Links

SCIM API v1.0

Introduction

The SCIM REST API allows for creating and updating Users, Groups (referred to as Roles on the OwnIdP dashboard), Organizations, OrganizationUsers and RelyingParties (referred to as Service providers on the OwnIdP dashboard).
A complete list of all schema specifications is accessible via the https://example.tenant.com/ciam/1.0/scim/v2/Schemas endpoint.

Actors

  • A SystemUser

Preconditions

  • The SystemUser's shared secret token key should be included in the Authorization HTTP header. The key should be prefixed by the string literal "Token", with whitespace separating the two strings. For example: Authorization: Token r454f2529f2cd27e1722e67a624b2b18335e6c21
  • For POST and PATCH request, the Content-Type HTTP header should be application/json.
  • The SystemUser's linked OrganizationUser needs to have the correct OwnIdP permissions to access the SCIM endpoint.

Exceptions

No secret token (or an incorrect one) is included in the request's header.

  1. 1.
    The response will be in the form of a HTTP UNAUTHORISED (401).

A secret token is included in the request's header but the SystemUser's OrganizationUser doesn't have the right OwnIdP permissions.

  1. 1.
    The response will be in the form of a HTTP FORBIDDEN (403).

Order of execution

In the use case of initial setup, the right order of execution is as follows:
  1. 1.
    Create the Groups (using POST on the Groups endpoint)
  2. 2.
    Create the Organisations (using POST on the Organizations endpoint)
  3. 3.
    Add the Groups to the Organisations (using PATCH on the Organizations endpoint)
  4. 4.
    Create the Users (using POST on the Users endpoint)
  5. 5.
    Create the OrganizationUsers (using POST on the OrganizationUsers endpoint)
  6. 6.
    Add the Groups to the OrganizationUsers (using PATCH on the OrganizationUsers endpoint)

Endpoints

Note: When filtering by custom attributes (Users, Organizations and OrganizationUsers endpoints only), the customerAttributeName must be entered exactly as it was created.

