# Account Linking and Data Importing

# Introduction

This page describes the specific use cases for using the SCIM REST API for account linking or importing account data. This is part of the v1.0 SCIM API.

# Actors

  • A SystemUser

# Preconditions

  • The SystemUser's shared secret token key should be included in the Authorization HTTP header. The key should be prefixed by the string literal "Token", with whitespace separating the two strings. For example: Authorization: Token r454f2529f2cd27e1722e67a624b2b18335e6c21
  • For POST and PATCH request, the Content-Type HTTP header should be application/json.
  • The SystemUser's linked OrganizationUser needs to have the correct OwnIdP permissions to access the SCIM endpoint.

# Exceptions

# No secret token (or an incorrect one) is included in the request's header.

  1. The response will be in the form of a HTTP UNAUTHORIZED (401).

# A secret token is included in the request's header but the SystemUser's OrganizationUser doesn't have the right OwnIdP permissions.

  1. The response will be in the form of a HTTP FORBIDDEN (403).

# Order of execution

# Account Linking (for a User)

In the use case of Account Linking for a User, the right order of execution is as follows:

  1. Create the ExternalIdps (using POST on the ExternalIdps endpoint)
  2. Create the empty ("shadow") Users (using POST on the Users endpoint)
  3. Create the ExternalUsers (using POST on the ExternalUsers endpoint)

# Account Data Importing (for a User)

In the use case of Account Data Importing for a User, the right order of execution is as follows:

  1. Create the ExternalIdps (using POST on the ExternalIdps endpoint)
  2. Create the ExternalIdpAttributeDefinitions, to define the attributes (using POST on the ExternalIdpAttributeDefinitions endpoint)
  3. Create the ImportedUserAttributes, to create the link between User and ExternalIdp (using POST on the ImportedUserAttributes endpoint)
  4. Update the ImportedUserAttributes, to set the values of the attributes (using PATCH on the ImportedUserAttributes endpoint)

# Account Data Importing (for an OrganizationUser)

In the use case of Account Data Importing for an OrganizationUser, the right order of execution is as follows:

  1. Create the ExternalIdps (using POST on the ExternalIdps endpoint)
  2. Create the ExternalIdpAttributeDefinitions, to define the attributes (using POST on the ExternalIdpAttributeDefinitions endpoint)
  3. Create the ImportedOrganizationUserAttributes, to create the link between OrganizationUser and ExternalIdp (using POST on the ImportedOrganizationUserAttributes endpoint)
  4. Update the ImportedOrganizationUserAttributes, to set the values of the attributes (using PATCH on the ImportedOrganizationUserAttributes endpoint)

# Endpoints

# Users

  • Core schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:ietf:params:scim:schemas:core:2.0:User
  • Extension schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User
  • Endpoint: https://example.tenant.com/ciam/1.0/scim/v2/Users
  • Allow: GET, POST, DELETE, PATCH
  • POST example to create an empty "shadow" User:
    • Request:

      POST https://example.tenant.com/ciam/1.0/scim/v2/Users
      
    • Request body:

      {}
      
    • Response: 201 Created

      {
          "schemas": [
              "urn:ietf:params:scim:schemas:core:2.0:User",
              "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User"
          ],
          "id": "0afaded7-62b3-4daf-b79c-fc91579cec41",
          "externalId": null,
          "userName": null,
          "name": {
              "givenName": "",
              "familyName": "",
              "formatted": null
          },
          "displayName": null,
          "emails": [
              {
                  "value": null,
                  "primary": true
              }
          ],
          "active": true,
          "x509Certificates": [],
          "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:User": {},
          "meta": {
              "resourceType": "User",
              "created": "2021-02-26T12:30:16.498591+00:00",
              "lastModified": "2021-02-26T12:30:16.498591+00:00",
              "location": "https://example.tenant.com/ciam/1.0/scim/v2/Users/0afaded7-62b3-4daf-b79c-fc91579cec41"
          }
      }
      
  • GET example to filter out Users:
    • Request:

      GET https://example.tenant.com/ciam/1.0/scim/v2/Users?filter=givenName Eq "Audit" or familyName Eq "Guy"
      
