Package de.captaingoldfish.scim.sdk.common.resources

Class User

java.lang.Object
com.fasterxml.jackson.databind.JsonSerializable.Base
com.fasterxml.jackson.databind.JsonNode
com.fasterxml.jackson.databind.node.BaseJsonNode
com.fasterxml.jackson.databind.node.ContainerNode<com.fasterxml.jackson.databind.node.ObjectNode>
com.fasterxml.jackson.databind.node.ObjectNode
de.captaingoldfish.scim.sdk.common.resources.base.ScimObjectNode
de.captaingoldfish.scim.sdk.common.resources.AbstractSchemasHolder
de.captaingoldfish.scim.sdk.common.resources.ResourceNode
de.captaingoldfish.scim.sdk.common.resources.User
All Implemented Interfaces:
com.fasterxml.jackson.core.TreeNode, com.fasterxml.jackson.databind.JsonSerializable, com.fasterxml.jackson.databind.node.JsonNodeCreator, ScimNode, Serializable, Iterable<com.fasterxml.jackson.databind.JsonNode>
public class User extends ResourceNode
author Pascal Knueppel
created at: 07.10.2019 - 23:22

SCIM provides a resource type for "User" resources. The core schema for "User" is identified using the following schema URI: "urn:ietf:params:scim:schemas:core:2.0:User".
See Also:

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    static class 
    User.UserBuilder
    override lombok builder

    Nested classes/interfaces inherited from class com.fasterxml.jackson.databind.JsonNode

    com.fasterxml.jackson.databind.JsonNode.OverwriteMode

    Nested classes/interfaces inherited from interface com.fasterxml.jackson.databind.JsonSerializable

    com.fasterxml.jackson.databind.JsonSerializable.Base

  • Field Summary

    Fields inherited from class com.fasterxml.jackson.databind.node.ObjectNode

    _children

    Fields inherited from class com.fasterxml.jackson.databind.node.ContainerNode

    _nodeFactory

  • Constructor Summary

    Constructors
    Constructor
    Description
    User()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    addAddress(Address address)
    A physical mailing address for this user.
    void
    addEmail(Email email)
    Email addresses for the User.
    void
    addEntitlement(Entitlement entitlement)
    A list of entitlements for the user that represent a thing the user has.
    void
    addGroup(GroupNode group)
    A list of groups to which the user belongs, either through direct membership, through nested groups, or dynamically calculated.
    void
    addIms(Ims ims)
    Instant messaging address for the user.
    void
    addPhoneNumber(PhoneNumber phoneNumber)
    Phone numbers for the user.
    void
    addPhoto(Photo photo)
    A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) that points to a resource location representing the user's image.
    void
    addRole(PersonRole personRole)
    A list of roles for the user that collectively represent who the user is, e.g., "Student", "Faculty".
    void
    addX509Certificate(ScimX509Certificate x509Certificate)
    A list of certificates associated with the resource (e.g., a User).
    static User.UserBuilder
    builder()
     
