Role
Added in Registry v3.2.0

status

varchar(2)

Person's Role status within CO

  • A: Active
  • C: Confirmed
  • D: Deleted
  • D2: Duplicate
  • GP: Grace Period
  • I: Invited
  • N: Denied
  • P: Pending
  • PA: Pending Approval
  • PC: Pending Confirmation
  • PV: Pending Vetting
  • S: Suspended
  • X: Declined
  • XP: Expired
  • Y: Approved


source_org_identity_idinteger, foreign keyIf Pipelines are in use, the Org Identity ID of record that created this Person Rolecm_org_identities:id

Table

cm_co_person_sources

Description

Link from CO person role to Org identity
This table is obsolete

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_id

integer, foreign key

CO ID

cm_cos:id

 

co_person_id

integer, foreign key

CO Person Record ID

cm_co_person_roles:id

 

cou_id

integer, foreign key

COU ID

cm_cous:id

 

org_person_id

integer, foreign key

Organization Person Record ID

cm_org_identities:id

 

Table

cm_co_petition_attributes

Description

Per-CO enrollment petition attributes

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_petition_id

integer, foreign key

CO Petition Record ID

cm_co_petitions:id

 

co_enrollment_attribute_id

integer, foreign key

CO Enrollment Attribute Record ID

cm_co_enrollment_attributes:id

 

attribute

varchar(80)

Name of this attribute

 

A single co_enrollment_attribute_id can point to more than one attribute, since (eg) the enrollment attribute 'Name' actually has several attributes (given, middle, surname, etc)

value

varchar(160)

Value of this attribute requested for this Petition

 

Note values are cast to varchar.

attribute_foreign_key

integer

Row identifier of this value in the table described by co_enrollment_attribute_id

 

The intent of this column is to link the attribute stored in the petition to the table that implements the production value. This linkage is primarily intended for the early part of the petition lifecycle, eg: to edit a petition. There is no referential integrity enforced on this column, and over time the foreign keys may become invalid.

Table

cm_co_petition_history_records

Description

Per-CO enrollment petition history records

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_petition_id

integer, foreign key

CO Petition Record ID

cm_co_petitions:id

 

actor_co_person_id

integer, foreign key

CO Person Record ID

cm_co_people:id

Person who triggered the action

action

varchar(4)

Machine readable transaction code

  • PY: Petition approved
  • PC: Petition created
  • PX: Petition declined
  • PN: Petition denied

 

comment

varchar(160)

Human readable comment

 

 

Table

cm_co_petitions

Description

Per-CO enrollment petitions

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_enrollment_flow_id

integer, foreign key

CO Enrollment Flow Record ID

cm_co_enrollment_flows:id

Enrollment Flow controlling this Petition

co_id

integer, foreign key

CO Record ID

cm_cos:id

Same as co_enrollment_flow:co_id, repeated here to make retrieval by CO easier

cou_id

integer, foreign key

COU Record ID

cm_cous:id


enrollee_org_identity_id

integer, foreign key

Org Identity Record ID

cm_org_identities:id

Populated if an Org Identity is created by form-based attribute collection during the flow. See also cm_org_identity_source_records:co_petition_id

archived_org_identity_idinteger, foreign keyArchived Org Identity Record IDcm_org_identities:idIf an org identity is replaced during execution of an enrollment flow, this will hold the original org identity

enrollee_co_person_id

integer, foreign key

CO Person Record ID

cm_co_people:id

Populated if a CO Person is created by form-based attribute collection during the flow

enrollee_co_person_role_id

integer, foreign key

CO Person Role Record ID

cm_co_person_roles:id

Populated if a CO Person Role is created by form-based attribute collection during the flow

petitioner_co_person_id

integer, foreign key

CO Person Record ID of person initiating request

cm_co_people:id


sponsor_co_person_id

integer, foreign key

CO Person Record ID of person sponsoring request

cm_co_people:id


approver_co_person_id

integer, foreign key

CO Person Record ID of person approving request

cm_co_people:id


co_invite_id

integer, foreign key

CO Invite ID created as part of this Petition

cm_co_invites:id

This field is not persistant, and is only non-NULL when an invite is pending.

