malithie
commented
5 years ago Fixed introducing a REST API endpoint to support updating a username of a user.
API context URL - https://{host}:{port}/t/{tenant-domain}/api/identity/user/v1.0/update-username path.
Sample Request -
curl -k -v -X PUT -H "Authorization: Basic
The API is designed to work as below upon a username update request.
- Validate the username update request
- Disable the account of the user (Applied when user account disabling is enabled [1] for the respective tenant)
- Perform username update (Invokes forgetme tool)
- Enable the account of the user
Disabling the user account at step (2), will terminate all active sessions of the user.
[1] https://docs.wso2.com/display/IS570/Account+Disabling
Prerequisites
- Enable session termination when the user account gets disabled.
Note - Once below steps are applied active sessions of the user will be terminated upon following events
- When the user account is disabled
- When the user account is locked
- When the password is updated
(i) Apply below configuration within
tag in /repository/conf/identity/identity.xml file.
<UserSessionMapping>
<Enable>true</Enable>
</UserSessionMapping>(ii) Apply below configuration within
<EventListener type="org.wso2.carbon.user.core.listener.UserOperationEventListener"
name="org.wso2.carbon.identity.mgt.listener.UserSessionTerminationListener"
orderId="85" enable="true"/>- Secure the API resource
Apply below configuration within
<Resource context="(.*)/api/identity/user/v1.0/update-username(.*)" secured="true" http-method="PUT">
<Permissions>/permission/admin/manage/identity/usermgt/update</Permissions>
</Resource>
nilasini
At the moment there is no service available to perform username rename. This is to include that support over the capability of identity anonymization tool.