    List<Address>
    getAddresses()
    A physical mailing address for this user.
    Optional<String>
    getDisplayName()
    The name of the user, suitable for display to end-users.
    List<Email>
    getEmails()
    Email addresses for the User.
    Optional<EnterpriseUser>
    getEnterpriseUser()
    The following SCIM extension defines attributes commonly used in representing users that belong to, or act on behalf of, a business or enterprise.
    List<Entitlement>
    getEntitlements()
    A list of entitlements for the user that represent a thing the user has.
    List<GroupNode>
    getGroups()
    A list of groups to which the user belongs, either through direct membership, through nested groups, or dynamically calculated.
    List<Ims>
    getIms()
    Instant messaging address for the user.
    Optional<String>
    getLocale()
    Used to indicate the User's default location for purposes of localizing such items as currency, date time format, or numerical representations.
    Optional<Name>
    getName()
    The components of the user's name.
    Optional<String>
    getNickName()
    The casual way to address the user in real life, e.g., "Bob" or "Bobby" instead of "Robert".
    Optional<String>
    getPassword()
    This attribute is intended to be used as a means to set, replace, or compare (i.e., filter for equality) a password.
    List<PhoneNumber>
    getPhoneNumbers()
    Phone numbers for the user.
    List<Photo>
    getPhotos()
    A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) that points to a resource location representing the user's image.
    Optional<String>
    getPreferredLanguage()
    Indicates the user's preferred written or spoken languages and is generally used for selecting a localized user interface.
    Optional<String>
    getProfileUrl()
    A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) and that points to a location representing the user's online profile (e.g., a web page).
    List<PersonRole>
    getRoles()
    A list of roles for the user that collectively represent who the user is, e.g., "Student", "Faculty".
    Optional<String>
    getTimezone()
    The User's time zone, in IANA Time Zone database format [RFC6557], also known as the "Olson" time zone database format [Olson-TZ] (e.g., "America/Los_Angeles").
    Optional<String>
    getTitle()
    The user's title, such as "Vice President".
    Optional<String>
    getUserName()
    A service provider's unique identifier for the user, typically used by the user to directly authenticate to the service provider.
    Optional<String>
    getUserType()
    Used to identify the relationship between the organization and the user.
    List<ScimX509Certificate>
    getX509Certificates()
    A list of certificates associated with the resource (e.g., a User).
    Optional<Boolean>
    isActive()
    A Boolean value indicating the user's administrative status.
    void
    setActive(Boolean active)
    A Boolean value indicating the user's administrative status.
    void
    setAddresses(List<Address> addresses)
    A physical mailing address for this user.
    void
    setDisplayName(String displayName)
    The name of the user, suitable for display to end-users.
    void
    setEmails(List<Email> emails)
    Email addresses for the User.
    void
    setEnterpriseUser(EnterpriseUser enterpriseUser)
    The following SCIM extension defines attributes commonly used in representing users that belong to, or act on behalf of, a business or enterprise.
    void
    setEntitlements(List<Entitlement> entitlements)
    A list of entitlements for the user that represent a thing the user has.
    void
    setGroups(List<GroupNode> groups)
    A list of groups to which the user belongs, either through direct membership, through nested groups, or dynamically calculated.
    void
    setIms(List<Ims> ims)
    Instant messaging address for the user.
    void
    setLocale(String locale)
    Used to indicate the User's default location for purposes of localizing such items as currency, date time format, or numerical representations.
    void
    setName(Name name)
    The components of the user's name.
    void
    setNickName(String nickName)
    The casual way to address the user in real life, e.g., "Bob" or "Bobby" instead of "Robert".
    void
    setPassword(String password)
    This attribute is intended to be used as a means to set, replace, or compare (i.e., filter for equality) a password.
    void
    setPhoneNumbers(List<PhoneNumber> phoneNumbers)
    Phone numbers for the user.
    void
    setPhotos(List<Photo> photos)
    A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) that points to a resource location representing the user's image.
    void
    setPreferredLanguage(String preferredLanguage)
    Indicates the user's preferred written or spoken languages and is generally used for selecting a localized user interface.
    void
    setProfileUrl(String profileUrl)
    A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) and that points to a location representing the user's online profile (e.g., a web page).
    void
    setRoles(List<PersonRole> personRoles)
    A list of roles for the user that collectively represent who the user is, e.g., "Student", "Faculty".
    void
    setTimezone(String timezone)
    The User's time zone, in IANA Time Zone database format [RFC6557], also known as the "Olson" time zone database format [Olson-TZ] (e.g., "America/Los_Angeles").
    void
    setTitle(String title)
    The user's title, such as "Vice President".
    void
    setUserName(String userName)
    A service provider's unique identifier for the user, typically used by the user to directly authenticate to the service provider.
    void
    setUserType(String userType)
    Used to identify the relationship between the organization and the user.
    void
    setX509Certificates(List<ScimX509Certificate> x509Certificates)
    A list of certificates associated with the resource (e.g., a User).

    Methods inherited from class de.captaingoldfish.scim.sdk.common.resources.ResourceNode

    getExternalId, getId, getMeta, getSortingAttribute, setExternalId, setId, setMeta

    Methods inherited from class de.captaingoldfish.scim.sdk.common.resources.AbstractSchemasHolder

    addSchema, getSchemas, removeSchema, setSchemas, setSchemas

    Methods inherited from class de.captaingoldfish.scim.sdk.common.resources.base.ScimObjectNode

    addAttribute, getArrayAttribute, getBinaryAttribute, getBooleanAttribute, getDateTimeAttribute, getDoubleAttribute, getIntegerAttribute, getLongAttribute, getObjectAttribute, getSchemaAttribute, getSimpleArrayAttribute, getSimpleArrayAttribute, getSimpleArrayAttributeSet, getSimpleArrayAttributeSet, getStringAttribute, getStringAttribute, isEmpty, setAttribute, setAttribute, setAttribute, setAttribute, setAttribute, setAttribute, setAttribute, setAttribute, setAttributeList, setDateTimeAttribute, setDateTimeAttribute, setDateTimeAttribute, setDateTimeAttribute, setStringAttributeList, setStringAttributeList, toPrettyString, toString