Users

  • Core schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:ietf:params:scim:schemas:core:2.0:User
  • Extension schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User
  • Endpoint: https://example.tenant.com/ciam/1.0/scim/v2/Users
  • Allow: GET, POST, DELETE, PATCH
  • Filter options for Users (for an example, see below):
    • id (uuid)
    • externalId (string)
    • userName (string)
    • givenName (string)
    • familyName (string)
    • name (string)
    • emails(string)
    • active (boolean)
    • isShadowUser (boolean)
    • created (date)
    • lastModified (date)
    • customAttributeName (value)
  • GET all users example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Users
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 8,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:User",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User"
      ],
      "id": "b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "externalId": "b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "userName": "john-doe",
      "name": {
      "givenName": "John",
      "familyName": "Doe",
      "formatted": "John Doe"
      },
      "displayName": "John Doe",
      "emails": [
      {
      "value": "[email protected]",
      "primary": true
      }
      ],
      "active": true,
      "x509Certificates":[],
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User": {
      },
      "meta": {
      "resourceType": "User",
      "created": "2020-08-07T07:39:53.394952+00:00",
      "lastModified": "2020-08-07T07:39:53.394952+00:00",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Users/04a0c61-132f-4c47-ae9b-ea2b79046254"
      }
      },
      ...
      ]
      }
    • Note: This will show maximum 50 records by default. Use count as query parameter to change the default max limit. For example, use https://example.tenant.com/ciam/1.0/scim/v2/Users?count=100 to show 100 records.
  • GET single user example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Users/b04a0c61-132f-4c47-ae9b-ea2b79046254
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:User",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User"
      ],
      "id": "b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "externalId": "b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "userName": "john-doe",
      "name": {
      "givenName": "John",
      "familyName": "Doe",
      "formatted": "John Doe"
      },
      "displayName": "John Doe",
      "emails": [
      {
      "value": "[email protected]",
      "primary": true
      }
      ],
      "active": true,
      "x509Certificates":[],
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User": {
      },
      "meta": {
      "resourceType": "User",
      "created": "2020-08-07T07:39:53.394952+00:00",
      "lastModified": "2020-08-07T07:39:53.394952+00:00",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Users/04a0c61-132f-4c47-ae9b-ea2b79046254"
      }
      }
  • GET response attribute filtering example (can also be used in combination with standard filtering):
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Users?attributes=userName
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 8,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "id": "b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "userName": "john-doe"
      },
      {
      "id": "c159dc61-132f-4c47-ae9b-ea2b79046254",
      "userName": "Tony-coen"
      },
      ...
      ]
      }
    Multiple values can be passed in the attributes filter, example:
    https://example.tenant.com/ciam/1.0/scim/v2/Users?attributes=displayName, userName
    Example with standard filter and response attribute filter:
    https://example.tenant.com/ciam/1.0/scim/v2/Users?filter=externalId eq "17e78087-ea19-4cd0-a38a-732a4f898413"&attributes=displayName
  • GET users using filter example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Users?filter=name.givenName Eq "John" and active Eq "True"
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 1,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:User",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User"
      ],
      "id": "b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "externalId": "b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "userName": "john-doe",
