Tuesday, May 7, 2013

OIM SPML Java Code for Searching User

SPML wsdl URL: http://oimhost:oimport/spml-xsd/SPMLService?wsdl

The XSD (oracle_common_pso.xsd) is available at:$OIM_HOME/features/spml-xsd.jar

Perform the following to ensure that SPML works with Oracle Identity Manager:

  • Need to assign required roles to SPML Admin user
  • The SPML Admin admin role has the following permissions:

    • Create, modify, and delete users via request
    • Search users on all the attributes
    • Enable user status via request
    • Disable user status via request
    • Add role memberships via request
    • Delete role memberships via request
    • Search roles on all the attributes
    • Create, modify, and delete roles via request
  • Login to OIM Identity Console --> Create New User --> 
SPML has two profiles: the XSD profile and the DSML profile. In 11g R2 PS1 it makes use of the XSD profile.

Creating SPML Admin User: 

1) Login to Identity Console and create new user(spmladmin)
2) Open TOP Organization --> Click on Admin Roles --> SPML Admin --> Add to created user 
3) Check Include Sub-orgs check box and apply 

Creating Auto Approval Policy :

Auto Approval is required so that SPML requests are auto approved. 

  • Create user request level
  • Create user operation level
  • Modify user request level
  • Modify user operation level
  • Delete user request level
  • Delete user operation level
  • Enable user request level
  • Enable user operation level
  • Disable user request level
  • Disable user operation level
  • Assign roles request level
  • Assign roles operation level
  • Remove roles request level
  • Remove roles operation level
  • Create role request level
  • Modify role request level
  • Delete role request level

Oracle Identity Manager 11g Release 2 ( does not support the following SPML operations as part of the XSD profile:

Search user
Search role
Any operation, such as create, modify, delete, or search, on organizations

SPML Important API: 

Sample Code for Searching:


    1. Am trying similar code for add role membership to a user, but failing saying role capability data missing
      Did you try this?

    2. Hi NVK,

      Do you have detailed error??


    3. Bhanuchandar BobbiliJuly 7, 2014 at 8:16 AM

      Hi team.. I think SPML does not support SEARCHING a USER or ROLE.. It just validates the Username availability.... Even if it searches document does not have any
      "SPML Core Service" for searching a user!!!!


    Other Posts