SCIM System for Cross-domain Identity Management Introduction to SCIM What is SCIM? SCIM is a standard created to simplify user management in the cloud by defining a schema for representing users and groups with a REST API for all the necessary CRUD operations. This standard could be extended to other resources like accounts, roles, etc. Soffid is compatible with SCIM 2 protocol but uses its owns schema for users, groups, roles and so one. That is why Soffid implements SCIM protocols (RFC7644 and EFC 7644), but not SCIM core schema (RFC7643). Information about SCIM All the information about SCIM is published in the following link:  http://www.simplecloud.info/ Currently, the last available version of the standard is SCIM 2.0. The most relevant link about the specification of this protocol is:  https://tools.ietf.org/html/rfc7644 Use cases of SCIM SCIM could be used to create a new identity from third part application assign or revoke permissions, create or disable accounts, or even take part of new or existing workflows. You can leverage SCIM protocol to extend current Soffid functionality adapting the Identity Platform to your needs. Example of SCIM SCIM uses JSON specification for the data model containing the requests and responses. For instance, the data information of a user would be: { "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:User" ], "userName": "bjensen", "externalId": "bjensen", "name": { "formatted": "Ms. Barbara J Jensen III", "familyName": "Jensen", "givenName": "Barbara" } } SCIM also uses REST specification for HTTP communication between clients and servers. For instance, a request to create a user would be: POST /Users HTTP/1.1 Host: example.com Accept: application/scim+json Content-Type: application/scim+json Authorization: Bearer h480djs93hd8 Content-Length: ... The HTTP codes are very important in the responses. For instance: HTTP/1.1 200 Response is ok HTTP/1.1 201 Resource created HTTP/1.1 404 Resource not found etc SCIM Operations HTTP Method GET Retrieves one or more complete or partial resources. POST Depending on the endpoint, creates new resources, creates a search request, or MAY be used to bulk-modify resources. PUT Modifies a resource by replacing existing attributes with a specified set of replacement attributes (replace). PUT MUST NOT be used to create new resources. PATCH Modifies a resource with a set of client-specified changes (partial update). DELETE Deletes a resource. Get A HTTP Get request is used to fetch a resource or a set of resources. Read http:///soffid/webservice/scim2/v1/{Resource}/{id} id: is the identifier of a specific resource Search http:///soffid/webservice/scim2/v1/{Resource}/?filter={attribute}{op}{value}&sortBy={attributeName}&sortOrder={ascending|descending}&attributes={attributes} filter : allows you to add filter to query. attribute op: SCIM has support for the filter operations equals, contains, starts with, and more. value sortBy : the attribute used to sort the response. sortOrder : order to sort, ascending or descending. Ascending is the default order. In addition, you can request specific attributes of the resource, or exclude attributes (separated by commas if there is more than one). attributes ={attributes} excludedAttributes ={attributes} Example:  http:///soffid/webservice/scim2/v1/User?filter=lastName co ada and active eq true &sortOrder=descending&sortBy=userName&attributes=userName,lastName&filter=userName co admin Sorting Parameter Description sortBy Specifies the attribute whose value will be used to order ther returned responses. sortOrder Allowed values are "ascending" and "descending". If sortBy is provided, and sortOrder is nos provided, sortOrder will be "ascending" by default. Sorting example: http:///soffid/webservice/scim2/v1/User?sortBy=lastName&sortOrder=descending Pagination Parameter Description startIndex Index of the first query result. Default 1 count Maximun numer of query results per page Pagination example:  http:///soffid/webservice/scim2/v1/User?startIndex=1&count=10 { "totalResults":100, "itemsPerPage":10, "startIndex":1, "schemas":["urn:ietf:params:scim:api:messages:2.0:ListResponse"], "Resources":[{ ... }] } Post A HTTP Post request is used to create a new resource http:///soffid/webservice/scim2/v1/{Resource} Content-Type: application/json You must send the JSON with the attributes of the resource you want to create. { "schemas":[{schema}], "attribute1":"value1", "attribute2":"value2", "attribute3":{ "subattribute1":"valueX", "subattribute1":"valueX", }, ....... } schema: is the schema url of the resource you are creating. attributes: name of the resource attributes. values: values for each attribute. Put A HTTP Put request is used to update resources. This operation replace all values of the resource http:///soffid/webservice/scim2/v1/{Resource}/{id} Content-Type: application/json You must send the JSON with the attributes of the resource you want to update, which includes the ID. { "schemas":[{schema}], "id": "idValue", "attribute1":"value1", "attribute2":"value2", "attribute3":{ "subattribute1":"valueX", "subattribute1":"valueX", }, ....... } schema: is the schema url of the resource you are creating. id: identifier of the resource attributes: name of the resource attributes. values: values for each attribute. Patch A HTTP Patch request is used to update partial resources http:///soffid/webservice/scim2/v1/{Resource}/{id} { "Operations": [ { "op": "operation", "path": "attribute", "value": "value" }, ............ ] } op: available operations to realize: add: allows you to add a new value to an attribute. remove: allows you to delete the value of an attribute. replace: allows you to replace (update) the value of an attribute. More information about the operations on https://www.rfc-editor.org/rfc/rfc6902 path: to indicate the attribute on which the operation is to be performed. value: the new value for the attribute. Delete A HTTP Delete request is used to delete a resource. http:///soffid/webservice/scim2/v1/{Resource}/{id} id: is the identifier of a specific resource Request In the PUT and PATCH methods, a JSON stream with the data model is required (please see this format in the following link:  Resource data model ). Response The response format will be represented as a SCIM JSON response, but all the keys in the response will depend on the method requested and the result of the operation. HTTP Status The most commons responses Successful Responses 200 OK 201 Created 204  No Content Error Response 400 Bad Request 401 Unauthorized 403 Forbidden 404 Not Found 500 Internal Server Error For instance, when you search by id but no resource is found, only a 404 HTTP code is included in the response (the body is empty, no JSON is provided). User cases: Search by id but no resource is found (404 code). Update all, the id is not found (404 code). Update partial, the id is not found (404 code). Delete, the id is not found (404 code). A "/" (in the URL) not exist (404 code). Other errors (404 or 500 code). More detail about SCIM JSON error SCIM JSON Response SCIM JSON list For instance, when a list of resources is requested, this is the JSON output format: Note, to simplify the JSON output every resource has been replaced by {...} { "totalResults": 3, "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "resources": [ {...}, {...}, {...} ] } This is the description of this type of response: Attribute Description totalResults Number of the resources returned in the response schemas Defined by SCIM protocl. Always: " urn:ietf:params:scim:api:messages:2.0:ListResponse " resources   List of resources returned User cases: A list all operation (200 code). A search by filter operation (200 code). The delete operation (204 code). SCIM JSON resource For instance, when a resource by id is requested, this is the JSON format: Note, to simplify the JSON output every resource has been replaced by {...} { "id": 11345 "organizational": true, ... } In this case, the JSON stream of the resource is included directly in the response. User cases: Search by id operations (200 code). Successful create operations (201 code). Successful complete update operations (200 code). Successful partial update operations (200 code). SCIM JSON error For instance, if an attempt to delete a resource is made, but this resource is not found the following JSON response will be obtained: { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:Error" ], "detail": "User 1234 not found", "status": "404" } This is the description of this type of response: Attribute Description schemas Defined by SCIM protocl. Always: " urn:ietf:params:scim:api:messages:2.0:Error " detail Returns the description on the validation, problem, error, etc status Is the HTTP status, that is the same that the HTTP code of the HTTP response User cases: When you try to delete a resource but it's not found (404 code). When you try to delete a group, the solution is to disable it by PATCH (500 code). Generic errors (500 code). SCIM Query syntax SCIM protocol provides a language to search and filter resources. Please browse the standard specifications in this link: https://tools.ietf.org/html/rfc7644#section-3.4.2.2 Example To search all users having "John" as name: http:///webservice/scim2/v1/User/?filter=userName eq "John" Use This feature can be used with the Search by filter operation. After the URL resource. the filter parameter with the language expression to apply must be added: ?filter= Remember that in this case the HTTP method is GET. The result always is a SCIM response list. Syntax Attribute operators Operator Description eq equal eq_ci case insensitive version of equal operator ne not equal co contains sw starts with ew ends with pr present (has value) gt greater than ge greater than or equal to lt less than le less than or equal to Logical operators Operator Description and Logical "and" or Logical "or" not "Not" function Grouping operators Operator Description ( ) Precedence grouping [ ] Complex attribute filter group Data values Data type Value Numbers Use the value without ", for example 1234 Text Use the value within ", for example "John" Date Use the value within " with an ISO format, for example "2011-05-13T04:42:34Z" Boolean Use [ true | false ] (without ") Null Use [ null ] (without ") Filter examples filter=userName eq "admin" filter=userName ne "admin" filter=userName co "ad" filter=userName sw "a" filter=userName ew "n" filter=userName pr filter=id gt 1 filter=id ge 60 filter=id lt 1000 filter=id le 1188 filter=consoleProperties.id eq 229 filter=createdDate gt "2011-05-13T04:42:34Z" filter=id eq 60 and id eq 1188 filter=id eq 60 or id eq 1188 filter=firstName eq "Admin" and id eq 60 filter=firstName eq "Admin" or id eq 61 filter=primaryGroup eq "world" and (firstName co "John” or lastName co "Smith") filter=userName co "i" and (userName co "a" or userName co "s") filter=id eq 60 and (userName co "a" and consoleProperties.id eq 229) Sorting Short is optional . Parameter Description sortBy Specifies the attribute whose value will be used to order ther returned responses. sortOrder Allowed values are "ascending" and "descending". If sortBy is provided, and sortOrder is nos provided, sortOrder will be "ascending" by default. Example: http:///webservice/scim2/v1/User?sortBy=lastName&sortOrder=descending Pagination Parameter Description startIndex Index of the first query result. Default 1 count Maximun numer of query results per page Example:  http:///webservice/scim2/v1/User?startIndex=1&count=10 { "totalResults":100, "itemsPerPage":10, "startIndex":1, "schemas":["urn:ietf:params:scim:api:messages:2.0:ListResponse"], "Resources":[{ ... }] } How to install SCIM in Soffid Installation Download Please download the Soffid SCIM add-on. You can download it at the following link http://www.soffid.com/download/enterprise/  if you have Soffid user with authorization, or in the following http://download.soffid.com/download/ by registering. Upload Once the SCIM add-on is downloaded, please log in to IAM Console. You need to be an administrator user of the Soffid console or a user with permissions to upload addons. It is recommended to upload the addons to master, this is the way to maintain updated all, master and tenants if there are. In the Soffid console, please go to: "Main Menu > Administration > Configure Soffid > Global Settings > Plugins"  and upload the addon file, for more information visit the Addons Getting started  page Finally, when the addon is installed, it will be required to restart the Soffid Console. Testing Confirm authorization To access to the SCIM REST web service, a user with correct authorization is required. First we can check the authorization created by the SCIM add-on: Go to: Main Menu > Administration > Configure Soffid > Security settings > Authorizations Filter by the field "name" with the value "scim" Confirm that exists "scim:invoke" Confirm access Once a user is available to access SCIM functionality, testing is easily done with a browser. For example, to list groups. Please introduce the next URL:  http:///webservice/scim2/v1/Group  ( note, you must replace "" for your Soffid IAM Console domain ). Now a browser prompt requests the user and password for the authentication (note, you must use the user with the SCIM authorization). Finally, if the response is something like a compact JSON (Chrome) or a download file (Firefox). Comments One can use a REST client extension in the browser, for example, RESTer One can show a JSON formatted with a browser extension, for example, JSONView ( note, it's necessary include the CONTENT-TYPE="application/scim+json" in the extension preferences ). How to use SCIM in Soffid Introduction Soffid has implemented a version of the SCIM protocol 2.0. Some optional recommendations have also been included to improve the usage of this specification within the Soffid context. This functionality is available only by installing the SCIM add-on. This add-on is available in the download section of the Soffid website.  Discovery Soffid provides some endpoints to discover supported features and specific attribute details: Service provider config This endpoint provides additional information about the Soffid SCIM implementation. Request GET https:///soffid/webservice/scim2/v1/ServiceProviderConfig Response 200 OK { "patch": { "supported": true }, "filter": { "maxResults": 1000, "supported": true }, "documentationUri": "https://bookstack.soffid.com/books/scim", "authenticationSchemes": [ { "documentationUri": "https://bookstack.soffid.com/book/scim", "name": "HTTP Basic", "description": "Authentication scheme using the HTTP Basic Standard", "specUri": "http://www.rfc-editor.org/info/rfc2617", "type": "httpbasic" } ], "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/ServiceProvider", "resourceType": "ServiceProviderConfig" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig" ], "etag": { "supported": false }, "sort": { "supported": true }, "bulk": { "supported": false }, "changePassword": { "supported": true } } Resources Types An endpoint used to discover the types of resources available. List resources types The SCIM protocol is focused on resource management, such as users, groups, accounts, etc. To know all the resources  that Soffid provides you can use this REST web service:  Request GET https:///soffid/webservice/scim2/v1/ResourceTypes Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 20, "startIndex": 1, "Resources": [ { "schema": "urn:soffid:com.soffid.iam.api.Account", "endpoint": "http://soffid.pat.lab:8080/webservice/scim2/v1/Account", "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/ResourceTypes/Account", "resourceType": "ResourceType" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:ResourceType" ], "name": "Account", "description": "Account object", "id": "Account" }, { "schema": "urn:soffid:com.soffid.iam.api.Group", "endpoint": "http://soffid.pat.lab:8080/webservice/scim2/v1/Group", "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/ResourceTypes/Group", "resourceType": "ResourceType" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:ResourceType" ], "name": "Group", "description": "Group object", "id": "Group" }, ............... ] } Query resource type Specifies metadata about each resource. To query a specific resource type, you can use this REST web service: Request GET http:///soffid/webservice/scim2/v1/ResourceTypes/{Resource} Example GET http:///soffid/webservice/scim2/v1/ResourceTypes/User Response 200 OK { "schema": "urn:soffid:com.soffid.iam.api.User", "endpoint": "http://soffid.pat.lab:8080/webservice/scim2/v1/User", "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/ResourceTypes/User", "resourceType": "ResourceType" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:ResourceType" ], "name": "User", "description": "User object", "id": "User" } Response 404 404 Not Found Schemas Schema definition for a specific resource. Request GET http:///soffid/webservice/scim2/v1/Schemas/{Schema_URL} Example GET http:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.api.Role Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.api.Role", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "Role", "description": "Role object", "attributes": [ { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "system", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "category", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "informationSystemName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "domain", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "bpmEnabled", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "approvalStart", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "approvalEnd", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.api.Role" } Response 404 404 Not Found Soffid Resources Soffid provides the following resources: Resource Description User Management of the users included in the Soffid solution. A user is an identity that represents only one person. Group Management of the groups included in the Soffid solution. A group could be part of a hierarchical group tree. Users are assigned to a primary group and optionally could be in some secondary groups. Account Management of the accounts included in the Soffid solution. An account is a representation of one application access. A user may have a lot of accounts and may have some accounts for the same applications with different roles and restrictions. Application Management of the applications (Information Systems from a functional point of view) included in the Soffid solution. Every agent (of an external system) manages these roles through one or more applications. Role Management of the roles included in the Soffid solution.  Every role is created in one application, so an application has a list of roles. GroupType Management of the GroupTypes included in the Soffid solution.  UserType Management of the GroupTypes included in the Soffid solution.  GroupUser Management of the GroupUsers included in the Soffid solution.  RoleAccount Management of the RoleAccounts included in the Soffid solution.  Host Management of the Hosts included in the Soffid solution.  MailDomain Management of the MailDomains included in the Soffid solution.  MailList Management of the MailLists included in the Soffid solution.  DomainValue Management of the DomainValues included in the Soffid solution.  VaultFolder Management of the VaultFolders included in the Soffid solution.  System Management of the Systems (Agents) included in the Soffid solution.  Information storage system from a technical point of view. CustomObject Management of the CustomObjects included in the Soffid solution.  TaskInstance Management of the TaskInstances included in the Soffid solution.  ProcessInstance Management of the ProcessInstances included in the Soffid solution.  ProcessDefinition Management of the ProcessDefinition included in the Soffid solution.  You can view all resource data models and schemas on Resource data model & schema chapter Soffid Operations For every resource the following operations are available: Operation HTTP method URL example Description List all GET .../soffid/webservice/scim/ List all resources Search by id GET .../soffid/webservice/scim// Search the resource with the specified Search by filter GET .../soffid/webservice/scim/?filter= Search all resources that fulfil the filter ( please see filtering language here   5. SCIM filter language ) Create POST .../soffid/webservice/scim/ Create a resource Update all PUT .../soffid/webservice/scim// + Update all attributes specified in the JSON stream ( the attributes not included will be cleared ) Update partial PATCH .../soffid/webservice/scim// + Update only the attributes specified in the JSON stream  (the other attributes will not be updated) Delete DELETE .../soffid/webservice/scim// Delete a resource HTTP request In every HTTP request the following HTTP header parameters are required: Parameter Value Description URL https:///soffid/webservice/scim/ URL with the to be managed Method [ GET | POST | PUT | PATCH | DELETE ] Method allowed in SCIM REST protocol Content-Type application/scim+json SCIM specification Accept application/scim+json SCIM specification Authorization Basic YWRtaW46Y2hhbmdlaXQ= Only BASIC authentication is implemented in this version. A Soffid user (+password) with SCIM access is required to generate this parameter Accept-Language [ EN  | ES | CA | NL ] This parameter is OPTIONAL. The default language is EN HTTP codes The following HTTP codes are managed in the HTTP response: Code Status User case 200 Ok After: list all, search by id, search by filter, update all, update partial 201 Created After: create 204 No content After: delete 404 Not found After: resource not found 500 Error After: internal error, PATCH DELETE Testing tool REST clients Any REST client may be used to test and consume our SCIM REST web service. Bruno Bruno is a free and open-source API client used to test, explore, and document APIs. Think of it as a tool that lets you send HTTP requests (GET, POST, PUT, DELETE, etc.) to any API and inspect the responses — without writing code. You can download it at the following link: https://www.usebruno.com/downloads Bruno is compatible with Linux and Windows. Sample collection To enable you to conduct your initial tests quickly, we provide a collection of samples that you can import into your Bruno instance. SOFFID SCIM.zip Once you imported the project, in settings, is useful to create global variables and use them in the request URLs. Such as, the  environment . And the Auth method to 'Basic Auth', providing your Soffid username and password .   Resource data model & schema The data model of the Soffid objects is mapped to JSON objects to enable the data transport between client and server. User resource /User Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/base/api/User.html Soffid allows you to add customized data to the user object. You can do that on metadata, on the proper object. Main Menu >   Configuration  >  Global Settings  >  Metadata Query schema It is allowed to consult all the User definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.base.api.User Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.base.api.User", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "User", "description": "User object", "attributes": [ { "uniqueness": "none", "name": "userName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "firstName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "lastName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "middleName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "fullName", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "userType", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "primaryGroup", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "homeServer", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "profileServer", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "emailAddress", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "mailAlias", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "mailServer", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "active", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "multiSession", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "comments", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "modifiedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "modifiedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "subattributes": [ { "uniqueness": "none", "name": "avatar", "description": "Avatar", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "uniqueness": "none", "name": "attributes", "description": "Custom attributes", "mutability": "readWrite", "type": "complex", "returned": "default", "multiValued": false }, { "subattributes": [ { "uniqueness": "none", "name": "domain", "description": "Password domain to be changed. By default, the DEFAULT domain is changed", "mutability": "writeOnly", "type": "string", "caseExact": true, "multiValued": false, "required": false }, { "uniqueness": "none", "name": "value", "description": "The password itself, in clear text", "mutability": "writeOnly", "type": "string", "caseExact": true, "multiValued": false, "required": true }, { "uniqueness": "none", "name": "expired", "description": "If not set to false, the user will be prompted to change it on next logon", "mutability": "readWrite", "type": "boolean", "caseExact": true, "multiValued": false, "required": false } ], "uniqueness": "none", "name": "password", "description": "Change current user password", "mutability": "writeOnly", "type": "complex", "caseExact": true, "multiValued": true, "required": false } ], "id": "urn:soffid:com.soffid.iam.base.api.User" } Full JSON example Visit SCIM User examples page Group resource /Group Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/Group.html Soffid allows you to add customized data to the group object. You can do that on the metadata option: Main Menu >   Configuration  >  Global Settings  >  Metadata Query Schema It is allowed to consult all the Group definitions using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.Group Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.Group", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "Group", "description": "Group object", "attributes": [ { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "driveLetter", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "parentGroup", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "type", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "driveServerName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "obsolete", "mutability": "readOnly", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "startDate", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "endDate", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.Group" } Full JSON example Visit SCIM Group examples page Account resource /Account Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/base/api/Account.html Soffid allows you to add customized data to the Account object. You can do that on metadata option: Main Menu > Configuration  >  Global Settings  >  Metadata Query Schema It is allowed to consult all the Account definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.base.api.Account Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.base.api.Account", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "Account", "description": "Account