      "name": {
      "givenName": "John",
      "familyName": "Doe",
      "formatted": "John Doe"
      },
      "displayName": "John Doe",
      "emails": [
      {
      "value": "[email protected]",
      "primary": true
      }
      ],
      "active": true,
      "x509Certificates":[],
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User": {
      },
      "meta": {
      "resourceType": "User",
      "created": "2020-08-07T07:39:53.394952+00:00",
      "lastModified": "2020-08-07T07:39:53.394952+00:00",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Users/04a0c61-132f-4c47-ae9b-ea2b79046254"
      }
      }
      ]
      }
  • POST example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Users
    • Request body:
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:User",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User"
      ],
      "name": {"givenName": "Jane", "familyName": "Doe"},
      "emails": [{"value": "[email protected]", "primary": "true"}],
      "userName": "jane-doe",
      "password": "[email protected]#",
      "resetPassword": true,
      "customAttributes": [{"id": "b04a0c61-132f-4c47-ae9b-ea2b79046254", "value": "test"}]
      }
    • Response: 201 Created
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:User",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User"
      ],
      "id": "e82a9c37-acb0-454c-a901-35968bdba84b",
      "externalId": null,
      "userName": "jane-doe",
      "name": {
      "givenName": "Jane",
      "familyName": "Doe",
      "formatted": "Jane Doe"
      },
      "displayName": "Jane Doe",
      "emails": [
      {
      "value": "[email protected]",
      "primary": true
      }
      ],
      "active": true,
      "x509Certificates": [],
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User": {
      },
      "meta": {
      "resourceType": "User",
      "created": "2020-08-07T08:32:52.503969+00:00",
      "lastModified": "2020-08-07T08:32:52.503969+00:00",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Users/e82a9c37-acb0-454c-a901-35968bdba84b"
      }
      }
  • You can specify if a user has to reset its password before logging in for the first time with the resetPassword field
    • Example:
      {
      "name": {"givenName": "Jane", "familyName": "Doe"},
      "emails": [{"value": "[email protected]", "primary": "true"}],
      "userName": "jane-doe",
      "password": "[email protected]#",
      "resetPassword": true,
      }
  • DELETE example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Users/e82a9c37-acb0-454c-a901-35968bdba84b
    • Response: 204 No Content
  • PATCH example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Users/e82a9c37-acb0-454c-a901-35968bdba84b
    • Request body:
      {
      "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
      "Operations": [
      {"op": "replace", "path": "externalId", "value": "123456"},
      {"op": "replace", "path": "name.givenName", "value": "Jane1"},
      {"op": "replace", "path": "name.familyName", "value": "Doe1"},
      {"op": "replace", "path": "userName", "value": "jane1-doe1"},
      {"op": "replace", "path": "active", "value": false},
      {"op": "replace", "path": "password", "value": "[email protected]#3"},
      {"op": "replace", "path": "emails", "value": {"value": "[email protected]", "primary": "true"}}
      ]
      }
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:User",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User"
      ],
      "id": "e82a9c37-acb0-454c-a901-35968bdba84b",
      "externalId": "123456",
      "userName": "jane1-doe1",
      "name": {
      "givenName": "Jane1",
      "familyName": "Doe1",
      "formatted": "Jane1 Doe1"
      },
      "displayName": "Jane1 Doe1",
      "emails": [
      {
      "value": "[email protected]",
      "primary": true
      }
      ],
      "active": false,
      "x509Certificates": [],
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User": {
      },
      "meta": {
      "resourceType": "User",
      "created": "2020-08-07T08:32:52.503969+00:00",
      "lastModified": "2020-08-08T08:32:52.503969+00:00",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Users/e82a9c37-acb0-454c-a901-35968bdba84b"
      }
      }

