Example URLs:

Parameters:

Parameter nameRequired?CardinalityTypePossible valuesDescription
membershipTypeoptionalsinglestring
ParamDescription
 all (default)all members of the group will be returned
directimmediate members will be returned (i.e. assigned to the group, not a membership due to a membership in a group which is a member of the group. Note, if a member is immediate and nonImmediate that member will also be returned
indirectnonImmediate members will be returned (i.e. assigned to a group which is a member of this group. Note, could be any number of levels nested. Note, if a member is immediate and nonImmediate that member will also be returned
Describes the membership type of the returned members. Only the values listed are allowed.

 

Response codes:

In addition to the common response codes

NameHTTP status codeSuccessDescription
SUCCESS_IS_MEMBER200trueIf the member is in the group given the parameters
SUCCESS_IS_NOT_MEMBER404trueIf the member is not in the group given the parameters
ERROR_SUBJECT_NOT_FOUND404falseIf the subject could not be identified by the id. Note, could have multiple results or another problem
ERROR_GROUP_NOT_FOUND404falseIf the group was not found by the id. Note, could have multiple results or another problem

 

Representation

For a user

 

{
  "id":"test.subject.0",
  "meta":{
    "location":"http://localhost:8088/grouperWs/tierApiAuthz/v1/Groups/name:test:testGroup/Members/id:test.subject.0?indent=true",
    "resourceType":"User",
    "tierDebugMessage":"some debug stuff",
    "tierHttpStatusCode":200,
    "tierRequestId":"c5ebf05755894cb7aff9ce3b21df65d9",
    "tierResponseDurationMillis":22,
    "tierResultCode":"SUCCESS_IS_MEMBER",
    "tierServerVersion":"1.0",
    "tierServiceRootUri":"http://localhost:8088/grouperWs/tierApiAuthz",
    "tierSuccess":true
  },
  "name":{
    "formatted":"my name is test.subject.0"
  },
  "schemas":[
    "urn:ietf:params:scim:schemas:core:2.0:User",
    "urn:edu:internet2:tier:2.0:User"
  ]
}

 

User not found

 

{
  "meta": {
    "location": "https://grouperdemo.internet2.edu/grouper-ws_v2_2/tierApiAuthz/v1/Groups/name:test:testGroup/Members/id:test.subject.1?indent=true",
    "resourceType": "GroupMember",
    "tierDebugMessage": "requestId: a457b28a1f874093b51e426b72de4dbb, clientUser: test, clientIp: 209.6.247.150, format: json, indent: true, requestUri: /grouper-ws_v2_2/tierApiAuthz/v1/Groups/name:test:testGroup/Members/id:test.subject.1, urlStrings: [], requestBodySize: 0, method: GET, queryString: indent=true, urlVersion: v1, operation: groupHasMemberGet, foundGroup: test:testGroup, foundSubject: Subject id: test.subject.1, sourceId: jdbc, membershipType: all, hasMember: false, success: true, resultCode: SUCCESS_IS_NOT_MEMBER, status: 404, responseContentType: text/x-json; charset=UTF-8",
    "tierHttpStatusCode": 404,
    "tierRequestId": "a457b28a1f874093b51e426b72de4dbb",
    "tierResponseDurationMillis": 72,
    "tierResultCode": "SUCCESS_IS_NOT_MEMBER",
    "tierServerVersion": "1.0",
    "tierServiceRootUri": "https://grouperdemo.internet2.edu/grouper-ws_v2_2/tierApiAuthz",
    "tierSuccess": true
  }
}

 

 

LineRequiredDescription

"schemas": ["urn:ietf:params:scim:schemas:core:2.0:User", "urn:edu:internet2:tier:2.0:User"],

requiredschemas, sites could add site specific schema(s)

"id": "id:1234567"

required 

"tierNetId": "bjensen", or other Tier User fields

optionalother identifiers fields and values could be sent as well

"userName": "bjensen@example.com", or other SCIM user fields

optional 

"name": {

optional 

"formatted": "Ms. Barbara J Jensen, III",

requiredIf the name is sent back, this is required

"familyName": "Jensen", or other SCIM name fields

optional 

"meta": {

required 

"resourceType": "User", or other SCIM meta fields

requiredmust be User, Group, or System

"tierCanonicalLocation": "https://url.edu/v2/Users/id:12345678", or other TIER meta fields

required if implementedURL that points to resource of the member by id. If it is not implemented by the institution then it is not required, if it is implemented, then it must be sent. e.g. maybe for Systems it is not implements]ed

For a group

{
  "displayName":"test:testGroup1",
  "id":"794a64d2399c4feda92441aeff728886",
  "meta":{
    "location":"http://localhost:8088/grouperWs/tierApiAuthz/v1/Groups/name:test:testGroup/Members/groupName:test:testGroup1?indent=true",
    "resourceType":"Group",
    "tierDebugMessage":"some debug stuff",
    "tierHttpStatusCode":200,
    "tierRequestId":"755f38dcc3ae44d0a4d2f1bd60fed148",
    "tierResponseDurationMillis":4772,
    "tierResultCode":"SUCCESS_IS_MEMBER",
    "tierServerVersion":"1.0",
    "tierServiceRootUri":"http://localhost:8088/grouperWs/tierApiAuthz",
    "tierSuccess":true
  },
  "schemas":[
    "urn:ietf:params:scim:schemas:core:2.0:Group",
    "urn:edu:internet2:tier:2.0:Group"
  ]
  ,
  "tierSystemName":"test:testGroup1"
}
  • No labels