    • Response: 200 OK

      {
         "schemas": [
             "urn:ietf:params:scim:api:messages:2.0:ListResponse"
         ],
          "totalResults": 2,
          "itemsPerPage": 50,
          "startIndex": 1,
          "Resources": [
              {
                  "schemas": [
                      "urn:ietf:params:scim:schemas:core:2.0:User",
                      "urn:connectis.local.test-development.nl:ciam:scim:schemas:extension:1.0:User"
                  ],
                  "id": "50d8f543-0841-452c-9868-cbd18e5922fd",
                  "externalId": null,
                  "userName": "auditguy",
                  "name": {
                      "givenName": "Audit",
                      "familyName": "Guy",
                      "formatted": "Audit Guy"
                  },
                  "displayName": "Audit Guy",
                  "emails": [
                      {
                          "value": "tester.connectis+2@gmail.com",
                          "primary": true
                      }
                  ],
                  "active": true,
                  "x509Certificates": [],
                  "urn:connectis.local.test-development.nl:ciam:scim:schemas:extension:1.0:User": {
                      "Romania": "Nice",
                      "Albania": "NotNice"
                  },
                  "meta": {
                      "resourceType": "User",
                      "created": "2020-07-27T07:55:17.884121+00:00",
                      "lastModified": "2021-06-18T07:11:06.025720+00:00",
                      "location": "https://connectis.local.test-development.nl/ciam/1.0/scim/v2/Users/50d8f543-0841-452c-9868-cbd18e5922fd"
                  }
              },
              {
                  "schemas": [
                      "urn:ietf:params:scim:schemas:core:2.0:User",
                      "urn:connectis.local.test-development.nl:ciam:scim:schemas:extension:1.0:User"
                  ],
                  "id": "9158036b-7f65-45d7-906a-93312a16656b",
                  "externalId": null,
                  "userName": "configreaderguy",
                  "name": {
                      "givenName": "ConfigReader",
                      "familyName": "Guy",
                      "formatted": "ConfigReader Guy"
                  },
                  "displayName": "ConfigReader Guy",
                  "emails": [
                      {
                          "value": "tester.connectis+3@gmail.com",
                          "primary": true
                      }
                  ],
                  "active": true,
                  "x509Certificates": [],
                  "urn:connectis.local.test-development.nl:ciam:scim:schemas:extension:1.0:User": {
                      "Romania": "Nice",
                      "Albania": "Nice2"
                  },
                  "meta": {
                      "resourceType": "User",
                      "created": "2020-07-27T08:05:33.562507+00:00",
                      "lastModified": "2020-07-27T08:05:33.699748+00:00",
                      "location": "https://connectis.local.test-development.nl/ciam/1.0/scim/v2/Users/9158036b-7f65-45d7-906a-93312a16656b"
                  }
              }
          ]
      }
      
  • GET example to filter out Users using Custom User Attributes:
    • Request ('Romania' is Custom's attribute name and 'Nice' is the value of it), also check out the way the request must be done when having multiple conditions:

      GET https://example.tenant.com/ciam/1.0/scim/v2/Users?filter=(givenName Eq "Audit" or familyName Eq "Guy")  or (Romania Eq "Nice" and Albania Eq "Great")
      
