With the beta release of the REST API for the Univention Directory Manager (UDM), a preliminary version of the future standard interface for the integration of applications with the Univention directory service is available. In the following, I would like to give you a brief overview of the objectives and use cases regarding the current status of the API and encourage you to test it – we look forward to your feedback for further improvements for the final version!

What is the „UDM REST API“?

A “REST API” (also called “RESTful API”) is a web service that allows integration between applications.
The REST API of the Univention Directory Manager provides access to all contents of the Univention Corporate Server (UCS) directory service. Its functionality is therefore comparable to that of the already available and further existing scripting interfaces (e.g. the “udm” command line tool). In contrast to these, however, the API is accessible via the web through HTTPS and can be more easily integrated into existing applications using standardized data formats (JSON).

Who is supposed to use the “UDM REST API”?

Univention Directory Manager allows access to the content of the directory service while ensuring that the contents remain consistent and standard compliant. In UCS, therefore, any changes to the directory service are performed using UDM only.
With the REST API, this interface can now be more easily accessed by other systems or other software. We would especially like to facilitate the integration for the following scenarios:

Operators of UCS environments: Integration with existing systems

Use cases include the maintenance of user properties using information from human ressources (HR) systems or the comparison of computer objects with inventory solutions. Operators of an IT infrastructure benefit from using the REST API, as they have direct reading and writing access to UDM from the systems that are to be integrated.

Providers of apps in the Univention App Center: Integration of apps

Manufacturers of software solutions in the Univention App Center can access the directory service in a standardized way via the UDM REST API. The developers of the respective solution benefit from the standardized data models supported by many programming languages as well as from access via HTTPS. Implementations can take place directly in their familiar programming language, since there is no longer any dependency on the UDM Python interfaces.
Use cases include the query of information about the logged-on user or the maintenance of directory service contents that are derived from individual applications.

Simplifications within UCS product development:

For the future development of UCS we plan to increasingly rely on the REST API instead of the Python libraries which have previously been rolled out on every system. With this, we anticipate a reduction of risks by using different library versions in UCS environments, as well as simplifications in the integration with software of different programming languages.

Use UCS Core Edition for Free!

Download now
Ingo Steuwer

Using Linux since 1999, Ingo Steuwer started working at Univention in 2004. As Head of Product Management he focusses on the further development of UCS.

What's your opinion? Leave a comment!

Comments

  1. It appears that for the beta you need to enable the unmaintained repository to install dependencies python-mimeparse, python-python-genshi, otherwise you get apt error:

    Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming.
    The following information may help to resolve the situation:

    The following packages have unmet dependencies:
    univention-management-module-udm : Depends: python-mimeparse but it is not installable
    Depends: python-concurrent.futures but it is not installable
    E: Unable to correct problems, you have held broken packages.

    Reply
    • You’re right, thanks for the hint! I updated the article to include the needed step. This will not be needed for the final release.

      Reply
  2. Hello! Does the UDM REST API support Ansible?

    Reply
    • I’d say: yes and no.

      There are already Ansible integrations available for Univention instances, and even for Univention Directory Manager – see for example https://www.univention.com/blog-en/2016/10/ansible-modules-for-the-automation-of-ucs-specific-tasks/

      One of the main advantages of the REST API in contrast to the existing scripting and python APIs for UDM is the remote accessibility via HTTPS. As Ansible solves the remote execution by itself, it is not the first thing to combine with the REST API we are thinking about. But as most programming languages offer integration with REST APIs, it is also possible to integrate with Ansible, and once the final release of the REST API is available our support team can assist you in case an integration raises questions.

      Reply
  3. I seem to be running into an issue were if I try to reach the udm url I get asked for a username and password. Every time I try to use a Domain Admins account to login I get the error “Not in allowed groups”. I am not sure what I am doing wrong.

    Reply
  4. Hi Louis,
    if the problem still exist i would like you to switch this conversation to our Forum https://help.univention.com/ because its getting really technical now and the help forum is the right place for this. Like this the community could participate as well.

    Reply

Leave a Reply to Johannes Kenkel Cancel reply

Your email address will not be published. Required fields are marked *