object", "attributes": [ { "uniqueness": "none", "name": "system", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "loginName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "type", "canonicalValues": [ "U", "S", "P", "I" ], "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "status", "canonicalValues": [ "a", "FA", "l", "d", "FD", "r", "x" ], "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "credentialType", "canonicalValues": [ "PASS", "SSH", "KUBE" ], "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "passwordPolicy", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "ownerGroups", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "ownerUsers", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "ownerRoles", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "managerGroups", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "managerUsers", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "managerRoles", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "grantedGroups", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "grantedUsers", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "grantedRoles", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "serverType", "canonicalValues": [ "Windows", "Linux", "Database" ], "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "serverName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "sshPublicKey", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "vaultFolderId", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "inheritNewPermissions", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "loginUrl", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "launchType", "canonicalValues": [ "S", "W", "P" ], "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "jumpServerGroup", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "externalId", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "lastLogin", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "lastUpdated", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "lastPasswordSet", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "passwordExpiration", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "lockedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "passwordStatus", "canonicalValues": [ "PASSWORD_GOOD", "PASSWORD_WRONG", "PASSWORD_GOOD_EXPIRED" ], "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "created", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "lastChange", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "subattributes": [ { "uniqueness": "none", "name": "value", "description": "The password itself, in clear text", "mutability": "writeOnly", "type": "string", "caseExact": true, "multiValued": false, "required": true }, { "uniqueness": "none", "name": "expired", "description": "If not set to false, the user will be prompted to change it on next logon", "mutability": "readWrite", "type": "boolean", "caseExact": true, "multiValued": false, "required": false } ], "uniqueness": "none", "name": "password", "description": "Change current account password", "mutability": "writeOnly", "type": "complex", "caseExact": true, "multiValued": false, "required": false }, { "uniqueness": "none", "name": "attributes", "mutability": "readWrite", "type": "complex", "caseExact": true, "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.base.api.Account" } Full JSON example  Visit SCIM Account examples page Application resource /Application (addon version 1.2.0+) Dictionary table The diagram service model of the object :  https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/InformationSystem.html Soffid allows you to add customized data to the Application object (System Information). You can do that on metadata option: Main Menu  >  Configuration > Global Settings  >  Metadata Query Schema It is allowed to consult all the Application definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.InformationSystem Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.InformationSystem", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "Application", "description": "Application object", "attributes": [ { "uniqueness": "none", "name": "type", "canonicalValues": [ "container", "application", "business" ], "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "parent", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "relativeName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "owner", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "sourceDir", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "targetDir", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "database", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "bpmEnabled", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "notificationEmails", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "approvalProcess", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "roleDefinitionProcess", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "singleRole", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.InformationSystem" } Full JSON example Visit SCIM Application examples page Role resource /Role (addon version 1.2.0+) Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/Role.html Soffid allows you to add customized data to the Role object. You can do that on metadata option: Main Menu > Configuration  >  Global Settings  >  Metadata Query schema It is allowed to consult all the Role definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.Role Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.Role", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "Role", "description": "Role object", "attributes": [ { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "system", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "category", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "informationSystemName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "domainType", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "bpmEnabled", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "externalId", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "approvalStart", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "approvalEnd", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.Role" } Full JSON example Visit SCIM Role examples page Group type resource /GroupType Dictionary table The diagram service model of the object: https://download.soffid.com/doc/cohttps://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/GroupType.htmlnsole/latest/uml/com/soffid/iam/api/OUType.html Query Schema It is allowed to consult all the Group Type definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.GroupType Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.GroupType", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "OUType", "description": "OUType object", "attributes": [ { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "roleHolder", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.GroupType" } Full JSON example Visit SCIM Group type examples page User type resource /UserType Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/UserType.html Query Schema It is allowed to consult all the User Type definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.UserType Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.UserType", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "UserType", "description": "UserType object", "attributes": [ { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "managed", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.UserType" } Full JSON example Visit SCIM User type examples page GroupUser resource /UserGroup Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/UserGroup.html Soffid allows you to add customized data to the GroupUser object. You can do that on metadata option: Main Menu >   Configuration  >  Global Settings  >  Metadata Query Schema It is allowed to consult all the GroupUser definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.UserGroup Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.UserGroup", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "GroupUser", "description": "GroupUser object", "attributes": [ { "uniqueness": "none", "name": "user", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "group", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.UserGroup" } Full JSON example Visit SCIM GroupUser examples page RoleAccount resource /RoleAccount Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/RoleAccount.html Query Schema It is allowed to consult all the RoleAccount definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.RoleAccount Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.RoleAccount", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "RoleAccount", "description": "RoleAccount object", "attributes": [ { "uniqueness": "none", "name": "id", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "accountName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "accountSystem", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "roleName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "domainValue", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "system", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "userName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "startDate", "mutability": "readWrite", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "endDate", "mutability": "readWrite", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "holderGroup", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "certificationDate", "mutability": "readWrite", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "externalId", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.RoleAccount" } Full JSON example Visit SCIM RoleAccount examples page Host resource /Host Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/am/api/Host.html Soffid allows you to add customized data to the user object. You can do that on metadata, on the proper object. Main Menu  >  Configuration  >  Global Settings  >  Metadata Query Schema It is allowed to consult all the Host definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.am.api.Host Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.am.api.Host", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "Host", "description": "Host object", "attributes": [ { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "network", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "ip", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "dynamicIp", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "mail", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "folders", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "mac", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "printersServer", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "serialNumber", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "os", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "hostAlias", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "dhcp", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "lastSeen", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "created", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "locked", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "subattributes": [ { "uniqueness": "none", "name": "device", "description": "Device type", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "detectedOs", "description": "Operating system", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "browser", "description": "Internet browser", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "cpu", "description": "CPU type", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "uniqueness": "none", "name": "attributes", "description": "Custom attributes", "mutability": "readWrite", "type": "complex", "returned": "default", "multiValued": false } ], "id": "urn:soffid:com.soffid.iam.am.api.Host" } Full JSON example Visit SCIM Host examples page MailList resource /MailList Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/MailList.html Soffid allows you to add customized data to the user object. You can do that on metadata, on the proper object. Main Menu  >  Administration  >  Configure Soffid  >  Global Settings  >  Metadata Query Schema It is allowed to consult all the MailList definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.MailList Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.MailList", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "MailList", "description": "MailList object", "attributes": [ { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "domainName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "lists", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "externalList", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "roleMembers", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "groupMembers", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "usersList", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "listsBelong", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "explodedUsersList", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.MailList" } Full JSON example Visit SCIM MailList examples page. MailDomain resource /MailDomain Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/MailDomain.html Query Schema It is allowed to consult all the MailDomain definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.MailDomain Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.MailDomain", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "MailDomain", "description": "MailDomain object", "attributes": [ { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "id", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "obsolete", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.MailDomain" } Full JSON example Visit SCIM MailDomain examples page. Network resource /Network Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/am/api/Network.html Query Schema It is allowed to consult all the Network definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.am.api.Network Response 200 { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.am.api.Network", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "Network", "description": "Network object", "attributes": [ { "uniqueness": "none", "name": "id", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "ip", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "mask", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "type", "canonicalValues": [ "l", "w", "e" ], "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "lanAccess", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "dhcp", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "dhcpSupport", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "loginRestriction", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "discovery", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "discoveryServer", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "discoveryRanges", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "countryCode", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.am.api.Network" } Full JSON example Visit SCIM Network examples page. DomainValue resource /DomainValue Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/DomainValue.html Query Schema It is allowed to consult all the DomainValue definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.DomainValue Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.DomainValue", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "DomainValue", "description": "DomainValue object", "attributes": [ { "uniqueness": "none", "name": "id", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "value", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "domainName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "informationSystemName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.DomainValue" } Full JSON example Visit SCIM DomainValue examples page. VaultFolder resource /VaultFolder Dictionary table The diagram service model of the object:  https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/am/api/VaultFolder.html Query Schema It is allowed to consult all the VaultFolder definitions using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.am.api.VaultFolder Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.am.api.VaultFolder", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "VaultFolder", "description": "VaultFolder object", "attributes": [ { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "parentFolder", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "grantedGroups", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "grantedUsers", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "grantedRoles", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "managerGroups", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "managerUsers", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "managerRoles", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "ownerGroups", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "ownerUsers", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "ownerRoles", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "navigateGroups", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "navigateUsers", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "navigateRoles", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "accessLevel", "canonicalValues": [ "N", "U", "M", "O", "-" ], "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "pamPolicy", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.am.api.VaultFolder" } Full JSON example Visit SCIM VaultFolder examples page. System resource /System Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/System.html Query Schema It is allowed to consult all the System definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.System Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.System", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "System", "description": "System object", "attributes": [ { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "className", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "url", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "url2", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "rolebased", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "trusted", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "userTypes", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "manualAccountCreation", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "fullReconciliation", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "generateTasksOnLoad", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "groupsList", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "accessControl", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "passwordsDomainId", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "passwordsDomain", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "usersDomain", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "readOnly", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "pause", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "authoritative", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "timeStamp", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "created", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "authoritativeProcess", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "sharedDispatcher", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "threads", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "timeout", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "longTimeout", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "usage", "canonicalValues": [ "IAM", "PAM", "SSE" ], "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "deltaChanges", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "removeRolesFromDisabledAccounts", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createDisabledAccounts", "mutability": "readWrite", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.System" } Full JSON example Visit SCIM System examples page. CustomObject resource /CustomObject Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/iga/api/CustomObject.html Query Schema It is allowed to consult all the CustomObject definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.CustomObject Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.iga.api.CustomObject", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "CustomObject", "description": "CustomObject object", "attributes": [ { "uniqueness": "none", "name": "id", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "name", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "type", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "attributes", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.iga.api.CustomObject" } Full JSON example Visit SCIM CustomObject examples page. ProcessDefinition resource /ProcessDefinition Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/bpm/api/ProcessDefinition.html Query Schema It is allowed to consult all the ProcessDefinition definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "ProcessDefinition", "description": "ProcessDefinition object", "attributes": [ { "uniqueness": "none", "name": "version", "mutability": "readOnly", "type": "integer", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "tag", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "name", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "server", "name": "id", "mutability": "readOnly", "type": "integer", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "enabled", "mutability": "readOnly", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "appliesTo", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "type", "mutability": "readOnly", "type": "complex", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "deployed", "mutability": "readOnly", "type": "complex", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "author", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition" } Full JSON example Visit SCIM ProcessDefinition examples page. ProcessInstance resource /ProcessInstance Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/bpm/api/ProcessInstance.html QUery Schema It is allowed to consult all the ProcessInstance definitions using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.bpm.api.ProcessInstance Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.bpm.api.ProcessInstance", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "ProcessInstance", "description": "ProcessInstance object", "attributes": [ { "uniqueness": "server", "name": "id", "mutability": "readOnly", "type": "integer", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "description", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "start", "mutability": "readOnly", "type": "complex", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "end", "mutability": "readOnly", "type": "complex", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "variables", "mutability": "readWrite", "type": "complex", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "currentTask", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "comments", "mutability": "readWrite", "type": "complex", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "processDefinition", "mutability": "immutable", "type": "integer", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "dummyProcess", "mutability": "readOnly", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "transition", "mutability": "writeOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false } ], "id": "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance" } Full JSON example Visit SCIM ProcessInstance examples page. TaskInstance resource /TaskInstance Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/bpm/api/TaskInstance.html Query Schema It is allowed to consult all the TaskInstance definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.bpm.api.TaskInstance Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.bpm.api.TaskInstance", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "TaskInstance", "description": "TaskInstance object", "attributes": [ { "uniqueness": "server", "name": "id", "mutability": "readOnly", "type": "integer", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "processName", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "server", "name": "processId", "mutability": "readOnly", "type": "integer", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "processDefinition", "mutability": "readOnly", "type": "integer", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "dummyTask", "mutability": "readOnly", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "name", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "description", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "actorId", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "create", "mutability": "readOnly", "type": "complex", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "start", "mutability": "readOnly", "type": "complex", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "end", "mutability": "readOnly", "type": "complex", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "dueDate", "mutability": "readOnly", "type": "complex", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "priority", "mutability": "readOnly", "type": "integer", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "cancelled", "mutability": "readOnly", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "open", "mutability": "readOnly", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "signalling", "mutability": "readOnly", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "blocking", "mutability": "readOnly", "type": "boolean", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "swimlane", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "pooledActors", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "variables", "mutability": "readWrite", "type": "complex", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "transitions", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "transition", "mutability": "writeOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false } ], "id": "urn:soffid:com.soffid.iam.bpm.api.TaskInstance" } Full JSON example Visit SCIM TaskInstance examples page. Issue resource /Issue Dictionary table The diagram service model of the object: https://download.soffid.com/doc/console/4.0.0/uml/com/soffid/iam/rc/api/Issue.html Query Schema It is allowed to consult all the Issue definition using the Schema query: Request GET https:///soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.rc.api.Issue Response 200 OK { "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Schemas/urn:soffid:com.soffid.iam.rc.api.Issue", "resourceType": "Schema" }, "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Schema" ], "name": "Issue", "description": "Issue object", "attributes": [ { "uniqueness": "none", "name": "number", "mutability": "readOnly", "type": "integer", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "requester", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "type", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "description", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "times", "mutability": "readOnly", "type": "integer", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "status", "canonicalValues": [ "N", "A", "S", "D" ], "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": true }, { "uniqueness": "none", "name": "failedLoginPct", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "humanConfidence", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "system", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "otpDevice", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "exception", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "risk", "canonicalValues": [ "L", "H", "F", "N" ], "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "roleAccount", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "rule", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "jobName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "ip", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "country", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "account", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "loginName", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "hosts", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "browsers", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "users", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": true, "required": false }, { "uniqueness": "none", "name": "breachedEmail", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "dataBreach", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "htmlDescription", "mutability": "readWrite", "type": "binary", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "created", "mutability": "readWrite", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "acknowledged", "mutability": "readWrite", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "solved", "mutability": "readWrite", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "actor", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "performedActions", "mutability": "readWrite", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "updatedBy", "mutability": "readOnly", "type": "string", "caseExact": true, "returned": "default", "multiValued": false, "required": false }, { "uniqueness": "none", "name": "createdOn", "mutability": "readOnly", "type": "dateTime", "caseExact": true, "returned": "default", "multiValued": false, "required": false } ], "id": "urn:soffid:com.soffid.iam.rc.api.Issue" } Full JSON example Visit  SCIM Issue examples  page SCIM full examples Previous steps Please note that the SCIM REST Web Service Add-on installed must be installed, please check this part in How to use SCIM in Soffid # Installation Please note that a user with the authentication is required, please check this part in How to use SCIM in Soffid # Confirm authorization Please note that is recommended to use a REST client, please see our example in Testing tool # RESTer Please note that the correct header parameters must be used, please browse them in SCIM in Soffid # HTTP request SCIM User examples Operations This page shows the operations that can be performed for the user object. List all Request GET https:///soffid/webservice/scim2/v1/User Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 64, "startIndex": 1, "Resources": [ { "lastName": "Pig", "profileServer": "null", "createdByUser": "hrms", "fullName": "Dad Pig", "active": true, "userName": "1", "mailAlias": "", "mailServer": "null", "firstName": "Dad", "createdDate": "2021-02-16 13:38:26", "multiSession": false, "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477909", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'1'+and+enabled+eq+true", "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'1'+and+disabled+eq+false", "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'1'" }, "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2021-05-04 09:24:54", "attributes": {}, "id": 1477909, "userType": "I", "homeServer": "null", "primaryGroupDescription": "World Original", "primaryGroup": "world" }, { "lastName": "SUZY", "profileServer": "null", "createdByUser": "hrms", "fullName": "Suzy SUZY", "active": true, "userName": "10", "mailAlias": "", "mailServer": "null", "firstName": "Suzy", "createdDate": "2021-02-16 13:38:27", "multiSession": false, "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477931", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'10'+and+enabled+eq+true", "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'10'+and+disabled+eq+false", "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'10'" }, "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2021-05-05 14:11:37", "attributes": {}, "id": 1477931, "userType": "I", "homeServer": "null", "primaryGroupDescription": "World Original", "primaryGroup": "world" }, { "lastName": "Rabbit", "profileServer": "null", "createdByUser": "hrms", "fullName": "Ricchard Rabbit", "active": true, "userName": "11", "mailAlias": "", "mailServer": "null", "firstName": "Ricchard", "createdDate": "2021-02-16 13:38:27", "multiSession": false, "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1477953", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'11'+and+enabled+eq+true", "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'11'+and+disabled+eq+false", "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'11'" }, "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2021-02-17 19:06:20", "attributes": {}, "id": 1477953, "userType": "I", "homeServer": "null", "primaryGroupDescription": "World Original", "primaryGroup": "world" }, ....... ] } List by filter List all users with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/User?filter=lastName co ada&sortOrder=descending&sortBy=userName Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 13, "startIndex": 1, "Resources": [ { "lastName": "ADAMS", "comments": "Changed", "profileServer": "null", "createdByUser": "soffid.bubu.lab", "fullName": "Wally ADAMS", "active": true, "userName": "wally", "mailAlias": "", "mailServer": "null", "firstName": "Wally", "createdDate": "2020-12-11 11:23:58", "multiSession": false, "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1002599", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'wally'+and+enabled+eq+true", "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'wally'+and+disabled+eq+false", "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'wally'" }, "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2021-04-22 19:31:01", "attributes": { "RegisterServiceProvider": "anonymous", "manager": "admin", "PHONE": "2", "EMAIL": "wally5@test.com", }, "id": 1002599, "userType": "I", "homeServer": "null", "primaryGroupDescription": "Enterprise", "primaryGroup": "enterprise" }, { "lastName": "ADAMS", "comments": "Changed", "profileServer": "null", "createdByUser": "soffid.bubu.lab", "fullName": "Tina ADAMS", "active": true, "userName": "tina", "mailAlias": "", "mailServer": "null", "firstName": "Tina", "createdDate": "2020-12-11 12:22:07", "multiSession": false, "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1004678", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'tina'+and+enabled+eq+true", "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'tina'+and+disabled+eq+false", "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'tina'" }, "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2021-04-22 19:11:17", "attributes": { "RegisterServiceProvider": "anonymous", "manager": "admin", "PHONE": "1", "EMAIL": "tina11@test.com", }, "id": 1004678, "userType": "I", "homeServer": "null", "primaryGroupDescription": "Enterprise", "primaryGroup": "enterprise" }, { "lastName": "ADAMS", "comments": "Changed", "profileServer": "null", "createdByUser": "soffid.bubu.lab", "fullName": "Teodoro ADAMS", "active": true, "userName": "ted", "mailAlias": "", "mailServer": "null", "firstName": "Teodoro", "createdDate": "2020-12-11 09:18:42", "multiSession": false, "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1000190", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'ted'+and+enabled+eq+true", "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'ted'+and+disabled+eq+false", "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'ted'" }, "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2021-02-04 15:44:42", "attributes": { "RegisterServiceProvider": "anonymous", "manager": "admin", "EMAIL": "test3@gmail.com", }, "id": 1000190, "userType": "I", "homeServer": "null", "primaryGroupDescription": "Enterprise", "primaryGroup": "enterprise" }, ......... ] } Query by id Query a user by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/User/1057751 Response 200 OK { "lastName": "Smith", "comments": "Changed", "createdByUser": "soffid.bubu.lab", "fullName": "John Smith", "active": true, "userName": "jsmith", "mailAlias": "", "firstName": "John", "createdDate": "2020-12-14 17:52:14", "multiSession": false, "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1057751", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'jsmith'+and+enabled+eq+true", "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'jsmith'+and+disabled+eq+false", "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'jsmith'" }, "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2021-05-07 12:32:41", "attributes": { "RegisterServiceProvider": "anonymous", "manager": "admin", "EMAIL": "jsmith@test.com", "birthDate": "1970-05-26 00:00:00", "ActivationKey": "HPhl61lBlJ9fgcDtWyug0O15" }, "id": 1057751, "userType": "I", "primaryGroupDescription": "Help desk support team", "primaryGroup": "it" } Create Request POST https:///soffid/webservice/scim2/v1/User JSON { "schemas": [ "urn:soffid:com.soffid.iam.base.api.User" ], "userName": "ckelp", "firstName": "Cas", "lastName": "Kelp", "userType": "I", "primaryGroup": "world", "active": true } Response 201 Created { "lastName": "Kelp", "profileServer": "null", "createdByUser": "admin", "fullName": "Cas Kelp", "active": true, "userName": "ckelp", "mailAlias": "", "mailServer": "null", "firstName": "Cas", "createdDate": "2021-05-11 09:06:49", "multiSession": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User/1976665", "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2021-05-11 09:06:49", "attributes": {}, "id": 1976665, "userType": "I", "homeServer": "null", "primaryGroupDescription": "World Original", "primaryGroup": "world" } Update partial Only attributes with changes will be updated, the other will maintain the same value. If you want to add users to a group, please visit  SCIM GroupUser examples  page Request PATCH https:///soffid/webservice/scim2/v1/User/1976665 JSON { "Operations": [ { "op": "replace", "path": "lastName", "value": "Casey" }, { "op": "replace", "path": "middleName", "value": "XX" } ] } Response 200 OK { "lastName": "Casey", "profileServer": "null", "createdByUser": "admin", "fullName": "Casey Casey XX", "active": true, "userName": "ckelp", "mailAlias": "", "mailServer": "null", "firstName": "Casey", "createdDate": "2021-05-11 09:06:49", "multiSession": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User/1976665", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'ckelp'+and+enabled+eq+true", "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'ckelp'+and+disabled+eq+false", "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'ckelp'" }, "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2021-05-11 09:33:35", "middleName": "XX", "attributes": {}, "id": 1976665, "userType": "I", "homeServer": "null", "primaryGroupDescription": "World Original", "primaryGroup": "world" } Password change Password change request.  Multiple domains can be specified adding new objects inside the first "value" key. In this example we update the password on a user so that the user doesn't have to change the password on the first logon ("passwordExpired" is false). Request PATCH https:///soffid/webservice/scim2/v1/User/568327 Body (JSON) { "schemas": [ "urn:soffid:com.soffid.iam.base.api.User" ], "Operations": [ { "op": "replace", "path": "password", "value": [ {"domain": "DEFAULT", "value": "NewPass1234", "passwordExpired": false} ] } ] } Response 200 OK { "lastName": "Peaky", "createdByUser": "admin", "fullName": "Familiar Peaky Primer", "active": true, "userName": "familiar1", "mailAlias": "", "firstName": "Familiar", "emailAddress": "familiar1@soffid.com", "mailDomain": "soffid.com", "createdDate": "2023-07-05 00:00:00", "multiSession": false, "meta": { "location": "http://pr-as-am19-dev-soffid-console-ms-ns-as-am19-dev-back.apps.aroas.westeurope.aroapp.io/soffid/webservice/scim2/v1/User/568327", "links": { "roleAccounts": "http://pr-as-am19-dev-soffid-console-ms-ns-as-am19-dev-back.apps.aroas.westeurope.aroapp.io/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'familiar1'+and+enabled+eq+true", "groupUsers": "http://pr-as-am19-dev-soffid-console-ms-ns-as-am19-dev-back.apps.aroas.westeurope.aroapp.io/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'familiar1'+and+disabled+eq+false", "accounts": "http://pr-as-am19-dev-soffid-console-ms-ns-as-am19-dev-back.apps.aroas.westeurope.aroapp.io/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'familiar1'", "issues": "http://pr-as-am19-dev-soffid-console-ms-ns-as-am19-dev-back.apps.aroas.westeurope.aroapp.io/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'familiar1'", "effectiveGrants": "http://pr-as-am19-dev-soffid-console-ms-ns-as-am19-dev-back.apps.aroas.westeurope.aroapp.io/soffid/webservice/scim2/v1/User/568327/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "queries", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2024-05-15 09:46:28.714", "middleName": "Primer", "attributes": { "gepipId": "645cb2ed99e63065c76b51de", "RecoverKey": "unEVPLWQ2KLdocjmpGs2vO4uO6jL8m2VMChIypJCTUmMV867l1ZgEr5sAJBw5koJ0uOYOM3iCRC4568327", "email": "familiar1@soffid.com" }, "id": 568327, "userType": "E", "shortName": "familiar1", "primaryGroupDescription": "World", "primaryGroup": "world" } Update all This operation replaces all values in the user. Note that the attribute id is required to confirm that the resource "...User/" is the same that the JSON user. Note that all the attributes not included in the request will be cleared in the user and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information see Resource data model page Request PUT https:///soffid/webservice/scim2/v1/User/1976590 JSON { "schemas": [ "urn:soffid:com.soffid.iam.base.api.User" ], "id": 1976665, "userName": "ckelp", "firstName": "Casey", "lastName": "Kelp", "userType": "I", "primaryGroup": "world", "homeServer": "null", "mailServer": "null", "profileServer": "null", "active": true } Response 200 OK { "lastName": "Kelp", "profileServer": "null", "createdByUser": "admin", "fullName": "Casey Kelp", "active": true, "userName": "ckelp", "mailAlias": "", "mailServer": "null", "firstName": "Casey", "createdDate": "2021-05-11 09:06:49", "multiSession": false, "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/User/1976665", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'ckelp'+and+enabled+eq+true", "groupUsers": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'ckelp'+and+disabled+eq+false", "accounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'ckelp'" }, "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2021-05-11 09:35:24", "attributes": {}, "id": 1976665, "userType": "I", "homeServer": "null", "primaryGroupDescription": "World Original", "primaryGroup": "world" } Delete Please note after this delete, the user has to be created again to use it in the following examples. Request DELETE http:///soffid/webservice/scim2/v1/User/1976665 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM Group examples Operations This page shows the operations that can be performed for the group object. List all Request GET https:///soffid/webservice/scim2/v1/Group Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 7, "startIndex": 1, "Resources": [ { "organizational": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/83", "links": { "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'world'+or secondaryGroup.group.name+eq+'world'", "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'world'" }, "resourceType": "Group" }, "quota": "0", "schemas": [ "urn:soffid:com.soffid.iam.api.Group" ], "name": "world", "obsolete": false, "description": "World Original", "attributes": {}, "id": 83 }, { "organizational": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/87", "links": { "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'enterprise'+or secondaryGroup.group.name+eq+'enterprise'", "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'enterprise'" }, "resourceType": "Group" }, "quota": "0", "schemas": [ "urn:soffid:com.soffid.iam.api.Group" ], "name": "enterprise", "obsolete": false, "description": "Enterprise", "parentGroup": "world", "attributes": {}, "id": 87 }, ...... ] } List by filter List all groups with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/Group?filter=name co world Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "organizational": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/83", "links": { "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'world'+or secondaryGroup.group.name+eq+'world'", "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'world'" }, "resourceType": "Group" }, "quota": "0", "schemas": [ "urn:soffid:com.soffid.iam.api.Group" ], "name": "world", "obsolete": false, "description": "World Original", "attributes": {}, "id": 83 }, { "organizational": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/485118", "links": { "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'world2'+or secondaryGroup.group.name+eq+'world2'", "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'world2'" }, "resourceType": "Group" }, "quota": "0", "schemas": [ "urn:soffid:com.soffid.iam.api.Group" ], "name": "world2", "obsolete": false, "description": "World Modified", "attributes": {}, "id": 485118 } ] } Query by id Retrieve a group by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/Group/83 Response 200 OK { "organizational": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/83", "links": { "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'world'+or secondaryGroup.group.name+eq+'world'", "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'world'" }, "resourceType": "Group" }, "quota": "0", "schemas": [ "urn:soffid:com.soffid.iam.api.Group" ], "name": "world", "obsolete": false, "description": "World Original", "attributes": {}, "id": 83 } Create Request POST https:///soffid/webservice/scim2/v1/Group/ JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.Group" ], "name": "EngineeringTeam", "description": "Enterprise engineering team", "parentGroup": "world" } Response 201 Created { "organizational": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/1976559", "resourceType": "Group" }, "quota": "0", "schemas": [ "urn:soffid:com.soffid.iam.api.Group" ], "name": "EngineeringTeam", "obsolete": false, "description": "Enterprise engineering team", "parentGroup": "world", "attributes": {}, "id": 1976559 } Update partial Only attributes with changes will be updated, the other will maintain the same value. If you want to add users to a group, please visit SCIM GroupUser examples page Request PATCH https:///soffid/webservice/scim2/v1/Group/1976559 JSON { "Operations": [ { "op": "replace", "path": "description", "value": "Enterprise Engineering Group" }, { "op": "replace", "path": "type", "value": "CC" } ] } Response 200 OK { "organizational": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/1976559", "links": { "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'EngineeringTeam'+or secondaryGroup.group.name+eq+'EngineeringTeam'", "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'EngineeringTeam'" }, "resourceType": "Group" }, "quota": "0", "schemas": [ "urn:soffid:com.soffid.iam.api.Group" ], "name": "EngineeringTeam", "obsolete": false, "description": "Enterprise Engineering Group", "parentGroup": "world", "attributes": {}, "id": 1976559, "type": "CC" } Update all This operation replaces all values in the group.  Note that the attribute id is required to confirm that the resource "...Group/" is the same that the JSON group. Note that all the attributes not included in the request will be cleared in the group and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information see Resource data model page . Request PUT http:///soffid/webservice/scim2/v1/Group/1976559 JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.Group" ], "id": 1976559, "name": "EngineeringTeam", "description": "Enterprise engineering team", "parentGroup": "world" } Response 200 OK { "organizational": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/1976559", "links": { "members": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=primaryGroup+eq+'EngineeringTeam'+or secondaryGroup.group.name+eq+'EngineeringTeam'", "administrators": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=group.name+eq+'EngineeringTeam'" }, "resourceType": "Group" }, "quota": "0", "schemas": [ "urn:soffid:com.soffid.iam.api.Group" ], "name": "EngineeringTeam", "obsolete": false, "description": "Enterprise engineering team", "parentGroup": "world", "attributes": {}, "id": 1976559 } Delete Please note that after this delete action, you will need to create again the group to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/Group/1976559 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM Account examples Operations This page shows the operations that can be performed for the account object List all List all accounts, disabled or not. Request GET https:///soffid/webservice/scim2/v1/Account Response 200 OK For example, after the Soffid installation, these are the available account. { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "lastLogin": "2021-05-10 13:00:40", "grantedRoles": [], "description": "Soffid Administrator", "type": "U", "ownerGroups": [], "oldName": "admin", "loginName": "admin", "inheritNewPermissions": false, "disabled": false, "id": 103, "managerGroups": [], "grantedGroups": [], "lastPasswordSet": "2021-05-05 11:32:14", "passwordExpiration": "2022-05-05 00:00:00", "passwordPolicy": "I", "accessLevel": "O", "managerRoles": [], "created": "2020-02-13 23:01:44", "system": "soffid", "ownerRoles": [], "meta": { "location": "http:///webservice/scim2/v1/Account/103", "links": { "roleAccounts": "http:///webservice/scim2/v1/RoleAccount?filter=account.id+eq+103+and+enabled+eq+true", "users": "http:///webservice/scim2/v1/User?filter=accountAccess.account.id+eq+103+or+accounts.account.id+eq+103" }, "resourceType": "Account" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Account" ], "name": "admin", "managerUsers": [], "attributes": {}, "status": "a", "ownerUsers": [ "admin" ], "grantedUsers": [] } ] } List by filter List all accounts with a filter expression.  It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/Account?filter=name co "adm" and passwordPolicy pr Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 3, "startIndex": 1, "Resources": [ { "lastLogin": "2021-05-10 13:05:15", "grantedRoles": [], "description": "Soffid Administrator", "type": "U", "ownerGroups": [], "oldName": "admin2", "loginName": "admin", "inheritNewPermissions": false, "disabled": false, "id": 103, "managerGroups": [], "grantedGroups": [], "lastPasswordSet": "2021-05-05 11:32:14", "passwordExpiration": "2022-05-05 00:00:00", "passwordPolicy": "I", "accessLevel": "O", "managerRoles": [], "created": "2020-02-13 23:01:44", "system": "soffid", "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/103", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+103+and+enabled+eq+true", "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+103+or+accounts.account.id+eq+103" }, "resourceType": "Account" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Account" ], "name": "admin", "managerUsers": [], "attributes": {}, "status": "a", "ownerUsers": [ "admin" ], "grantedUsers": [] }, { "passwordPolicy": "I", "grantedRoles": [], "accessLevel": "O", "managerRoles": [], "created": "2021-03-04 22:37:21", "description": "Soffid test account", "type": "I", "system": "soffid", "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1587766", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+1587766+and+enabled+eq+true", "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+1587766+or+accounts.account.id+eq+1587766" }, "resourceType": "Account" }, "loginName": "admintest", "schemas": [ "urn:soffid:com.soffid.iam.api.Account" ], "name": "admintest", "inheritNewPermissions": false, "managerUsers": [ "dilbert", "dogbert" ], "disabled": false, "attributes": {}, "id": 1587766, "managerGroups": [], "grantedGroups": [], "status": "a", "ownerUsers": [ "admin" ], "grantedUsers": [] }, { "passwordPolicy": "I", "grantedRoles": [], "accessLevel": "O", "managerRoles": [], "created": "2021-03-04 22:44:06", "description": "Soffid test account 2", "type": "I", "system": "soffid", "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1587776", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+1587776+and+enabled+eq+true", "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+1587776+or+accounts.account.id+eq+1587776" }, "resourceType": "Account" }, "loginName": "admintest2", "schemas": [ "urn:soffid:com.soffid.iam.api.Account" ], "name": "admintest2", "inheritNewPermissions": false, "managerUsers": [ "dilbert", "dogbert" ], "disabled": false, "attributes": {}, "id": 1587776, "managerGroups": [], "grantedGroups": [], "status": "a", "ownerUsers": [ "admin" ], "grantedUsers": [] } ] } Query by id Query an account by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/Account/1057754 Response 200 OK { "passwordPolicy": "I", "grantedRoles": [], "accessLevel": "-", "managerRoles": [], "created": "2020-12-14 17:52:14", "description": "John Smith", "type": "U", "system": "idp", "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1057754", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+1057754+and+enabled+eq+true", "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+1057754+or+accounts.account.id+eq+1057754" }, "resourceType": "Account" }, "loginName": "jsmith", "schemas": [ "urn:soffid:com.soffid.iam.api.Account" ], "name": "jsmith", "inheritNewPermissions": false, "managerUsers": [], "disabled": false, "attributes": {}, "id": 1057754, "managerGroups": [], "grantedGroups": [], "status": "a", "ownerUsers": [ "jsmith" ], "grantedUsers": [] } Create Request POST https:///soffid/webservice/scim2/v1/Account JSON { "schemas": ["urn:soffid:com.soffid.iam.base.api.Account"], "name": "Guest", "type": "I", "system": "soffid", "passwordPolicy": "I", "description": "Guest user", "inheritNewPermissions": false, "disabled": false } Response 201 Created { "passwordPolicy": "I", "grantedRoles": [], "managerRoles": [], "description": "Guest user", "type": "I", "system": "soffid", "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1976454", "resourceType": "Account" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Account" ], "name": "Guest", "inheritNewPermissions": false, "managerUsers": [], "disabled": false, "attributes": {}, "id": 1976454, "managerGroups": [], "grantedGroups": [], "ownerUsers": [], "grantedUsers": [] } Update partial Only attributes with changes will be updated, the others will maintain the same value. Request PATCH http:///soffid/webservice/scim2/v1/Account/15455 JSON { "schemas": [ "urn:soffid:com.soffid.iam.base.api.Account" ], "Operations": [ { "op": "replace", "path": "description", "value": "Guest User" }, { "op": "replace", "path": "ownerUsers", "value": [ "admin" ] } ] } Response 200 OK { "passwordPolicy": "I", "grantedRoles": [], "accessLevel": "-", "managerRoles": [], "created": "2021-05-10 13:08:05", "description": "Guest User", "type": "I", "system": "soffid", "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1976454", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+1976454+and+enabled+eq+true", "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+1976454+or+accounts.account.id+eq+1976454" }, "resourceType": "Account" }, "loginName": "Guest", "schemas": [ "urn:soffid:com.soffid.iam.api.Account" ], "name": "Guest", "inheritNewPermissions": false, "managerUsers": [], "disabled": false, "attributes": {}, "id": 1976454, "managerGroups": [], "grantedGroups": [], "status": "a", "ownerUsers": [ "admin" ], "grantedUsers": [] } Update partial (password update) Request PATCH https:///soffid/webservice/scim2/v1/Account/15455 JSON Option 1 { "schemas": [ "urn:soffid:com.soffid.iam.base.api.Account" ], "Operations": [ { "op": "replace", "path": "password.value", "value": "123123" }, { "op": "replace", "path": "password.expired", "value": false } ] } Option 2 { "schemas": [ "urn:soffid:com.soffid.iam.base.api.Account" ], "Operations": [ { "op": "replace", "path": "password", "value": { "value" : "123123", "expired" : false } } ] } Response 200 OK { "lastLogin": "2023-06-29 14:30:29", "grantedRoles": [], "description": "Frankaaa Sinatra", "type": "U", "ownerGroups": [], "loginName": "frank", "inheritNewPermissions": false, "disabled": false, "id": 5366314, "managerGroups": [], "grantedGroups": [], "lastPasswordSet": "2023-06-29 14:30:37", "passwordExpiration": "2023-07-24 00:00:00", "passwordPolicy": "I", "accessLevel": "-", "managerRoles": [], "created": "2022-04-21 10:11:12", "hasSnapshot": false, "system": "soffid", "ownerRoles": [], "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/5366314", "links": { "briefAudit": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/Audit?filter=searchIndex+eq+'ACC%235366314'", "roleAccounts": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+5366314+and+enabled+eq+true", "users": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+5366314+or+accounts.account.id+eq+5366314" }, "resourceType": "Account" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Account" ], "name": "frank", "managerUsers": [], "lastChange": "2023-06-05 15:05:16", "attributes": {}, "status": "a", "ownerUsers": [ "frank" ], "grantedUsers": [] } Update all This operation replaces all values in the account. For example, we will update the description. Note that the attribute id is required to confirm that the resource "...Account/" is the same that the JSON account. Note that all the attributes not included in the request will be cleared in the account and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information see Resource data model page Request PUT http:///soffid/webservice/scim2/v1/Account/1976454 JSON { "schemas": [ "urn:soffid:com.soffid.iam.base.api.Account" ], "id": 1976454, "name": "Guest", "type": "I", "system": "soffid", "passwordPolicy": "I", "description": "Guest Guest", "inheritNewPermissions": false, "disabled": false } Response 200 OK { "passwordPolicy": "I", "grantedRoles": [], "managerRoles": [], "description": "Guest Guest", "type": "I", "system": "soffid", "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Account/1976454", "links": { "roleAccounts": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount?filter=account.id+eq+1976454+and+enabled+eq+true", "users": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/User?filter=accountAccess.account.id+eq+1976454+or+accounts.account.id+eq+1976454" }, "resourceType": "Account" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Account" ], "name": "Guest", "inheritNewPermissions": false, "managerUsers": [], "disabled": false, "attributes": {}, "id": 1976454, "managerGroups": [], "grantedGroups": [], "status": "a", "ownerUsers": [], "grantedUsers": [] } Delete Please note after this delete, the account has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/Account/1976454 Response 204 No Content 204 No Content Note: use of roles with domain values In case of granting roles with domain values, the optional attribute domain value contains the value for that domain. Here is a sample account with permissions for the role SOFFID_OU_DOMAIN and domains D2 and enterprise: { "grantedRoles": [], "roles": [ { "informationSystemName": "SOFFID", "roleName": "SOFFID_OU_MANAGER", "id": 2236442, "roleDescription": "Business unit manager", "domainValue": "D2" }, { "informationSystemName": "SOFFID", "roleName": "SOFFID_OU_MANAGER", "id": 2236447, "roleDescription": "Business unit manager", "domainValue": "enterprise" } ], "description": "faith - faith MUYOYO", "type": { "value": "U" }, "lastUpdated": "2019-07-16T10:35:01+02:00", "ownerGroups": [], "inheritNewPermissions": false, "disabled": false, "id": 1727122, "grantedGroups": [], "managerGroups": [], "passwordPolicy": "I", "managerRoles": [], "created": "2019-07-16T10:26:16+02:00", "system": "soffid", "ownerRoles": [], "meta": { "location": "http://bubu-thinkpad:8080/soffid/webservice/scim/Account/1727122", "resourceType": "Account" }, "name": "faith", "managerUsers": [], "attributes": {}, "grantedUsers": [], "ownerUsers": [ { "lastName": "Smith", "createdByUser": "csv", "mailServer": "null", "nationalID": "", "multiSession": false, "modifiedByUser": "admin", "id": 1727113, "homeServer": "null", "primaryGroupDescription": "Entrprise", "primaryGroup": "enterprise", "comments": "Loaded from CSV file on Mon Aug 05 22:00:00 CEST 2019", "profileServer": "null", "active": true, "fullName": "faith MUYOYO", "userName": "faith", "mailAlias": "", "firstName": "faith", "createdDate": "2019-07-16T10:26:16+02:00", "phoneNumber": "", "modifiedDate": "2019-12-12T17:06:42+01:00", "userType": "I" } ] } Error response For more infomation about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM Application examples (InformationSystem) Operations This page shows the operations that can be performed for the application object (Information Systems from a functional point of view) List all Request GET https:///webservice/scim2/v1/Application Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "parent": "Operation/Business 2", "relativeName": "SOFFID", "database": "", "bpmEnabled": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/41", "links": { "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business 2/SOFFID'", "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business 2/SOFFID'" }, "resourceType": "Application" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Application" ], "name": "Operation/Business 2/SOFFID", "description": "SOFFID Identity Manager", "singleRole": false, "attributes": {}, "id": 41, "type": "application" }, { "parent": "Operation/Business process", "relativeName": "ad", "database": "ad", "bpmEnabled": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/391459", "links": { "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business process/ad'", "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business process/ad'" }, "resourceType": "Application" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Application" ], "name": "Operation/Business process/ad", "description": "Active Directory", "singleRole": false, "attributes": {}, "id": 391459, "type": "application" } ] } List by filter List all application with a filter expression.  It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/Application?filter=description co SOFFID Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "parent": "Operation/Business 2", "relativeName": "SOFFID", "database": "", "bpmEnabled": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/41", "links": { "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business 2/SOFFID'", "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business 2/SOFFID'" }, "resourceType": "Application" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Application" ], "name": "Operation/Business 2/SOFFID", "description": "SOFFID Identity Manager", "singleRole": false, "attributes": {}, "id": 41, "type": "application" }, { "parent": "Operation/Business 2", "relativeName": "iam.soffid.com", "database": "iam.soffid.com", "bpmEnabled": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/1836136", "links": { "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business 2/iam.soffid.com'", "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business 2/iam.soffid.com'" }, "resourceType": "Application" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Application" ], "name": "Operation/Business 2/iam.soffid.com", "description": "Discovered host iam.soffid.com", "singleRole": false, "attributes": {}, "id": 1836136, "type": "application" } ] } Query by id Retrieve an application by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/Application/391459 Response 200 OK { "parent": "Operation/Business process", "relativeName": "ad", "database": "ad", "bpmEnabled": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/391459", "links": { "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business process/ad'", "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business process/ad'" }, "resourceType": "Application" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Application" ], "name": "Operation/Business process/ad", "description": "Active Directory", "singleRole": false, "attributes": {}, "id": 391459, "type": "application" } Create To create an application (Information System). Request POST https:///soffid/webservice/scim2/v1/Application/ JSON { "schemas": [ "urn:soffid:com.soffid.iam.api.Application" ], "parent": "Operation/Business 2", "relativeName": "appBilling", "database": "", "bpmEnabled": false, "name": "Operation/Business 2/App Billing", "description": "Billing application", "singleRole": false, "attributes": {}, "type": "application" } Response 201 Created { "parent": "Operation/Business 2", "relativeName": "App Billing", "database": "", "bpmEnabled": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/1976515", "resourceType": "Application" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Application" ], "name": "Operation/Business 2/App Billing", "description": "Billing application", "singleRole": false, "attributes": {}, "id": 1976515, "type": "application" } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/Application/1976515 JSON { "schemas": [ "urn:soffid:com.soffid.iam.api.Application" ], "Operations": [ { "op": "replace", "path": "parent", "value": "Operation/Business process" }, { "op": "replace", "path": "name", "value": "Operation/Business process/App Billing" }, { "op": "replace", "path": "database", "value": "DDBBBilling" } ] } Response 200 OK { "parent": "Operation/Business process", "relativeName": "App Billing", "database": "DDBBBilling", "bpmEnabled": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/1976515", "links": { "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business process/App Billing'", "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business process/App Billing'" }, "resourceType": "Application" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Application" ], "name": "Operation/Business process/App Billing", "description": "Billing application", "singleRole": false, "attributes": {}, "id": 1976515, "type": "application" } Update all This operation replaces all values in the application. Note that the attribute id is required to confirm that the resource "...Application/" is the same that the JSON user. Note that all the attributes not included in the request will be cleared in the application and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information visit Resource data model page . Request PUT https:///soffid/webservice/scim2/v1/Application/1976515 JSON { "schemas": [ "urn:soffid:com.soffid.iam.api.Application" ], "id": 1976515, "parent": "Operation/Business 2", "relativeName": "appBilling", "database": "", "bpmEnabled": false, "name": "Operation/Business 2/App Billing", "description": "Billing application", "singleRole": false, "attributes": {}, "type": "application" } Response 200 OK { "parent": "Operation/Business 2", "relativeName": "App Billing", "database": "", "bpmEnabled": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application/1976515", "links": { "children": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Application?filter=parent.name+eq+'Operation/Business 2/App Billing'", "roles": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role?filter=informationSystemName+eq+'Operation/Business 2/App Billing'" }, "resourceType": "Application" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Application" ], "name": "Operation/Business 2/App Billing", "description": "Billing application", "singleRole": false, "attributes": {}, "id": 1976515, "type": "application" } Delete Please note that after this delete action, you will need to create again the application to use it in the next examples. Request DELETE https:///webservice/scim2/v1/Application/2236428 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM Role examples Operations This page shows the operations that can be performed for the role object List all Request GET https:///soffid/webservice/scim2/v1/Role Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 4, "startIndex": 1, "Resources": [ { "approvalEnd": "2021-02-26 13:19:36", "ownedRoles": [ { "informationSystem": "Operation/Business process/ad", "ownerRole": 63, "ownerRoleDescription": "SOFFID Administrator", "roleId": 393195, "mandatory": true, "enabled": true, "ownerSystem": "soffid", "system": "ad", "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/RoleGrant/1563461", "resourceType": "RoleGrant" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleGrant" ], "roleName": "AD role", "hasDomain": false, "id": 1563461, "ownerRoleName": "SOFFID_ADMIN", "roleDescription": "AD role", "status": "A" }, { "informationSystem": "Operation/Business 2/SOFFID", "ownerRole": 63, "ownerRoleDescription": "SOFFID Administrator", "roleId": 393447, "mandatory": true, "enabled": true, "ownerSystem": "soffid", "system": "ad", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/501188", "resourceType": "RoleGrant" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleGrant" ], "roleName": "accounting_mgr", "hasDomain": false, "id": 501188, "ownerRoleName": "SOFFID_ADMIN", "roleDescription": "Accounting Manager", "status": "A" }, { "informationSystem": "Operation/Business process/ad", "ownerRole": 63, "ownerRoleDescription": "SOFFID Administrator", "roleId": 391535, "mandatory": true, "enabled": true, "ownerSystem": "soffid", "system": "ad", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/503759", "resourceType": "RoleGrant" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleGrant" ], "roleName": "g100", "hasDomain": false, "id": 503759, "ownerRoleName": "SOFFID_ADMIN", "roleDescription": "Desarrollo Circuito", "status": "A" }, { "informationSystem": "Operation/Business process/ad", "ownerRole": 63, "ownerRoleDescription": "SOFFID Administrator", "roleId": 391480, "mandatory": false, "enabled": true, "ownerSystem": "soffid", "system": "ad", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/501481", "resourceType": "RoleGrant" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleGrant" ], "roleName": "Group Policy Creator Owners", "hasDomain": false, "id": 501481, "ownerRoleName": "SOFFID_ADMIN", "roleDescription": "Members in this group can modify group policy for the domain", "status": "A" } ], "description": "SOFFID Administrator", "granteeGroups": [ { "system": "soffid", "informationSystem": "Operation/Business 2/SOFFID", "roleId": 63, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/503848", "resourceType": "RoleGrant" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleGrant" ], "roleName": "SOFFID_ADMIN", "ownerGroup": "admingroup", "hasDomain": false, "id": 503848, "roleDescription": "SOFFID Administrator", "mandatory": true, "enabled": true } ], "informationSystemName": "Operation/Business 2/SOFFID", "password": false, "system": "soffid", "ownerGroups": [ { "organizational": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Group/91", "resourceType": "Group" }, "quota": "0", "schemas": [ "urn:soffid:com.soffid.iam.api.Group" ], "name": "admingroup", "obsolete": false, "description": "Enterprise Administrators Group", "parentGroup": "enterprise", "attributes": {}, "id": 91 } ], "ownerRoles": [ { "informationSystem": "Operation/Business 2/SOFFID", "ownerRole": 392727, "ownerRoleDescription": "Business Services", "roleId": 63, "mandatory": true, "enabled": true, "ownerSystem": "ad", "system": "soffid", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/501606", "resourceType": "RoleGrant" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleGrant" ], "roleName": "SOFFID_ADMIN", "hasDomain": false, "id": 501606, "ownerRoleName": "share-15000", "roleDescription": "SOFFID Administrator", "status": "A" } ], "bpmEnabled": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/63", "resourceType": "Role" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Role" ], "name": "SOFFID_ADMIN", "approvalStart": "2021-02-26 13:19:36", "attributes": {}, "id": 63, "enableByDefault": true }, { "ownedRoles": [], "description": "Soffid vault owner", "granteeGroups": [], "informationSystemName": "Operation/Business 2/SOFFID", "password": false, "system": "soffid", "ownerGroups": [], "ownerRoles": [], "bpmEnabled": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/790961", "resourceType": "Role" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Role" ], "name": "SOFFID_OWNER", "attributes": {}, "id": 790961, "enableByDefault": false }, ............. ] } List by filter List all roles with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/Role?filter=ownerRoles.name eq SOFFID_ADMIN Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 4, "startIndex": 1, "Resources": [ { "ownedRoles": [], "description": "Accounting Manager", "granteeGroups": [], "informationSystemName": "Operation/Business 2/SOFFID", "password": false, "system": "ad", "ownerGroups": [], "ownerRoles": [ { "informationSystem": "Operation/Business 2/SOFFID", "ownerRole": 63, "ownerRoleDescription": "SOFFID Administrator", "roleId": 393447, "mandatory": true, "enabled": true, "ownerSystem": "soffid", "system": "ad", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/501188", "resourceType": "RoleGrant" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleGrant" ], "roleName": "accounting_mgr", "hasDomain": false, "id": 501188, "ownerRoleName": "SOFFID_ADMIN", "roleDescription": "Accounting Manager", "status": "A" } ], "bpmEnabled": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/393447", "resourceType": "Role" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Role" ], "name": "accounting_mgr", "attributes": {}, "id": 393447, "enableByDefault": false }, { "ownedRoles": [], "description": "Members in this group can modify group policy for the domain", "granteeGroups": [], "informationSystemName": "Operation/Business process/ad", "password": false, "system": "ad", "ownerGroups": [], "ownerRoles": [ { "informationSystem": "Operation/Business process/ad", "ownerRole": 63, "ownerRoleDescription": "SOFFID Administrator", "roleId": 391480, "mandatory": false, "enabled": true, "ownerSystem": "soffid", "system": "ad", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/501481", "resourceType": "RoleGrant" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleGrant" ], "roleName": "Group Policy Creator Owners", "hasDomain": false, "id": 501481, "ownerRoleName": "SOFFID_ADMIN", "roleDescription": "Members in this group can modify group policy for the domain", "status": "A" } ], "bpmEnabled": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/391480", "resourceType": "Role" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Role" ], "name": "Group Policy Creator Owners", "attributes": {}, "id": 391480, "enableByDefault": false }, ............. ] } Query by id Query a role by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/Role/393195 Response 200 OK { "approvalEnd": "2021-02-04 15:39:05", "ownedRoles": [], "description": "AD role", "granteeGroups": [], "informationSystemName": "Operation/Business process/ad", "password": false, "system": "ad", "ownerGroups": [], "ownerRoles": [ { "informationSystem": "Operation/Business process/ad", "ownerRole": 63, "ownerRoleDescription": "SOFFID Administrator", "roleId": 393195, "mandatory": true, "enabled": true, "ownerSystem": "soffid", "system": "ad", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleGrant/1563461", "resourceType": "RoleGrant" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleGrant" ], "roleName": "AD role", "hasDomain": false, "id": 1563461, "ownerRoleName": "SOFFID_ADMIN", "roleDescription": "AD role", "status": "A" } ], "bpmEnabled": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/393195", "resourceType": "Role" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Role" ], "name": "AD role", "approvalStart": "2021-02-04 15:39:05", "attributes": {}, "id": 393195, "enableByDefault": false } Create Request POST https:///soffid/webservice/scim2/v1/Role JSON { "schemas": [ "urn:soffid:com.soffid.iam.api.Role" ], "name": "App Billing Role", "description": "Role Admin for Billing application", "informationSystemName": "Operation/Business 2/App Billing", "system": "test", "password": false, "bpmEnabled": false, "enableByDefault": false, "granteeGroups": [], "ownedRoles": [], "ownerGroups": [], "ownerRoles": [] } Response 201 Created { "ownedRoles": [], "description": "Role Admin for Billing application", "granteeGroups": [], "informationSystemName": "Operation/Business 2/App Billing", "password": false, "system": "test", "ownerGroups": [], "ownerRoles": [], "bpmEnabled": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/1976590", "resourceType": "Role" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Role" ], "name": "App Billing Role", "attributes": {}, "id": 1976590, "enableByDefault": false } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/Role/1976590 JSON { "schemas": [ "urn:soffid:com.soffid.iam.api.Role" ], "Operations": [ { "op": "replace", "path": "system", "value": "soffid" } ] } Response 200 OK { "ownedRoles": [], "description": "Role Admin for Billing application", "granteeGroups": [], "informationSystemName": "Operation/Business 2/App Billing", "password": false, "system": "soffid", "ownerGroups": [], "ownerRoles": [], "bpmEnabled": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/1976590", "resourceType": "Role" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Role" ], "name": "App Billing Role", "attributes": {}, "id": 1976590, "enableByDefault": false } Update all This operation replaces all values in the role. Note that the attribute id is required to confirm that the resource "...Role/" is the same that the JSON role. Note that all the attributes not included in the request will be cleared in the role and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information visit Resource data model page Request PUT https:///soffid/webservice/scim2/v1/Role/1976590 JSON { "schemas": [ "urn:soffid:com.soffid.iam.api.Role" ], "id": 1976590, "name": "App Billing", "description": "Role Admin for Billing application", "informationSystemName": "Operation/Business 2/App Billing", "system": "test", "password": false, "bpmEnabled": false, "enableByDefault": false, "granteeGroups": [], "ownedRoles": [], "ownerGroups": [], "ownerRoles": [] } Response 200 OK { "ownedRoles": [], "description": "Role Admin for Billing application", "granteeGroups": [], "informationSystemName": "Operation/Business 2/App Billing", "password": false, "system": "test", "ownerGroups": [], "ownerRoles": [], "bpmEnabled": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Role/1976590", "resourceType": "Role" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Role" ], "name": "App Billing", "attributes": {}, "id": 1976590, "enableByDefault": false } Delete Please note after this delete, the role has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/Role/1976590 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response Notes Note: use of roles with domain values In case of granting roles with domain values, the optional attribute domain value contains the value for that domain. Here is a sample account with permissions for the role SOFFID_OU_DOMAIN and domains D2 and enterprise: { "grantedRoles": [], "roles": [ { "informationSystemName": "SOFFID", "roleName": "SOFFID_OU_MANAGER", "id": 2236442, "roleDescription": "Business unit manager", "domainValue": "D2" }, { "informationSystemName": "SOFFID", "roleName": "SOFFID_OU_MANAGER", "id": 2236447, "roleDescription": "Business unit manager", "domainValue": "enterprise" } ], "description": "faith - faith MUYOYO", "type": { "value": "U" }, "lastUpdated": "2019-07-16T10:35:01+02:00", "ownerGroups": [], "inheritNewPermissions": false, "disabled": false, "id": 1727122, "grantedGroups": [], "managerGroups": [], "passwordPolicy": "I", "managerRoles": [], "created": "2019-07-16T10:26:16+02:00", "system": "soffid", "ownerRoles": [], "meta": { "location": "http://bubu-thinkpad:8080/soffid/webservice/scim/Account/1727122", "resourceType": "Account" }, "name": "faith", "managerUsers": [], "attributes": {}, "grantedUsers": [], "ownerUsers": [ { "lastName": "Smith", "createdByUser": "csv", "mailServer": "null", "nationalID": "", "multiSession": false, "modifiedByUser": "admin", "id": 1727113, "homeServer": "null", "primaryGroupDescription": "Entrprise", "primaryGroup": "enterprise", "comments": "Loaded from CSV file on Mon Aug 05 22:00:00 CEST 2019", "profileServer": "null", "active": true, "fullName": "faith MUYOYO", "userName": "faith", "mailAlias": "", "firstName": "faith", "createdDate": "2019-07-16T10:26:16+02:00", "phoneNumber": "", "modifiedDate": "2019-12-12T17:06:42+01:00", "userType": "I" } ] } Notes about role domains By default, roles have no security domain (sometimes referred to as scope).  When a security domain is assigned to a role, each account-role object is tagged with the proper security domain value. It is allowed to assign one role multiple times to the same user, as long as each assignment is tagged with a different security domain value. For instance, one can create the SOFFID_OU_MANAGER role bound to the GROUPS security domain. Then, you can assign the role SOFFID_OU_MANAGER/Group1 to any user. Four kind of security domains are available: SENSE_DOMAIN: No security domain applies GROUP: A business unit is bound to each grant of this role APLICATION: A information sysstem is bound to each grant of this role Custom domain: Each application can have its own security domains with arbitrary meanings. To set or modify the role domain for a role, one can use  the "domain" attribute. This attribute is a complex object composed of a name and a description. Only the name is mandatory. Notes about role inheritance Role inheritance is driven by the ownedRoles, ownerRoles and ownedGroups. Each of these attributes is an array of grants. Each grant has the following attributes: ownerRole: id of owner role. ownerSystem: name of owner role's system.  