Groups

  • Core schema specification: https://example.tenant.com/ciam/1.0/scim/v2/urn:ietf:params:scim:schemas:core:2.0:Group
  • Extension schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:connectis:ciam:scim:schemas:extension:1.0:Group
  • Endpoint: https://example.tenant.com/ciam/1.0/scim/v2/Groups
  • Note: "Groups" are referred to as "Roles" on the front-end dashboard.
  • Allow: GET, POST, DELETE, PATCH
  • Filter options for Groups (for an example, see below):
    • id (uuid)
    • externalId (string)
    • displayName (string)
    • description (string)
  • GET all groups example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Groups
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 4,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:Group",
      "urn:connectis:ciam:scim:schemas:extension:1.0:Group"
      ],
      "id": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "externalId": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "displayName": "Test Group",
      "members": [
      {
      "value": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "display": "Test Organization - John Doe"
      "type": "OrganizationUser"
      }
      ],
      "urn:connectis:ciam:scim:schemas:extension:1.0:Group": {
      "order": 6,
      "description": "Description for Test Group"
      },
      "meta": {
      "resourceType": "Group",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/17e78087-ea19-4cd0-a38a-732a4f898413"
      }
      },
      ...
      ]
      }
    • Note: This will show maximum 50 records by default. Use count as query parameter to change the default max limit. For example, use https://example.tenant.com/ciam/1.0/scim/v2/Groups?count=100 to show 100 records.
  • GET single group example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Groups/17e78087-ea19-4cd0-a38a-732a4f898413
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:Group",
      "urn:connectis:ciam:scim:schemas:extension:1.0:Group"
      ],
      "id": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "externalId": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "displayName": "Test Group",
      "members": [
      {
      "value": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "display": "Test Organization - John Doe"
      "type": "OrganizationUser"
      }
      ],
      "urn:connectis:ciam:scim:schemas:extension:1.0:Group": {
      "order": 6,
      "description": "Description for Test Group"
      },
      "meta": {
      "resourceType": "Group",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/17e78087-ea19-4cd0-a38a-732a4f898413"
      }
      }
  • GET response attribute filtering example (can also be used in combination with standard filtering):
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Groups?attributes=displayName
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 5,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "id": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "displayName": "Test Group"
      },
      ...
      ]
      }
    Multiple values can be passed in the attributes filter, example:
    https://example.tenant.com/ciam/1.0/scim/v2/Groups?attributes=displayName, externalId
    Example with standard filter and response attribute filter:
    https://example.tenant.com/ciam/1.0/scim/v2/Groups?filter=externalId eq "17e78087-ea19-4cd0-a38a-732a4f898413"&attributes=displayName
  • GET groups using filter example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Groups?filter=displayName Eq "Test Group
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 1,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:Group",
      "urn:connectis:ciam:scim:schemas:extension:1.0:Group"
      ],
      "id": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "externalId": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "displayName": "Test Group",
      "members": [
      {
      "value": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "display": "Test Organization - John Doe"
      "type": "OrganizationUser"
      }
      ],
      "urn:connectis:ciam:scim:schemas:extension:1.0:Group": {
      "order": 6,
      "description": "Description for Test Group"
      },
      "meta": {
      "resourceType": "Group",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/17e78087-ea19-4cd0-a38a-732a4f898413"
      }
      }
      ]
      }
  • POST example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Groups
    • Request body:
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:Group",
      "urn:connectis:ciam:scim:schemas:extension:1.0:Group"
      ],
      "displayName": "Test Group"
      }
    • Response: 201 Created
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:Group",
      "urn:connectis:ciam:scim:schemas:extension:1.0:Group"
      ],
      "id": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "externalId": null,
      "displayName": "Test Group",
      "members": [],
      "urn:connectis:ciam:scim:schemas:extension:1.0:Group": {
      "order": 6,
      "description": ""
      },
      "meta": {
      "resourceType": "Group",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/17e78087-ea19-4cd0-a38a-732a4f898413"
      }
      }
  • DELETE example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Groups/17e78087-ea19-4cd0-a38a-732a4f898413
    • Response: 204 No Content
  • PATCH example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Groups/17e78087-ea19-4cd0-a38a-732a4f898413
    • Request body:
      {
      "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
      "Operations": [
      {"op": "replace", "path": "externalId", "value": "123456"},
      {"op": "replace", "path": "displayName", "value": "Updated Test Group"},
      {"op": "replace", "path": "order", "value": "15"},
      {"op": "replace", "path": "description", "value": "Description for Updated Test Group"}
      ]
      }
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:Group",
      "urn:connectis:ciam:scim:schemas:extension:1.0:Group"
      ],
      "id": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "externalId": "123456,
      "displayName": "Updated Test Group",
      "members": [],
      "urn:connectis:ciam:scim:schemas:extension:1.0:Group": {
      "order": 15,
      "description": "Description for Updated Test Group"
      },
      "meta": {
      "resourceType": "Group",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/17e78087-ea19-4cd0-a38a-732a4f898413"
      }
      }

