×

IDMWORKS Blog

Hitachi ID SOAP Web Services API – Calling The Login Function Using Python


One of the many exciting features of the Hitachi ID Identity and Access Management (IAM) Suite is the web services API which is accessible using SOAP over HTTPS with a WSDL specification. This API allows other enterprise applications to access workflow request queue, user data and resources that exist within an instance of the Hitachi ID IAM suite.

Furthermore, other request management management systems may call into a Hitachi ID Identity and Access Management Suite web service to submit access requests, such as creating a new user, granting or revoking access, scheduling or triggering immediate deactivation, performing updates to attributes like name, location or department and much more.

This article discusses the Login function which is exposed by the API and how python scripting can be used to access it. For more information on the exposed operations/functions see the Hitachi ID IDAPI documentation.

Purpose
In order to make multiple SOAP calls to the Hitachi ID web services, the Login function is required so as to establish a session on the Hitachi ID Server with a supplied ID and Password. The login process uses the authentication list configured through the PSA console. Below is the general form of the input and output for a login function

Request:

Response:

Prerequisite
● Hitachi ID Suite 10.x and above
● Python

Process
Setup API SOAP Service(idapisoap) – This service provides access to the Hitachi ID Suite API Service(idapi) with the WWS web service API. It is automatically installed and started on the Hitachi ID Suite server during setup. For more information on this refer to the Hitachi ID IDAPI documentation

Confirm that WSDL is accessible –  Launch a compatible browser on the Hitachi ID Suite Server and navigate to the following URL : http://<ServerName>/<instanceName>/idapi/wsdl . The web service WSDL should be returned confirming that the SOAP service is running.

Create a user with IDAPI Caller privilege – This user account will be used to authenticate into the instance of the Hitachi ID Suite hosting the Web service.

IDAPI SOAP User Configuration Page

Execute the following Python script

Once the Login function is successfully called, a session data is returned which can then be used in subsequent operations as shown in the logout function  code above.

Conclusion
The Web Service API could be further programmed to filter incoming Web Service calls based on the user making the call or operations being requested,  applications making the call and more.

Questions, comments or concerns? Feel free to reach out to us below, or email us at IDMWORKS to learn more about how you can protect your organization and customers.

Leave a Reply

Your email address will not be published. Required fields are marked *