ownerRoleName: name of owner role's name. ownerRolDomainValue: security domain of the owner role. If a user is granted with the owner role, and the ownerRolDomainValue does not match the grant domain, the inheritance rule does not apply. roleId: id of owned role. system: name of owned role's system roleName: name of owned role's name domainValue: security domain of the owned role.  The role inheritance can vary slightly depending on whether the owned role and the owner role are in the same domain or not: Resulting domain value Owner role has no domain Owner role has a different domain Same domain Domain value not specified Blank Blank Owner role domain value Domain value specified Specified value Specified value Specified value SCIM Group type examples Operations This page shows the operations that can be performed for the Group Type object List all Request GET https:///soffid/webservice/scim2/v1/GroupType Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "roleHolder": true, "updatedBy": "admin", "createdBy": "admin", "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/GroupType/24552", "resourceType": "GroupType" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.GroupType" ], "name": "App Billing Role", "description": "Role Admin for Billing application", "id": 24552, "updatedOn": "2026-03-06 08:37:45", "createdOn": "2026-03-06 08:37:45" }, { "roleHolder": true, "updatedBy": "admin", "createdBy": "admin", "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/GroupType/24553", "resourceType": "GroupType" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.GroupType" ], "name": "Example group type", "description": "Example group type", "id": 24553, "updatedOn": "2026-03-06 08:38:43", "createdOn": "2026-03-06 08:38:43" } ] } List by filter List all group types with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/GroupType?filter=description co exa Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "roleHolder": true, "updatedBy": "admin", "createdBy": "admin", "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/GroupType/24553", "resourceType": "GroupType" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.GroupType" ], "name": "Example group type", "description": "Example group type", "id": 24553, "updatedOn": "2026-03-06 08:38:43", "createdOn": "2026-03-06 08:38:43" } ] } Query by id Query a group type by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/GroupType/24553 Response 200 OK { "roleHolder": true, "updatedBy": "admin", "createdBy": "admin", "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/GroupType/24553", "resourceType": "GroupType" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.GroupType" ], "name": "Example group type", "description": "Example group type", "id": 24553, "updatedOn": "2026-03-06 08:38:43", "createdOn": "2026-03-06 08:38:43" } Create Request POST https:///soffid/webservice/scim2/v1/GroupType JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.GroupType" ], "name": "Example group type", "description": "Example group type", "roleHolder": true } Response 201 Created { "roleHolder": true, "updatedBy": "admin", "createdBy": "admin", "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/GroupType/24553", "resourceType": "GroupType" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.GroupType" ], "name": "Example group type", "description": "Example group type", "id": 24553, "updatedOn": "2026-03-06 08:38:43.002", "createdOn": "2026-03-06 08:38:43.002" } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/GroupType/1976710 JSON { "Operations": [ { "op": "replace", "path": "name", "value": "OU" } ] } Response 200 OK { "roleHolder": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupType/1976710", "resourceType": "OUType" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.GroupType" ], "name": "OU", "description": "New OU", "id": 1976710 } Update all This operation replaces all values in the group type. Note that the attribute id is required to confirm that the resource "...OUType/" is the same that the JSON group type. Note that all the attributes not included in the request will be cleared in the group type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information visit Resource data model page Request PUT https:///soffid/webservice/scim2/v1/GroupType/1976590 JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.GroupType" ], "id": 1976710, "name": "ChangeOU" } Response 200 OK { "roleHolder": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupType/1976710", "resourceType": "OUType" }, "schemas": [ "urn:soffid:com.soffid.iam.base.api.GroupType" ], "name": "ChangeOU", "id": 1976710 } Delete Please note after this delete, the group type has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/GroupType/1976710 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM User type examples Operations This page shows the operations that can be performed for the user type object List all Request GET https:///soffid/webservice/scim2/v1/UserType Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 3, "startIndex": 1, "Resources": [ { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/29", "resourceType": "UserType" }, "unmanaged": false, "schemas": [ "urn:soffid:com.soffid.iam.api.UserType" ], "name": "S", "description": "SSO account (USE IT)", "id": 29 }, { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/31", "resourceType": "UserType" }, "unmanaged": false, "schemas": [ "urn:soffid:com.soffid.iam.api.UserType" ], "name": "E", "description": "External user", "id": 31 }, { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/33", "resourceType": "UserType" }, "unmanaged": false, "schemas": [ "urn:soffid:com.soffid.iam.api.UserType" ], "name": "I", "description": "Internal user", "id": 33 } ] } List by filter List all user types with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/UserType?filter=description co sso Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/29", "resourceType": "UserType" }, "unmanaged": false, "schemas": [ "urn:soffid:com.soffid.iam.api.UserType" ], "name": "S", "description": "SSO account (USE IT)", "id": 29 } ] } Query by id Query a user type by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/UserType/33 Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserType/33", "resourceType": "UserType" }, "unmanaged": false, "schemas": [ "urn:soffid:com.soffid.iam.api.UserType" ], "name": "I", "description": "Internal user", "id": 33 } Create Request POST https:///soffid/webservice/scim2/v1/UserType JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.UserType" ], "name": "O", "description": "Other user", "managed": false } Response 201 Created { "updatedBy": "admin", "createdBy": "admin", "managed": false, "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/UserType/24555", "resourceType": "UserType" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.UserType" ], "name": "O", "description": "Other user", "id": 24555, "updatedOn": "2026-03-06 08:53:08.447", "createdOn": "2026-03-06 08:53:08.447" } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/UserType/24555 JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.UserType" ], "Operations": [ { "op": "replace", "path": "name", "value": "OT" } ] } Response 200 OK { "updatedBy": "admin", "createdBy": "admin", "managed": false, "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/UserType/24555", "resourceType": "UserType" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.UserType" ], "name": "OT", "description": "Other user", "id": 24555, "updatedOn": "2026-03-06 08:56:26.711", "createdOn": "2026-03-06 08:53:08" } Update all This operation replaces all values in the roole. Note that the attribute id is required to confirm that the resource "...UserType/" is the same that the JSON user type. Note that all the attributes not included in the request will be cleared in the user type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information see Resource data model page Request PUT https:///soffid/webservice/scim2/v1/UserType/1976718 JSON { "schemas": [ "urn:soffid:com.soffid.iam.base.api.UserType" ], "id": 24555, "name": "OY" } Response 200 OK { "updatedBy": "admin", "managed": true, "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/UserType/24555", "resourceType": "UserType" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.UserType" ], "name": "OY", "id": 24555, "updatedOn": "2026-03-06 08:57:31.781" } Delete Please note after this delete, the user type has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/UserType/24555 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM UserGroup examples Operations This page shows the operations that can be performed for the object that establishes the relationship between groups and users. You can add, delete and or modify users in a group. List all Request GET https:///soffid/webservice/scim2/v1/UserGroup Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "updatedBy": "admin", "groupId": 647, "start": "2026-03-06 09:08:42", "fullName": "Cas Kelp", "updatedOn": "2026-03-06 09:08:42", "userId": 18327, "createdOn": "2026-03-06 09:08:42", "groupDescription": "World", "createdBy": "admin", "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/UserGroup/24560", "resourceType": "UserGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.UserGroup" ], "disabled": false, "attributes": {}, "id": 24560, "user": "ckelp", "primaryGroup": true, "group": "world" } ] } List by filter List all GroupUsers with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/UserGroup?filter=groupDescription co "wo" Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "updatedBy": "admin", "groupId": 647, "start": "2026-03-06 09:08:42", "fullName": "Cas Kelp", "updatedOn": "2026-03-06 09:08:42", "userId": 18327, "createdOn": "2026-03-06 09:08:42", "groupDescription": "World", "createdBy": "admin", "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/UserGroup/24560", "resourceType": "UserGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.UserGroup" ], "disabled": false, "attributes": {}, "id": 24560, "user": "ckelp", "primaryGroup": true, "group": "world" } ] } Query by id Query a GroupUser by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/UserGroup/1974296 Response 200 OK { "groupDescription": "Help desk support team", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/UserGroup/1974296", "resourceType": "UserGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.api.UserGroup" ], "start": "2021-05-05 12:49:51", "fullName": "John Smith", "disabled": false, "attributes": { "startDate": "2021-05-04 00:00:00" }, "id": 1974296, "user": "jsmith", "primaryGroup": false, "group": "it" } Create This option allows you to add a user to a specific group. Request POST https:///soffid/webservice/scim2/v1/UserGroup JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.UserGroup" ], "group": "world", "groupDescription": "Help desk support team", "user": "ckelp", "fullName": "Casey Kelp", "primaryGroup": true, "attributes": {} } Response 201 Created { "updatedBy": "admin", "groupId": 647, "start": "2026-03-06 09:08:42.103", "fullName": "Cas Kelp", "updatedOn": "2026-03-06 09:08:42.136", "userId": 18327, "createdOn": "2026-03-06 09:08:42.128", "groupDescription": "World", "createdBy": "admin", "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/UserGroup/24560", "resourceType": "UserGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.UserGroup" ], "disabled": false, "attributes": {}, "id": 24560, "user": "ckelp", "primaryGroup": true, "group": "world" } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/UserGroup/1976741 JSON { "Operations": [ { "op": "replace", "path": "groupDescription", "value": "Enterprise engineering team" }, { "op": "replace", "path": "group", "value": "EngineeringTeam" } ] } Response 200 OK { "groupDescription": "Enterprise engineering team", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser/1976741", "resourceType": "GroupUser" }, "schemas": [ "urn:soffid:com.soffid.iam.api.GroupUser" ], "start": "2021-05-11 10:39:23", "fullName": "Casey Kelp", "disabled": false, "attributes": {}, "id": 1976741, "user": "ckelp", "primaryGroup": true, "group": "EngineeringTeam" } Update all This operation replaces all values in the GroupUser. Note that the attribute id is required to confirm that the resource "...GroupUser/" is the same that the JSON GroupUser. Note that all the attributes not included in the request will be cleared in the GroupUser type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information see Resource data model page Request PUT https:///soffid/webservice/scim2/v1/UserGroup/1976741 JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.GroupUser" ], "id": 1976741, "group": "it", "groupDescription": "Help desk support team", "user": "ckelp", "fullName": "Casey Kelp", "primaryGroup": true, "attributes": {} } Response 200 OK { "groupDescription": "Help desk support team", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/GroupUser/1976741", "resourceType": "GroupUser" }, "schemas": [ "urn:soffid:com.soffid.iam.api.GroupUser" ], "fullName": "Casey Kelp", "disabled": false, "attributes": {}, "id": 1976741, "user": "ckelp", "primaryGroup": true, "group": "it" } Delete This option allows you to remove a user from a specific group. Please note after this delete, the group user has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/UserGroup/1976741 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM RoleAccount examples Operations This page shows the operations that can be performed for the object that establishes the relationship between roles and accounts. You can assign, revoke and or modify roles to an account. List all Request GET https:///soffid/webservice/scim2/v1/RoleAccount Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 3530, "startIndex": 1, "itemsPerPage": 100, "Resources": [ { "certificationDate": "2020-02-13 23:01:44", "accountSystem": "soffid", "accountName": "admin", "userGroupCode": "admingroup", "approvalPending": false, "userFullName": "Soffid Administrator", "bpmEnforced": "S", "userCode": "admin", "enabled": true, "accountId": 103, "informationSystemName": "Operation/Business 2/SOFFID", "system": "soffid", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount/110", "resourceType": "RoleAccount" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleAccount" ], "roleName": "SOFFID_ADMIN", "removalPending": false, "id": 110, "roleDescription": "SOFFID Administrator", "startDate": "2020-02-13 12:00:00" }, { "certificationDate": "2020-12-15 10:48:44", "accountSystem": "soffid", "accountName": "admin", "userGroupCode": "admingroup", "approvalPending": false, "userFullName": "Soffid Administrator", "bpmEnforced": "N", "userCode": "admin", "ruleDescription": "Grants soffid user role to everyone", "enabled": true, "accountId": 103, "informationSystemName": "Operation/Business 2/SOFFID", "system": "soffid", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount/1059370", "resourceType": "RoleAccount" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleAccount" ], "roleName": "SOFFID_USER", "removalPending": false, "id": 1059370, "ruleId": 1059365, "roleDescription": "Soffid user", "startDate": "2020-12-15 00:00:00" }, ................ ] } List by filter List all RoleAccounts with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/soffid/webservice/scim2/v1/RoleAccount?filter=enabled eq true and system eq soffid Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 67, "startIndex": 1, "Resources": [ { "certificationDate": "2020-02-13 23:01:44", "accountSystem": "soffid", "accountName": "admin", "userGroupCode": "admingroup", "approvalPending": false, "userFullName": "Soffid Administrator", "bpmEnforced": "S", "userCode": "admin", "enabled": true, "accountId": 103, "informationSystemName": "Operation/Business 2/SOFFID", "system": "soffid", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount/110", "resourceType": "RoleAccount" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleAccount" ], "roleName": "SOFFID_ADMIN", "removalPending": false, "id": 110, "roleDescription": "SOFFID Administrator", "startDate": "2020-02-13 12:00:00" }, { "certificationDate": "2020-12-13 19:30:51", "accountSystem": "soffid", "accountName": "gbuades", "userGroupCode": "enterprise", "approvalPending": false, "userFullName": "Gabriel Buades ..", "bpmEnforced": "S", "userCode": "gbuades", "enabled": true, "accountId": 1039860, "informationSystemName": "Operation/Business 2/SOFFID", "system": "soffid", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount/1039866", "resourceType": "RoleAccount" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleAccount" ], "roleName": "SOFFID_ADMIN", "removalPending": false, "id": 1039866, "roleDescription": "SOFFID Administrator", "startDate": "2020-12-13 12:00:00" }, ................... ] } Query by id Query a RoleAccount by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/RoleAccount/110 Response 200 OK { "certificationDate": "2020-02-13 23:01:44", "accountSystem": "soffid", "accountName": "admin", "userGroupCode": "admingroup", "approvalPending": false, "userFullName": "Soffid Administrator", "bpmEnforced": "S", "userCode": "admin", "enabled": true, "accountId": 103, "informationSystemName": "Operation/Business 2/SOFFID", "system": "soffid", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/RoleAccount/110", "resourceType": "RoleAccount" }, "schemas": [ "urn:soffid:com.soffid.iam.api.RoleAccount" ], "roleName": "SOFFID_ADMIN", "removalPending": false, "id": 110, "roleDescription": "SOFFID Administrator", "startDate": "2020-02-13 12:00:00" } Create This option allows you to assign a role to a specific account. Request POST https:///soffid/webservice/scim2/v1/RoleAccount JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.RoleAccount" ], "accountName": "ckelp", "accountSystem": "soffid", "userName": "ckelp", "userFullName": "Casey Kelp", "roleName": "SOFFID_ADMIN", "roleDescription": "SOFFID Administrator", "informationSystemName": "Operation/Business 2/SOFFID", "system": "soffid", "startDate": "2021-05-10 12:00:00", "certificationDate": "2021-05-10 12:00:00", "enabled": true, "approvalPending": false, "removalPending": false, "bpmEnabled": "N", } Response 201 Created { "accountSystem": "soffid", "accountName": "ckelp", "approvalPending": false, "createdOn": "2026-03-06 09:28:43.421", "enabled": true, "informationSystemName": "SOFFID", "bpmEnabled": "N", "removalPending": false, "id": 24567, "certificationDate": "2026-03-06 09:28:43.421", "updatedBy": "admin", "userGroupCode": "world", "roleId": 632, "userFullName": "Cas Kelp", "updatedOn": "2026-03-06 09:28:43.421", "userName": "ckelp", "accountId": 24563, "system": "soffid", "createdBy": "admin", "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/RoleAccount/24567", "resourceType": "RoleAccount" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.RoleAccount" ], "roleName": "SOFFID_ADMIN", "attributes": {}, "roleDescription": "SOFFID Administrator", "startDate": "2021-05-10 12:00:00" } Delete This option allows you to revoke a role to a specific account. If you have installed the User snapshot backup addon when you delete a RoleAccount, it will be disabled, but never deleted from the database. If you don not have installed the User snapshot backup addon , when you delete the RoleAccount, it will be deleted from the database. Please note after this delete, the RoleAccount has to be created again to use it in the next examples. Request DELETE http:///soffid/webservice/scim2/v1/RoleAccount/1976862 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM Host examples Operations This page shows the operations that can be performed for the host object. List all Request GET https:///soffid/webservice/scim2/v1/Host Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 12, "startIndex": 1, "Resources": [ { "serialNumber": "soffid.bubu.lab:192.168.133.1", "os": "ALT", "mail": false, "ip": "192.168.133.1", "dynamicIp": true, "description": "Autocreated on 12/13/20 6:49:34 PM", "office": false, "lastSeen": "2020-12-13 18:49:34", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1039055", "resourceType": "Host" }, "networkCode": "internal", "schemas": [ "urn:soffid:com.soffid.iam.am.api.Host" ], "name": "soffid.bubu.lab", "id": 1039055, "hostAlias": [], "printersServer": false }, { "os": "ALT", "mail": false, "ip": "10.129.120.4", "dynamicIp": false, "description": "Discovered host iam.soffid.com", "office": false, "lastSeen": "2021-04-05 20:06:19", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1793093", "resourceType": "Host" }, "networkCode": "lab1", "schemas": [ "urn:soffid:com.soffid.iam.am.api.Host" ], "name": "iam.soffid.com", "id": 1793093, "hostAlias": [], "printersServer": false }, ........ ] } List by filter List all Hosts with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/Host?filter=os eq LIN and name co archiva Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "os": "LIN", "mail": false, "ip": "10.129.120.2", "dynamicIp": false, "description": "Discovered host archiva.dev.lab", "office": false, "lastSeen": "2021-04-05 20:04:49", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1793026", "resourceType": "Host" }, "networkCode": "lab1", "schemas": [ "urn:soffid:com.soffid.iam.am.api.Host" ], "name": "archiva.dev.lab", "id": 1793026, "hostAlias": [], "printersServer": false } ] } Query by id Query a Host by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/Host/1793093 Response 200 OK { "os": "ALT", "mail": false, "ip": "10.129.120.4", "dynamicIp": false, "description": "Discovered host iam.soffid.com", "office": false, "lastSeen": "2021-04-05 20:06:19", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1793093", "resourceType": "Host" }, "networkCode": "lab1", "schemas": [ "urn:soffid:com.soffid.iam.am.api.Host" ], "name": "iam.soffid.com", "id": 1793093, "hostAlias": [], "printersServer": false } Create Request POST https:///soffid/webservice/scim2/v1/Host JSON { "schemas": [ "urn:soffid:com.soffid.iam.am.api.Host" ], "name": "billing.dev.lab", "description": "Host billing.dev.lab", "os": "LIN", "mail": false, "dynamicIp": false, "networkCode": "internal", "hostAlias": [ "aliasHost_1", "aliasHost_2" ], "serialNumber": "123456789", "printersServer": false } Response 201 Created { "serialNumber": "123456789", "os": "LIN", "mail": false, "dynamicIp": false, "description": "Host billing.dev.lab", "office": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1976899", "resourceType": "Host" }, "networkCode": "internal", "schemas": [ "urn:soffid:com.soffid.iam.am.api.Host" ], "name": "billing.dev.lab", "id": 1976899, "hostAlias": [ "aliasHost_1", "aliasHost_2" ], "printersServer": false } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/Host/1976899 JSON { "schemas": [ "urn:soffid:com.soffid.iam.am.api.Host" ], "Operations": [ { "op": "replace", "path": "networkCode", "value": "Lab1" }, { "op": "add", "path": "hostAlias", "value": [ "aliasHost_3", "aliasHost_4" ] } ] } Response 200 OK { "serialNumber": "123456789", "os": "LIN", "mail": false, "dynamicIp": false, "description": "Host billing.dev.lab", "office": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1976899", "resourceType": "Host" }, "networkCode": "Lab1", "schemas": [ "urn:soffid:com.soffid.iam.am.api.Host" ], "name": "billing.dev.lab", "id": 1976899, "hostAlias": [ "aliasHost_1", "aliasHost_2", "aliasHost_3", "aliasHost_4" ], "printersServer": false } Update all This operation replaces all values in the Hosts. Note that the attribute id is required to confirm that the resource "...Host/" is the same that the JSON Host. Note that all the attributes not included in the request will be cleared in the Host type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information visit Resource data model page Request PUT https:///soffid/webservice/scim2/v1/Host/1976899 JSON { "schemas": [ "urn:soffid:com.soffid.iam.am.api.Host" ], "id": 1976899, "name": "billing.dev.lab", "description": "Host billing.dev.lab", "os": "LIN", "mail": false, "dynamicIp": false, "networkCode": "internal", "printersServer": false } Response 200 OK { "os": "LIN", "mail": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Host/1976899", "resourceType": "Host" }, "networkCode": "internal", "schemas": [ "urn:soffid:com.soffid.iam.am.api.Host" ], "name": "billing.dev.lab", "dynamicIp": false, "description": "Host billing.dev.lab", "id": 1976899, "hostAlias": [], "printersServer": false } Delete Please note after this delete, the host has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/Host/1976899 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM MailDomain examples Operations This page shows the operations that can be performed for the MailDomain object. List all Request GET https:///soffid/webservice/scim2/v1/MailDomain Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/523263", "resourceType": "MailDomain" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailDomain" ], "name": "soffid.com", "obsolete": false, "description": "Soffid", "id": 523263 }, { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/523265", "resourceType": "MailDomain" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailDomain" ], "name": "soffid.org", "obsolete": false, "description": "Old Domain", "id": 523265 } ] } List by filter List all Mail domain with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/MailDomain?filter=obsolete eq false and description co old Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/523265", "resourceType": "MailDomain" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailDomain" ], "name": "soffid.org", "obsolete": false, "description": "Old Domain", "id": 523265 } ] } Query by id Query a Mail Domain by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/MailDomain/523263 Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/523263", "resourceType": "MailDomain" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailDomain" ], "name": "soffid.com", "obsolete": false, "description": "Soffid", "id": 523263 } Create Request POST https:///soffid/webservice/scim2/v1/MailDomain JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailDomain" ], "name": "newdomain.com", "obsolete": false, "description": "New Domain" } Response 201 Created { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/1976941", "resourceType": "MailDomain" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailDomain" ], "name": "newdomain.com", "obsolete": false, "description": "New Domain", "id": 1976941 } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/MailDomain/1976941 JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailDomain" ], "Operations": [ { "op": "replace", "path": "description", "value": "New domain (xxx)" }, { "op": "replace", "path": "obsolete", "value": "true" } ] } Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/1976941", "resourceType": "MailDomain" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailDomain" ], "name": "newdomain.com", "obsolete": true, "description": "New domain (xxx)", "id": 1976941 } Update all This operation replaces all values in the Mail Domain. Note that the attribute id is required to confirm that the resource "...MailDomain/" is the same that the JSON MailDomain. Note that all the attributes not included in the request will be cleared in the MailDomain type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information