Organisations

  • Core schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:connectis:ciam:scim:schemas:core:1.0:Organization
  • Extension schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:example.tenant.com:ciam:scim:schemas:extension:1.0:Organization
  • Endpoint: https://example.tenant.com/ciam/1.0/scim/v2/Organizations
  • Allow: GET, POST, DELETE, PATCH
  • Filter options for Organisations (for an example, see below):
    • id (uuid)
    • externalId (string)
    • name (string)
    • active (boolean)
    • parent (uuid)
    • cc (string)
    • branchNumber(string)
    • organizationCode (string)
    • customAttributeName (value)
  • GET all organizations example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Organizations
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 5,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "schemas": [
      "urn:connectis:ciam:scim:schemas:core:1.0:Organization",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:Organization"
      ],
      "id": "f39322c6-7234-478a-a976-9a7409c0b085",
      "externalId": "f39322c6-7234-478a-a976-9a7409c0b085",
      "name": "Test Organization",
      "active": true,
      "parent": {
      "value": "03eb07ff-e21b-48e3-9f7c-147ec69bccba",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/5b55284a-f330-424f-8dc0-afac7d4cf51f",
      "display": "Parent Organization",
      "type": "Organization"
      },
      "organizationUsers": [
      {
      "value": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "display": "Test Organization - John Doe"
      "type": "OrganizationUser"
      }
      ],
      "groups": [
      {
      "value": "50945e0d-53e8-46fe-88fe-94f571ffec5d",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/50945e0d-53e8-46fe-88fe-94f571ffec5d",
      "display": "Test Group"
      "type": "Group"
      },
      ],
      "meta": {
      "resourceType": "Organization",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085"
      }
      },
      ...
      ]
      }
    • Note: This will show maximum 50 records by default. Use count as query parameter to change the default max limit. For example, use https://example.tenant.com/ciam/1.0/scim/v2/Organizations?count=100 to show 100 records.
  • GET single organisation example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085
    • Response: 200 OK
      {
      "schemas": [
      "urn:connectis:ciam:scim:schemas:core:1.0:Organization",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:Organization"
      ],
      "id": "f39322c6-7234-478a-a976-9a7409c0b085",
      "externalId": "f39322c6-7234-478a-a976-9a7409c0b085",
      "name": "Test Organization",
      "active": true,
      "parent": {
      "value": "03eb07ff-e21b-48e3-9f7c-147ec69bccba",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/5b55284a-f330-424f-8dc0-afac7d4cf51f",
      "display": "Parent Organization",
      "type": "Organization"
      },
      "organizationUsers": [
      {
      "value": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "display": "Test Organization - John Doe"
      "type": "OrganizationUser"
      }
      ],
      "groups": [
      {
      "value": "50945e0d-53e8-46fe-88fe-94f571ffec5d",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/50945e0d-53e8-46fe-88fe-94f571ffec5d",
      "display": "Test Group"
      "type": "Group"
      },
      ],
      "meta": {
      "resourceType": "Organization",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085"
      }
      }
  • GET response attribute filtering example (can also be used in combination with standard filtering):
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Organizations?attributes=name
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 5,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "id": "f39322c6-7234-478a-a976-9a7409c0b085",
      "name": "Test Organization",
      },
      ...
      ]
      }
    Multiple values can be passed in the attributes filter, example:
    https://example.tenant.com/ciam/1.0/scim/v2/Organizations?attributes=name, active
    Example with standard filter and response attribute filter:
    https://example.tenant.com/ciam/1.0/scim/v2/Organizations?filter=name eq "OrganizationName"&attributes=user
  • GET organizations using filter example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Organizations?filter=name Eq "Test Organization"
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 1,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "schemas": [
      "urn:connectis:ciam:scim:schemas:core:1.0:Organization",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:Organization"
      ],
      "id": "f39322c6-7234-478a-a976-9a7409c0b085",