    Methods inherited from class com.fasterxml.jackson.databind.node.ObjectNode

    _at, _childrenEqual, _put, _withArray, _withArrayAddTailProperty, _withObject, _withObjectAddTailProperty, asToken, deepCopy, elements, equals, equals, fieldNames, fields, findParent, findParents, findValue, findValues, findValuesAsText, get, get, getNodeType, hashCode, isEmpty, isObject, path, path, properties, put, put, put, put, put, put, put, put, put, put, put, put, put, put, put, put, put, putAll, putAll, putArray, putIfAbsent, putNull, putObject, putPOJO, putRawValue, remove, remove, removeAll, replace, required, retain, retain, serialize, serializeFilteredContents, serializeWithType, set, setAll, setAll, size, with, withArray, without, without

    Methods inherited from class com.fasterxml.jackson.databind.node.ContainerNode

    arrayNode, arrayNode, asText, binaryNode, binaryNode, booleanNode, missingNode, nullNode, numberNode, numberNode, numberNode, numberNode, numberNode, numberNode, numberNode, numberNode, numberNode, numberNode, numberNode, numberNode, numberNode, numberNode, objectNode, pojoNode, rawValueNode, textNode

    Methods inherited from class com.fasterxml.jackson.databind.node.BaseJsonNode

    _bigIntFromBigDec, _jsonPointerIfValid, _reportWrongNodeOperation, _reportWrongNodeType, _withXxxMayReplace, _withXxxVerifyReplace, findPath, numberType, required, traverse, traverse, withArray, withObject

    Methods inherited from class com.fasterxml.jackson.databind.JsonNode

    _reportRequiredViolation, _this, asBoolean, asBoolean, asDouble, asDouble, asInt, asInt, asLong, asLong, asText, at, at, bigIntegerValue, binaryValue, booleanValue, canConvertToExactIntegral, canConvertToInt, canConvertToLong, decimalValue, doubleValue, findParents, findValues, findValuesAsText, floatValue, has, has, hasNonNull, hasNonNull, intValue, isArray, isBigDecimal, isBigInteger, isBinary, isBoolean, isContainerNode, isDouble, isFloat, isFloatingPointNumber, isInt, isIntegralNumber, isLong, isMissingNode, isNull, isNumber, isPojo, isShort, isTextual, isValueNode, iterator, longValue, numberValue, require, requiredAt, requiredAt, requireNonNull, shortValue, textValue, withArray, withArray, withObject, withObject, withObject

    Methods inherited from class java.lang.Object

    clone, finalize, getClass, notify, notifyAll, wait, wait, wait

    Methods inherited from interface java.lang.Iterable

    forEach, spliterator

    Methods inherited from interface de.captaingoldfish.scim.sdk.common.resources.base.ScimNode

    getAttributeDescription, getAttributeName, getCanonicalValues, getMutability, getReferenceTypes, getReturned, getScimNodeName, getUniqueness, getValueType, isCaseExact, isMultiValued, isRequired

  • Constructor Details

    • User

      public User()

  • Method Details

    • getUserName

      public Optional<String> getUserName()
      A service provider's unique identifier for the user, typically used by the user to directly authenticate to the service provider. Often displayed to the user as their unique identifier within the system (as opposed to "id" or "externalId", which are generally opaque and not user-friendly identifiers). Each User MUST include a non-empty userName value. This identifier MUST be unique across the service provider's entire set of Users. This attribute is REQUIRED and is case insensitive.

    • setUserName

      public void setUserName(String userName)
      A service provider's unique identifier for the user, typically used by the user to directly authenticate to the service provider. Often displayed to the user as their unique identifier within the system (as opposed to "id" or "externalId", which are generally opaque and not user-friendly identifiers). Each User MUST include a non-empty userName value. This identifier MUST be unique across the service provider's entire set of Users. This attribute is REQUIRED and is case insensitive.

    • getName

      public Optional<Name> getName()
      The components of the user's name. Service providers MAY return just the full name as a single string in the formatted sub-attribute, or they MAY return just the individual component attributes using the other sub-attributes, or they MAY return both. If both variants are returned, they SHOULD be describing the same name, with the formatted name indicating how the component attributes should be combined.

    • setName

      public void setName(Name name)
      The components of the user's name. Service providers MAY return just the full name as a single string in the formatted sub-attribute, or they MAY return just the individual component attributes using the other sub-attributes, or they MAY return both. If both variants are returned, they SHOULD be describing the same name, with the formatted name indicating how the component attributes should be combined.

    • getDisplayName

      public Optional<String> getDisplayName()
      The name of the user, suitable for display to end-users. Each user returned MAY include a non-empty displayName value. The name SHOULD be the full name of the User being described, if known (e.g., "Babs Jensen" or "Ms. Barbara J Jensen, III") but MAY be a username or handle, if that is all that is available (e.g., "bjensen"). The value provided SHOULD be the primary textual label by which this User is normally displayed by the service provider when presenting it to end-users.