vetting_request_idinteger, foreign keyVetting Request triggered as part of this Partitioncm_vetting_requests:idAdded in Registry v4.1.0

authenticated_identifier

varchar(256)

Authenticated identifier received as part of user authentication


Basically the contents of $REMOTE_USER

reference_identifiervarchar(40)Reference Identifier returned from an ID Match service, when Match Type is ExternalTAP ID Match APIAdded in Registry v4.1.0
petitioner_tokenchar(48)For unauthenticated enrollments, token used to verify petitioner requests

enrollee_tokenchar(48)For unauthenticated enrollments, token used to verify enrollee requests

return_urlvarchar(256)Upon completion of enrollment, URL to redirect to (superseding redirect_on_finalize)
Must match a whitelisted value in the associated Enrollment Flow configuration.
approver_commentvarchar(256)Comment from approver upon reviewing petition
Added v3.3.0, intended to be suitable for display to enrollee.

status

varchar(2)


  • D2: Duplicate
  • I: Invited
  • N: Denied
  • P: Pending
  • PA: Pending Approval
  • PC: Pending Confirmation
  • PV: Pending Vetting
  • X: Declined
  • Y: Approved

Tentative


Table

cm_co_provisioning_exports

Description

Per-CO provisioning target export record

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_provisioning_target_id

integer, foreign key

CO Provisioning Target ID

cm_co_provisioning_targets:id


co_person_id

integer, foreign key

CO Person ID

cm_co_people:id


co_group_id

integer, foreign key

CO Group ID

cm_co_groups:id


co_email_list_idinteger, foreign keyCO Email List IDcm_co_email_lists:id
co_service_idinteger, foreign keyCO Service IDcm_co_services:idAdded Registry v3.3.0

exporttime

timestamp

Time of latest export




Table

cm_co_provisioning_queued_events

Description


Per-CO provisioning events to process

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_id

integer, foreign key

CO Record ID

cm_cos:id


co_person_id

integer, foreign key

CO Person Record ID

cm_co_people:id

Person who triggered the action

co_provisioning_target_id

integer, foreign key

CO Provisioning Target ID

cm_co_provisioning_targets:id


status

varchar(2)

Status of provisioning request

  • F: Failed (no retry)
  • I: In Progress
  • Q: Queued
  • R: Failed (will retry)
  • S: Success



Table

cm_co_provisioning_targets

Description

Per-CO provisioning targets

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_id

integer, foreign key

CO Record ID

cm_cos:id


description

varchar(256)

Description



plugin

varchar(32)

Provisioning Plugin



provision_co_group_idinteger, foreign keyIf set, only CO People who are members of this CO Group (and only this CO Group, if groups are also provisioned) will be provisioned using this Provisioning Targetcm_co_groups:idAdded v2.0.0

status

varchar(2)

Provisioning Target mode

  • A: Automatic Mode
  • D: Disabled
  • E: Enrollment Mode
  • M: Manual Mode
  • Q: Queue Mode
  • QE: Queue On Error Mode

Enrollment Mode added v3.2.0

Queue Modes added v4.0.0

skip_org_identity_source_idinteger, foreign keyIf set, provisioning will be skipped for CO Person records that have an Org Identity associated with the specified Org Identity Sourcecm_org_identity_sources:idAdded v3.2.0
retry_intervalintegerFor Queue Modes, interval in seconds to retry on failed provisioning

0 disables retrying

Added v4.0.0

max_retryintegerFor Queue Mode, maximum number of times to retry

Added v4.3.0

ordr

integer

Order attribute is presented (lower numbers = earlier)