    • Response: 200 OK

      {
          "schemas": [
              "urn:ietf:params:scim:api:messages:2.0:ListResponse"
          ],
          "totalResults": 3,
          "itemsPerPage": 50,
          "startIndex": 1,
          "Resources": [
              {
                  "schemas": [
                      "urn:ietf:params:scim:schemas:core:2.0:User",
                      "urn:connectis.local.test-development.nl:ciam:scim:schemas:extension:1.0:User"
                  ],
                  "id": "2d08ea67-f186-4807-86f9-c124527e1a6f",
                  "externalId": null,
                  "userName": "federationadmingirl",
                  "name": {
                      "givenName": "FederationAdmin",
                      "familyName": "Girl",
                      "formatted": "FederationAdmin Girl"
                  },
                  "displayName": "FederationAdmin Girl",
                  "emails": [
                      {
                          "value": "tester.connectis+4@gmail.com",
                          "primary": true
                      }
                  ],
                  "active": true,
                  "x509Certificates": [],
                  "urn:connectis.local.test-development.nl:ciam:scim:schemas:extension:1.0:User": {
                      "Romania": "Nice",
                      "Albania": "Great"
                  },
                  "meta": {
                      "resourceType": "User",
                      "created": "2020-07-27T08:27:22.953074+00:00",
                      "lastModified": "2020-07-27T08:27:23.081529+00:00",
                      "location": "https://connectis.local.test-development.nl/ciam/1.0/scim/v2/Users/2d08ea67-f186-4807-86f9-c124527e1a6f"
                  }
              },
              {
                  "schemas": [
                      "urn:ietf:params:scim:schemas:core:2.0:User",
                      "urn:connectis.local.test-development.nl:ciam:scim:schemas:extension:1.0:User"
                  ],
                  "id": "50d8f543-0841-452c-9868-cbd18e5922fd",
                  "externalId": null,
                  "userName": "auditguy",
                  "name": {
                      "givenName": "Audit",
                      "familyName": "Guy",
                      "formatted": "Audit Guy"
                  },
                  "displayName": "Audit Guy",
                  "emails": [
                      {
                          "value": "tester.connectis+2@gmail.com",
                          "primary": true
                      }
                  ],
                  "active": true,
                  "x509Certificates": [],
                  "urn:connectis.local.test-development.nl:ciam:scim:schemas:extension:1.0:User": {
                      "Romania": "Nice",
                      "Albania": "NotNice"
                  },
                  "meta": {
                      "resourceType": "User",
                      "created": "2020-07-27T07:55:17.884121+00:00",
                      "lastModified": "2021-06-18T07:11:06.025720+00:00",
                      "location": "https://connectis.local.test-development.nl/ciam/1.0/scim/v2/Users/50d8f543-0841-452c-9868-cbd18e5922fd"
                  }
              },
              {
                  "schemas": [
                      "urn:ietf:params:scim:schemas:core:2.0:User",
                      "urn:connectis.local.test-development.nl:ciam:scim:schemas:extension:1.0:User"
                  ],
                  "id": "9158036b-7f65-45d7-906a-93312a16656b",
                  "externalId": null,
                  "userName": "configreaderguy",
                  "name": {
                      "givenName": "ConfigReader",
                      "familyName": "Guy",
                      "formatted": "ConfigReader Guy"
                  },
                  "displayName": "ConfigReader Guy",
                  "emails": [
                      {
                          "value": "tester.connectis+3@gmail.com",
                          "primary": true
                      }
                  ],
                  "active": true,
                  "x509Certificates": [],
                  "urn:connectis.local.test-development.nl:ciam:scim:schemas:extension:1.0:User": {
                      "Romania": "Nice",
                      "Albania": "NotNice"
                  },
                  "meta": {
                      "resourceType": "User",
                      "created": "2020-07-27T08:05:33.562507+00:00",
                      "lastModified": "2020-07-27T08:05:33.699748+00:00",
                      "location": "https://connectis.local.test-development.nl/ciam/1.0/scim/v2/Users/9158036b-7f65-45d7-906a-93312a16656b"
                  }
              }
          ]
      }
      

# ExternalIdps

  • Core schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:connectis:ciam:scim:schemas:core:1.0:ExternalIdp
  • Endpoint: https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdps
  • Allow: GET, POST, DELETE, PATCH
  • POST example to create an ExternalIdp:
    • Request:

      POST https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdps
      
    • Request body:

      {
          "name": "eHerkenning",
          "issuer": "eherkenning"
      }
      
    • Response: 201 Created

      {
          "schemas": [
              "urn:connectis:ciam:scim:schemas:core:1.0:ExternalIdp"
          ],
          "id": "a6d2c81f-e43b-445c-86c5-79eab9a9e375",
          "externalId": null,
          "name": "eHerkenning",
          "issuer": "eherkenning",
          "externalIdpAttributeDefinitions": [
              {
                  "value": "c4ae9772-267c-4a08-b163-88cbe1b96105",
                  "$ref": "https://connectis.local.test-development.nl/ciam/1.0/scim/v2/ExternalIdpAttributeDefinitions/c4ae9772-267c-4a08-b163-88cbe1b96105",
                  "display": "user18OrOlder",
                  "type": "ExternalIdpAttributeDefinition"
              }
          ],
          "meta": {
              "resourceType": "ExternalIdp",
              "location": "https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdps/a6d2c81f-e43b-445c-86c5-79eab9a9e375"
          }
      }
      

