SCIM Schemas API
List schemas
GET /scim/v2/Schemas
Response
Status: 200 OK
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"itemsPerPage": 100,
"totalResults": 2,
"startIndex": 1,
"Resources": [
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Schema"
],
"id": "urn:ietf:params:scim:schemas:core:2.0:User",
"name": "User",
"description": "User Schema",
"attributes": [
"..."
],
"meta": {
"location": ".<service-provider-endpoint>/scim/v2/schemas/urn:ietf:params:scim:schemas:core:2.0:User",
"resourceType": "Schema"
}
},
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Schema"
],
"id": "urn:ietf:params:scim:schemas:core:2.0:Group",
"name": "Group",
"description": "Group",
"attributes": [
"..."
],
"meta": {
"location": "<service-provider-endpoint>/scim/v2/schemas/urn:ietf:params:scim:schemas:core:2.0:Group",
"resourceType": "Schema"
}
}
]
}
Get the user schema
GET /scim/v2/schemas/urn:ietf:params:scim:schemas:core:2.0:User
Response
Status: 200 OK
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Schema"
],
"id": "urn:ietf:params:scim:schemas:core:2.0:User",
"name": "User",
"description": "User Schema",
"attributes": [
{
"caseExact": true,
"type": "string",
"description": "A unique identifier for a SCIM resource as defined by the service provider.",
"mutability": "readOnly",
"name": "id",
"multiValued": false,
"required": false,
"returned": "always",
"uniqueness": "none"
},
{
"caseExact": true,
"type": "string",
"description": "A String that is an identifier for the resource as defined by the provisioning client.",
"mutability": "readWrite",
"name": "externalId",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none",
},
{
"caseExact": false,
"type": "complex",
"mutability": "readOnly",
"name": "meta",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none",
"subAttributes": [
{
"caseExact": false,
"type": "string",
"mutability": "readOnly",
"name": "resourceType",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "dateTime",
"mutability": "readOnly",
"name": "created",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "dateTime",
"mutability": "readOnly",
"name": "lastModified",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"mutability": "readOnly",
"name": "version",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "reference",
"mutability": "readOnly",
"name": "location",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
}
]
},
{
"caseExact": false,
"type": "boolean",
"description": "A Boolean value indicating the User's administrative status.",
"mutability": "readWrite",
"name": "active",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "The name of the User, suitable for display to end-users. The name SHOULD be the full name of the User being described, if known.",
"mutability": "readWrite",
"name": "displayName",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "complex",
"description": "Email addresses for the user. The value SHOULD be canonicalized by the service provider, e.g., 'bjensen@example.com' instead of 'bjensen@EXAMPLE.COM'. Canonical type values of 'work', 'home', and 'other'.",
"mutability": "readWrite",
"name": "emails",
"multiValued": true,
"required": false,
"returned": "default",
"uniqueness": "none",
"subAttributes": [
{
"caseExact": false,
"type": "boolean",
"description": "A Boolean value indicating the 'primary' or preferred attribute value for this attribute, e.g., the preferred mailing address or primary email address. The primary attribute value 'true' MUST appear no more than once.",
"mutability": "readWrite",
"name": "primary",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "A label indicating the attribute's function, e.g., 'work' or 'home'.",
"mutability": "readWrite",
"name": "type",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none",
"canonicalValues": [
"work",
"home",
"other"
]
},
{
"caseExact": false,
"type": "string",
"description": "Email addresses for the user. The value SHOULD be canonicalized by the service provider, e.g., 'bjensen@example.com' instead of 'bjensen@EXAMPLE.COM'. Canonical type values of 'work', 'home', and 'other'.",
"mutability": "readWrite",
"name": "value",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
}
]
},
{
"caseExact": false,
"type": "string",
"description": "Used to indicate the User's default location for purposes of localizing items such as currency, date time format, or numerical representations.",
"mutability": "readWrite",
"name": "locale",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "complex",
"description": "The components of the user's real name. Providers MAY return just the full name as a single string in the formatted sub-attribute, or they MAY return just the individual component attributes using the other sub-attributes, or they MAY return both. If both variants are returned, they SHOULD be describing the same name, with the formatted name indicating how the component attributes should be combined.",
"mutability": "readWrite",
"name": "name",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none",
"subAttributes": [
{
"caseExact": false,
"type": "string",
"description": "The given name of the User, or first name in most Western languages(e.g., 'Barbara' given the full name 'Ms. Barbara J Jensen, III').",