Added v1.0.3

Table

cm_co_role_assignments

Description

Per-CO person role assignments

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_role_id

integer, foreign key

CO Role Record ID

cm_co_roles:id

 

co_person_id

integer, foreign key

CO Person Record ID

cm_co_person_roles:id

 

percent_time

integer

Percent time Person is allocated to Role

0 (none) to 100 (full)

 

Table

cm_co_role_groups

Description

Per-CO group memberships implied by role

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_role_id

integer, foreign key

CO Role Record ID

cm_co_roles:id

 

co_group_id

integer, foreign key

CO Group Record ID

cm_co_groups:id

 

Table

cm_co_roles

Description

Per-CO role definitions

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_id

integer, foreign key

CO Record ID

cm_cos:id

 

description

varchar(256)

Description

 

 

status

varchar(2)

Role's status within CO

  • A: Active
  • D: Deleted

 

Table

cm_co_sequential_identifier_assignments

Description

Per-Identifier tracking of next values for sequentially assigned identifiers

  • There is currently no REST interface to this table.

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_identifier_assignment_id

integer, foreign key

CO Identifier Assignment ID

cm_co_identifier_assignments:id

 

affix

varchar(256)

String to attach the sequence number to

 

Basically the non-sequence portion of cm_co_identifier_assignments:format

last

integer

Last value used to assign this identifier

 

 
Unable to render {include} The included page could not be found.

eTable

cm_co_terms_and_conditions

Description

Per-CO terms and conditions

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_id

integer, foreign key

CO Record ID

cm_cos:id


description

varchar(256)

Description



url

varchar(256)

URL to terms and conditions



bodytext(4000)Body of T&C, instead of URL
Since v3.2.0

cou_id

integer, foreign key

If set, T&C must be agreed to by members of this COU

cm_cous:id


status

varchar(2)

Status of T&C

  • A: Active
  • S: Suspended


ordrintegerAscending order in which to display T&Cs
Since v3.1.0

Table

cm_configuration

Description

COordinate configuration values
This table was not implemented and is obsolete

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

attribute

varchar(256)

Configuration item

 

 

value

varchar(256)

Configuration value

 

 


Table

cm_cos

Description

Definitions of (virtual) organizations

  • CO Admins are defined by membership within the "admin" group within their CO
  • Special CO with name "COmanage" is where COmanage Admins are listed

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

name

varchar(128)

CO Name

 

 

description

varchar(256)

Description

 

 

status

varchar(2)

CO's status

  • A: Active
  • S: Suspended
  • T: Template

Template added Registry v3.2.0


Table

cm_cous

Description

Per-CO unit definitions

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_id

integer, foreign key

CO Record ID

cm_cos:id

 

parent_cou_id

integer, foreign key

pointer to parent cou

cm_cous:id


lft

integer

Tree left value

required by CakePHP for tree functions

Automatically managed

rght

integer

Tree right value

required by CakePHP for tree functions

Automatically managed

name

varchar(128)

COU name

 

 

description

varchar(256)

Description

 


Note: The CakePHP implementation of the model that represents this table includes code that enables the model to support a tree structure and leverage class MPTT behavior. The result is extra structure not easily seen in the table definition above. Refer to the implementation for details.

Table

cm_email_addresses

Description

Email Addresses

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

mail

varchar(256)

Internet mail address

RFC 4524 inetOrgPerson

 

descriptionvarchar(128)Description Added in Registry v3.1.0.

type

varchar(32)

Type of mail, as enumerated

 

When attached to a CO Person, types may be configured on a per-CO basis. See Extending the Registry Data Model.

See also Recommendations For Email Addresses.

verified

boolean

Was this address verified?

  • true: Verified
  • false: Not verified

Verification is via a URL sent to the address

co_person_id

integer, foreign key

CO Person Record ID

cm_co_people:id

Only one of co_person_idorg_identity_id, or co_department_id may be specified

org_identity_id

integer, foreign key

Org Identity Record ID

cm_org_identities:id

Only one of co_person_idorg_identity_id, or co_department_id may be specified

co_department_idinteger, foreign keyCO Department Record IDcm_co_departments:idOnly one of co_person_idorg_identity_id, or co_department_id may be specified. Added in Registry v3.1.0.
source_email_address_idinteger, foreign keyIf Pipelines are in use, the Email Address ID for the Org Identity Email Address that created this Namecm_email_addresses:idAdded in Registry v2.0.0.