visit Resource data model page Request PUT https:///soffid/webservice/scim2/v1/MailDomain/1976941 JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailDomain" ], "id": 1976941, "name": "newdomain.com", "obsolete": false, "description": "New Domain" } Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailDomain/1976941", "resourceType": "MailDomain" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailDomain" ], "name": "newdomain.com", "obsolete": false, "description": "New Domain", "id": 1976941 } Delete Please note after this delete, the mail domain has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/MailDomain/1976941 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM MailList examples Operations This page shows the operations that can be performed for the MailList object. List all Request GET https:///soffid/webservice/scim2/v1/MailList Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 3, "startIndex": 1, "Resources": [ { "groupMembers": [], "usersList": [ "admin", "test2" ], "description": "Test email", "externalList": [], "explodedUsersList": [ "test2", "admin" ], "roleMembers": [], "lists": [ "test@soffid.com" ], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/524071", "resourceType": "MailList" }, "domainName": "soffid.com", "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailList" ], "name": "test", "attributes": {}, "id": 524071, "listsBelong": "test@soffid.com" }, { "groupMembers": [], "usersList": [], "externalList": [], "explodedUsersList": [], "roleMembers": [], "lists": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/1976100", "resourceType": "MailList" }, "domainName": "soffid.org", "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailList" ], "name": "mailList", "attributes": {}, "id": 1976100, "listsBelong": "" }, ...... ] } List by filter List all MailList with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/MailList?filter=description co test Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "groupMembers": [], "usersList": [ "admin", "test2" ], "description": "Test email", "externalList": [], "explodedUsersList": [ "test2", "admin" ], "roleMembers": [], "lists": [ "test@soffid.com" ], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/524071", "resourceType": "MailList" }, "domainName": "soffid.com", "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailList" ], "name": "test", "attributes": {}, "id": 524071, "listsBelong": "test@soffid.com" }, { "groupMembers": [], "usersList": [ "dilbert", "admin" ], "description": "Test email mailList", "externalList": [], "explodedUsersList": [ "dilbert", "admin" ], "roleMembers": [], "lists": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/1976181", "resourceType": "MailList" }, "domainName": "soffid.com", "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailList" ], "name": "mailList2", "attributes": {}, "id": 1976181, "listsBelong": "" } ] } Query by id Query a MailList by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/MailList/524071 Response 200 OK { "groupMembers": [], "usersList": [ "admin", "test2" ], "description": "Test email", "externalList": [], "explodedUsersList": [ "test2", "admin" ], "roleMembers": [], "lists": [ "test@soffid.com" ], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/524071", "resourceType": "MailList" }, "domainName": "soffid.com", "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailList" ], "name": "test", "attributes": {}, "id": 524071, "listsBelong": "test@soffid.com" } Create Request POST https:///soffid/webservice/scim2/v1/MailList JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailList" ], "name": "billingMailList", "domainName": "newdomain.com", "description": "Test email mailList", "usersList": [ "admin", "dilbert" ] } Response 201 Created { "groupMembers": [], "usersList": [ "dilbert", "admin" ], "description": "Test email mailList", "externalList": [], "explodedUsersList": [ "dilbert", "admin" ], "roleMembers": [], "lists": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/1976957", "resourceType": "MailList" }, "domainName": "newdomain.com", "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailList" ], "name": "billingMailList", "attributes": {}, "id": 1976957, "listsBelong": "" } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH http:///soffid/webservice/scim2/v1/GroupUser/1976741 JSON { "Operations": [ { "op": "remove", "path": "usersList", "value": [ "admin", "dilbert" ] } ] } Response 200 OK { "groupMembers": [], "description": "Test email mailList", "externalList": [], "explodedUsersList": [ "dilbert", "admin" ], "roleMembers": [], "lists": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/1976957", "resourceType": "MailList" }, "domainName": "newdomain.com", "schemas": [ "urn:soffid:com.soffid.iam.api.MailList" ], "name": "billingMailList", "attributes": {}, "id": 1976957, "listsBelong": "" } Update all This operation replaces all values in the MailList. Note that the attribute id is required to confirm that the resource "...MailList/" is the same that the JSON MailList. Note that all the attributes not included in the request will be cleared in the MailList type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information visit Resource data model page Request PUT https:///soffid/webservice/scim2/v1/MailList/1976957 JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailList" ], "id": 1976957, "name": "mailList", "domainName": "newdomain.com" } Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/MailList/1976957", "resourceType": "MailList" }, "domainName": "newdomain.com", "schemas": [ "urn:soffid:com.soffid.iam.iga.api.MailList" ], "name": "mailList", "attributes": {}, "id": 1976957 } Delete Please note after this delete, the mail list has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/MailList/1976957 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM Network examples Operations This page shows the operations that can be performed for the Network object. List all Request GET https:///soffid/webservice/scim2/v1/Network Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 6, "startIndex": 1, "Resources": [ { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/67", "resourceType": "Network" }, "ip": "127.0.0.0", "lanAccess": false, "schemas": [ "urn:soffid:com.soffid.iam.am.api.Network" ], "name": "loopback", "description": "Description", "id": 67, "mask": "255.255.255.128", "dhcpSupport": false }, { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/505167", "resourceType": "Network" }, "ip": "172.0.0.0", "lanAccess": false, "schemas": [ "urn:soffid:com.soffid.iam.am.api.Network" ], "name": "int1", "description": "Internal network 1", "id": 505167, "mask": "255.240.0.0", "dhcpSupport": false }, ............... ] } List by filter List all Networks with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/Network?filter=description co labora Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 3, "startIndex": 1, "Resources": [ { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1790267", "resourceType": "Network" }, "ip": "10.129.120.0", "lanAccess": false, "schemas": [ "urn:soffid:com.soffid.iam.am.api.Network" ], "name": "lab1", "description": "Laboratory network 1", "id": 1790267, "mask": "255.255.255.0", "dhcpSupport": false }, { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1790319", "resourceType": "Network" }, "ip": "10.129.121.0", "lanAccess": false, "schemas": [ "urn:soffid:com.soffid.iam.am.api.Network" ], "name": "lab2", "description": "Laboratory network 2", "id": 1790319, "mask": "255.255.255.0", "dhcpSupport": false }, { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1858961", "resourceType": "Network" }, "ip": "10.129.122.0", "lanAccess": true, "schemas": [ "urn:soffid:com.soffid.iam.am.api.Network" ], "name": "lab3", "description": "Laboratory network", "id": 1858961, "mask": "255.255.255.0", "dhcpSupport": false } ] } Query by id Query a Network by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/Network/1038187 Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1038187", "resourceType": "Network" }, "ip": "192.168.133.0", "lanAccess": true, "schemas": [ "urn:soffid:com.soffid.iam.am.api.Network" ], "name": "internal", "description": "Internal Network", "loginRestriction": false, "id": 1038187, "mask": "255.255.255.0", "dhcpSupport": true } Create Request POST https:///soffid/webservice/scim2/v1/Network JSON { "schemas": [ "urn:soffid:com.soffid.iam.api.Network" ], "name": "Laboratory", "description": "Laboratory Network", "ip": "192.168.123.0", "mask": "255.255.255.0", "loginRestriction": false, "lanAccess": true, "dhcpSupport": true } Response 201 Created { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1977114", "resourceType": "Network" }, "ip": "192.168.123.0", "lanAccess": true, "schemas": [ "urn:soffid:com.soffid.iam.api.Network" ], "name": "Laboratory", "description": "Laboratory Network", "loginRestriction": false, "id": 1977114, "mask": "255.255.255.0", "dhcpSupport": true } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/Network/1977114 JSON { "Operations": [ { "op": "replace", "path": "ip", "value": "192.168.125.0" } ] } Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1977114", "resourceType": "Network" }, "ip": "192.168.123.0", "lanAccess": true, "schemas": [ "urn:soffid:com.soffid.iam.am.api.Network" ], "name": "Laboratory", "description": "Laboratory Network", "loginRestriction": false, "id": 1977114, "mask": "255.255.255.0", "dhcpSupport": true } Update all This operation replaces all values in the Network. Note that the attribute id is required to confirm that the resource "...Network/" is the same that the JSON Network. Note that all the attributes not included in the request will be cleared in the Network type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information visit Resource data model page Request PUT https:///soffid/webservice/scim2/v1/Network/1977114 JSON { "schemas": [ "urn:soffid:com.soffid.iam.am.api.Network" ], "id": 1977114, "name": "Laboratory", "ip": "192.168.123.0", "mask": "255.255.255.0" } Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/Network/1977114", "resourceType": "Network" }, "ip": "192.168.123.0", "schemas": [ "urn:soffid:com.soffid.iam.am.api.Network" ], "name": "Laboratory", "id": 1977114, "mask": "255.255.255.0", "dhcpSupport": false } Delete Please note after this delete, the network has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/Network/1977114 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM DomainValue examples Operations This page shows the operations that can be performed for the DomainValue object. The DomainValue is related to Information Systems. Role scope or domains are properties that can be assigned to some entitlements, limiting the scope of that entitlement. This can be used to limit, for instance, the maximum amount allowed for a money transfer, or the commercial zones to manage. List all Request GET https:///soffid/webservice/scim2/v1/DomainValue Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 4, "startIndex": 1, "Resources": [ { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/499623", "resourceType": "DomainValue" }, "domainName": "Zone", "externalCodeDomain": "Operation", "schemas": [ "urn:soffid:com.soffid.iam.iga.api.DomainValue" ], "description": "Twenty", "id": 499623, "value": "20" }, { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/499629", "resourceType": "DomainValue" }, "domainName": "Zone", "externalCodeDomain": "Operation", "schemas": [ "urn:soffid:com.soffid.iam.iga.api.DomainValue" ], "description": "Eleven", "id": 499629, "value": "10" }, ............. ] } List by filter List all DomainValues with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/DomainValue?filter=description co Tw Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/499623", "resourceType": "DomainValue" }, "domainName": "Zone", "externalCodeDomain": "Operation", "schemas": [ "urn:soffid:com.soffid.iam.iga.api.DomainValue" ], "description": "Twenty", "id": 499623, "value": "20" } ] } Query by id Query a DomainValue by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/DomainValue/802012 Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/802012", "resourceType": "DomainValue" }, "domainName": "Company", "externalCodeDomain": "Operation/Business 2/SOFFID", "schemas": [ "urn:soffid:com.soffid.iam.api.DomainValue" ], "description": "Soffid", "id": 802012, "value": "Soffid" } Create Request POST https:///soffid/webservice/scim2/v1/DomainValue JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.DomainValue" ], "domainName": "Company", "externalCodeDomain": "Operation/Business 2/SOFFID", "description": "bubble", "value": "bubble" } Response 201 Created { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/1977131", "resourceType": "DomainValue" }, "domainName": "Company", "externalCodeDomain": "Operation/Business 2/SOFFID", "schemas": [ "urn:soffid:com.soffid.iam.api.DomainValue" ], "description": "bubble", "id": 1977131, "value": "bubble" } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/DomainValue/1976741 JSON { "Operations": [ { "op": "replace", "path": "description", "value": "Bubble description" } ] } Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/DomainValue/1977131", "resourceType": "DomainValue" }, "domainName": "Company", "externalCodeDomain": "Operation/Business 2/SOFFID", "schemas": [ "urn:soffid:com.soffid.iam.iga.api.DomainValue" ], "description": "Bubble description", "id": 1977131, "value": "bubble" } Update all This operation replaces all values in the DomainValue. Note that the attribute id is required to confirm that the resource "...DomainValue/" is the same that the JSON DomainValue. Note that all the attributes not included in the request will be cleared in the DomainValue type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information visit the Resource data model page Request PUT https:///soffid/webservice/scim2/v1/DomainValue/1977131 JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.GroupUser" ], "id": 1976741, "group": "it", "groupDescription": "Help desk support team", "user": "ckelp", "fullName": "Casey Kelp", "primaryGroup": true, "attributes": {} } Response 200 OK { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.DomainValue" ], "id": 1977131, "domainName": "Company", "externalCodeDomain": "Operation/Business 2/SOFFID", "description": "New bubble", "value": "Newbubble" } Delete Please note after this delete, the DomainValue has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/DomainValue/1977131 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM VaultFolder examples Operations This page shows the operations that can be performed for the VaultFolder object List all Request GET https:///soffid/webservice/scim2/v1/VaultFolder/ Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 4, "startIndex": 1, "Resources": [ { "grantedRoles": [], "accessLevel": "O", "managerRoles": [], "navigateUsers": [], "navigateRoles": [], "description": "Accounts that won't be shared", "personal": true, "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/368461", "resourceType": "VaultFolder" }, "schemas": [ "urn:soffid:com.soffid.iam.am.api.VaultFolder" ], "name": "Personal accounts", "managerUsers": [], "navigateGroups": [], "id": 368461, "grantedGroups": [], "managerGroups": [], "grantedUsers": [], "ownerUsers": [ "admin" ] }, { "grantedRoles": [], "accessLevel": "O", "managerRoles": [], "navigateUsers": [ "test2", "admin" ], "navigateRoles": [], "description": "Password vault", "personal": false, "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/515461", "resourceType": "VaultFolder" }, "schemas": [ "urn:soffid:com.soffid.iam.am.api.VaultFolder" ], "name": "vault", "managerUsers": [], "navigateGroups": [], "id": 515461, "grantedGroups": [], "managerGroups": [], "grantedUsers": [], "ownerUsers": [ "admin" ] }, ............ ] } List by filter List all VaultFolders with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/VaultFolder/?filter=personal eq true Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "grantedRoles": [], "accessLevel": "O", "managerRoles": [], "navigateUsers": [], "navigateRoles": [], "description": "Accounts that won't be shared", "personal": true, "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/368461", "resourceType": "VaultFolder" }, "schemas": [ "urn:soffid:com.soffid.iam.am.api.VaultFolder" ], "name": "Personal accounts", "managerUsers": [], "navigateGroups": [], "id": 368461, "grantedGroups": [], "managerGroups": [], "grantedUsers": [], "ownerUsers": [ "admin" ] } ] } Query by id Query a VaultFolder by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/VaultFolder/515461 Response 200 OK { "grantedRoles": [], "accessLevel": "O", "managerRoles": [], "navigateUsers": [ "test2", "admin" ], "navigateRoles": [], "description": "Password vault", "personal": false, "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/515461", "resourceType": "VaultFolder" }, "schemas": [ "urn:soffid:com.soffid.iam.am.api.VaultFolder" ], "name": "vault", "managerUsers": [], "navigateGroups": [], "id": 515461, "grantedGroups": [], "managerGroups": [], "grantedUsers": [], "ownerUsers": [ "admin" ] } Create Request POST https:///soffid/webservice/scim2/v1/VaultFolder JSON { "schemas": [ "urn:soffid:com.soffid.iam.am.api.VaultFolder" ], "name": "Folder Billing", "description": "Folder Billing", "parentFolder": "vault", "parentId": 515461, "personal": false, "accessLevel": "M", "ownerUsers": [ "admin" ], "navigateUsers": [ "admin" ] } Response 201 Created { "grantedRoles": [], "accessLevel": "O", "managerRoles": [], "navigateUsers": [ "admin" ], "navigateRoles": [], "description": "Folder Billing", "personal": false, "parentId": 515461, "parentFolder": "vault", "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/1977703", "resourceType": "VaultFolder" }, "schemas": [ "urn:soffid:com.soffid.iam.am.api.VaultFolder" ], "name": "Folder Billing", "managerUsers": [], "navigateGroups": [], "id": 1977703, "grantedGroups": [], "managerGroups": [], "grantedUsers": [], "ownerUsers": [ "admin" ] } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/VaultFolder/1977703 JSON { "Operations": [ { "op": "replace", "path": "description", "value": "Vault folder billing" }, { "op": "add", "path": "navigateUsers", "value": [ "dilbert", "asea" ] } ] } Response 200 OK { "grantedRoles": [], "accessLevel": "O", "managerRoles": [], "navigateUsers": [ "asea", "dilbert", "admin" ], "navigateRoles": [], "description": "Vault folder billing", "personal": false, "parentId": 515461, "parentFolder": "vault", "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/1977703", "resourceType": "VaultFolder" }, "schemas": [ "urn:soffid:com.soffid.iam.am.api.VaultFolder" ], "name": "Folder Billing", "managerUsers": [], "navigateGroups": [], "id": 1977703, "grantedGroups": [], "managerGroups": [], "grantedUsers": [], "ownerUsers": [ "admin" ] } Update all This operation replaces all values in the VaultFolder. Note that the attribute id is required to confirm that the resource "...VaultFolder/" is the same that the JSON VaultFolder. Note that all the attributes not included in the request will be cleared in the GroupUser type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information visit Resource data model page Request PUT https:///soffid/webservice/scim2/v1/VaultFolder/1977703 JSON { "schemas": [ "urn:soffid:com.soffid.iam.am.api.VaultFolder" ], "id": 1977703, "name": "Folder Billing", "description": "Folder Billing", "parentFolder": "vault", "parentId": 515461, "personal": false, "accessLevel": "M", "ownerUsers": [ "admin" ] } Response 200 OK { "grantedRoles": [], "accessLevel": "O", "managerRoles": [], "navigateUsers": [], "navigateRoles": [], "description": "Folder Billing", "personal": false, "parentId": 515461, "parentFolder": "vault", "ownerGroups": [], "ownerRoles": [], "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/VaultFolder/1977703", "resourceType": "VaultFolder" }, "schemas": [ "urn:soffid:com.soffid.iam.am.api.VaultFolder" ], "name": "Folder Billing", "managerUsers": [], "navigateGroups": [], "id": 1977703, "grantedGroups": [], "managerGroups": [], "grantedUsers": [], "ownerUsers": [ "admin" ] } Delete Please note after this delete, the VaultFolder has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/VaultFolder/1977703 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM System examples Operations This page shows the operations that can be performed for the Systems object (Agents). List all Request GET https:///soffid/webservice/scim2/v1/System Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 16, "startIndex": 1, "Resources": [ { "accessControl": false, "usersDomain": "DEFAULT", "fullReconciliation": false, "authoritative": false, "description": "Soffid system", "groups": "", "threads": 1, "className": "- no class -", "userTypes": "I", "groupsList": [], "readOnly": false, "passwordsDomain": "DEFAULT", "timeStamp": "2020-04-18 19:32:37", "rolebased": true, "trusted": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/44", "resourceType": "System" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.System" ], "name": "soffid", "id": 44, "passwordsDomainId": 27, "tenant": "master", "generateTasksOnLoad": true }, { "accessControl": false, "usersDomain": "DEFAULT", "fullReconciliation": false, "authoritative": false, "description": "External SSO accounts", "groups": "admingroup,enterprise", "threads": 1, "className": "com.soffid.iam.sync.sso.agent.SSOAgent", "userTypes": "S,I", "groupsList": [ "admingroup", "enterprise" ], "readOnly": false, "url": "local", "passwordsDomain": "DEFAULT", "timeStamp": "2020-09-21 10:17:38", "rolebased": false, "trusted": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/47", "resourceType": "System" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.System" ], "name": "SSO", "id": 47, "manualAccountCreation": true, "passwordsDomainId": 27, "tenant": "master", "generateTasksOnLoad": true }, ................ ] } List by filter List all Systems with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/System?filter=description co 10.129. Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "accessControl": false, "description": "Discovered host 10.129.122.22", "className": "com.soffid.iam.sync.agent.SimpleSSHAgent", "userTypes": "", "passwordsDomain": "DEFAULT", "rolebased": false, "id": 1885153, "manualAccountCreation": true, "tenant": "master", "generateTasksOnLoad": false, "param7": "false", "usersDomain": "DEFAULT", "param6": "UTF-8", "fullReconciliation": true, "authoritative": false, "sharedDispatcher": true, "param0": "soffid", "groups": "", "threads": 1, "groupsList": [], "readOnly": false, "param3": "10.129.122.22", "param4": "true", "url": "local", "param2": "517y1hF40k4=", "timeStamp": "2021-04-23 12:23:15", "trusted": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/1885153", "resourceType": "System" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.System" ], "name": "10.129.122.22", "passwordsDomainId": 27 }, { "accessControl": false, "description": "Discovered host 10.129.122.25", "className": "com.soffid.iam.sync.agent.SimpleWindowsAgent", "userTypes": "", "passwordsDomain": "DEFAULT", "rolebased": false, "id": 1890334, "manualAccountCreation": true, "tenant": "master", "generateTasksOnLoad": false, "param7": "false", "usersDomain": "DEFAULT", "fullReconciliation": true, "authoritative": false, "sharedDispatcher": true, "param0": "Administrador", "groups": "", "threads": 1, "groupsList": [], "readOnly": false, "param3": "10.129.122.25", "param4": "true", "url": "local", "param2": "VFJV1pSRfE7s", "timeStamp": "2021-04-23 20:00:34", "trusted": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/1890334", "resourceType": "System" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.System" ], "name": "10.129.122.25", "passwordsDomainId": 27 } ] } Query by id Query a System by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/System/389082 Response 200 OK { "accessControl": true, "description": "Active Directory.", "className": "com.soffid.iam.sync.agent2.CustomizableActiveDirectoryAgent", "userTypes": "I", "passwordsDomain": "DEFAULT", "rolebased": true, "id": 389082, "manualAccountCreation": false, "tenant": "master", "generateTasksOnLoad": true, "param7": "true", "param8": "true", "usersDomain": "DEFAULT", "fullReconciliation": false, "authoritative": true, "sharedDispatcher": false, "param0": "ad.bubu.lab", "groups": "", "threads": 1, "groupsList": [], "readOnly": false, "param3": "C27Nv4vjbIsI", "url": "https://soffid.bubu.lab:1760/", "param1": "dc=ad,dc=bubu,dc=lab", "param2": "ad\\Administrator", "timeStamp": "2021-04-07 09:31:59", "trusted": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/389082", "resourceType": "System" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.System" ], "name": "ad", "passwordsDomainId": 27 } Create Request POST https:///soffid/webservice/scim2/v1/System JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.System" ], "name": "SQLRRHH", "description": "SQL RRHH test", "className": "com.soffid.iam.sync.agent.SQLAgent2", "userTypes": "E,I", "passwordsDomain": "DEFAULT", "usersDomain": "DEFAULT" } Response 201 Created { "accessControl": false, "usersDomain": "DEFAULT", "fullReconciliation": false, "authoritative": false, "description": "SQL RRHH test", "groups": "", "threads": 1, "className": "com.soffid.iam.sync.agent.SQLAgent2", "userTypes": "I,E", "groupsList": [], "readOnly": false, "passwordsDomain": "DEFAULT", "timeStamp": "2021-05-12 10:58:35", "rolebased": false, "trusted": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/1977157", "resourceType": "System" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.System" ], "name": "SQLRRHH", "id": 1977157, "passwordsDomainId": 27, "tenant": "master", "generateTasksOnLoad": false } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/System/1977157 JSON { "Operations": [ { "op": "replace", "path": "param0", "value": "user" }, { "op": "replace", "path": "param1", "value": "password" }, { "op": "replace", "path": "param2", "value": "jdbc:mysql://localhost/personal" } ] } Response 200 OK { "accessControl": false, "description": "SQL RRHH test", "className": "com.soffid.iam.sync.agent.SQLAgent2", "userTypes": "I,E", "passwordsDomain": "DEFAULT", "rolebased": false, "id": 1977157, "tenant": "master", "generateTasksOnLoad": false, "usersDomain": "DEFAULT", "fullReconciliation": false, "authoritative": false, "param0": "user", "groups": "", "threads": 1, "groupsList": [], "readOnly": false, "param1": "password", "param2": "jdbc:mysql://localhost/personal", "timeStamp": "2021-05-12 10:59:44", "trusted": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/1977157", "resourceType": "System" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.System" ], "name": "SQLRRHH", "passwordsDomainId": 27 } Update all This operation replace all values in the System. Note that the attribute id is required to confirm that the resource "...System/" is the same that the JSON System. Note that all the attributes not included in the request will be cleared in the System type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information visit Resource data model page Request PUT http:///soffid/webservice/scim2/v1/System/1977157 JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.System" ], "id": 