CAS Directory

Revision as of 15:52, 6 December 2012 by Adam Franco (talk | contribs) (Updated authentication info for the directory service.)


The CAS Directory is a user/group search and look-up web-service that provides access to the same users and groups known to the CAS system. The CAS Directory is a RESTful web service located at:


For more information about CAS, see the CAS page in this wiki.

Response Format


Responses to successful queries will have a root cas:results node that contains zero or more cas:entry elements.

cas:entry elements will have a cas:user element or a cas:group element as well as zero or more cas:attribute elements.

<?xml version="1.0" encoding="utf-8"?>
<cas:results xmlns:cas="http://www.yale.edu/tp/cas">
<cas:attribute name="FirstName" value="Adam"/>
<cas:attribute name="LastName" value="Franco"/>
<cas:attribute name="Status" value="Staff"/>
<cas:attribute name="EMail" value="afranco@middlebury.edu"/>
<cas:attribute name="Login" value="afranco"/>
<cas:attribute name="TelephoneNumber" value="802.443.2244"/>
<cas:attribute name="MemberOf" value="CN=DFS-LIS-Circulation Services,OU=DFS_Permissions,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=DFS-LIS-LISstaff,OU=DFS_Permissions,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=DFS-LIS,OU=DFS_Permissions,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=Student Org Advisors,OU=General,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=webmkover-platform,OU=General,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=LIS Liaisons,OU=General,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=LIS Resource Development &amp; Services,OU=General,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=Digital Media Tutors,OU=General,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=Brainerd Affiliates,OU=General,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=LIS Systems &amp; Infrastructure Cluster,OU=General,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=district-lis,OU=Staff Districts,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=Blog Administrators,OU=General,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=LIS Educational Services Group,OU=General,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=VC Web Admin,OU=VC Groups,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=All Staff,OU=General,OU=Groups,DC=middlebury,DC=edu"/>
<cas:attribute name="MemberOf" value="CN=HEATUsers,OU=General,OU=Groups,DC=middlebury,DC=edu"/>
<cas:group>CN=All Staff,OU=General,OU=Groups,DC=middlebury,DC=edu</cas:group>
<cas:attribute name="EMail" value="All_Staff@middlebury.edu"/>

Identifiers and Reference Attributes

Applications should use the value of the cas:user or cas:group elements to identify users or groups. These values will always exist and are guaranteed to be globally unique identifiers.

Member and MemberOf attributes reference user and group identifiers respectively and can be provided in a user or group lookup to access other objects.

All other attributes are optionally provided by the service and may not exist for all users or groups. Applications should not make assumptions about the existence of attributes.

Optional Attributes - users

These options may or may not exist for all users. Applications should not make assumptions about the existence of these attributes.

  • FirstName - The given name of an entry
  • LastName - The surname of an entry
  • EMail - The email address of an entry
  • TelephoneNumber - The telephone number of an entry
  • Status - A field that indicates the status of an entry in relation to Middlebury College. May be one of 'Staff', 'Faculty', 'Student', 'Visitor'.
  • Login - A field that indicates a 'short name' or 'login handle' of a user. For users with status' of 'Staff', 'Faculty', or 'Student' this field will be the user's sAMAccount name.
    Applications should use this attribute to update their data to map existing usage of sAMAccount names to numeric identifiers.
    Applications should not use this field as the primary identifier for users as will not be unique over time and may change for some users depending on marital status or other factors.
    Visitors may or may not have a value for this attribute. Values of this attribute for visitors may collide with values for Faculty, Staff, and Students.

Optional Attributes - groups

These options may or may not exist for all groups. Applications should not make assumptions about the existence of these attributes.

  • EMail - The email address of an entry


When a failure occurs HTTP status codes will be used to indicate the reason for failure. The codes used are the following:

  • 400 Bad Request - Used for null or invalid arguments. For example, if the get_user action is requested without an id parameter or with an id of the wrong format.
  • 403 Forbidden - This status is returned if authentication failed or if the user is unauthorized to access the resource.
  • 404 Not Found - This status is returned if either an invalid action is specified or the id specified is unknown.
  • 500 Internal Server Error - An unintended error has occurred internal to the server.

Request Format

All requests must be HTTP GET requests to https://login.middlebury.edu/directory/

All requests must include an action parameter.


The following actions are available:


You must request an access key to access this service. The key is passed as an ADMIN_ACCESS parameter in your request.