Table

cm_history

Description

Transaction history (human readable)

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_person_id

integer, foreign key

CO Person Record ID change applied to

cm_co_people:id


co_person_role_id

integer, foreign key

CO Person Role Record ID change applied to

cm_co_person_roles:id


org_identity_id

integer, foreign key

Organizational Identity Record ID change applied to

cm_org_identities:id


co_group_idinteger, foreign keyCO Group Record ID change applied tocm_co_group_members:id
co_email_list_idinteger, foreign keyCO Email List ID change applied tocm_co_email_lists:id
co_service_idinteger, foreign keyCO Service ID change applied tocm_co_services:idAdded Registry v3.3.0

actor_co_person_id

integer, foreign key

CO Person who executed or requested this change

cm_co_people:id


action 

varchar(4)

Machine readable transaction code

As defined in ActionEnum

Local history should be identified with an action code beginning with the letter 'X'.

comment 

varchar(160)

Human readable transaction description




Table

cm_identifiers

Description

Person identifiers

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


identifier

varchar(256)

Identifier

As per type definition


type

varchar(32)

Type of identifier

Arbitrary values may be configured via cm_co_extended_types (for identifiers attached to COs, only) or default values available are

mail is intended for CO generated mail aliases/addresses to be stored, regardless of whether or not they are in use. Email addresses intended to be reflected into directories or other downstream locations should be stored in the email_addresses table.

login

boolean

Registry login flag

  • true: This identifier can be used to login to Registry
  • false: This identifier cannot be used to login to Registry
Only applies to identifiers attached to Org Identities.

status

varchar(2)

Identifier's status

  • A: Active
  • S: Suspended

An identifier marked deleted is no longer considered in use by COmanage, but it cannot be reassigned.

Prior to v2.0.0, the status D/Deleted was used instead of S/Suspended.

co_person_id

integer, foreign key

CO Person Record ID

cm_co_people:id

Only one of co_person_idorg_identity_id, co_group_id, or co_department_id may be specified

org_identity_id

integer, foreign key

Org Identity Record ID

cm_org_identities:id

Only one of co_person_idorg_identity_id, co_group_id, or co_department_id may be specified

co_department_idinteger, foreign keyCO Department Record IDcm_co_departments:idOnly one of co_person_idorg_identity_id, co_group_id, or co_department_id may be specified. Added in Registry v3.1.0.
co_group_idinteger, foreign keyCO Group Record IDcm_co_groups:idOnly one of co_person_idorg_identity_id, co_group_id, or co_department_id may be specified. Added in Registry v3.3.0.
source_identifier_idinteger, foreign keyIf Pipelines are in use, the Identifier ID for the Org Identity Identifier that created this record.cm_identifiers:idAdded in Registry v2.0.0.
co_provisioning_target_idinteger, foreign keyCO Provisioning Target IDcm_co_provisioning_targets:id

ie: The Provisioning Target that assigned (and is responsible for managing) this Identifier.

Added in Registry v3.1.0.

Table

cm_names

Description

Person names

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

honorific

varchar(32)

Dr, Mr, Ms, etc

 

 

given

varchar(128)

First/Given name(s)

 

 

middle

varchar(128)

Middle name(s)

 

 

family

varchar(128)

Last/Family name(s)

 

 

suffix

varchar(32)

Jr, III, PhD, etc

 

 

language

varchar(16)

Language encoding of this name

RFC 5646

For supported values, see lang.php

type

varchar(2)

 

 

When attached to a CO Person, types may be configured on a per-CO basis. See Extending the Registry Data Model.

primary_name

boolean

  • true: This name is the primary name for the CO Person or Org Identity
  • false: This name is not the primary name

