Extending Core SCIM Group

The SCIM core objects can be extended by attaching several objects and declaring these in the object schema. This section details which objects can be attached to the Group object.

By only using these extensions, the service is compatible with clients that know nothing about the API extensions, as they can simply ignore them. For the creations of User and Group objects, as long as the calling client is SCIM compliant (and the data is valid), then they are able to use the API.

Note: The API version supported by HID Authentication Service is 10.3.0.

To use the version-specific parameters/attributes, you must add api-version=N to the query parameter.

Previous versions of the API are also supported with the corresponding functionality. For details of the version updates, see SCIM API Revision History.

urn:hid:scim:api:idp:2.0:GroupParent

Optionally attached to Group, the parent group code is displayed.

Verb usage: GET(read), PUT(replace), POST(create)

Group – an entity of type urn:hid:scim:api:idp:2.0:GroupParent:

  • type – the type of attribute from (STRING). Only returned.

  • display – the type of attribute from (STRING). Only returned.

  • value – the value of the attribute. Required for all calls.

  • $ref – url to find the Group. Only returned.

Copy

Example

"urn:hid:scim:api:idp:2.0:GroupParent": {
          "parent": {
            "type": "Group",
            "display": "Customers User Type",
            "value": "UT_CUST"
            "$ref": "https://[base-server-url]/SCIM/tenant/v2/Groups/UT_CUST"
}}
}

To create a group, it is mandatory to include this entity in the request, as it is only possible to create a group under an existing parent group.

Note: It is not possible to modify the GroupParent entity by using PUT(replace) call.

urn:hid:scim:api:idp:2.0:userattribute:Type

Optionally, attached to Group, the list of user attribute types for the group that can be updated.

Copy
 "userAttributeTypes":    [
            {
         "schemas": ["urn:hid:scim:api:idp:2.0:userattribute:Type"],
         "id": "ADDRESS1",
         "meta":          {
            "resourceType": "UserAttributeType",
            "location": "https://[base-server-url]/scim/tenant/v2/User/AttributeType/ADDRESS1",
            "version": "1"
         },
         "name": "Address Line 1"
      }
]
Note: This parameter is returned only if the query "api-version" parameter is equal to or greater than 3.