{"id":20801933,"url":"https://github.com/philips-software/powershell-hsdp-iam","last_synced_at":"2025-06-25T07:05:06.759Z","repository":{"id":96542325,"uuid":"258004692","full_name":"philips-software/powershell-hsdp-iam","owner":"philips-software","description":"A powershell module that contains cmdlets to work against the HSDP IAM APIs using a powershell approach.","archived":false,"fork":false,"pushed_at":"2020-09-14T18:39:12.000Z","size":432,"stargazers_count":5,"open_issues_count":1,"forks_count":0,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-06-17T23:47:16.672Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/philips-software.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-04-22T19:50:45.000Z","updated_at":"2024-02-17T10:39:46.000Z","dependencies_parsed_at":"2023-04-04T06:17:46.564Z","dependency_job_id":null,"html_url":"https://github.com/philips-software/powershell-hsdp-iam","commit_stats":null,"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/philips-software/powershell-hsdp-iam","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/philips-software%2Fpowershell-hsdp-iam","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/philips-software%2Fpowershell-hsdp-iam/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/philips-software%2Fpowershell-hsdp-iam/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/philips-software%2Fpowershell-hsdp-iam/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/philips-software","download_url":"https://codeload.github.com/philips-software/powershell-hsdp-iam/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/philips-software%2Fpowershell-hsdp-iam/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":261823736,"owners_count":23215141,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-17T18:26:33.443Z","updated_at":"2025-06-25T07:05:06.692Z","avatar_url":"https://github.com/philips-software.png","language":"PowerShell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# powershell-hsdp-iam\n\n[![CI](https://github.com/philips-software/powershell-hsdp-iam/workflows/CI/badge.svg)](https://github.com/philips-software/powershell-hsdp-iam/actions?query=workflow%3ACI)\n[![powershellgallery](https://img.shields.io/powershellgallery/v/hsdp-iam.svg)](https://www.powershellgallery.com/packages/hsdp-iam)\n\n[Visit HSDP Slack Support](https://hsdp.slack.com)\n\n**Description**: This powershell module contains cmdlets to work against the HSDP IAM APIs using a powershell approach.\n\n  - **Technology stack**: Microsoft Powershell. Compatible with PS Core.\n  - **Key concepts** powershell  (technical, philosophical, or both) important to the user’s understanding.\n  - **Status**:  Alpha. See ToDos. [CHANGELOG](CHANGELOG.md).\n\n## Status\n\nThe intent of this module is to cover all API functionality available in the HSDP IAM APIs.\n\nThe coverage is tracked in [coverage.md](coverage.md)\n\n## Dependencies\n\n* Powershell 7/Core\n* Pester for unit tests\n\n## Installation\n\nThis package is available on [the powershell gallery](https://www.powershellgallery.com/packages/hsdp-iam)\n\n```\nInstall-Module hsdp-iam\nImport-Module hsdp-iam\n```\n\n## Configuration\nA new configuration file may be created using the New-Config cmdlet. The cmdlet will prompt for the following configuration parameters:\n\n| Value             | Example | Purpose | Notes|\n|-------------------|---------|---|----|\n| HSDP IAM URL | https://iam-integration.us-east.philips-healthsuite.com | IAM base URI | Do not include trainling slash\n| HSDP IDM URL | https://idm-integration.us-east.philips-healthsuite.com   | IDM base URI | Do not include trainling slash\n| HSDP Username and Password |  | Credentials with org administrative role | always required\n| HSDP ClientId and Secret | | IAM client key and secret | always required\n| HSDP App Shared Key and Secret | | App shared key and secret  | required for API Signature headers\n\nThe configuration will be saved to a file named ```./config.xml``` The secrets provided will be encrypted the configuration when using the windows platform.\n\n## Import configuration\nTo authenticate using the configuration execute the following cmdlet:\n\n```powershell\nSet-FileConfig\n```\n\n## Concepts:\n\nThese powershell cmdlets have been designed to follow common powershell patterns:\n\n### Online Help\n\nThe cmdlets all contain online help which can be obtains by using the Get-Help cmdlet. For instance:\n\n```powershell\nGet-Help Get-Org\n```\n\n### Objects\nThe cmdlets in this module return PSObjects from most functions that match the HSDP models. So for example:\n\n```powershell\n$org = Get-Org \"02bdfa45-db4b-4450-a77e-b59ab9df9472\"\n```\n\nThe $Org will be represented in the following PSObject:\n\n```\nschemas           : {urn:ietf:params:scim:schemas:core:philips:hsdp:2.0:Organization}\nid                : d578177f-f3db-4919-805a-b382c6fa0032\nname              : _testorg1\nparent            : @{value=e5550a19-b6d9-4a9b-ac3c-10ba817776d4; $ref=https://idm-integration.us-east.philips-healthsuite.com/authorize/scim/v2/Organizations/e5550a19-b6d9-4a9b-ac3c-10ba817776d4}\nactive            : True\ninheritProperties : True\nowners            : {@{value=36268f6b-828e-454c-aba8-8c2044fb19f9; primary=True}}\ncreatedBy         : @{value=36268f6b-828e-454c-aba8-8c2044fb19f9}\nmodifiedBy        : @{value=36268f6b-828e-454c-aba8-8c2044fb19f9}\nmeta              : @{resourceType=Organization; created=2/17/2020 6:05:25 PM; lastModified=2/17/2020 8:36:25 PM; location=https://idm-integration.us-east.philips-healthsuite.com/authorize/scim/v2/Organizations/d578177f-f3db-4919-805a-b382c6fa0032;\n                    version=W/\"617601800\"}\n```\n\nThe PSObjects are used by other CmdLets to simplify parameter passing. For instance:\n\n```powershell\n$groups = Get-Groups -Org $org\n```\n\nWill return all the groups in the org object passed to the cmdlet.\n\n### Object Update (version meta)\nCmdlets that perform updates will leverage the $object.meta.version property to pass the proper ETag.\n\n### Pipeline support\n\nMany cmdlets use ValueFromPipeline allowing composition such as in the following example to remove all users from an org:\n\n```powershell\nGet-UserIds $org | Remove-User\n```\n\n### Debugging and Tracing\n\nThe cmdlets have all be instrumented with Debug and Verbose information. This can be enabled using:\n\n```powershell\n$DebugPreference=\"continue\"\n$VerbosePreference=\"continue\"\n```\n\n## Cmdlet Categories\n- Configuration\n- Application\n- Client\n- OAuth2\n- Group\n- Organization\n- Proposition\n- Role\n- Service\n- User\n- Utility\n\n## Recepies\n\n### Add Org and User\n\n```powershell\n$parentOrg = Get-Org \"02bdfa45-db4b-4450-a77e-b59ab9df9472\"\n$org = Add-Org -ParentOrg $parentOrg -Name \"MyNewOrg\"\n$user = Add-User -LoginId \"test01\" -Email \"asdfasdf@mailinator.com\" -MobilePhone \"1234512345\" -FamilyName \"FAMILY\" -GivenName \"GIVEN\" -Org $org\n```\n\n### Create Proposition, Application, Service Identity and generate a JWT\n\n```powershell\n$org = Get-Org \"02bdfa45-db4b-4450-a77e-b59ab9df9472\"\n$propId = ([GUID]::NewGuid().ToString('D'))\n$prop = Add-Proposition -Org $org -Name \"My Proposition\" -GlobalReferenceId $propId\n\n$appId = ([GUID]::NewGuid().ToString('D'))\n$app = Add-Application -Proposition $prop -Name \"My Application\" -GlobalReferenceId $appId\n\n$keyFile = \"$($appName).pem\"\n# create a new service and write a key file\n$service = Add-Service -Application $app -Name \"My Service\" -PrivateKeyPath $keyFile\n\n$jwt = New-HsdpJWT -Service $service -KeyFile $keyFile\n```\n\n### Assign multiple users into group\n\n```powershell\n$org = Get-Org \"02bdfa45-db4b-4450-a77e-b59ab9df9472\"\nSet-UsersInGroup -Org $Org -GroupName \"My Group\" -UserIds @(\"user1@mailinator.com\", \"user2@mailinator.com\")\n```\n\n### Find a user by email address in an org and display all the permissions for all the roles\n\n```powershell\n$user = (Get-UserIds -Org $org | Get-User | Where-Object { $_.emailAddress -eq \"user1@mailinator.com\" })\n$user.memberships.roles | % { get-roles -Name $_ } | get-permissions\n```\n\n### Display all the email addresses of users who have never verified their email across all organizations\n\n```powershell\nGet-Orgs | Get-UserIds | Get-User | Where-Object { $_.accountStatus.emailVerified -ne \"True\" } | Select-Object -ExpandProperty emailAddress\n```\n## How to test the software\n\n### Unit Tests\nComplete unit tests are written using Pester Version 5\n\nThe ```hsdp-iam.tests.ps1``` will execute all unit tests. This is used as part of the CD/CD verification pipeline as well.\n\n### Sanity Tests\nA sanity test in ```Sanity.Tests.ps1``` will execute as part of the build verification.\n\nSanity test can be run locally but all configuration must be passed to the script. (e.g. full HSDP IAM env configuration)\n\n### Integration Tests\nIntegration tests are integrated into the build pipeline and must all pass on pull requests.\n\n## Known issues\n\nNone\n\n## Contributing\nSee [CONTRIBUTE.md](CONTRIBUTE.md)\n\n\n## Contact / Getting help\n\nmark.lindell@philips.com\n\n## License\n\nLink to [LICENSE.md](LICENSE.md)\n\n## Credits and references\n\n1. Inspiration for powershell approach taken from from [JiraPS](https://github.com/AtlassianPS/JiraPS)\n\n[![Slack](https://philips-software-slackin.now.sh/badge.svg)](https://philips-software-slackin.now.sh)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphilips-software%2Fpowershell-hsdp-iam","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fphilips-software%2Fpowershell-hsdp-iam","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fphilips-software%2Fpowershell-hsdp-iam/lists"}