# ExternalUsers

  • Core schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:connectis:ciam:scim:schemas:core:1.0:ExternalUsers
  • Endpoint: https://example.tenant.com/ciam/1.0/scim/v2/ExternalUsers
  • Allow: GET, POST, DELETE, PATCH
  • You can also filter normally by ExternalIdp and User
    • Example
    • POST https://example.tenant.com/ciam/1.0/scim/v2/ExternalUsers?filter=ExternalIdp eq "id"
  • POST example to create an ExternalUser:
    • Request:

      POST https://example.tenant.com/ciam/1.0/scim/v2/ExternalUsers
      
    • Request body:

      {
          "user": "0afaded7-62b3-4daf-b79c-fc91579cec41",
          "externalIdp": "a6d2c81f-e43b-445c-86c5-79eab9a9e375",
          "subject": "eh-user-1"
      }
      
    • Response: 201 Created

      {
          "schemas": [
              "urn:connectis:ciam:scim:schemas:core:1.0:ExternalUser"
          ],
          "id": "bf10561d-2399-4ded-b78f-b50de660b3da",
          "externalId": null,
          "subject": "eh-user-1",
          "user": {
              "value": "0afaded7-62b3-4daf-b79c-fc91579cec41",
              "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Users/0afaded7-62b3-4daf-b79c-fc91579cec41",
              "display": null,
              "type": "User"
          },
          "externalIdp": {
              "value": "a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdps/a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "display": "eherkenning",
              "type": "ExternalIdp"
          },
          "meta": {
              "resourceType": "ExternalUser",
              "location": "https://example.tenant.com/ciam/1.0/scim/v2/ExternalUsers/bf10561d-2399-4ded-b78f-b50de660b3da"
          }
      }
      

# ExternalIdpAttributeDefinitions

  • Core schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:connectis:ciam:scim:schemas:core:1.0:ExternalIdpAttributeDefinition
  • Endpoint: https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdpAttributeDefinitions
  • Allow: GET, POST, DELETE
  • You can also filter normally by ExternalIdp
    • Example
    • POST https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdpAttributeDefinitions?filter=ExternalIdp eq "id"
  • POST example to create an ExternalIdpAttributeDefinition (to define the attribute):
    • Request:

      POST https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdpAttributeDefinitions
      
    • Request body:

      {
          "name": "Some-eH-attribute",
          "description": "Some attribute from the eHerkenning external IdP",
          "type": "STRING",
          "externalIdp": "a6d2c81f-e43b-445c-86c5-79eab9a9e375"
      }
      
    • Response: 201 Created

      {
          "schemas": [
              "urn:connectis:ciam:scim:schemas:core:1.0:ExternalIdpAttributeDefinition"
          ],
          "id": "5a8a267c-2097-4f88-85f6-1fad452c0e43",
          "externalId": null,
          "name": "Some-eH-attribute",
          "nameFormatted": "someEhAttribute",
          "description": "Some attribute from the eHerkenning external IdP",
          "type": "STRING",
          "required": false,
          "defaultValue": "",
          "externalIdp": {
              "value": "a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdps/a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "display": "eherkenning",
              "type": "ExternalIdp"
          },
          "meta": {
              "resourceType": "ExternalIdpAttributeDefinition",
              "location": "https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdpAttributeDefinitions/5a8a267c-2097-4f88-85f6-1fad452c0e43"
          }
      }
      

# ImportedUserAttributes

  • Core schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:connectis:ciam:scim:schemas:core:1.0:ImportedUserAttributes
  • Endpoint: https://example.tenant.com/ciam/1.0/scim/v2/ImportedUserAttributes
  • Note: expiresAt and issuedAt are in ISO 8601 format.
  • Allow: GET, POST, DELETE, PATCH
  • You can also filter normally by ExternalIdp
    • Example
    • POST https://example.tenant.com/ciam/1.0/scim/v2/ImportedUserAttributes?filter=ExternalIdp eq "id"
  • POST example to create ImportedUserAttributes (to create the link between User and ExternalIdp):
    • Request:

      POST https://example.tenant.com/ciam/1.0/scim/v2/ImportedUserAttributes
      
    • Request body:

      {
          "user": "0afaded7-62b3-4daf-b79c-fc91579cec41",
          "externalIdp": "a6d2c81f-e43b-445c-86c5-79eab9a9e375",
          "expiresAt": "2022-02-26T00:00:00+00:00"
      }
      