1977157, "name": "SQLRRHH", "description": "SQL RRHH test", "className": "com.soffid.iam.sync.agent.SQLAgent2", "userTypes": "E,I", "passwordsDomain": "DEFAULT", "usersDomain": "DEFAULT" } Response 200 OK { "accessControl": false, "usersDomain": "DEFAULT", "fullReconciliation": false, "authoritative": false, "description": "SQL RRHH test", "groups": "", "threads": 1, "className": "com.soffid.iam.sync.agent.SQLAgent2", "userTypes": "I,E", "groupsList": [], "readOnly": false, "passwordsDomain": "DEFAULT", "timeStamp": "2021-05-12 11:02:49", "rolebased": false, "trusted": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/System/1977157", "resourceType": "System" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.System" ], "name": "SQLRRHH", "id": 1977157, "passwordsDomainId": 27, "tenant": "master", "generateTasksOnLoad": false } Delete Please note after this delete, the System has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/System/1977157 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM CustomObject examples Operations This page shows the operations that can be performed for the CustomObjects object List all Request GET https:///soffid/webservice/scim2/v1/CustomObject Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 6, "startIndex": 1, "Resources": [ { "meta": { "location": "http://soffid.pat.lab:8080/webservice/scim2/v1/CustomObject/848157", "resourceType": "CustomObject" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.CustomObject" ], "name": "aa", "description": "aaa", "attributes": { "address": "2" }, "id": 848157, "type": "building" }, { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/1510208", "resourceType": "CustomObject" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.CustomObject" ], "name": "ES", "description": "Spain", "attributes": { "language": "English" }, "id": 1510208, "type": "country" }, .......... ] } List by filter List all CustomObjects with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/CustomObject?filter=description eq Spain Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/1510208", "resourceType": "CustomObject" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.CustomObject" ], "name": "ES", "description": "Spain", "attributes": { "language": "English" }, "id": 1510208, "type": "country" } ] } Query by id Query a CustomObject by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/CustomObject/848062 Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/848062", "resourceType": "CustomObject" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.CustomObject" ], "name": "HQ", "description": "Headquarters", "attributes": { "address": "1" }, "id": 848062, "type": "building" } Create Request POST https:///soffid/webservice/scim2/v1/CustomObject JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.CustomObject" ], "name": "IT", "description": "Italy", "type": "country", "attributes": { "language": "English" } } Response 201 Created { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/1977187", "resourceType": "CustomObject" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.CustomObject" ], "name": "IT", "description": "Italy", "attributes": { "language": "English" }, "id": 1977187, "type": "country" } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/CustomObject/1977187 JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.CustomObject" ], "Operations": [ { "op": "replace", "path": "attributes", "value": { "language": "German" } } ] } Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/1977187", "resourceType": "CustomObject" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.CustomObject" ], "name": "IT", "description": "Italy", "attributes": { "language": "German" }, "id": 1977187, "type": "country" } Update all This operation replaces all values in the CustomObject. Note that the attribute id is required to confirm that the resource "...CustomObject/" is the same that the JSON CustomObject. Note that all the attributes not included in the request will be cleared in the CustomObject type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information see Resource data model page Request PUT https:///soffid/webservice/scim2/v1/CustomObject/1977187 JSON { "schemas": [ "urn:soffid:com.soffid.iam.iga.api.CustomObject" ], "id": 1977187, "name": "IT", "description": "Italy", "type": "country", "attributes": { "language": "English" } } Response 200 OK { "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/CustomObject/1977187", "resourceType": "CustomObject" }, "schemas": [ "urn:soffid:com.soffid.iam.iga.api.CustomObject" ], "name": "IT", "description": "Italy", "attributes": { "language": "English" }, "id": 1977187, "type": "country" } Delete Please note after this delete, the CustomObject has to be created again to use it in the next examples. Request DELETE https:///soffid/webservice/scim2/v1/CustomObject/1977187 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM ProcessDefinition examples Operations This page shows the operations that can be performed for the ProcessDefinitions object List all Request GET https:///soffid/webservice/scim2/v1/ProcessDefinition Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 8, "startIndex": 1, "Resources": [ { "author": "admin", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessDefinition/1474063", "resourceType": "ProcessDefinition" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition" ], "name": "User registration", "deployed": "2021-02-11 16:42:08", "tag": "27", "id": 1474063, "version": 27, "enabled": true }, { "author": "admin", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessDefinition/1857694", "resourceType": "ProcessDefinition" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition" ], "name": "User request", "deployed": "2021-04-15 16:10:11", "tag": "19", "id": 1857694, "version": 19, "enabled": true }, ............. ] } List by filter List all ProcessDefinitions with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/ProcessDefinition?filter=name co request Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "author": "admin", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessDefinition/1946303", "resourceType": "ProcessDefinition" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition" ], "name": "Permissions request", "deployed": "2021-04-30 08:48:58", "tag": "23", "id": 1946303, "type": "RoleApproval", "version": 23, "enabled": true }, { "author": "admin", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessDefinition/1857694", "resourceType": "ProcessDefinition" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition" ], "name": "User request", "deployed": "2021-04-15 16:10:11", "tag": "19", "id": 1857694, "version": 19, "enabled": true } ] } Query by id Query a ProcessDefinition by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/ProcessDefinition/1857694 Response 200 OK { "author": "admin", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessDefinition/1857694", "resourceType": "ProcessDefinition" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessDefinition" ], "name": "User request", "deployed": "2021-04-15 16:10:11", "tag": "19", "id": 1857694, "version": 19, "enabled": true } Create This operation is not allowed. Update partial This operation is not allowed. Update all This operation is not allowed. Delete This operation is not allowed. Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM ProcessInstance examples Operations This page shows the operations that can be performed for the ProcessInstances object. List all Request GET https:///soffid/webservice/scim2/v1/ProcessInstance Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 311, "startIndex": 1, "Resources": [ { "dummyProcess": false, "variables": {}, "comments": [ { "actor": "admin Soffid Administrator", "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.Comment" ], "time": "2020-09-30 09:57:15", "message": "Comentario" } ], "processDefinition": 628635, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/626161", "resourceType": "ProcessInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance" ], "start": "2020-09-29 20:34:46", "currentTask": "Entrada de la consulta", "description": "Consultar la base de datos", "end": "2020-11-11 15:05:48", "id": 626161 }, { "dummyProcess": false, "variables": {}, "comments": [], "processDefinition": 628635, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/626179", "resourceType": "ProcessInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance" ], "start": "2020-09-29 20:35:22", "currentTask": "Entrada de la consulta", "description": "Consultar la base de datos", "end": "2020-11-11 15:05:44", "id": 626179 }, .......... ] } List by filter List all ProcessInstances with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/ProcessInstance?filter=description co Permission and currentTask eq Start Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 8, "startIndex": 1, "Resources": [ { "dummyProcess": false, "variables": { "requester": "admin", "grants": [], "requesterName": "Soffid Administrator" }, "comments": [], "processDefinition": 1054785, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1053984", "resourceType": "ProcessInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance" ], "start": "2020-12-14 14:49:20", "currentTask": "Start", "description": "Permissions request", "end": "2021-01-29 08:25:28", "id": 1053984 }, { "dummyProcess": false, "variables": { "requester": "admin", "grants": [], "requesterName": "Soffid Administrator" }, "comments": [], "processDefinition": 1946303, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1378380", "resourceType": "ProcessInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance" ], "start": "2021-01-29 08:26:30", "currentTask": "Start", "description": "Permissions request", "id": 1378380 }, ........... ] } Query by id Query a ProcessInstance by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/ProcessInstance/1378380 Response 200 OK { "dummyProcess": false, "variables": { "requester": "admin", "grants": [], "requesterName": "Soffid Administrator" }, "comments": [], "processDefinition": 1946303, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1378380", "resourceType": "ProcessInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance" ], "start": "2021-01-29 08:26:30", "currentTask": "Start", "description": "Permissions request", "id": 1378380 } Create Request POST https:///soffid/webservice/scim2/v1/ProcessInstance JSON { "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance" ], "dummyProcess": false, "variables": { "requester": "ckelp", "grants": [], "requesterName": "Casey Kelp" }, "comments": [], "processDefinition": 1946303, "description": "Permissions request" } Response 201 Created { "dummyProcess": false, "variables": { "requester": "ckelp", "grants": [], "requesterName": "Casey Kelp" }, "comments": [], "processDefinition": 1946303, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1378380", "resourceType": "ProcessInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance" ], "start": "2021-01-29 08:26:30", "currentTask": "Start", "description": "Permissions request", "id": 1378380 } Update partial Only attributes with changes will be updated, the other will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/GroupUser/1976741 JSON { "Operations": [ { "op": "replace", "path": "start", "value": "2021-05-14 00:00:00" } ] } Response 200 OK { "dummyProcess": false, "variables": { "requester": "admin", "grants": [], "requesterName": "Soffid Administrator" }, "comments": [], "processDefinition": 1946303, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1378380", "resourceType": "ProcessInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance" ], "start": "2021-05-14 00:00:00", "currentTask": "Start", "description": "Permissions request", "id": 1378380 } Update all This operation replaces all values in the ProcessInstance. Note that the attribute id is required to confirm that the resource "...ProcessInstance/" is the same that the JSON ProcessInstance. Note that all the attributes not included in the request will be cleared in the ProcessInstance type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information see Resource data model page Request PUT - https:///soffid/webservice/scim2/v1/ProcessInstance/1474138 JSON { "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance" ], "id": 1378380, "dummyProcess": false, "variables": { "requester": "ckelp", "grants": [], "requesterName": "Casey Kelp" }, "comments": ["comments"], "processDefinition": 1946303, "start": "2021-05-14 00:00:00", "currentTask": "Start", "description": "Permissions request" } Response 200 OK { "dummyProcess": false, "variables": { "requester": "ckelp", "grants": [], "requesterName": "Casey Kelp" }, "comments": [ "comments" ], "processDefinition": 1946303, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/ProcessInstance/1378380", "resourceType": "ProcessInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.ProcessInstance" ], "start": "2021-05-14 00:00:00", "currentTask": "Start", "description": "Permissions request", "id": 1378380 } Delete When you delete a ProcessInstance, it will be disabled, but never deleted from the database, this ProcessInstance will have an end date. Please note after this delete, the ProcessInstance has to be created again to use it in the next examples. Request DELETE - https:///webservice/scim2/v1/ProcessInstance/1977873 Response 204 No Content 204 No Content Error response For more infomation about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM TaskInstance examples Operations This page shows the operations that can be performed for the TaskInstances object. List all Request GET https:///soffid/webservice/scim2/v1/TaskInstance Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 6, "startIndex": 1, "Resources": [ { "variables": { "requester": "admin", "grants": [ { "ownersString": "SOFFID_ADMIN ", "comments": "", "roleId": 393447, "userFullName": "Soffid Administrator", "owners": [ "SOFFID_ADMIN" ], "userName": "admin", "approved": false, "applicationDescription": "SOFFID Identity Manager", "taskInstance": 1762656, "schemas": [ "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo" ], "denied": false, "roleDescription": "Accounting Manager", "applicationName": "Container/Business 2/SOFFID" } ], "requesterName": "Soffid Administrator" }, "processDefinition": 1762352, "description": "Approve ", "pooledActors": [ "SOFFID_ADMIN" ], "priority": 3, "transitions": [ "Rechazar", "Aceptar" ], "dummyTask": false, "processName": "Modificar permisos", "processId": 1762544, "blocking": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1762656", "resourceType": "TaskInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.TaskInstance" ], "name": "Approve", "create": "2021-03-30 19:57:35", "cancelled": false, "id": 1762656, "open": true, "signalling": true }, { "variables": { "requester": "admin", "grants": [ { "ownersString": "admin ", "comments": "", "roleId": 393447, "userFullName": "Soffid Administrator", "owners": [ "admin" ], "userName": "admin", "approved": false, "applicationDescription": "SOFFID Identity Manager", "taskInstance": 1861549, "schemas": [ "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo" ], "denied": false, "roleDescription": "Accounting Manager", "applicationName": "Operation/Business 2/SOFFID" } ], "requesterName": "Soffid Administrator" }, "processDefinition": 1946303, "description": "Approve pending permissions", "pooledActors": [ "admin" ], "priority": 3, "transitions": [ "Reject", "Approve" ], "dummyTask": false, "processName": "Permissions request", "processId": 1861537, "blocking": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1861549", "resourceType": "TaskInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.TaskInstance" ], "name": "Approve", "create": "2021-04-17 21:00:46", "cancelled": false, "id": 1861549, "open": true, "signalling": true }, .................... ] } List by filter List all TaskInstances with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/TaskInstance?count=2&filter=processName eq "Permissions request" and name eq Approve Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 4, "startIndex": 1, "Resources": [ { "variables": { "requester": "admin", "grants": [ { "ownersString": "admin ", "comments": "", "roleId": 393447, "userFullName": "Soffid Administrator", "owners": [ "admin" ], "userName": "admin", "approved": false, "applicationDescription": "SOFFID Identity Manager", "taskInstance": 1861549, "schemas": [ "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo" ], "denied": false, "roleDescription": "Accounting Manager", "applicationName": "Operation/Business 2/SOFFID" } ], "requesterName": "Soffid Administrator" }, "processDefinition": 1946303, "description": "Approve pending permissions", "pooledActors": [ "admin" ], "priority": 3, "transitions": [ "Reject", "Approve" ], "dummyTask": false, "processName": "Permissions request", "processId": 1861537, "blocking": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1861549", "resourceType": "TaskInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.TaskInstance" ], "name": "Approve", "create": "2021-04-17 21:00:46", "cancelled": false, "id": 1861549, "open": true, "signalling": true }, { "variables": { "requester": "admin", "grants": [ { "ownersString": "admin ", "comments": "", "roleId": 393103, "userFullName": "Soffid Administrator", "owners": [ "admin" ], "userName": "admin", "approved": false, "applicationDescription": "Active Directory", "taskInstance": 1638273, "schemas": [ "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo" ], "denied": false, "roleDescription": "Enterprise Administrators", "applicationName": "Container/Business process/ad" } ], "requesterName": "Soffid Administrator" }, "processDefinition": 1946303, "start": "2021-05-10 12:57:31", "description": "Approve pending permissions", "pooledActors": [ "admin" ], "priority": 3, "transitions": [ "Reject", "Approve" ], "dummyTask": false, "actorId": "admin", "processName": "Permissions request", "processId": 1638261, "blocking": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1638273", "resourceType": "TaskInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.TaskInstance" ], "name": "Approve", "create": "2021-03-11 16:33:41", "cancelled": false, "id": 1638273, "open": true, "signalling": true }, .............. ] } Query by id Query a TaskInstance by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/TaskInstance/1861549 Response 200 OK { "variables": { "requester": "admin", "grants": [ { "ownersString": "admin ", "comments": "", "roleId": 393447, "userFullName": "Soffid Administrator", "owners": [ "admin" ], "userName": "admin", "approved": false, "applicationDescription": "SOFFID Identity Manager", "taskInstance": 1861549, "schemas": [ "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo" ], "denied": false, "roleDescription": "Accounting Manager", "applicationName": "Operation/Business 2/SOFFID" } ], "requesterName": "Soffid Administrator" }, "processDefinition": 1946303, "description": "Approve pending permissions", "pooledActors": [ "admin" ], "priority": 3, "transitions": [ "Reject", "Approve" ], "dummyTask": false, "processName": "Permissions request", "processId": 1861537, "blocking": false, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1861549", "resourceType": "TaskInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.TaskInstance" ], "name": "Approve", "create": "2021-04-17 21:00:46", "cancelled": false, "id": 1861549, "open": true, "signalling": true } Create This operation is not allowed. Update partial Only attributes with changes will be updated, the other will mantain the same value. Request PATCH https:///soffid/webservice/scim2/v1/TaskInstance/1762656 JSON { "Operations": [ { "op": "replace", "path": "blocking", "value": true } ] } Response 200 OK { "variables": { "requester": "admin", "grants": [ { "ownersString": "SOFFID_ADMIN ", "comments": "", "roleId": 393447, "userFullName": "Soffid Administrator", "owners": [ "SOFFID_ADMIN" ], "userName": "admin", "approved": false, "applicationDescription": "SOFFID Identity Manager", "taskInstance": 1762656, "schemas": [ "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo" ], "denied": false, "roleDescription": "Accounting Manager", "applicationName": "Container/Business 2/SOFFID" } ], "requesterName": "Soffid Administrator" }, "processDefinition": 1762352, "description": "Approve ", "pooledActors": [ "SOFFID_ADMIN" ], "priority": 3, "transitions": [ "Rechazar", "Aceptar" ], "dummyTask": false, "processName": "Modificar permisos", "processId": 1762544, "blocking": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1762656", "resourceType": "TaskInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.TaskInstance" ], "name": "Approve", "create": "2021-03-30 19:57:35", "cancelled": false, "id": 1762656, "open": true, "signalling": true } Update all This operation replaces all values in the GroupUser. Note that the attribute id is required to confirm that the resource "...TaskInstance/" is the same that the JSON TaskInstance. Note that all the attributes not included in the request will be cleared in the TaskInstance type and their data will be lost. Note that not all the attributes are updatable, for example tag meta, avoid these tags. For more information visit Resource data model page Request PUT https:///webservice/scim2/v1/TaskInstance/1762656 JSON { "variables": { "requester": "admin", "grants": [ { "ownersString": "SOFFID_ADMIN ", "comments": "", "roleId": 393447, "userFullName": "Soffid Administrator", "owners": [ "SOFFID_ADMIN" ], "userName": "admin", "approved": false, "applicationDescription": "SOFFID Identity Manager", "taskInstance": 1762656, "schemas": [ "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo" ], "denied": false, "roleDescription": "Accounting Manager", "applicationName": "Container/Business 2/SOFFID" } ], "requesterName": "Soffid Administrator" }, "processDefinition": 1762352, "description": "Approve ", "pooledActors": [ "SOFFID_ADMIN" ], "priority": 3, "transitions": [ "Rechazar", "Aceptar" ], "dummyTask": false, "processName": "Modificar permisos", "processId": 1762544, "blocking": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1762656", "resourceType": "TaskInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.TaskInstance" ], "name": "Approve", "create": "2021-03-30 19:57:35", "cancelled": false, "id": 1762656, "open": true, "signalling": true } Response 200 OK { "variables": { "requester": "admin", "grants": [ { "ownersString": "SOFFID_ADMIN ", "comments": "", "roleId": 393447, "userFullName": "Soffid Administrator", "owners": [ "SOFFID_ADMIN" ], "userName": "admin", "approved": false, "applicationDescription": "SOFFID Identity Manager", "taskInstance": 1762656, "schemas": [ "urn:soffid:com.soffid.iam.addons.bpm.common.RoleRequestInfo" ], "denied": false, "roleDescription": "Accounting Manager", "applicationName": "Container/Business 2/SOFFID" } ], "requesterName": "Soffid Administrator" }, "processDefinition": 1762352, "description": "Approve ", "pooledActors": [ "SOFFID_ADMIN" ], "priority": 3, "transitions": [ "Rechazar", "Aceptar" ], "dummyTask": false, "processName": "Modificar permisos", "processId": 1762544, "blocking": true, "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/TaskInstance/1762656", "resourceType": "TaskInstance" }, "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.TaskInstance" ], "name": "Approve", "create": "2021-03-30 19:57:35", "cancelled": false, "id": 1762656, "open": true, "signalling": true } Delete In this case, delete operation will cancel the TaskInstace, but does not be deleted form database. Please note after this delete, the account has to be created again to use it in the next examples. Request DELETE - https:///soffid/webservice/scim2/v1/TaskInstance/1762656 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM Issue examples Operations This page shows the operations that can be performed for the issue object. List all Request GET https:///soffid/webservice/scim2/v1/Issue Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 4, "startIndex": 1, "Resources": [ { "performedActions": "2023-06-09 07:17:25 admin Created\n2023-06-09 09:46:54 admin Acknowledged\n", "acknowledged": "2023-06-09 09:46:54", "created": "2023-06-09 07:17:25", "hosts": [], "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/44656", "resourceType": "Issue" }, "schemas": [ "urn:soffid:com.soffid.iam.rc.api.Issue" ], "description": "Duplicated user bob bobm", "id": 44656, "type": "duplicated-user", "users": [ { "schemas": [ "urn:soffid:com.soffid.iam.api.IssueUser" ], "userName": "bob", "userId": 3941 }, { "schemas": [ "urn:soffid:com.soffid.iam.api.IssueUser" ], "userName": "bobm", "userId": 3971 } ], "status": "A" }, { "acknowledged": "2023-06-09 08:55:49", "created": "2023-06-09 07:29:25", "hosts": [], "description": "Account etaylor@soffid has been locked", "solved": "2023-06-09 08:56:09", "type": "locked-account", "users": [ { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "userName": "etaylor", "userId": 3821 } ], "performedActions": "2023-06-09 07:29:25 $$INTERNAL$$ Created\n2023-06-09 08:49:49 admin User etaylor is disabled\n2023-06-09 08:55:09 admin The account etaylor has been locked\n2023-06-09 08:55:41 admin Notify pgarcia@soffid.com\n2023-06-09 08:55:49 admin Acknowledged\n2023-06-09 08:55:53 admin The account etaylor has been unlocked\n2023-06-09 08:56:09 admin Solved\n", "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/44672", "resourceType": "Issue" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Issue" ], "id": 44672, "account": { "lastLogin": "2023-06-09 07:28:11", "grantedRoles": [], "description": "Elizabeth Taylor", "type": "U", "lastUpdated": "2023-06-09 08:56:07", "ownerGroups": [], "loginName": "etaylor", "inheritNewPermissions": false, "disabled": false, "id": 4994, "managerGroups": [], "grantedGroups": [], "lastPasswordSet": "2023-06-09 07:28:14", "passwordExpiration": "2024-06-08 07:28:14", "passwordPolicy": "I", "accessLevel": "-", "managerRoles": [], "created": "2023-06-02 09:14:36", "hasSnapshot": false, "system": "soffid", "ownerRoles": [], "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account/4994", "resourceType": "Account" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Account" ], "name": "etaylor", "managerUsers": [], "lastChange": "2023-06-09 08:55:53", "attributes": {}, "status": "a", "ownerUsers": [ "etaylor" ], "grantedUsers": [] }, "status": "S" }, { "performedActions": "2023-06-14 06:56:42 admin Created\n", "created": "2023-06-14 06:56:42", "hosts": [], "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/56710", "resourceType": "Issue" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Issue" ], "description": "Duplicated user cdarwin cmartin etaylor", "id": 56710, "type": "duplicated-user", "users": [ { "schemas": [ "urn:soffid:com.soffid.iam.api.IssueUser" ], "userName": "cdarwin", "userId": 4037 }, { "schemas": [ "urn:soffid:com.soffid.iam.api.IssueUser" ], "userName": "cmartin", "userId": 3890 }, { "schemas": [ "urn:soffid:com.soffid.iam.api.IssueUser" ], "userName": "etaylor", "userId": 3821 } ], "status": "N" }, { "performedActions": "2023-06-14 07:02:55 admin Created\n", "created": "2023-06-14 07:02:55", "hosts": [], "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/56728", "resourceType": "Issue" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Issue" ], "description": "Duplicated user cdarwin cmartin etaylor", "id": 56728, "type": "duplicated-user", "users": [ { "schemas": [ "urn:soffid:com.soffid.iam.api.IssueUser" ], "userName": "cdarwin", "userId": 4037 }, { "schemas": [ "urn:soffid:com.soffid.iam.api.IssueUser" ], "userName": "cmartin", "userId": 3890 }, { "schemas": [ "urn:soffid:com.soffid.iam.api.IssueUser" ], "userName": "etaylor", "userId": 3821 } ], "status": "N" } ] } List by filter List all Issues with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET https:///soffid/webservice/scim2/v1/Issue?filter=type co "locked" Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "acknowledged": "2023-06-09 08:55:49", "created": "2023-06-09 07:29:25", "hosts": [], "description": "Account etaylor@soffid has been locked", "solved": "2023-06-09 08:56:09", "type": "locked-account", "users": [ { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "userName": "etaylor", "userId": 3821 } ], "performedActions": "2023-06-09 07:29:25 $$INTERNAL$$ Created\n2023-06-09 08:49:49 admin User etaylor is disabled\n2023-06-09 08:55:09 admin The account etaylor has been locked\n2023-06-09 08:55:41 admin Notify pgarcia@soffid.com\n2023-06-09 08:55:49 admin Acknowledged\n2023-06-09 08:55:53 admin The account etaylor has been unlocked\n2023-06-09 08:56:09 admin Solved\n", "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/44672", "resourceType": "Issue" }, "schemas": [ "urn:soffid:com.soffid.iam.api.Issue" ], "id": 44672, "account": { "lastLogin": "2023-06-09 07:28:11", "grantedRoles": [], "description": "Elizabeth Taylor", "type": "U", "lastUpdated": "2023-06-09 08:56:07", "ownerGroups": [], "loginName": "etaylor", "inheritNewPermissions": false, "disabled": false, "id": 4994, "managerGroups": [], "grantedGroups": [], "lastPasswordSet": "2023-06-09 07:28:14", "passwordExpiration": "2024-06-08 07:28:14", "passwordPolicy": "I", "accessLevel": "-", "managerRoles": [], "created": "2023-06-02 09:14:36", "hasSnapshot": false, "system": "soffid", "ownerRoles": [], "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account/4994", "resourceType": "Account" }, "schemas": [ "urn:soffid:com.soffid.iam.rc.api.Account" ], "name": "etaylor", "managerUsers": [], "lastChange": "2023-06-09 08:55:53", "attributes": {}, "status": "a", "ownerUsers": [ "etaylor" ], "grantedUsers": [] }, "status": "S" } ] } Query by id Query an Issue by its id (primary key).  