Discover SCIM server implementation details
This topic describes how to discover our SCIM server configuration schemas and resource types.
You can use the following endpoints to discover the implementation details of CyberArk's SCIM server.
Endpoint | SCIM spec |
---|---|
{{baseUrl}}/scim/ServiceProviderConfig | https://tools.ietf.org/html/rfc7643#section-5 |
{{baseUrl}}/scim/ResourceTypes | https://tools.ietf.org/html/rfc7643#section-6 |
{{baseUrl}}/scim/Schemas | https://tools.ietf.org/html/rfc7643#section-7 |
Remember to include the bearer token in the header for authorization when making requests to SCIM endpoints.
Example - ServiceProviderConfig
The following example is a GET request to the /scim/ServiceProviderConfig
endpoint.
GET https://{{tenant_url}}/scim/ServiceProviderConfig
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig"
],
"patch": {
"supported": true
},
"bulk": {
"supported": false,
"maxOperations": 1,
"maxPayloadSize": 0
},
"filter": {
"supported": true,
"maxResults": 1000
},
"changePassword": {
"supported": false
},
"sort": {
"supported": false
},
"etag": {
"supported": false
},
"authenticationSchemes": [
{
"type": "oauthbearertoken",
"name": "OAuth Bearer Token",
"description": "Authentication scheme using the OAuth Bearer Token Standard"
}
],
"meta": {
"resourceType": "ServiceProviderConfig",
"created": "2021-01-22T03:33:22.5622118Z",
"lastModified": "2021-01-22T03:33:22.5622118Z",
"location": "https://techpubs.my.idaptive.qa/Scim/ServiceProviderConfig"
}
}
Example - ResourceTypes
The following example is a GET request to the /scim/ResourceTypes
endpoint. This request returns the endpoint of each resource type. In the example below you can see the endpoint for the User
resource is /Users
. You could then send requests to https://{{tenant_url}}/scim/Users
to manage users.
GET https://{{tenant_url}}/scim/ResourceTypes
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 6,
"itemsPerPage": 6,
"startIndex": 1,
"Resources": [
{
"name": "User",
"endpoint": "/Users",
"schema": "urn:ietf:params:scim:schemas:core:2.0:User",
"schemaExtensions": [
{
"schema": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
"required": false
},
{
"schema": "urn:scim:schemas:extension:custom:2.0",
"required": false
}
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ResourceType"
],
"id": "User",
"meta": {
"resourceType": "ResourceType",
"created": "2021-01-22T03:55:26.2935973Z",
"lastModified": "2021-01-22T03:55:26.2935973Z",
"location": "https://techpubs.my.idaptive.qa/Scim/ResourceTypes/User"
}
},
{
"name": "Group",
"endpoint": "/Groups",
"schema": "urn:ietf:params:scim:schemas:core:2.0:Group",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ResourceType"
],
"id": "Group",
"meta": {
"resourceType": "ResourceType",
"created": "2021-01-22T03:55:26.2935973Z",
"lastModified": "2021-01-22T03:55:26.2935973Z",
"location": "https://techpubs.my.idaptive.qa/Scim/ResourceTypes/Group"
}
},
{
"name": "Container",
"endpoint": "/Containers",
"schema": "urn:ietf:params:scim:schemas:pam:1.0:Container",
"schemaExtensions": [
{
"schema": "urn:ietf:params:scim:schemas:cyberark:1.0:Safe",
"required": false
}
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ResourceType"
],
"id": "Container",
"meta": {
"resourceType": "ResourceType",
"created": "2021-01-22T03:55:26.2935973Z",
"lastModified": "2021-01-22T03:55:26.2935973Z",
"location": "https://techpubs.my.idaptive.qa/Scim/ResourceTypes/Container"
}
},
{
"name": "ContainerPermission",
"endpoint": "/ContainerPermissions",
"schema": "urn:ietf:params:scim:schemas:pam:1.0:ContainerPermission",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ResourceType"
],
"id": "ContainerPermission",
"meta": {
"resourceType": "ResourceType",
"created": "2021-01-22T03:55:26.2935973Z",
"lastModified": "2021-01-22T03:55:26.2935973Z",
"location": "https://techpubs.my.idaptive.qa/Scim/ResourceTypes/ContainerPermission"
}
},
{
"name": "PrivilegedData",
"endpoint": "/PrivilegedData",
"schema": "urn:ietf:params:scim:schemas:pam:1.0:PrivilegedData",
"schemaExtensions": [
{
"schema": "urn:ietf:params:scim:schemas:cyberark:1.0:PrivilegedData",
"required": false
}
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ResourceType"
],
"id": "PrivilegedData",
"meta": {
"resourceType": "ResourceType",
"created": "2021-01-22T03:55:26.2935973Z",
"lastModified": "2021-01-22T03:55:26.2935973Z",
"location": "https://techpubs.my.idaptive.qa/Scim/ResourceTypes/PrivilegedData"
}
},
{
"name": "PrivilegedDataPermission",
"endpoint": "/PrivilegedDataPermissions",
"schema": "urn:ietf:params:scim:schemas:pam:1.0:PrivilegedDataPermission",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ResourceType"
],
"id": "PrivilegedDataPermission",
"meta": {
"resourceType": "ResourceType",
"created": "2021-01-22T03:55:26.2935973Z",
"lastModified": "2021-01-22T03:55:26.2935973Z",
"location": "https://techpubs.my.idaptive.qa/Scim/ResourceTypes/PrivilegedDataPermission"
}
}
]
}
Example - Schemas
The following example is a GET request to the /scim/Schemas
endpoint. A GET request to this endpoint returns attributes for all objects.
For details on only one object, use /scim/Schemas/{{object}}
.
The example response is abbreviated, showing the attributes for only the User resource. The schema URI is in the response as the value for the id attribute.
GET https://{{tenant_url}}/scim/Schemas
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"totalResults": 10,
"itemsPerPage": 10,
"startIndex": 1,
"Resources": [
{
"name": "User",
"description": "User Account",
"attributes": [
{
"name": "userName",
"type": "string",
"multiValued": false,
"required": true,
"caseExact": true
},
{
"name": "name",
"type": "complex",
"subAttributes": [
{
"name": "formatted",
"type": "string",
"multiValued": false,
"required": false,
"caseExact": false
},
{
"name": "familyName",
"type": "string",
"multiValued": false,
"required": false,
"caseExact": false
},
{
"name": "givenName",
"type": "string",
"multiValued": false,
"required": false,
"caseExact": false
},
{
"name": "middleName",
"type": "string",
"multiValued": false,
"required": false,
"caseExact": false
},
{
"name": "honorificPrefix",
"type": "string",
"multiValued": false,
"required": false,
"caseExact": false
},
{
"name": "honorificSuffix",
"type": "string",
"multiValued": false,
"required": false,
"caseExact": false
}
],
"multiValued": false,
"required": false
},
],
"id": "urn:ietf:params:scim:schemas:core:2.0:User",
"meta": {
"resourceType": "Schema",
"created": "2021-01-22T03:59:22.3406896Z",
"lastModified": "2021-01-22T03:59:22.3406896Z",
"location": "https://techpubs.my.idaptive.qa/Scim/Schemas/urn:ietf:params:scim:schemas:core:2.0:User"
}
},
]
}
Updated over 2 years ago