      "externalId": "f39322c6-7234-478a-a976-9a7409c0b085",
      "name": "Test Organization",
      "active": true,
      "parent": {
      "value": "03eb07ff-e21b-48e3-9f7c-147ec69bccba",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/5b55284a-f330-424f-8dc0-afac7d4cf51f",
      "display": "Parent Organization",
      "type": "Organization"
      },
      "organizationUsers": [
      {
      "value": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "display": "Test Organization - John Doe"
      "type": "OrganizationUser"
      }
      ],
      "groups": [
      {
      "value": "50945e0d-53e8-46fe-88fe-94f571ffec5d",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/50945e0d-53e8-46fe-88fe-94f571ffec5d",
      "display": "Test Group"
      "type": "Group"
      },
      ],
      "meta": {
      "resourceType": "Organization",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085"
      }
      }
      ]
      }
  • POST example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Organizations
    • Request body:
      {
      "schemas": [
      "urn:connectis:ciam:scim:schemas:core:1.0:Organization",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:Organization"
      ],
      "name": "Test Organization",
      "active": true,
      "parent": "03eb07ff-e21b-48e3-9f7c-147ec69bccba",
      "cc": "987654321",
      "branchNumber": "12345",
      "organizationCode": "6789"
      "customAttributes": [{"id": "b04a0c61-132f-4c47-ae9b-ea2b79046254", "value": "test"}],
      "groups": ["b04a0c61-132f-4c47-ae9b-ea2b79046254", "b04a0c61-132f-4c47-ae9b-ea2b79046254", ]
      }
    • Response: 201 Created
      {
      "schemas": [
      "urn:connectis:ciam:scim:schemas:core:1.0:Organization",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:Organization"
      ],
      "id": "f39322c6-7234-478a-a976-9a7409c0b085",
      "externalId": null,
      "name": "Test Organization",
      "active": true,
      "parent": {
      "value": "03eb07ff-e21b-48e3-9f7c-147ec69bccba",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/5b55284a-f330-424f-8dc0-afac7d4cf51f",
      "display": "Parent Organization",
      "type": "Organization"
      },
      "organizationUsers": [],
      "groups": [],
      "meta": {
      "resourceType": "Organization",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085"
      }
      }
  • DELETE example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085
    • Response: 204 No Content
Warning: Do not delete your main organisation with OrganisationID 1 (ciam/organisations/1/). This will cause you to lose the option to login with your MySignicat account.
  • PATCH example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085
    • Request body:
      {
      "schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
      "Operations": [
      {"op": "replace", "path": "externalId", "value": "123456"},
      {"op": "replace", "path": "name", "value": "Updated Test Organization"},
      {"op": "replace", "path": "active", "value": false},
      {"op": "replace", "path": "parent", "value": "ed32c069-2248-4d03-b3f3-335cd2c3e730"},
      {"op": "replace", "path": "cc", "value": "123456789"},
      {"op": "replace", "path": "branchNumber", "value": "5623"},
      {"op": "replace", "path": "organizationCode", "value": "325621"},
      {"op": "add", "path": "groups", "value": [{"value": "50945e0d-53e8-46fe-88fe-94f571ffec5d"}]},
      {"op": "remove", "path": "groups", "value": [{"value": "5edd5205-f2d0-4b7d-aeac-f43dcc98b2b1"}]},
      ]
      }
    • Response: 200 OK
      {
      "schemas": [
      "urn:connectis:ciam:scim:schemas:core:1.0:Organization",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:Organization"
      ],
      "id": "f39322c6-7234-478a-a976-9a7409c0b085",
      "externalId": "123456",
      "name": "Updated Test Organization",
      "active": false,
      "parent": {
      "value": "ed32c069-2248-4d03-b3f3-335cd2c3e730",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/ed32c069-2248-4d03-b3f3-335cd2c3e730",
      "display": "New Parent Organization",
      "type": "Organization"
      },
      "organizationUsers": [
      {
      "value": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "display": "Updated Test Organization - John Doe"
      "type": "OrganizationUser"
      }
      ],
      "groups": [
      {
      "value": "50945e0d-53e8-46fe-88fe-94f571ffec5d",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/50945e0d-53e8-46fe-88fe-94f571ffec5d",
      "display": "Test Groups"
      "type": "Group"
      },
      ],
      "meta": {
      "resourceType": "Organization",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085"
      }
      }