    • setDisplayName

      public void setDisplayName(String displayName)
      The name of the user, suitable for display to end-users. Each user returned MAY include a non-empty displayName value. The name SHOULD be the full name of the User being described, if known (e.g., "Babs Jensen" or "Ms. Barbara J Jensen, III") but MAY be a username or handle, if that is all that is available (e.g., "bjensen"). The value provided SHOULD be the primary textual label by which this User is normally displayed by the service provider when presenting it to end-users.

    • getNickName

      public Optional<String> getNickName()
      The casual way to address the user in real life, e.g., "Bob" or "Bobby" instead of "Robert". This attribute SHOULD NOT be used to represent a User's username (e.g., bjensen or mpepperidge).

    • setNickName

      public void setNickName(String nickName)
      The casual way to address the user in real life, e.g., "Bob" or "Bobby" instead of "Robert". This attribute SHOULD NOT be used to represent a User's username (e.g., bjensen or mpepperidge).

    • getProfileUrl

      public Optional<String> getProfileUrl()
      A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) and that points to a location representing the user's online profile (e.g., a web page). URIs are canonicalized per Section 6.2 of [RFC3986].

    • setProfileUrl

      public void setProfileUrl(String profileUrl)
      A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) and that points to a location representing the user's online profile (e.g., a web page). URIs are canonicalized per Section 6.2 of [RFC3986].

    • getTitle

      public Optional<String> getTitle()
      The user's title, such as "Vice President".

    • setTitle

      public void setTitle(String title)
      The user's title, such as "Vice President".

    • getUserType

      public Optional<String> getUserType()
      Used to identify the relationship between the organization and the user. Typical values used might be "Contractor", "Employee", "Intern", "Temp", "External", and "Unknown", but any value may be used.

    • setUserType

      public void setUserType(String userType)
      Used to identify the relationship between the organization and the user. Typical values used might be "Contractor", "Employee", "Intern", "Temp", "External", and "Unknown", but any value may be used.

    • getPreferredLanguage

      public Optional<String> getPreferredLanguage()
      Indicates the user's preferred written or spoken languages and is generally used for selecting a localized user interface. The value indicates the set of natural languages that are preferred. The format of the value is the same as the HTTP Accept-Language header field (not including "Accept-Language:") and is specified in Section 5.3.5 of [RFC7231]. The intent of this value is to enable cloud applications to perform matching of language tags [RFC4647] to the user's language preferences, regardless of what may be indicated by a user agent (which might be shared), or in an interaction that does not involve a user (such as in a delegated OAuth 2.0 [RFC6749] style interaction) where normal HTTP Accept-Language header negotiation cannot take place.

    • setPreferredLanguage

      public void setPreferredLanguage(String preferredLanguage)
      Indicates the user's preferred written or spoken languages and is generally used for selecting a localized user interface. The value indicates the set of natural languages that are preferred. The format of the value is the same as the HTTP Accept-Language header field (not including "Accept-Language:") and is specified in Section 5.3.5 of [RFC7231]. The intent of this value is to enable cloud applications to perform matching of language tags [RFC4647] to the user's language preferences, regardless of what may be indicated by a user agent (which might be shared), or in an interaction that does not involve a user (such as in a delegated OAuth 2.0 [RFC6749] style interaction) where normal HTTP Accept-Language header negotiation cannot take place.

    • getLocale

      public Optional<String> getLocale()
      Used to indicate the User's default location for purposes of localizing such items as currency, date time format, or numerical representations. A valid value is a language tag as defined in [RFC5646]. Computer languages are explicitly excluded. A language tag is a sequence of one or more case-insensitive sub-tags, each separated by a hyphen character ("-", %x2D). For backward compatibility, servers MAY accept tags separated by an underscore character ("_", %x5F). In most cases, a language tag consists of a primary language sub-tag that identifies a broad family of related languages (e.g., "en" = English) and that is optionally followed by a series of sub-tags that refine or narrow that language's range (e.g., "en-CA" = the variety of English as communicated in Canada). Whitespace is not allowed within a language tag. Example tags include: fr, en-US, es-419, az-Arab, x-pig-latin, man-Nkoo-GN See [RFC5646] for further information.