"mutability": "readWrite",
"name": "givenName",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "The family name of the User, or last name in most Western languages(e.g., 'Jensen' given the full name 'Ms. Barbara J Jensen, III').",
"mutability": "readWrite",
"name": "familyName",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "The middle name(s) of the User (e.g., 'Jane' given the full name 'Ms. Barbara J Jensen, III').",
"mutability": "readWrite",
"name": "middleName",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "The honorific prefix(es) of the User, or title in most Western languages (e.g., 'Ms.' given the full name 'Ms. Barbara J Jensen, III').",
"mutability": "readWrite",
"name": "honorificPrefix",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "The honorific suffix(es) of the User, or suffix in most Western languages (e.g., 'III' given the full name 'Ms. Barbara J Jensen, III').",
"mutability": "readWrite",
"name": "honorificSuffix",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "The full name, including all middle names, titles, and suffixes as appropriate, formatted for display e.g., 'Ms. Barbara J Jensen, III').",
"mutability": "readWrite",
"name": "formatted",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
}
]
},
{
"caseExact": false,
"type": "string",
"description": "The casual way to address the user in real life, e.g., 'Bob' or 'Bobby' instead of 'Robert'. This attribute SHOULD NOT be used to represent a User's username (e.g., 'bjensen' or 'mpepperidge').",
"mutability": "readWrite",
"name": "nickName",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "complex",
"description": "Phone numbers for the User. The value SHOULD be canonicalized by the service provider according to the format specified in RFC 3966, e.g., 'tel:+1-201-555-0123'. Canonical type values of 'work', 'home', 'mobile', 'fax', 'pager', and 'other'.",
"mutability": "readWrite",
"name": "phoneNumbers",
"multiValued": true,
"required": false,
"returned": "default",
"uniqueness": "none",
"subAttributes": [
{
"caseExact": false,
"type": "boolean",
"description": "A Boolean value indicating the 'primary' or preferred attribute value for this attribute, e.g., the preferred phone number or primary phone number. The primary attribute value 'true' MUST appear no more than once.",
"mutability": "readWrite",
"name": "primary",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "A label indicating the attribute's function, e.g., 'work', 'home', 'mobile'.",
"mutability": "readWrite",
"name": "type",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none",
"canonicalValues": [
"work",
"home",
"mobile",
"other"
]
},
{
"caseExact": false,
"type": "string",
"description": "Phone number of the User.",
"mutability": "readWrite",
"name": "value",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
}
]
},
{
"caseExact": false,
"type": "string",
"description": "Indicates the User's preferred written or spoken language. Generally used for selecting a localized user interface; e.g., 'en_US' specifies the language English and country US.",
"mutability": "readWrite",
"name": "preferredLanguage",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "The User's time zone in the 'Olson' time zone ndatabase format, e.g., 'America/Los_Angeles'.",
"mutability": "readWrite",
"name": "timezone",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "The user's title, such as \"Vice President\".",
"mutability": "readWrite",
"name": "title",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "Unique identifier for the User, typically used by the user to directly authenticate to the service provider. Each User MUST include a non-empty userName value. This identifier MUST be unique across the service provider's entire set of Users. REQUIRED.",
"mutability": "immutable",
"name": "userName",
"multiValued": false,
"required": true,
"returned": "default",
"uniqueness": "server"
},
{
"caseExact": false,
"type": "string",
"description": "Used to identify the relationship between the organization and the user. Typical values used might be 'Contractor', 'Employee', 'Intern', 'Temp', 'External', and 'Unknown', but any value may be used.",
"mutability": "readWrite",
"name": "userType",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "complex",
"description": "A list of groups to which the user belongs, either through direct membership, through nested groups, or dynamically calculated.",
"mutability": "readOnly",
"name": "groups",
"multiValued": true,
"required": false,
"returned": "default",
"uniqueness": "none",
"subAttributes": [
{
"caseExact": false,
"type": "string",
"description": "A human-readable name, primarily used for display purposes.",
"mutability": "readOnly",
"name": "display",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "reference",
"description": "The URI of the corresponding 'Group' resource to which the user belongs.",
"mutability": "readOnly",
"name": "$ref",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none",
"referenceTypes": [
"Group"
]
},
{
"caseExact": false,
"type": "string",
