Easy to use Python client for IBM Security Identity Manager (ISIM/ITIM) web services (SOAP and REST APIs)
Project description
PyISIM
Python client for IBM Security Identity Manager (ISIM / ITIM) web services (SOAP and REST APIs)
Tested on ISIM 7.0.1 FP13 and ISIM 7.0.2 FP2
Due to API limitations some functionalities are served through ISIM's REST API and some other through ISIM SOAP Web Services.
Docs
You can read the full documentation here
Examples
Look for the tests/ folder in our Github repo to see some more detailed examples.
- Login
from pyisim.auth import Session
user="itim manager"
password="secret"
cert="./my_certificate.cer"
url="iam.isim.com"
sess=Session(url,user,password,cert)
Every example after assumes you have already a valid Session object named sess
- Creating people
from pyisim.entities import Person
info_persona={
"employeenumber": "1015463230",
"correo": "cazdlt@gmail.com",
"title": "Especialista de producto",
"departmentnumber":"IBM",
}
persona = Person(sess, person_attrs=info_persona)
persona.add(sess,"my org","my justification")
- Modifying people
from pyisim import search
persona = search.people(sess,Person,"employeenumber","1015463230",limit=1)[0]
persona.title="CEO"
persona.modify(sess,"my justification")
- Custom Person/BPPerson entities
from pyisim import Person
from pyisim import search
class MyBPPerson(Person):
profile_name="BPPerson"
def __init__(self,info,first_name=None):
if first_name is None:
first_name = "Andrés"
info["givenname"] = first_name
super().__init__(person_attrs=info)
MyBPPerson({"sn":"Zamora"}).add(sess,"my org","New BPPerson")
- Access request
from pyisim import search
accesses=search.access(sess,search_filter="*Consulta*",limit=5)
person=search.people(session,by="givenname",search_filter="Juan",limit=1)[0]
person.request_access(session,accesses,"justification")
- Approve activity
request_id="9585474949338"
actividad=search.activities(session,by="requestId",search_filter=request_id,limit=1)[0]
actividad.complete(sess,"approve","justification")
- Fulfill RFI
request_id="123483274614"
form=[
{
"name":"description",
"value":[dn_rol],
},
...
]
actividad=search.activities(session,by="requestId",search_filter=request_id)[0]
actividad.complete(sess,form,"justification")
- Update property files (ISIM VA)
from pyisim.va.auth import VASession
from pyisim.va.configure import update_property
u="admin@local"
p="secret"
url="iam.isimva.com"
cert="./mycert.cer"
s=VASession(u,p,url,cert)
property_file="CustomLabels.properties"
property_name="scriptframework.properties"
property_value="ITIM.java.access.util"
update_property.create_or_update_property(s,property_file,property_name,property_value)
Functionalities
| Entities\Operations | Search | DN Lookup | Add | Delete | Suspend | Restore | Modify |
|---|---|---|---|---|---|---|---|
| People | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Dynamic Roles | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| Static Roles | ✓ | ✓ | ✓ | ✓ | ✓ | ||
| Provisioning Policies | ✓ | ✓ | ✓ | ✓ | |||
| Activities | ✓ | (Complete) | |||||
| Organizational Containers | ✓ | ✓ | |||||
| Services | ✓ | ||||||
| Access | ✓ | (Request) | |||||
| Groups | ✓ | ||||||
| Accounts | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ (and orphan) |
- ISIM VA Utilities:
- Authentication
- Create/Search/Update property files
TODO
in priority order
- Add access href lookup (to ease response reading)
- Add operations to services
- DN Lookup
- Add
- Modify
- Delete
- Test connection
- Add some complex use cases to the documentation
- Fix formatting (use snake_case, use english) on the client classes (soap.py, rest.py)
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
pyisim-0.3.0.tar.gz
(28.4 kB
view hashes)
Built Distribution
pyisim-0.3.0-py3-none-any.whl
(34.3 kB
view hashes)