    • setLocale

      public void setLocale(String locale)
      Used to indicate the User's default location for purposes of localizing such items as currency, date time format, or numerical representations. A valid value is a language tag as defined in [RFC5646]. Computer languages are explicitly excluded. A language tag is a sequence of one or more case-insensitive sub-tags, each separated by a hyphen character ("-", %x2D). For backward compatibility, servers MAY accept tags separated by an underscore character ("_", %x5F). In most cases, a language tag consists of a primary language sub-tag that identifies a broad family of related languages (e.g., "en" = English) and that is optionally followed by a series of sub-tags that refine or narrow that language's range (e.g., "en-CA" = the variety of English as communicated in Canada). Whitespace is not allowed within a language tag. Example tags include: fr, en-US, es-419, az-Arab, x-pig-latin, man-Nkoo-GN See [RFC5646] for further information.

    • getTimezone

      public Optional<String> getTimezone()
      The User's time zone, in IANA Time Zone database format [RFC6557], also known as the "Olson" time zone database format [Olson-TZ] (e.g., "America/Los_Angeles").

    • setTimezone

      public void setTimezone(String timezone)
      The User's time zone, in IANA Time Zone database format [RFC6557], also known as the "Olson" time zone database format [Olson-TZ] (e.g., "America/Los_Angeles").

    • isActive

      public Optional<Boolean> isActive()
      A Boolean value indicating the user's administrative status. The definitive meaning of this attribute is determined by the service provider. As a typical example, a value of true implies that the user is able to log in, while a value of false implies that the user's account has been suspended.

    • setActive

      public void setActive(Boolean active)
      A Boolean value indicating the user's administrative status. The definitive meaning of this attribute is determined by the service provider. As a typical example, a value of true implies that the user is able to log in, while a value of false implies that the user's account has been suspended.

    • getPassword

      public Optional<String> getPassword()
      This attribute is intended to be used as a means to set, replace, or compare (i.e., filter for equality) a password. The cleartext value or the hashed value of a password SHALL NOT be returnable by a service provider. If a service provider holds the value locally, the value SHOULD be hashed. When a password is set or changed by the client, the cleartext password SHOULD be processed by the service provider as follows: * Prepare the cleartext value for international language comparison. See Section 7.8 of [RFC7644]. * Validate the value against server password policy. Note: The definition and enforcement of password policy are beyond the scope of this document. * Ensure that the value is encrypted (e.g., hashed). See Section 9.2 for acceptable hashing and encryption handling when storing or persisting for provisioning workflow reasons. A service provider that immediately passes the cleartext value on to another system or programming interface MUST pass the value directly over a secured connection (e.g., Transport Layer Security (TLS)). If the value needs to be temporarily persisted for a period of time (e.g., because of a workflow) before provisioning, then the value MUST be protected by some method, such as encryption. Testing for an equality match MAY be supported if there is an existing stored hashed value. When testing for equality, the service provider: * Prepares the filter value for international language comparison. See Section 7.8 of [RFC7644]. * Generates the salted hash of the filter value and tests for a match with the locally held value. The mutability of the password attribute is "writeOnly", indicating that the value MUST NOT be returned by a service provider in any form (the attribute characteristic "returned" is "never").

    • setPassword

      public void setPassword(String password)
      This attribute is intended to be used as a means to set, replace, or compare (i.e., filter for equality) a password. The cleartext value or the hashed value of a password SHALL NOT be returnable by a service provider. If a service provider holds the value locally, the value SHOULD be hashed. When a password is set or changed by the client, the cleartext password SHOULD be processed by the service provider as follows: * Prepare the cleartext value for international language comparison. See Section 7.8 of [RFC7644]. * Validate the value against server password policy. Note: The definition and enforcement of password policy are beyond the scope of this document. * Ensure that the value is encrypted (e.g., hashed). See Section 9.2 for acceptable hashing and encryption handling when storing or persisting for provisioning workflow reasons. A service provider that immediately passes the cleartext value on to another system or programming interface MUST pass the value directly over a secured connection (e.g., Transport Layer Security (TLS)). If the value needs to be temporarily persisted for a period of time (e.g., because of a workflow) before provisioning, then the value MUST be protected by some method, such as encryption. Testing for an equality match MAY be supported if there is an existing stored hashed value. When testing for equality, the service provider: * Prepares the filter value for international language comparison. See Section 7.8 of [RFC7644]. * Generates the salted hash of the filter value and tests for a match with the locally held value. The mutability of the password attribute is "writeOnly", indicating that the value MUST NOT be returned by a service provider in any form (the attribute characteristic "returned" is "never").

    • getEmails

      public List<Email> getEmails()
      Email addresses for the User. The value SHOULD be specified according to [RFC5321]. Service providers SHOULD canonicalize the value according to [RFC5321], e.g., "bjensen@example.com" instead of "bjensen@EXAMPLE.COM". The "display" sub-attribute MAY be used to return the canonicalized representation of the email value. The "type" sub-attribute is used to provide a classification meaningful to the (human) user. The user interface should encourage the use of basic values of "work", "home", and "other" and MAY allow additional type values to be used at the discretion of SCIM clients.

