问题描述
我需要知道是否有办法仅使用 SCIM api 使用电子邮件从数据块中删除用户?目前我可以看到它只能通过ID删除用户,这意味着我需要先检索用户的ID,然后再使用它来删除。
我正在使用 powershell 中的这个 api 通过电子邮件删除用户。
https://docs.microsoft.com/en-us/azure/databricks/dev-tools/api/latest/scim/scim-users
解决方法
如果您查看 SCIM 用户 REST API 的 Get Users command 文档,您会发现可以为其指定过滤条件。例如,要查找特定用户,您可以过滤 userName 属性,如下所示:
GET /api/2.0/preview/scim/v2/Users?filter=userName+eq+example@databricks.com HTTP/1.1
Host: <databricks-instance>
Accept: application/scim+json
Authorization: Bearer dapi48…a6138b
它将返回 Resources 部分中的项目列表,您可以从中提取可用于删除操作的用户 ID:
{
"totalResults": 1,"startIndex": 1,"itemsPerPage": 1,"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],"Resources": [
{
"id": "8679504224234906","userName": "example@databricks.com","emails": [
{
"type": "work","value": "example@databricks.com","primary": true
}
],"entitlements": [
{
"value": "allow-cluster-create"
},{
"value": "databricks-sql-access"
},{
"value": "workspace-access"
}
],"displayName": "User 1","name": {
"familyName": "User","givenName": "1"
},"externalId": "12413","active": true,"groups": [
{
"display": "123","type": "direct","value": "13223","$ref": "Groups/13223"
}
]
}
]
}