 

Exactly one name per CO Person and one per Org Identity should have primary_name true at all times

co_person_id

integer, foreign key

CO Person Record ID

cm_co_people:id

Only one of co_person_id or org_identity_id may be specified

org_identity_id

integer, foreign key

Org Identity Record ID

cm_org_identities:id

Only one of co_person_id or org_identity_id may be specified

source_name_idinteger, foreign keyIf Pipelines are in use, the Name ID for the Org Identity Name that created this Namecm_names:id 

Table

cm_org_identities

Description

Person identity, from institutional source

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


statusvarchar(2)Org Identity status
  • RM: Removed
  • SY: Synced
Added in v2.0.0. Currently intended primarily for org identities synced from an org identity source.
date_of_birthdatePerson's date of birth
Added in Registry v3.3.0

affiliation

varchar(8)  

Broad affiliation to source organization

eduPerson person


title

varchar(128)

Title at source organization

X.520 via RFC 4519 person


o

varchar(128)

Source organization

X.520 via RFC 4519 person


ou

varchar(128)

Departmental affiliation at source organization

X.520 via RFC 4519 person


valid_from

datetime

Org Identity is considered valid from this time

If null, valid any time through valid_through

Added in v2.0.0

valid_through

datetime

Org Identity is considered valid through (but not past) this time

If null, valid any time from valid_from

Added in v2.0.0
manager_identifiervarchar(512)Identifier for this Org Identity's managercm_identifiers:identifierAdded in v4.1.0
sponsor_identifiervarchar(512)Identifier for this Org Identity's sponsorcm_identifiers:identifierAdded in v4.1.0

organization_id

integer, foreign key

Source organization via known organizations

cm_organizations (obsolete):id

Unused column removed in v2.0.0

co_id

integer, foreign key

If pool_org_identities is false in the CMP Enrollment Configuration, the CO in which this Org Identity is available

cm_cos:id



Table

cm_organizations

Description

Definitions of (external) organizations

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement


co_id

integer, foreign key

CO Record ID

cm_cos:id


name

varchar(128)

Name



description

varchar(128)

Description



type

varchar(32)

Organization type


May be configured on a per-CO basis. See Extending the Registry Data Model.

Table

cm_permissions

Description

Permissions for COoordinate

  • Special CO with id "1" and name "COmanage" (linked via cm_co_person_roles:co_id) is where COordinate Admins are listed

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

co_person_id

integer, foreign key

CO Person Record ID

cm_co_person_roles:id

 

permission

varchar(2)

Permission

  • A: Admin for CO

 

Table

cm_telephone_numbers

Description

Telephone Numbers

Column

Format

Description

Definition

Comments

id

integer, primary key

Row identifier

autoincrement

 

country_codevarchar(3)Telephone Country CodeITU E.164 
area_codevarchar(8)Telephone Area (National Destination) CodeITU E.164  

number

varchar(64)

Telephone Subscriber Number

ITU E.164

 

extensionvarchar(16)Telephone ExtensionLocation specific 
descriptionvarchar(128)Description Added in Registry v3.1.0.

type

varchar(2)

Type of telephone

 

When attached to a CO Person Role, types may be configured on a per-CO basis. See Extending the Registry Data Model.

co_person_role_id

integer, foreign key

CO Person Role Record ID

cm_co_person_roles:id

Only one of co_person_idorg_identity_id, or co_department_id may be specified

org_identity_id

integer, foreign key

Org Identity Record ID

cm_org_identities:id

Only one of co_person_idorg_identity_id, or co_department_id may be specified

co_department_idinteger, foreign keyCO Department Record IDcm_co_departments:idOnly one of co_person_idorg_identity_id, or co_department_id may be specified. Added in Registry v3.1.0.
source_telephone_number_idinteger, foreign keyIf Pipelines are in use, the Telephone Number ID for the Org Identity Telephone Number that created this record.cm_telephone_numbers:idAdded in Registry v2.0.0.
  • No labels