    • setEmails

      public void setEmails(List<Email> emails)
      Email addresses for the User. The value SHOULD be specified according to [RFC5321]. Service providers SHOULD canonicalize the value according to [RFC5321], e.g., "bjensen@example.com" instead of "bjensen@EXAMPLE.COM". The "display" sub-attribute MAY be used to return the canonicalized representation of the email value. The "type" sub-attribute is used to provide a classification meaningful to the (human) user. The user interface should encourage the use of basic values of "work", "home", and "other" and MAY allow additional type values to be used at the discretion of SCIM clients.

    • addEmail

      public void addEmail(Email email)
      Email addresses for the User. The value SHOULD be specified according to [RFC5321]. Service providers SHOULD canonicalize the value according to [RFC5321], e.g., "bjensen@example.com" instead of "bjensen@EXAMPLE.COM". The "display" sub-attribute MAY be used to return the canonicalized representation of the email value. The "type" sub-attribute is used to provide a classification meaningful to the (human) user. The user interface should encourage the use of basic values of "work", "home", and "other" and MAY allow additional type values to be used at the discretion of SCIM clients.

    • getPhoneNumbers

      public List<PhoneNumber> getPhoneNumbers()
      Phone numbers for the user. The value SHOULD be specified according to the format defined in [RFC3966], e.g., 'tel:+1-201-555-0123'. Service providers SHOULD canonicalize the value according to [RFC3966] format, when appropriate. The "display" sub-attribute MAY be used to return the canonicalized representation of the phone number value. The sub-attribute "type" often has typical values of "work", "home", "mobile", "fax", "pager", and "other" and MAY allow more types to be defined by the SCIM clients.

    • setPhoneNumbers

      public void setPhoneNumbers(List<PhoneNumber> phoneNumbers)
      Phone numbers for the user. The value SHOULD be specified according to the format defined in [RFC3966], e.g., 'tel:+1-201-555-0123'. Service providers SHOULD canonicalize the value according to [RFC3966] format, when appropriate. The "display" sub-attribute MAY be used to return the canonicalized representation of the phone number value. The sub-attribute "type" often has typical values of "work", "home", "mobile", "fax", "pager", and "other" and MAY allow more types to be defined by the SCIM clients.

    • addPhoneNumber

      public void addPhoneNumber(PhoneNumber phoneNumber)
      Phone numbers for the user. The value SHOULD be specified according to the format defined in [RFC3966], e.g., 'tel:+1-201-555-0123'. Service providers SHOULD canonicalize the value according to [RFC3966] format, when appropriate. The "display" sub-attribute MAY be used to return the canonicalized representation of the phone number value. The sub-attribute "type" often has typical values of "work", "home", "mobile", "fax", "pager", and "other" and MAY allow more types to be defined by the SCIM clients.

    • getIms

      public List<Ims> getIms()
      Instant messaging address for the user. No official canonicalization rules exist for all instant messaging addresses, but service providers SHOULD, when appropriate, remove all whitespace and convert the address to lowercase. The "type" sub-attribute SHOULD take one of the following values: "aim", "gtalk", "icq", "xmpp", "msn", "skype", "qq", "yahoo", or "other" (representing currently popular IM services at the time of this writing). Service providers MAY add further values if new IM services are introduced and MAY specify more detailed canonicalization rules for each possible value.

    • setIms

      public void setIms(List<Ims> ims)
      Instant messaging address for the user. No official canonicalization rules exist for all instant messaging addresses, but service providers SHOULD, when appropriate, remove all whitespace and convert the address to lowercase. The "type" sub-attribute SHOULD take one of the following values: "aim", "gtalk", "icq", "xmpp", "msn", "skype", "qq", "yahoo", or "other" (representing currently popular IM services at the time of this writing). Service providers MAY add further values if new IM services are introduced and MAY specify more detailed canonicalization rules for each possible value.

    • addIms

      public void addIms(Ims ims)
      Instant messaging address for the user. No official canonicalization rules exist for all instant messaging addresses, but service providers SHOULD, when appropriate, remove all whitespace and convert the address to lowercase. The "type" sub-attribute SHOULD take one of the following values: "aim", "gtalk", "icq", "xmpp", "msn", "skype", "qq", "yahoo", or "other" (representing currently popular IM services at the time of this writing). Service providers MAY add further values if new IM services are introduced and MAY specify more detailed canonicalization rules for each possible value.

