Manage groups using Graph API
Create a group and associate it with an organization
POST /graph
{
"__objType": "ProfileGroup",
"name": "Employees",
"referenceFields": {
"__objType": "HashMap",
"Entries": [{
"__objType": "KeyValue",
"value": {
"__objType": "String",
"value": "${ORGANIZATION_ID}"
},
"key": {
"__objType": "String",
"value": "ref_Organization_id"
}
}]
},
"id": "a99f9f51-97cb-4486-86b9-2e08de5cfcd1",
"type": "employees"
}
Query all ProfileGroup objects associated with an organization
/graph/Organization[@id='ORG_ID']/~OneToMany/ProfileGroup
Add a user to an organization
This example adds a user to a profile group associated with an organization.
POST /graph
operation=AddToProfileGroups&profileId=$PROFILE_ID&profileGroupId=$PROFILE_GROUP_ID_1...&profileGroupId=$PROFILE_GROUP_ID_N&allowAlreadyAdded=false
-
You can repeat the profileGroupId parameter several times to add the user to several groups.
-
allowAlreadyAdded=false
makes sure that the same user is not added twice to the same group. Set the flag to true if you intentionally want to create duplicate group memberships. -
You can use the “Query all ProfileGroup objects related to an organization” query to determine the ProfileGroup id.
Remove a user from an organization
POST /graph
operation=RemoveUserFromOrganization&profileId=$PROFILE_ID&organizationId=$ORGANIZATION_ID
Or alternatively, remove from specific profile groups:
POST /graph
operation=RemoveFromProfileGroups&profileId=$PROFILE_ID&profileGroupId=$PROFILE_GROUP_ID_1...&profileGroupId=$PROFILE_GROUP_ID_N&allowAlreadyRemoved=true
-
You can repeat the profileGroupId parameter several times to remove the user from several groups.
-
allowAlreadyRemoved=true
controls whether or not the call returns an error if the user is not a member in the group specified in the call.
Accept or decline an organization group invitation
POST /graph HTTP/1.1
Host: INSERT_IDP_HOST
operation=AcceptOrganizationGroupInvitation&key=$INVITATION_TOKEN&invitationAction=$ACTION
-
$INVITATION_TOKEN
is the plain text secret delivered to the user. -
$ACTION
can take the valuesaccept
anddecline
.
Example:
POST /graph HTTP/1.1
Host: INSERT_IDP_HOST
operation=AcceptOrganizationGroupInvitation&key=tgo0dmo48jnd&invitationAction=accept