    • Response: 201 Created

      {
          "schemas": [
              "urn:connectis:ciam:scim:schemas:core:1.0:ImportedUserAttributes",
              "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:ImportedUserAttributes:eherkenning"
          ],
          "id": "09cd18ee-4771-4c42-8af7-34a273e28454",
          "externalId": null,
          "user": {
              "value": "0afaded7-62b3-4daf-b79c-fc91579cec41",
              "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Users/0afaded7-62b3-4daf-b79c-fc91579cec41",
              "display": null,
              "type": "User"
          },
          "externalIdp": {
              "value": "a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdps/a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "display": "eherkenning",
              "type": "ExternalIdp"
          },
          "issuedAt": "2021-02-26T13:52:10.331462+00:00",
          "expiresAt": "2022-02-26T00:00:00+00:00",
          "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:ImportedUserAttributes:eherkenning": {
              "someEhAttribute": ""
          },
          "meta": {
              "resourceType": "ImportedUserAttributes",
              "location": "https://example.tenant.com/ciam/1.0/scim/v2/ImportedUserAttributes/09cd18ee-4771-4c42-8af7-34a273e28454"
          }
      }
      
  • PATCH example to update ImportedUserAttributes (to set the values of the attributes):
    • Request:

      PATCH https://example.tenant.com/ciam/1.0/scim/v2/ImportedUserAttributes/09cd18ee-4771-4c42-8af7-34a273e28454
      
    • Request body:

      {
          "Operations": [
              {
                  "op": "replace",
                  "path": "someEhAttribute",
                  "value": "Example value 1"
              }
          ]
      }
      
    • Response: 200 OK

      {
          "schemas": [
              "urn:connectis:ciam:scim:schemas:core:1.0:ImportedUserAttributes",
              "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:ImportedUserAttributes:eherkenning"
          ],
          "id": "09cd18ee-4771-4c42-8af7-34a273e28454",
          "externalId": null,
          "user": {
              "value": "0afaded7-62b3-4daf-b79c-fc91579cec41",
              "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/Users/0afaded7-62b3-4daf-b79c-fc91579cec41",
              "display": null,
              "type": "User"
          },
          "externalIdp": {
              "value": "a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdps/a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "display": "eherkenning",
              "type": "ExternalIdp"
          },
          "issuedAt": "2021-02-26T13:52:10.331462+00:00",
          "expiresAt": "2022-02-26T00:00:00+00:00",
          "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:ImportedUserAttributes:eherkenning": {
              "someEhAttribute": "Example value 1"
          },
          "meta": {
              "resourceType": "ImportedUserAttributes",
              "location": "https://example.tenant.com/ciam/1.0/scim/v2/ImportedUserAttributes/09cd18ee-4771-4c42-8af7-34a273e28454"
          }
      }
      

# ImportedOrganizationUserAttributes

  • Core schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:connectis:ciam:scim:schemas:core:1.0:ImportedOrganizationUserAttributes
  • Endpoint: https://example.tenant.com/ciam/1.0/scim/v2/ImportedOrganizationUserAttributes
  • Note: expiresAt and issuedAt are in ISO 8601 format.
  • Allow: GET, POST, DELETE, PATCH
  • You can also filter normally by ExternalIdp and OrganizationUser
    • Example
    • POST https://example.tenant.com/ciam/1.0/scim/v2/ImportedOrganizationUserAttributes?filter=ExternalIdp eq "id"
  • POST example to create ImportedOrganizationUserAttributes (to create the link between OrganizationUser and ExternalIdp):
    • Request:

      POST https://example.tenant.com/ciam/1.0/scim/v2/ImportedOrganizationUserAttributes
      
    • Request body:

      {
          "organizationUser": "ebfaa61b-33c1-420a-b35c-0b7c37d2fc36",
          "externalIdp": "a6d2c81f-e43b-445c-86c5-79eab9a9e375",
          "expiresAt": "2022-02-26T00:00:00+00:00"
      }
      