    • getPhotos

      public List<Photo> getPhotos()
      A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) that points to a resource location representing the user's image. The resource MUST be a file (e.g., a GIF, JPEG, or PNG image file) rather than a web page containing an image. Service providers MAY return the same image in different sizes, although it is recognized that no standard for describing images of various sizes currently exists. Note that this attribute SHOULD NOT be used to send down arbitrary photos taken by this user; instead, profile photos of the user that are suitable for display when describing the user should be sent. Instead of the standard canonical values for type, this attribute defines the following canonical values to represent popular photo sizes: "photo" and "thumbnail".

    • setPhotos

      public void setPhotos(List<Photo> photos)
      A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) that points to a resource location representing the user's image. The resource MUST be a file (e.g., a GIF, JPEG, or PNG image file) rather than a web page containing an image. Service providers MAY return the same image in different sizes, although it is recognized that no standard for describing images of various sizes currently exists. Note that this attribute SHOULD NOT be used to send down arbitrary photos taken by this user; instead, profile photos of the user that are suitable for display when describing the user should be sent. Instead of the standard canonical values for type, this attribute defines the following canonical values to represent popular photo sizes: "photo" and "thumbnail".

    • addPhoto

      public void addPhoto(Photo photo)
      A URI that is a uniform resource locator (as defined in Section 1.1.3 of [RFC3986]) that points to a resource location representing the user's image. The resource MUST be a file (e.g., a GIF, JPEG, or PNG image file) rather than a web page containing an image. Service providers MAY return the same image in different sizes, although it is recognized that no standard for describing images of various sizes currently exists. Note that this attribute SHOULD NOT be used to send down arbitrary photos taken by this user; instead, profile photos of the user that are suitable for display when describing the user should be sent. Instead of the standard canonical values for type, this attribute defines the following canonical values to represent popular photo sizes: "photo" and "thumbnail".

    • getAddresses

      public List<Address> getAddresses()
      A physical mailing address for this user. Canonical type values of "work", "home", and "other". This attribute is a complex type with the following sub-attributes. All sub-attributes are OPTIONAL.

    • setAddresses

      public void setAddresses(List<Address> addresses)
      A physical mailing address for this user. Canonical type values of "work", "home", and "other". This attribute is a complex type with the following sub-attributes. All sub-attributes are OPTIONAL.

    • addAddress

      public void addAddress(Address address)
      A physical mailing address for this user. Canonical type values of "work", "home", and "other". This attribute is a complex type with the following sub-attributes. All sub-attributes are OPTIONAL.

    • getGroups

      public List<GroupNode> getGroups()
      A list of groups to which the user belongs, either through direct membership, through nested groups, or dynamically calculated. The values are meant to enable expression of common group-based or role-based access control models, although no explicit authorization model is defined. It is intended that the semantics of group membership and any behavior or authorization granted as a result of membership are defined by the service provider. The canonical types "direct" and "indirect" are defined to describe how the group membership was derived. Direct group membership indicates that the user is directly associated with the group and SHOULD indicate that clients may modify membership through the "Group" resource. Indirect membership indicates that user membership is transitive or dynamic and implies that clients cannot modify indirect group membership through the "Group" resource but MAY modify direct group membership through the "Group" resource, which may influence indirect memberships. If the SCIM service provider exposes a "Group" resource, the "value" sub-attribute MUST be the "id", and the "$ref" sub-attribute must be the URI of the corresponding "Group" resources to which the user belongs. Since this attribute has a mutability of "readOnly", group membership changes MUST be applied via the "Group" Resource (Section 4.2). This attribute has a mutability of "readOnly".

    • setGroups

      public void setGroups(List<GroupNode> groups)
      A list of groups to which the user belongs, either through direct membership, through nested groups, or dynamically calculated. The values are meant to enable expression of common group-based or role-based access control models, although no explicit authorization model is defined. It is intended that the semantics of group membership and any behavior or authorization granted as a result of membership are defined by the service provider. The canonical types "direct" and "indirect" are defined to describe how the group membership was derived. Direct group membership indicates that the user is directly associated with the group and SHOULD indicate that clients may modify membership through the "Group" resource. Indirect membership indicates that user membership is transitive or dynamic and implies that clients cannot modify indirect group membership through the "Group" resource but MAY modify direct group membership through the "Group" resource, which may influence indirect memberships. If the SCIM service provider exposes a "Group" resource, the "value" sub-attribute MUST be the "id", and the "$ref" sub-attribute must be the URI of the corresponding "Group" resources to which the user belongs. Since this attribute has a mutability of "readOnly", group membership changes MUST be applied via the "Group" Resource (Section 4.2). This attribute has a mutability of "readOnly".

