Optimizing the API Calls

In all GET methods, you can optimize the REST API calls to fetch only the required information (such as name, description and id of the entity) by including or excluding attributes from the response.

This reduces the number of required internal API calls.

For further information, see section 3.4.2.5 of the RFC7644 specification.

Note: The 'include' and 'exclude' attribute query parameters are mutually exclusive so only one can be used in a request.

Include the Required Attributes

You can specify the attributes to return in the response which will override the default set of attributes defined for the resource.

The returned response will only contain the:

  • Attributes with the schema 'returned' setting defined as 'always'

  • Attributes specified as included

The attributes query parameter can be used on all the SCIM endpoints and you can specify nearly all the attributes in the schema.

To include multiple attributes, separate each one by a comma and a space , .

Exclude the Unnecessary Attributes

You can specify the attributes to be excluded from the response, removing them from the default set of attributes defined for the resource.

The returned response will only contain the:

  • Attributes with the schema 'returned' setting defined as 'always'

  • Reduced set of attributes (that is, the default set without the excluded attributes)

The excludedAttributes query parameter can be used on all the SCIM endpoints and you can specify nearly all the attributes in the schema.

To exclude multiple attributes, separate each one by a comma and a space , .

Note: The excludedAttributes parameter cannot be applied to attributes with the schema 'returned' setting defined as 'always'.

In the returned GET all list, you can then trigger a new REST API call to get a specific entity.

The following table provides further examples of API call optimizations:

Method Attributes to exclude

GET /configuration/<tenant>/v2/Policy/Authenticator

  • deliveryGateway

  • allowedForUserTypes

GET /configuration/<tenant>/v2/Policy/Authenticator/<uid>

  • deliveryGateway

  • allowedForUserTypes

GET /configuration/<tenant>/v2/Device/Type adapterParameters
GET /configuration/<tenant>/v2/Credential/Type adapterParameters

GET /scim/<tenant>/v2/Users

  • groups

  • roles

  • urn:hid:scim:api:idp:2.0:UserAuthenticator

  • urn:hid:scim:api:idp:2.0:UserDevice

POST /scim/<tenant>/v2/Users/.search

  • groups

  • roles

  • urn:hid:scim:api:idp:2.0:UserAuthenticator

  • urn:hid:scim:api:idp:2.0:UserDevice