    • Response: 201 Created

      {
          "schemas": [
              "urn:connectis:ciam:scim:schemas:core:1.0:ImportedOrganizationUserAttributes",
              "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:ImportedOrganizationUserAttributes:eherkenning"
          ],
          "id": "95fa9790-cdf4-4e74-bb48-fc7b78fcbf4b",
          "externalId": null,
          "organizationUser": {
              "value": "ebfaa61b-33c1-420a-b35c-0b7c37d2fc36",
              "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/ebfaa61b-33c1-420a-b35c-0b7c37d2fc36",
              "display": "Some Organization - Shadow-User",
              "type": "OrganizationUser"
          },
          "externalIdp": {
              "value": "a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdps/a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "display": "eherkenning",
              "type": "ExternalIdp"
          },
          "issuedAt": "2021-02-26T15:24:08.444026+00:00",
          "expiresAt": "2022-02-26T00:00:00+00:00",
          "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:ImportedOrganizationUserAttributes:eherkenning": {
              "someEhAttribute": ""
          },
          "meta": {
              "resourceType": "ImportedOrganizationUserAttributes",
              "location": "https://example.tenant.com/ciam/1.0/scim/v2/ImportedOrganizationUserAttributes/95fa9790-cdf4-4e74-bb48-fc7b78fcbf4b"
          }
      }
      
  • PATCH example to update ImportedOrganizationUserAttributes (to set the values of the attributes):
    • Request:

      PATCH https://example.tenant.com/ciam/1.0/scim/v2/ImportedOrganizationUserAttributes/95fa9790-cdf4-4e74-bb48-fc7b78fcbf4b
      
    • Request body:

      {
          "Operations": [
              {
                  "op": "replace",
                  "path": "someEhAttribute",
                  "value": "Example value 2"
              }
          ]
      }
      
    • Response: 200 OK

      {
          "schemas": [
              "urn:connectis:ciam:scim:schemas:core:1.0:ImportedOrganizationUserAttributes",
              "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:ImportedOrganizationUserAttributes:eherkenning"
          ],
          "id": "95fa9790-cdf4-4e74-bb48-fc7b78fcbf4b",
          "externalId": null,
          "organizationUser": {
              "value": "ebfaa61b-33c1-420a-b35c-0b7c37d2fc36",
              "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/OrganizationUsers/ebfaa61b-33c1-420a-b35c-0b7c37d2fc36",
              "display": "Some Organization - Shadow-User",
              "type": "OrganizationUser"
          },
          "externalIdp": {
              "value": "a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "$ref": "https://example.tenant.com/ciam/1.0/scim/v2/ExternalIdps/a6d2c81f-e43b-445c-86c5-79eab9a9e375",
              "display": "eherkenning",
              "type": "ExternalIdp"
          },
          "issuedAt": "2021-02-26T15:24:08.444026+00:00",
          "expiresAt": "2022-02-26T00:00:00+00:00",
          "urn:example.tenant.com:ciam:scim:schemas:extension:1.0:ImportedOrganizationUserAttributes:eherkenning": {
              "someEhAttribute": "Example value 2"
          },
          "meta": {
              "resourceType": "ImportedOrganizationUserAttributes",
              "location": "https://example.tenant.com/ciam/1.0/scim/v2/ImportedOrganizationUserAttributes/95fa9790-cdf4-4e74-bb48-fc7b78fcbf4b"
          }
      }
      

# TOTPDevices

  • Core schema specification: https://example.tenant.com/ciam/1.0/scim/v2/Schemas/urn:connectis:ciam:scim:schemas:core:1.0:TOTPDevices
  • Endpoint: https://example.tenant.com/ciam/1.0/scim/v2/2fa
  • Allow: GET, DELETE
  • Note: GET call to the endpoint will return all the totp devices, and by calling https://example.tenant.com/ciam/1.0/scim/v2/2fa/id you will get information about one totp device
    • GET Response 200 OK

      {
          "schemas": [
              "urn:connectis:ciam:scim:schemas:core:1.0:TOTPDevices"
          ],
          "id": "0c2dbbf4-7377-4f7c-8376-5c35790e37d1",
          "externalId": null,
          "key": "9c5684fc49329d3fda79f0e9e7f2af5bc9ff0f51",
          "meta": {
              "resourceType": "TOTPDevice",
              "location": "https://connectis.local.test-development.nl/ciam/1.0/scim/v2/2fa/0c2dbbf4-7377-4f7c-8376-5c35790e37d1"
          },
          "name": "default",
          "user": {
              "uuid": "97f212f5-f208-4ae8-9a1b-91f69ece7948"
          }
      }
      
  • Note2: 'DELETE' call to the endpoint needs to be done https://example.tenant.com/ciam/1.0/scim/v2/2fa/id
Last updated: 9/20/23, 12:13:17 PM UTC