    • addGroup

      public void addGroup(GroupNode group)
      A list of groups to which the user belongs, either through direct membership, through nested groups, or dynamically calculated. The values are meant to enable expression of common group-based or role-based access control models, although no explicit authorization model is defined. It is intended that the semantics of group membership and any behavior or authorization granted as a result of membership are defined by the service provider. The canonical types "direct" and "indirect" are defined to describe how the group membership was derived. Direct group membership indicates that the user is directly associated with the group and SHOULD indicate that clients may modify membership through the "Group" resource. Indirect membership indicates that user membership is transitive or dynamic and implies that clients cannot modify indirect group membership through the "Group" resource but MAY modify direct group membership through the "Group" resource, which may influence indirect memberships. If the SCIM service provider exposes a "Group" resource, the "value" sub-attribute MUST be the "id", and the "$ref" sub-attribute must be the URI of the corresponding "Group" resources to which the user belongs. Since this attribute has a mutability of "readOnly", group membership changes MUST be applied via the "Group" Resource (Section 4.2). This attribute has a mutability of "readOnly".

    • getEntitlements

      public List<Entitlement> getEntitlements()
      A list of entitlements for the user that represent a thing the user has. An entitlement may be an additional right to a thing, object, or service. No vocabulary or syntax is specified; service providers and clients are expected to encode sufficient information in the value so as to accurately and without ambiguity determine what the user has access to. This value has no canonical types, although a type may be useful as a means to scope entitlements.

    • setEntitlements

      public void setEntitlements(List<Entitlement> entitlements)
      A list of entitlements for the user that represent a thing the user has. An entitlement may be an additional right to a thing, object, or service. No vocabulary or syntax is specified; service providers and clients are expected to encode sufficient information in the value so as to accurately and without ambiguity determine what the user has access to. This value has no canonical types, although a type may be useful as a means to scope entitlements.

    • addEntitlement

      public void addEntitlement(Entitlement entitlement)
      A list of entitlements for the user that represent a thing the user has. An entitlement may be an additional right to a thing, object, or service. No vocabulary or syntax is specified; service providers and clients are expected to encode sufficient information in the value so as to accurately and without ambiguity determine what the user has access to. This value has no canonical types, although a type may be useful as a means to scope entitlements.

    • getRoles

      public List<PersonRole> getRoles()
      A list of roles for the user that collectively represent who the user is, e.g., "Student", "Faculty". No vocabulary or syntax is specified, although it is expected that a role value is a String or label representing a collection of entitlements. This value has no canonical types.

    • setRoles

      public void setRoles(List<PersonRole> personRoles)
      A list of roles for the user that collectively represent who the user is, e.g., "Student", "Faculty". No vocabulary or syntax is specified, although it is expected that a role value is a String or label representing a collection of entitlements. This value has no canonical types.

    • addRole

      public void addRole(PersonRole personRole)
      A list of roles for the user that collectively represent who the user is, e.g., "Student", "Faculty". No vocabulary or syntax is specified, although it is expected that a role value is a String or label representing a collection of entitlements. This value has no canonical types.

    • getX509Certificates

      public List<ScimX509Certificate> getX509Certificates()
      A list of certificates associated with the resource (e.g., a User). Each value contains exactly one DER-encoded X.509 certificate (see Section 4 of [RFC5280]), which MUST be base64 encoded per Section 4 of [RFC4648]. A single value MUST NOT contain multiple certificates and so does not contain the encoding "SEQUENCE OF Certificate" in any guise.

    • setX509Certificates

      public void setX509Certificates(List<ScimX509Certificate> x509Certificates)
      A list of certificates associated with the resource (e.g., a User). Each value contains exactly one DER-encoded X.509 certificate (see Section 4 of [RFC5280]), which MUST be base64 encoded per Section 4 of [RFC4648]. A single value MUST NOT contain multiple certificates and so does not contain the encoding "SEQUENCE OF Certificate" in any guise.

    • addX509Certificate

      public void addX509Certificate(ScimX509Certificate x509Certificate)
      A list of certificates associated with the resource (e.g., a User). Each value contains exactly one DER-encoded X.509 certificate (see Section 4 of [RFC5280]), which MUST be base64 encoded per Section 4 of [RFC4648]. A single value MUST NOT contain multiple certificates and so does not contain the encoding "SEQUENCE OF Certificate" in any guise.

    • getEnterpriseUser

      public Optional<EnterpriseUser> getEnterpriseUser()
      The following SCIM extension defines attributes commonly used in representing users that belong to, or act on behalf of, a business or enterprise. The enterprise User extension is identified using the following schema URI: "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User".

    • setEnterpriseUser

      public void setEnterpriseUser(EnterpriseUser enterpriseUser)
      The following SCIM extension defines attributes commonly used in representing users that belong to, or act on behalf of, a business or enterprise. The enterprise User extension is identified using the following schema URI: "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User".

    • builder

      public static User.UserBuilder builder()