A web services API is exposed by Hitachi ID Identity and Access Management Suite, allowing other applications to access the workflow request queue and data about users and resources.

The API is accessed using SOAP over HTTPS with a WSDL specification. It is accessible from a wide range of platforms, including Windows and Unix, .NET and J2EE, Perl, Python and PHP, etc.

The Hitachi ID Identity and Access Management Suite API supports a wide range of operations, including:

  • Submitting new workflow requests. This includes requests to:
    • Create new user profiles.
    • Add login accounts to new or existing profiles.
    • Add users to or remove users from managed groups.
    • Assign roles to users or remove roles from users.
    • Get or set user identity attributes.
  • Initiating certification campaigns.
  • Searching for users, groups or roles matching specified criteria.
  • Creating, updating or deleting roles and SoD policies.
  • Getting or changing the set of authorizers attached to a request.
  • Approving or denying requests.
  • Enumerating users per entitlement or entitlements per user.
  • Running any report and consuming its output in a streamed format (e.g., orphan/dormant accounts, stale workflow requests, SoD violations, etc.).
  • Performing a variety of Hitachi ID Identity and Access Management Suite configuration tasks.