Name | Type | Multiplicity | Description |
---|---|---|---|
name |
property PolyStringType |
[0,1] | Human-readable, mutable name of the object. |
description |
property string |
[0,1] | Free-form textual description of the object. |
documentation |
property string |
[0,1] | AsciiDoc-formatted technical documentation of the object. |
subtype |
property string |
[0,-1] | Type of the object. |
fetchResult |
property OperationResultType |
[0,1] | Result of the operation that fetched this instance of the object. |
extension |
container ExtensionType |
[0,1] | Extension container that provides generic extensibility mechanism. |
parentOrgRef |
reference ObjectReferenceType |
[0,-1] | Set of the orgs (organizational units, projects, teams) that the object relates to. |
trigger |
container TriggerType |
[0,-1] | Triggers for this object. |
metadata |
container MetadataType |
[0,1] | Meta-data about object creation, modification, etc. |
tenantRef |
reference ObjectReferenceType |
[0,1] | Reference to the tenant to which this object belongs. |
lifecycleState |
property string |
[0,1] | Lifecycle state of the object. |
operationExecution |
container OperationExecutionType |
[0,-1] | Description of recent operations executed on this object (or related objects in special cases). |
lensContext |
container LensContextType |
[0,1] | Model context describing executed operation |
policySituation |
property anyURI |
[0,-1] | The policy situation(s) of this object. |
triggeredPolicyRule |
property EvaluatedPolicyRuleType |
[0,-1] | Triggered policy rules for this assignment. |
policyException |
container PolicyExceptionType |
[0,-1] | Recorded exception from a policy rule. |
diagnosticInformation |
property DiagnosticInformationType |
[0,-1] | Diagnostic information attached to this object. |
indestructible |
property boolean |
[0,1] | Protection against accidental deletion. |
resourceRef |
reference ObjectReferenceType |
[0,1] | Reference to a resource that this resource object shadow belongs to. |
shadowLifecycleState |
property ShadowLifecycleStateType |
[0,1] | The state in the shadow lifecycle. |
dead |
property boolean |
[0,1] | Description of operation during the processing of account failed. |
pendingOperation |
container PendingOperationType |
[0,-1] | Description of an operation which which execution is pending for this shadow. |
synchronizationSituation |
property SynchronizationSituationType |
[0,1] | The most recent synchronization situation. |
synchronizationTimestamp |
property dateTime |
[0,1] | The timestamp of the most recent synchronization. |
fullSynchronizationTimestamp |
property dateTime |
[0,1] | The timestamp of the most recent full synchronization. |
synchronizationSituationDescription |
property SynchronizationSituationDescriptionType |
[0,-1] | Complex description of synchronization situations. |
correlation |
container ShadowCorrelationStateType |
[0,1] | State of the shadow correlation process. |
objectClass |
property QName |
[0,1] | The reference to a type definition for this object. |
primaryIdentifierValue |
property string |
[0,1] | Value of the primary (unique) identifier; converted to a string if it's of a different type. |
auxiliaryObjectClass |
property QName |
[0,-1] | The reference to additional type definitions for this object. |
kind |
property ShadowKindType |
[0,1] | Kind of a shadow. |
intent |
property string |
[0,1] | The intended usage type or purpose of the object. |
tag |
property string |
[0,1] | Tag value used to discriminate multiple accounts that have the same resource+kind+intent combination. |
protectedObject |
property boolean |
[0,1] | Protected shadows cannot be changed. |
ignored |
property boolean |
[0,1] | Ignored shadows will not be processed during synchronization. |
assigned |
property boolean |
[0,1] | Set to true if the object is "legally" assigned, i. |
exists |
property boolean |
[0,1] | Set to true if the object is known to exist on the resource. |
iteration |
property int |
[0,1] | |
iterationToken |
property string |
[0,1] | |
attributes |
container ShadowAttributesType |
[0,1] | Attribute values from the resource. |
association |
container ShadowAssociationType |
[0,-1] | TODO |
activation |
container ActivationType |
[0,1] | TODO For more details see the ActivationType documentation. |
credentials |
container CredentialsType |
[0,1] | The set of account credentials (such as passwords). |
cachingMetadata |
property CachingMetadataType |
[0,1] | The shadow is essentially a bunch of metadata and cached data about the actual resource object. |
Flags: RAM,runtime
Multiplicity: [0,1]
Human-readable, mutable name of the object. It may also be an identifier (login name, group name). It is usually unique in the respective context of interpretation. E.g. the name of the UserType subtype is usually unique in the whole system. The name of the ShadowType subtype is usually unique in the scope of resource (target system) that it belongs to.
