Attributes
Identity Attribute
There are 2 json files which distributes the identity in IDHub. One is Account.json for Accounts and Entitlement.json for Entitlements (This includes all entitlement types)
| Attribute Name | Attribute Type | Attribute Description |
|---|---|---|
id | string | Unique Identifier of Identity |
name | string | Name of Identity |
endpoint | string | Endpoint name of Identity |
description | string | Description of Identity |
schema | string | Schema path of Identity |
Account Attribute
Below are the default attributes that Account.json can accommodate to fetch account related information from your Google instance.
| Attribute Name | Attribute Type | Attribute Description | Required |
|---|---|---|---|
country | string | The country in which the user is located | |
displayName | string | The fullName/displayName of the user | Yes |
familyName | string | The lastName/familyName of the user | Yes |
givenName | string | The firstName/givenName of the user | Yes |
id | string | The unique ID for the user. | |
orgUnitPath | string | The full path of the parent organization associated with the user | |
phoneNumber | string | A list of phone numbers of user. | |
poBox | string | The post office box in which the user is located, if present. | |
primaryEmail | string | The email ID domain must be a valid domain accessible to the service account provided in application configuration. | Yes |
recoveryEmail | string | Recovery email of the user. | |
recoveryPhone | complex | Recovery phone of the user. | |
secondaryEmail | string | Secondary email address of user. OPTIONAL. | |
streetAddress | string | The street address in which the user is located. | |
thumbnailPhotoUrl | string | Photo Url of the user | |
jobTitle | string | Job Title of the user | |
employeeType | string | Employee Type of the user | |
department | string | Department of the user |
Other Attributes
Other Attributes can be included by support team are discussed here
| Attribute Name | Attribute Type | Attribute Description |
|---|---|---|
objectID | string | Unique identifier for the user and non editable. |
name | string | User’s full name |
isAdmin | boolean | Indicates if a user is an administrator |
isDelegatedAdmin | boolean | Indicates if a users is a delegated administrator |
lastLoginTime | time | User’s last login time |
suspended | string | User’s suspended status |
suspensionReason | string | User’s suspension reason |
changePasswordAtNextLogin | string | Indicates if the user is required to change their password the next time they log in. |
ipWhiteListed | string | Indicate if user's IP address is whitelisted |
archived | boolean | Indicates if a user is archived |
ims | complex | The user's Instant Messenger (IM) accounts |
emails | complex | A list of the user's email addresses |
externalIds | complex | A list of external IDs for the user, such as an employee or network ID |
relations | complex | A list of the user's relationships to other users |
addresses | complex | A list of the user's addresses |
organizations | complex | A list of organizations the user belongs to |
phones | complex | A list of the user's phone numbers |
aliases | complex | A list of the user's alias email addresses |
nonEditableAliases | complex | A list of the user's non-editable alias email addresses |
customerId | string | The customer ID to retrieve all account users |
isMailboxSetup | boolean | Indicates if the user's Google mailbox is created |
includeInGlobalAddressList | complex | Indicates if the user's profile is visible in the Global Address List when the contact sharing feature is enabled for the domain |
contacts | string | A list of the user's contacts |
delegatedAdmins | string | Delegated administrators of a user |
Groups | string | Groups connected to the user |
customSchemas | string | Aggregates custom schema attributes |
Roles | string | Roles connected to the user |
objectType | string | Object type of the account |
domainName | string | The domain name of the customer |
domainAliases | string | A list of domain alias |
isPrimary | boolean | Indicates if the domain is a primary domain |
verified | string | Indicates the verification state of a domain |
projectId | string | The ID of the project that owns the service account |
uniqueId | string | The unique and stable numeric ID for the service account |
description | string | Description for the service account |
serviceAccountId | string | Account ID of service account |
resourcePermissions | string | IAM resource permissions assigned to the user |
Entitlement Attribute
Below are the default entitlement attributes that Entitlement.json can accommodate to fetch entitlements like Drive, Group etc from your Google instance.
| Attribute Name | Attribute Type | Attribute Description | Required |
|---|---|---|---|
id | complex | The complex id of the Entitlement. | Yes |
externalId | string | A String that is an identifier for the resource as defined by the provisioning client. | |
email | string | The email address of the Group Entitlement | Yes |
displayName | string | Display Name of Entitlement. Maximum length: 256 characters | Yes |
meta | string | A complex attribute containing resource metadata with subattributesresourceType : The name of the resource type of the resourcecreated : The datetime that the resource was added to the service providerlastModified : The most recent datetime that the details of this resource were updated at the service provider. If this resource has never been modified since its initial creation, the value MUST be the same as the value of createdlocation : The URI where the resource is availableversion : The version of the resource being returned. | |
permissionId | string | Permission ID when an Entitlement is granted to user. This will be used to revoke memberships. It will be returned only during membership creation. Client should save this information and send it to Splice during revocation. This is only applicable when an account is assigned an entitlement. OPTIONAL. | |
requestId | string | A unique ID related to user request. This will be used to avoid duplicate resources created for same request when creating Shared Drive. It is highly recommended that this is populated during shared drive creation. A random UUID will be created if this value is not provided. OPTIONAL. | |
schemas | string | The schemasattribute is an array of Strings containing URIs that are used to indicate the namespaces of the SCIM schemas that define the attributes present in the current JSON structure. This attribute may be used by parsers to define the attributes present in the JSON structure that is the body to an HTTP request or response. Each String value is an unique URI. | Yes |