OrganizationUsers

  • Core schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:connectis:ciam:scim:schemas:core:1.0:OrganizationUser
  • Extension schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:example.tenant.com:ciam:scim:schemas:extension:1.0:OrganizationUser
  • Endpoint: https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers
  • Allow: GET, POST, DELETE, PATCH
  • Filter options for OrganizationsUsers (for an example, see below):
    • id (uuid)
    • externalId (string)
    • active (boolean)
    • customAttributeName (value)
    • user(uuid)
  • GET all organization-users example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 2,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "schemas": [
      "urn:connectis:ciam:scim:schemas:core:1.0:OrganizationUser",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:OrganizationUser"
      ],
      "id": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "externalId": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "displayName": "Test Organization - John Doe",
      "active": true,
      "organization": {
      "value": "f39322c6-7234-478a-a976-9a7409c0b085",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085",
      "display": "Test Organization",
      "type": "Organization"
      },
      "user": {
      "value": "b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Users/b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "display": "John Doe"
      "type": "User"
      },
      "invitedBy": {
      "value": "edd68232-0766-411b-8050-1ff35b4e6276",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Users/edd68232-0766-411b-8050-1ff35b4e6276",
      "display": "Test User"
      "type": "User"
      },
      "groups": [
      {
      "value": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/17e78087-ea19-4cd0-a38a-732a4f898413",
      "display": "Test Group"
      "type": "Group"
      }
      ],
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:OrganizationUser": {
      },
      "meta": {
      "resourceType": "OrganizationUser",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/add4cac2-613f-449b-ae1c-97ce7be22a4a"
      }
      },
      ...
      ]
      }
    • Note: This will show maximum 50 records by default. Use count as query parameter to change the default max limit. For example, use https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers?count=100 to show 100 records.
  • GET single organization-user example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/add4cac2-613f-449b-ae1c-97ce7be22a4a
    • Response: 200 OK
      {
      "schemas": [
      "urn:connectis:ciam:scim:schemas:core:1.0:OrganizationUser",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:OrganizationUser"
      ],
      "id": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "externalId": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "displayName": "Test Organization - John Doe",
      "active": true,
      "organization": {
      "value": "f39322c6-7234-478a-a976-9a7409c0b085",
      $ref": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085",
      "display": "Test Organization",
      "type": "Organization"
      },
      "user": {
      "value": "b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Users/b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "display": "John Doe"
      "type": "User"
      },
      "invitedBy": {
      "value": "edd68232-0766-411b-8050-1ff35b4e6276",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Users/edd68232-0766-411b-8050-1ff35b4e6276",
      "display": "Test User"
      "type": "User"
      },
      "groups": [
      {
      "value": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/17e78087-ea19-4cd0-a38a-732a4f898413",
      "display": "Test Group"
      "type": "Group"
      }
      ],
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:OrganizationUser": {
      },
      "meta": {
      "resourceType": "OrganizationUser",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/add4cac2-613f-449b-ae1c-97ce7be22a4a"
      }
      }
  • GET response attribute filtering example (can also be used in combination with standard filtering):
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUser?attributes=displayName
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 1,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "id": "50945e0d-53e8-46fe-88fe-94f571ffec5d",
      "displayName": "1st Organization AdminUser",
      },
      ...
      ]
      }
    Multiple values can be passed in the attributes filter, example:
    https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUser?attributes=displayName, active
    Example with standard filter and response attribute filter:
    https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUser?filter=displayName eq "OrganizationAdmin"&attributes=organization
  • GET organization-user using filter example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers?filter=active Eq "True"
    • Response: 200 OK
      {
      "schemas": [
      "urn:ietf:params:scim:api:messages:2.0:ListResponse"
      ],
      "totalResults": 2,
      "itemsPerPage": 50,
      "startIndex": 1,
      "Resources": [
      {
      "schemas": [
      "urn:connectis:ciam:scim:schemas:core:1.0:OrganizationUser",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:OrganizationUser"
      ],
      "id": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "externalId": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "displayName": "Test Organization - John Doe",
      "active": true,
      "organization": {
      "value": "f39322c6-7234-478a-a976-9a7409c0b085",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085",
      "display": "Test Organization",
      "type": "Organization"
      },
      "user": {
      "value": "b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Users/b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "display": "John Doe"
      "type": "User"
      },
      "invitedBy": {
      "value": "edd68232-0766-411b-8050-1ff35b4e6276",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Users/edd68232-0766-411b-8050-1ff35b4e6276",
      "display": "Test User"
      "type": "User"
      },
      "groups": [
      {
      "value": "17e78087-ea19-4cd0-a38a-732a4f898413",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Groups/17e78087-ea19-4cd0-a38a-732a4f898413",
      "display": "Test Group"
      "type": "Group"
      }
      ],
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:OrganizationUser": {
      },
      "meta": {
      "resourceType": "OrganizationUser",
      "location": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/add4cac2-613f-449b-ae1c-97ce7be22a4a"
      }
      },
      ...
      ]
      }
  • POST example:
    • Request:
      https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers
    • Request body:
      {
      "schemas": [
      "urn:connectis:ciam:scim:schemas:core:1.0:OrganizationUser",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:OrganizationUser"
      ],
      "organization": "f39322c6-7234-478a-a976-9a7409c0b085",
      "user": "b04a0c61-132f-4c47-ae9b-ea2b79046254"
      "customAttributes": [{"id": "b04a0c61-132f-4c47-ae9b-ea2b79046254", "value": "test"}],
      "groups": ["b04a0c61-132f-4c47-ae9b-ea2b79046254", "b04a0c61-132f-4c47-ae9b-ea2b79046254", ]
      }
    • Response: 201 Created
      {
      "schemas": [
      "urn:connectis:ciam:scim:schemas:core:1.0:OrganizationUser",
      "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:OrganizationUser"
      ],
      "id": "add4cac2-613f-449b-ae1c-97ce7be22a4a",
      "externalId": null,
      "displayName": "Test Organization - John Doe",
      "active": true,
      "organization": {
      "value": "f39322c6-7234-478a-a976-9a7409c0b085",
      $ref": "https://example.tenant.com/ciam/1.0/scim/v2/Organizations/f39322c6-7234-478a-a976-9a7409c0b085",
      "display": "Test Organization",
      "type": "Organization"
      },
      "user": {
      "value": "b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Users/b04a0c61-132f-4c47-ae9b-ea2b79046254",
      "display": "John Doe"
      "type": "User"
      },
      "invitedBy": {
      "value": "edd68232-0766-411b-8050-1ff35b4e6276",
      "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Users/edd68232-0766-411b-8050-1ff35b4e6276",
      "display": "Test User"
      "type": "User"
      },