.Identity Management JSON-RPC API available as Technology Preview
An API is available for Identity Management (IdM). To view the API, IdM also provides an API browser as Technology Preview.
In Red Hat Enterprise Linux 7.3, the IdM API was enhanced to enable multiple versions of API commands. Previously, enhancements could change the behavior of a command in an incompatible way. Users are now able to continue using existing tools and scripts even if the IdM API changes. This enables:
* Administrators to use previous or later versions of IdM on the server than on the managing client.
* Developers to use a specific version of an IdM call, even if the IdM version changes on the server.
In all cases, the communication with the server is possible, regardless if one side uses, for example, a newer version that introduces new options for a feature.
For details on using the API, see the related link:https://access.redhat.com/articles/2728021[Knowlegdebase article].
As a Developer of a Product, I want to call a specific version of API call, without being affected by higher or lower version of the IdM server than my testing instance so that the Product is not dependent on a specific IdM server version and respective changes
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. run any 'ipa' command from client newer than an IPA server. E.g. user-find
There is only "one" API, API version is used only for rejecting request and not managing requests.
Client can call API with API version specified. Server will respond according to the specified version(different output/required params, etc.).
The supported versions are yet to be determined.
Possibly related upstream tickets:
Created attachment 1191258 [details]
Verified using IPA version ::
Marking RFE BZ as verified. There is a BZ1357488 opened which is related to this RFE.
This Bugzilla is being repurposed, to track global availability of the IdM Server API (as a Tech Preview).
This is the more general user story proposed for that purpose:
As a Developer, I want to communicate with IdM Server via stable API and without being affected by higher or lower version of the IdM server than my testing instance, so that the API call is not broken when used with different IdM servers.
This change in focus does not need any actual code changes, it is rather about making the support level of the IdM Server API explicit, tracked and reference-able in other bugs.
Please note, that the actual IdM Server API functionality is composed from several parts:
* IdM Server JSON-RPC API itself, as it was available since RHEL 7.0 (unsupported at all, available as Tech Preview since RHEL-7.3)
* IdM Server API browser (announced as Experimental in RHEL-7.2 in Bug 846033, moved to Tech Preview in RHEL-7.3 in Bug 1335567)
* IdM Server API documentation and guidance (based on https://vda.li/en/posts/2015/05/28/talking-to-freeipa-api-with-sessions/, DOC Bugzilla TBD).
(In reply to Martin Kosek from comment #13)
> * IdM Server JSON-RPC API itself, as it was available since RHEL 7.0
> (unsupported at all, available as Tech Preview since RHEL-7.3)
This is the part covered by this bug, including API versioning which was a prerequisite for productizing IdM Server API.
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.