UDM objects

4.2. UDM objects#

UDM objects are an internal representation of directory object data generated by the corresponding UDM module. For transfer from one service to another, it’s often encoded in JSON format. Various components within Nubus use UDM objects. For information about fields, types, and consumers, see the following sections.

For information about UDM object fields and types, see UDM objects fields and types in Nubus - Customization and Modification Manual [8].

4.2.1. Consumers of UDM objects#

Fig. 4.1 shows the functional components that consume UDM objects.

  1. Management UI

  2. Authorization Service

  3. Portal Service

  4. Directory Manager

  5. Provisioning Service

  6. IAM Connector

The functional components use UDM objects for the following purposes:

  • Support authorization decisions for an actor through the Authorization Service.

  • Read user data information in the Portal Service.

  • Write directory objects from UDM objects through the UDM HTTP REST API.

  • Deliver object data to consumers through the Provisioning Service.

  • Read and change user objects through the UDM Library in the End User Self Service.

  • Create, read, update, and delete user and group objects through the UDM Library in the Management UI.

  • Create, read, update, and delete user and group objects through the UDM HTTP REST API in the Nubus Directory Importer.

Functional components using UDM objects

Fig. 4.1 Functional components using UDM objects#

4.2.2. Functions for the UDM object#

Fig. 4.2 goes one level deeper and shows the actual behavior within the functional components that use the UDM objects. The UDM Library is the central component. It transforms UDM objects to and from directory objects and it applies business logic before writing to the Directory Service. The following application functions use the UDM objects from the UDM Library:

  • CRUD operations for UDM objects in the UDM HTTP REST API in the Directory Manager.

  • Transform directory objects to UDM objects in the UDM Transformer of the Provisioning Service.

  • Create, read, update, and delete user and group objects in the Management UI.

The UDM HTTP REST API offers UDM objects through it’s CRUD operations for UDM objects to the following application functions:

  • Retrieve attributes of actor and target in the Guardian Authorization HTTP REST API of the Authorization Service

  • The Portal Consumer of the Portal Service.

  • Populate initial data for each consumer in the Prefill Service of the Provisioning Service.

  • Import objects to Directory Manager in the Nubus Directory Importer.

Overview of functions for the UDM object

Fig. 4.2 Overview of functions for the UDM object#

See also

Management UI in the functional components section

for information about internal components and behavior of the Management UI.

Authorization Service in the functional components section

for information about internal components and behavior of the Authorization Service.

Portal Service in the functional components section

for information about internal components and behavior of the Portal Service.

Directory Manager in the functional components section

for information about internal components and behavior of the Directory Manager.

Provisioning Service in the functional components section

for information about internal components and behavior of the Provisioning Service.

IAM Connector in the functional components section

for information about internal components and behavior of the IAM Connector.

On this page