"description": "A label indicating the attribute's function.",
"mutability": "readOnly",
"name": "type",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none",
"canonicalValues": [
"direct"
]
},
{
"caseExact": false,
"type": "string",
"description": "The identifier of the User's group.",
"mutability": "readOnly",
"name": "value",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
}
]
},
{
"caseExact": false,
"type": "complex",
"description": "A list of roles for the User that collectively represent who the User is, e.g., 'Student', 'Faculty'.",
"mutability": "readWrite",
"name": "roles",
"multiValued": true,
"required": false,
"returned": "default",
"uniqueness": "none",
"subAttributes": [
{
"caseExact": false,
"type": "boolean",
"description": "A Boolean value indicating the 'primary' or preferred attribute value for this attribute. The primary attribute value 'true' MUST appear no more than once.",
"mutability": "readWrite",
"name": "primary",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "A label indicating the attribute's function.",
"mutability": "readWrite",
"name": "type",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "The value of a role.",
"mutability": "readWrite",
"name": "value",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
}
]
},
{
"caseExact": false,
"type": "complex",
"description": "A list of entitlements for the User that represent a thing the User has.",
"mutability": "readWrite",
"name": "entitlements",
"multiValued": true,
"required": false,
"returned": "default",
"uniqueness": "none",
"subAttributes": [
{
"caseExact": false,
"type": "boolean",
"description": "A Boolean value indicating the 'primary' or preferred attribute value for this attribute. The primary attribute value 'true' MUST appear no more than once.",
"mutability": "readWrite",
"name": "primary",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "A label indicating the attribute's function.",
"mutability": "readWrite",
"name": "type",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"description": "The value of an entitlement.",
"mutability": "readWrite",
"name": "value",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
}
]
}
],
"meta": {
"location": "<service-provider-endpoint>/scim/v2/schemas/urn:ietf:params:scim:schemas:core:2.0:User",
"resourceType": "Schema"
}
}
Get the group schema
GET /scim/v2/schemas/urn:ietf:params:scim:schemas:core:2.0:Group
Response
Status: 200 OK
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Schema"
],
"id": "urn:ietf:params:scim:schemas:core:2.0:Group",
"name": "Group",
"description": "Group",
"attributes": [
{
"caseExact": true,
"type": "string",
"description": "A unique identifier for a SCIM resource as defined by the service provider.",
"mutability": "readOnly",
"name": "id",
"multiValued": false,
"required": false,
"returned": "always",
"uniqueness": "none"
},
{
"caseExact": true,
"type": "string",
"description": "A String that is an identifier for the resource as defined by the provisioning client.",
"mutability": "readWrite",
"name": "externalId",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "complex",
"mutability": "readOnly",
"name": "meta",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none",
"subAttributes": [
{
"caseExact": false,
"type": "string",
"mutability": "readOnly",
"name": "resourceType",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "dateTime",
"mutability": "readOnly",
"name": "created",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "dateTime",
"mutability": "readOnly",
"name": "lastModified",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "string",
"mutability": "readOnly",
"name": "version",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "reference",
"mutability": "readOnly",
"name": "location",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none"
}
]
},
{
"caseExact": false,
"type": "string",
"description": "A human-readable name for the Group.",
"mutability": "readWrite",
"name": "displayName",
"multiValued": false,
"required": true,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "complex",
"description": "A list of members of the Group.",
"mutability": "readWrite",
"name": "members",
"multiValued": true,
"required": false,
"returned": "default",
"uniqueness": "none",
"subAttributes": [
{
"caseExact": false,
"type": "string",
"description": "Identifier of the member of this Group.",
"mutability": "immutable",
"name": "value",
"multiValued": false,
"required": true,
"returned": "default",
"uniqueness": "none"
},
{
"caseExact": false,
"type": "reference",
"description": "The URI corresponding to a SCIM resource that is a member of this Group.",
"mutability": "immutable",
"name": "$ref",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none",
"referenceTypes": [
"User"
]
},
{
"caseExact": false,
"type": "string",
"description": "A label indicating the type of resource, e.g., 'User'.",
"mutability": "immutable",
"name": "type",
"multiValued": false,
"required": false,
"returned": "default",
"uniqueness": "none",
"canonicalValues": [
"User"
]
}
]
}
],
"meta": {
"location": "<service-provider-endpoint>/scim/v2/schemas/urn:ietf:params:scim:schemas:core:2.0:Group",
"resourceType": "Schema"
}
}