I am writing some scripts for validating IDM functionality (e.g create user, search user, etc.) in Groovy and wanted to be able to run them offline. Is there a way to use the openidm. with authentication in a local script using the groovy runtime. E.g. do i need to authenticate / get token ahead of executing script? Was searching for some examples but could not find an example local groovy script library for testing purposes. Also, wanted this local so can run unit tests against them for validating scripts before pushing to environment.
If you’re leveraging the IDM REST API for user management, you can effectively validate IDM functionality using Groovy scripts in an offline, local environment. To achieve this, you will first need to authenticate before executing your script and acquire a valid access token, which is essential for making authenticated requests to IDM.
Once you’ve obtained the access token, you can use it in your subsequent API requests, enabling you to authenticate and execute actions such as user creation, user searches, and more.
Also, I am reaching out to our internal teams, who have greater expertise with Groovy, to see if we have any readily available sample scripts or a best practices approach that we can provide to assist you further in this process.
I’ve been actively searching for a suitable Groovy script for offline use and testing within our support and engineering teams but so far, we haven’t found one that suits your requirements. However, I will continue to explore our internal resources.
In the interim, may I recommend considering the option of raising a support ticket? Our support team is well-equipped with the expertise and tools needed to conduct a thorough investigation into your request.
Some thought @nick.hunt after reading carefully again the question. I do understand that you will be installing a local IDM environment (so what you mean by 'offline"), with configuration close enough to the upper environment. If the goal is to test IDM user management functionality only (not necessarily authentication), so you may opt for a non platform deployment - unless you need to test functionality dealing with AM/IDM integration. So if purely user management then you could just have a standalone IDM, with static authentication (e.g openidm-admin) - using the X-Openidm-Password and -Username headers. Then use of groovyx.net.http.RESTClient should be pretty easy.
If there is a strong requirement to test against a platform deployment, then you would need to obtain the access token - essentially using a credentials grant flow. I don’t know of any readily Groovy sample that you could use - however it’s not really difficult (I have developed a Ruby one for myself to provision users in Identity Cloud) - and ForgeRock makes available a postman collection (for Identity Cloud) that demonstrates various OAuth2 flows - which should be helpful as a reference to transpose to a Groovy script. The collection: Identity Cloud Postman collection :: ForgeRock Identity Cloud Docs → folder OAuth 2.0 Flows. The tricky part though is to design the test bed to renew the access token when expired (e.g catching a 401 response) - which I handle automatically with the Ruby script - let me know if you are interested.
Is more running the scripts offline getting the data mappings and returns to the ICF connector interfaces. i need to be able to run everything locally / offline to make sure is getting / setting the right data so am trying to find a solution to run them. Also, for my automated testing / deployment management, want to be able to mock things so can run / test validated responses before I push into my environment.