The name may not be human-readable in a sense to display to a common end-user. It is intended to be displayed to IDM system administrator. Therefore it may contain quite a "ugly" structures such as LDAP DN or URL.
Name is mutable. It is considered to be ordinary property of the object. Therefore it can be changed by invoking usual modifyObject operations. However, change of the name may have side effects (rename process).
Although name is specified as optional by this schema, it is in fact mandatory for most object types. The reason for specifying the name as optional is that the name may be generated by the system instead of supplied by the clients. However, all objects stored in the repository must have a name.
Flags: RAM,runtime
Multiplicity: [0,1]
Free-form textual description of the object. This is meant to be displayed in the user interface.
Flags: RAM,runtime
Multiplicity: [0,1]
AsciiDoc-formatted technical documentation of the object.
Flags: RAM,runtime
Multiplicity: [0,-1]
Type of the object. It is used to distinguish what a specific object represents. Whether it is a different kind of organizational unit, project, team, or different kind of user, etc.
Flags: RAM,runtime,oper
Multiplicity: [0,1]
Result of the operation that fetched this instance of the object. It is mostly used to indicate that the object is not complete or there is some problem with the object. This is used instead of exception if the object is part of larger structures (lists as in list/search operations or composite objects). If not present then the "SUCCESS" state is assumed.
This field is TRANSIENT. It must only be used in runtime. It should never be stored in the repository.
Flags: RAM,runtime
Multiplicity: [0,1]
Extension container that provides generic extensibility mechanism. Almost any extension property can be placed in this container. This mechanism is used to extend objects with new properties. The extension is treated exactly the same as other object properties by the code (storage, modifications, etc), except that the system may not be able to understand their meaning.
Flags: RAM,oper
Multiplicity: [0,-1]
Set of the orgs (organizational units, projects, teams) that the object relates to. This usually means that the object belongs to them but it may have other meanings as well (e.g. user manages an organizational unit).
Flags: RAM,runtime,oper
Multiplicity: [0,-1]
Triggers for this object. They drive invocations of corresponding trigger handlers at specified time.
Flags: RAM,runtime,oper
Multiplicity: [0,1]
Meta-data about object creation, modification, etc.
Flags: RAM,oper
Multiplicity: [0,1]
Reference to the tenant to which this object belongs. It is a computed value set automatically by midPoint. It is determined from the organizational structure. Even though this value is computed it is also stored in the repository due to performance reasons.
Flags: RAM,runtime
Multiplicity: [0,1]
Lifecycle state of the object. This property defines whether the object represents a draft, proposed definition, whether it is active, deprecated, and so on.
There are few pre-defined lifecycle states. But custom lifecycle states may also be defined. Pre-defined lifecycle states are:
Flags: RAM,runtime,oper
Multiplicity: [0,-1]
Description of recent operations executed on this object (or related objects in special cases). The number of operations to be kept here is configurable.
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime,oper
Multiplicity: [0,-1]
Flags: RAM,runtime,oper
Multiplicity: [0,-1]
Flags: RAM,runtime
Multiplicity: [0,-1]
Flags: RAM,runtime
Multiplicity: [0,-1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM
Multiplicity: [0,1]
Flags: RAM,runtime,AVals:7
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,-1]
Flags: RAM,runtime,AVals:5
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,-1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,-1]
Flags: RAM,runtime,AVals:4
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,-1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]
Flags: RAM,runtime
Multiplicity: [0,1]