Request GET https:///soffid/webservice/scim2/v1/Issue/44656 Response 200 OK { "performedActions": "2023-06-09 07:17:25 admin Created\n2023-06-09 09:46:54 admin Acknowledged\n", "acknowledged": "2023-06-09 09:46:54", "created": "2023-06-09 07:17:25", "hosts": [], "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/44656", "resourceType": "Issue" }, "schemas": [ "urn:soffid:com.soffid.iam.api.rc.Issue" ], "description": "Duplicated user bob bobm", "id": 44656, "type": "duplicated-user", "users": [ { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "userName": "bob", "userId": 3941 }, { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "userName": "bobm", "userId": 3971 } ], "status": "A" } Create Request POST https:///soffid/webservice/scim2/v1/Issue JSON { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.Issue" ], "type" : "duplicated-user", "status" : "N", "created" : "2023-06-19 15:30:00", "users" : [{ "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "userName": "david.gomez", "userId": 4630 }, { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "userName": "pepe.garcia", "userId": 4640 }] } Response 201 Created { "requester": "admin@soffid", "updatedBy": "admin", "acknowledged": "2026-03-06 13:26:17", "hosts": [], "created": "2026-03-06 13:26:17.013", "ip": "172.19.0.1", "description": "Duplicated user david.gomez pepe.garcia", "updatedOn": "2026-03-06 13:26:17.018", "type": "duplicated-user", "browsers": [], "users": [ { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "action": "K", "userName": "david.gomez", "userId": 4630 }, { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "action": "K", "userName": "pepe.garcia", "userId": 4640 } ], "actor": "SOFFID_ADMIN@soffid", "number": 1, "performedActions": "2026-03-06 13:26:17 admin Created\n", "times": 1, "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Issue/24589", "resourceType": "Issue" }, "schemas": [ "urn:soffid:com.soffid.iam.rc.api.Issue" ], "id": 24589, "status": "N" } Update partial Only attributes with changes will be updated, the others will maintain the same value. Request PATCH https:///soffid/webservice/scim2/v1/Issue/169336 JSON { "Operations": [ { "op": "replace", "path": "status", "value": "A" } ] } Response 200 OK { "performedActions": "2023-06-21 08:54:04 admin Created\n2023-06-21 08:58:59 admin Acknowledged\n", "acknowledged": "2023-06-21 08:58:59.605", "created": "2023-06-21 08:54:04", "hosts": [], "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue/169336", "resourceType": "Issue" }, "schemas": [ "urn:soffid:com.soffid.iam.rc.api.Issue" ], "description": "Duplicated user bobm bob", "id": 169336, "type": "duplicated-user", "users": [ { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "userName": "bobm", "userId": 3971 }, { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "userName": "bob", "userId": 3941 } ], "status": "A" } Update all This operation replaces all values in the Issues. Note that the attribute id is required to confirm that the resource "...Issue/" is the same that the JSON Issue. Note that all the attributes not included in the request will be cleared in the Issue type and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information visit Resource data model page Request PUT https:///soffid/webservice/scim2/v1/Issue/169336 JSON { "schemas": [ "urn:soffid:com.soffid.iam.bpm.api.rc.Issue" ], "requester": "ckelp", "type": "ANOMALY", "description": "Suspicious login activity detected", "times": 1, "status": "A", "system": "soffid", "ip": "192.168.1.100", "country": "ES", "account": "ckelp", "loginName": "ckelp", "htmlDescription": "

Suspicious login activity detected

", "actor": "ckelp", "users": [], "hosts": [], "browsers": [] } Response 200 OK { "requester": "admin@soffid", "updatedBy": "admin", "acknowledged": "2026-03-06 13:36:04.859", "hosts": [], "created": "2026-03-06 13:26:17", "ip": "172.19.0.1", "description": "Duplicated user david.gomez pepe.garcia", "updatedOn": "2026-03-06 13:36:04.859", "type": "duplicated-user", "browsers": [], "users": [ { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "action": "K", "userName": "david.gomez", "userId": 4630 }, { "schemas": [ "urn:soffid:com.soffid.iam.rc.api.IssueUser" ], "action": "K", "userName": "pepe.garcia", "userId": 4640 } ], "actor": "SOFFID_ADMIN@soffid", "number": 1, "performedActions": "2026-03-06 13:26:17 admin Created\n2026-03-06 13:36:04 admin Acknowledged\n", "times": 1, "meta": { "location": "https://console.soffid4.local:8443/soffid/webservice/scim2/v1/Issue/24589", "resourceType": "Issue" }, "schemas": [ "urn:soffid:com.soffid.iam.rc.api.Issue" ], "id": 24589, "status": "A" } Delete This operation is not allowed. Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM for OTP devices SCIM for OTP devices ⏰ Getting Started Introduction Soffid allows you to combine two of the most powerful addons you can use into Soffid Console, SCIM, and OTP .  Please note that the SCIM REST Web Service Add-on installed must be installed, please check this part in How to use SCIM in Soffid # Installation Please note that a user with the authentication is required, please check this part in How to use SCIM in Soffid # Confirm authorization Please note that is recommended to use a REST client, please see our example in Testing tool # RESTer Please note that the correct header parameters must be used, please browse them in SCIM in Soffid # HTTP request Please note that the OTP addon must be installed and configured,  check it in OTP Settings OTP Device Types OTP device types available  TOTP : Time based HMAC Token HOTP : Event based HMAC Token EMAIL SMS PIN : Security PIN OTP Device Status OTP device status available : C: Created V: Validated L: Locked D: Disabled OTP Operations Soffid provides an API that allows you to connect to the OTP microservices. The available operations are the following List all  List by filter Query by id Create Update Validate Send SMS Delete You can visit the SCIM OTP devices examples page for more detailed information Workflows With the previous operations, using the SCIM OTP API, we can define some workflows. You can visit the SCIM OTP devices Workflows examples page SCIM OTP devices examples Operations This page shows the operations that can be performed for the OTP devices object. List all Request GET http:///soffid/webservice/scim2/v1/OtpDevice Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 25, "startIndex": 1, "Resources": [ { "lastUsed": "2021-10-14 06:57:00", "created": "2021-10-14 06:44:43", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880", "links": { "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/requestChallenge", "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/responseChallenge" }, "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "name": "TOTP00000001", "id": 4022880, "type": "TOTP", "user": "franck", "fails": 0, "status": "D" }, { "created": "2021-10-14 08:37:38", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4024384", "links": { "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4024384/requestChallenge", "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4024384/responseChallenge" }, "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "name": "Email message to pg*****@so****.co*", "id": 4024384, "type": "EMAIL", "user": "patricia", "fails": 0, "email": "patricia@soffid.com", "status": "D" }, { "created": "2021-10-14 11:17:52", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4024416", "links": { "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4024416/requestChallenge", "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4024416/responseChallenge" }, "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "phone": "666555444", "name": "SMS message to 66*****44", "id": 4024416, "type": "SMS", "user": "agatha", "fails": 0, "status": "V" }, ............. ............. ] } List by filter List all the OTP devices with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET http:///soffid/webservice/scim2/v1/OtpDevice?filter=type eq "TOTP" Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 7, "startIndex": 1, "Resources": [ { "lastUsed": "2021-10-14 06:57:00", "created": "2021-10-14 06:44:43", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880", "links": { "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/requestChallenge", "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/responseChallenge" }, "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "name": "TOTP00000001", "id": 4022880, "type": "TOTP", "user": "franck", "fails": 0, "status": "D" }, ............. ............. ] } Query by id Query a OTP device by its id (primary key).  Request GET http:///soffid/webservice/scim2/v1/OtpDevice/5007882 Response 200 OK { "created": "2022-02-22 07:46:51", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5007882", "links": { "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5007882/requestChallenge", "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5007882/responseChallenge" }, "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "name": "TOTP00000035", "id": 5007882, "type": "TOTP", "user": "admin", "fails": 0, "status": "C" } Create Allows you to create a new OTP device. It is important the type of the OTP you want to create, and depending on this, it will be mandatory to add new attributes to the request. SMS : add to the JSON the phone attribute EMAIL : add to the JSON the email attribute PIN : add to the JSON the pin attribute Request http:///soffid/webservice/scim2/v1/OtpDevice JSON { "meta": { "location": "http:///webservice/scim2/v1/OtpDevice", "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "type": "TOTP", "user": "admin" } Response 200 OK { "image": "iVBORw0KGgoAAAANSUhEUgAAAMgAAADIAQAAAACFI5MzAAAC3klEQVR4Xu2XP66jMBDGB7lwFy5gydeg40rkAoRcgFzJna+B5AtA58Ji9hueQvJWu8UbS6stMoqiwA9lrPn7Qfw3o99vnPYhHyL2L0mghhOz2Xue+tJGIltBIm9haQPdgufsButxp4LQlc1M+C5tSLt1TSWJyy26Jvipd2NfTTJPHU/kmlxariS8RX6w2fhwwt+i82OC/ER3fX2+Ze7HBJbp0iGieCQh54dpSaCBaOz8SmbukfY0C1STJAHIZkdQe947d6khkYau3KKZrNktzs77MwYawoTCuTFqEDytHY1PPxqSEQPPwY3WoOeu0WzPbGtIoNH6tTdzt1BX2ky3w7mSZAnkA95sQge3eRmfMdAQhh8pwLFL94ACR/9VkOzvbB5oX0LnuaEz9xoS/YORcNROGY7jn/nREE5bwCRwFwtveOQtBgoSJc9rnzggOWm27nUCBcnws1wI3OPgeOpVVQqCkdynqU+rLWQx+fwxEtTEEZXBLoO4KjcpzAqScZWQbczRNphZOq+CBHcNkuQmSs+hm4enHw1hXBWM9o39PS4XW161oyBhIZt2MishP/imy3kCDUEAyo3LpZe2m/BUDYlmtdjbUoDYtIQNyRUkLPj7jdNE5g4hIKVUQWK5BszRQh3PWBf0pncUJCAhRjJDGPZokbdtpiCMooYHs8rZ4WehKuIhnZqM0YIKSo+czsmnIRFKpxyyArfd8FY7GoKRzISg7gSInqsj2UwdYVZh+c+9jATMZj2J0rUi7ix0YsFsFt9qIrtR5PA9o10wYPx0nlpDjJRhD4Xi0MoP6NnTj4KEQ4WJFvNbXlDWZ+1oCCwujWhYg7S3sVQR0bDUYj3GI+3xpa81BPoah+3T/UvDygqqIShDNxIq2q8dftD7W4GGRLyBYT0ujdRRedOwOgKRgvMiS446z2JqwjKfMJUJextCm87dqCHIj+xGj0WxMbT/8v7G8mPyZ/uQDxH7n8kvJ2XgRr9Rxi0AAAAASUVORK5CYII=", "created": "2022-02-22 07:46:51", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5007882", "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "name": "TOTP00000035", "id": 5007882, "type": "TOTP", "user": "admin", "fails": 0, "status": "C" } Example JSON SMS { "type": "SMS", "user": "dilbert", "phone": "6665552222" } Example JSON EMAIL { "type": "EMAIL", "user": "dilbert", "email": "dilbert@soffid.com" } Example JSON PIN { "type": "PIN", "user": "dilbert", "email": "123456789" } Update partial Only attributes with changes will be updated, the other will mantain the same value. This example shows how  to enable an OTP device. Request PATCH http:///soffid/webservice/scim2/v1/OtpDevice/5007882 JSON { "Operations": [ { "op": "replace", "path": "status", "value": "V" } ] } Response 200 OK { "created": "2022-02-22 07:46:51", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5007882", "links": { "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5007882/requestChallenge", "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5007882/responseChallenge" }, "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "name": "TOTP00000035", "id": 5007882, "type": "TOTP", "user": "admin", "fails": 0, "status": "V" } Request Challenge This operation allows Soffid to obtain the PIN code for a specific OTP device. We can use this method to send an email or SMS, depending on the type of OTP device. Request GET http:////soffid/webservice/scim2/v1/OtpDevice//requestChallenge Response 200 OK { "cell": "PIN", "cardNumber": "SMS message to 66*****22" } Response Challenge This operation allows you to validate a PIN code for a specific OTP device. Request POST http:////soffid/webservice/scim2/v1/OtpDevice//responseChallenge JSON { "pin": "12345678" } Response 200 OK { "success": false, "locked": false } Delete In this case, delete operation will cancel the TaskInstace, but does not be deleted form database. Please note after this delete, the account has to be created again to use it in the next examples. Request DELETE - http:///soffid/webservice/scim2/v1/OtpDevice/5007967 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM OTP devices Workflows examples Workflow Examples Workflow 1 1. Create Email OTP device Request GET http:///soffid/webservice/scim2/v1/OtpDevice JSON { "type": "EMAIL", "user": "dilbert", "email": "dilbert@soffid.com" } Response 200 OK { "created": "2022-03-09 13:39:52", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5099461", "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "name": "Email message to di*****@so****.co*", "id": 5099461, "type": "EMAIL", "user": "dilbert", "fails": 0, "email": "dilbert@soffid.com", "status": "C" } 2. RequestChallenge to get the PIN code Request GET http:///soffid/webservice/scim2/v1/OtpDevice/5099461/requestChallenge Response 200 OK { "cell": "PIN", "cardNumber": "Email message to di*****@so****.co*" } 3. ResponseChallenge to validate the PIN code Request POST http:///soffid/webservice/scim2/v1/OtpDevice/5099461/responseChallenge JSON { "pin": "839231" } Response 200 OK { "success": true, "locked": false } 4. Enable OTP device Request PATCH http:///soffid/webservice/scim2/v1/OtpDevice/5099461 JSON { "Operations": [ { "op": "replace", "path": "status", "value": "V" } ] } Response { "created": "2022-03-09 13:39:52", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5099461", "links": { "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5099461/requestChallenge", "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/5099461/responseChallenge" }, "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "name": "Email message to di*****@so****.co*", "id": 5099461, "type": "EMAIL", "user": "dilbert", "fails": 0, "email": "dilbert@soffid.com", "status": "V" } Workflow 2 1. Get TOTP devices Obtain all unused OTP devices by 2022. Request  GET http:///soffid/webservice/scim2/v1/OtpDevice?filter=lastUsed le "2022-01-01" Response 200 Ok { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 5, "startIndex": 1, "Resources": [ { "lastUsed": "2021-10-14 06:57:00", "created": "2021-10-14 06:44:43", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880", "links": { "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/requestChallenge", "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/responseChallenge" }, "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "name": "TOTP00000001", "id": 4022880, "type": "TOTP", "user": "admin", "fails": 0, "status": "E" }, { "lastUsed": "2021-10-14 06:59:33", "created": "2021-10-14 06:58:05", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022891", "links": { "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022891/requestChallenge", "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022891/responseChallenge" }, "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "name": "TOTP00000002", "id": 4022891, "type": "TOTP", "user": "ckelp", "fails": 0, "status": "C" }, ..... ] } 2. Disable OTP device Disble the OTP devices one by one Request PATCH http:///soffid/webservice/scim2/v1/OtpDevice/4022880 JSON { "Operations": [ { "op": "replace", "path": "status", "value": "D" } ] } Response 200 Ok { "lastUsed": "2021-10-14 06:57:00", "created": "2021-10-14 06:44:43", "meta": { "location": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880", "links": { "requestChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/requestChallenge", "responseChallenge": "http://soffid.pat.lab:8080/soffid/webservice/scim2/v1/OtpDevice/4022880/responseChallenge" }, "resourceType": "OtpDevice" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.otp.common.OtpDevice" ], "name": "TOTP00000001", "id": 4022880, "type": "TOTP", "user": "admin", "fails": 0, "status": "D" }       SCIM for Federation SCIM for Service Providers ⏰ Getting Started Introduction Soffid allows you to combine two of the most powerful addons you can use into Soffid Console, SCIM, and Federation .  Please note that the SCIM REST Web Service Add-on installed must be installed, please check this part in How to use SCIM in Soffid # Installation Please note that a user with the authentication is required, please check this part in How to use SCIM in Soffid # Confirm authorization Please note that it is recommended to use a REST client, please see our example in Testing tool # RESTer Please note that the correct header parameters must be used, please browse them in SCIM in Soffid # HTTP request Please note that the Federation addon must be installed and configured,  check it in the Federation book . Identify Service Provider classe : "S" Service providers Types Service providers types available  SAML : saml SAML API client : soffid-saml OpenID Connect : openid-connect OpenID Dynamic Register : openid-dynamic-register Radius client : radius CAS client : cas Open Id Mechanism PA: User's password AC: Authorization code PC: User's password + Client credentials IM: Implicit Federation  Operations Soffid provides an API that allows you to connect to the Federation microservices. The available operations are the following List all  List by filter Query by id Create Update Delete You can visit the SCIM Federation Member examples and the SCIM Entity Group examples page  for more detailed information. SCIM Entity Group examples Operations This page shows the functions that can be performed for the Entity Group object. List all Request GET http:///soffid/webservice/scim2/v1/EntityGroup Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 3, "startIndex": 1, "Resources": [ { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/5462422", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-demoIdP", "id": 5462422 }, { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6725679", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "Soffid", "id": 6725679 }, { "metadataUrl": "test-2", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 } ] } List by filter List all entity groups with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET http:///soffid/webservice/scim2/v1/EntityGroup?filter=name co "test" Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 3, "startIndex": 1, "Resources": [ { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/5462422", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-demoIdP", "id": 5462422 }, { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6725679", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "Soffid", "id": 6725679 }, { "metadataUrl": "test-2", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 } ] } Query by id Query an entity group by its id (primary key).  Request GET http:///soffid/webservice/scim2/v1/EntityGroup/5462422 Response 200 OK { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/5462422", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-demoIdP", "id": 5462422 } Create Request POST http:///soffid/webservice/scim2/v1/EntityGroup JSON { "metadataUrl": "test-3", "name": "test-3" } Response 201 Created { "metadataUrl": "test-3", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780695", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-3", "id": 6780695 } Update partial Only attributes with changes will be updated, the others will maintain the same value. Request PATCH http:///soffid/webservice/scim2/v1/EntityGroup/6780695 JSON { "Operations" : [ { "op" : "replace", "path" : "name", "value": "SP Cloud" }, { "op" : "replace", "path" : "metadataUrl", "value": "SP Cloud" } ] } Response 200 OK { "metadataUrl": "SP Cloud", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780695", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "SP Cloud", "id": 6780695 } Update all This operation replaces all values in the entity group. Note that the attribute id is required to confirm that the resource "...EntityGroup/" is the same that the JSON EntityGroup. Note that all the attributes not included in the request will be cleared in the EntityGroup and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information see the Resource data model page Request PUT http:///soffid/webservice/scim2/v1/EntityGroup/1976590 JSON { "metadataUrl": "SP Cloud Test", "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "SP Cloud Test", "id": 6780695 } Response 200 OK { "metadataUrl": "SP Cloud Test", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780695", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "SP Cloud Test", "id": 6780695 } Delete Please note, after this deletion, the entity group has to be created again to use it in the following examples. Request DELETE http:///soffid/webservice/scim2/v1/EntityGroup/6780695 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response SCIM Federation Members examples Operations This page shows the functions that can be performed for the Federation Member object. List all Request GET http:///soffid/webservice/scim2/v1/FederationMember Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 15, "startIndex": 1, "Resources": [ { "internal": false, "allowRecover": false, "disableSSL": false, "impersonations": [], "roles": [], "ssoCookieName": "soffid_sso_session", "entityGroup": { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/5462422", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-demoIdP", "id": 5462422 }, "metadades": "{\n \"authorization_endpoint\": \"https://server/oauth2/auth\",\n \"token_endpoint\": \"https://server/oauth2/token\",\n \"userinfo_endpoint\": \"https://server/oauth2/userinfo\",\n \"scopes_supported\": [ \"openid\",\"email\",\"profile\"],\n \"display\": \"page\"\n}", "authenticationMethods": "P", "storeUser": false, "contact": "pgarcia@soffid.com", "loginHintScript": "loginHint", "id": 5999758, "enableCaptcha": false, "classe": "I", "idpType": "openid-connect", "keytabs": [], "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/5999758", "resourceType": "FederationMember" }, "organization": "Soffid", "extendedAuthenticationMethods": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "OpenIDConnect_Test", "serviceProvider": [], "allowRegister": false, "publicId": "OpenIDConnect_ID" }, { "classe": "S", "internal": false, "allowRecover": false, "disableSSL": false, "virtualIdentityProvider": [], "impersonations": [], "roles": [], "registrationTokenExpiration": "2024-04-04 08:04:47", "uidExpression": "userName", "entityGroup": { "metadataUrl": "test-2", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 }, "keytabs": [], "allowedScopes": [ { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6798983", "resourceType": "AllowedScope" }, "scope": "*", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6798983 }, { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6798984", "resourceType": "AllowedScope" }, "scope": "openid", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6798984 } ], "openidMechanism": [ "PA", "AC", "PC", "IM" ], "openidLogoutUrl": [], "openidSectorIdentifierUrl": "http://localhost:4204", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6796706", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "OpenIDDynamicRegister-Test2", "openidUrl": [], "id": 6796706, "maxRegistrations": 3, "allowRegister": false, "publicId": "OpenIDDynamicRegister-publicId-test2", "serviceProviderType": "openid-dynamic-register" }, ........ ] } List by filter List all entity groups with a filter expression. It is allowed to use pagination and sort the information, for more information visit the Sorting and Pagination information. Request GET http:///soffid/webservice/scim2/v1/FederationMember?filter=name co "Dynamic" Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "classe": "S", "internal": false, "allowRecover": false, "disableSSL": false, "virtualIdentityProvider": [], "impersonations": [], "roles": [ "SOFFID_USER@soffid" ], "registrationTokenExpiration": "2023-11-09 07:57:20", "entityGroup": { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/5462422", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-demoIdP", "id": 5462422 }, "keytabs": [], "allowedScopes": [ { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6617980", "resourceType": "AllowedScope" }, "scope": "openid", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6617980 }, { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6617977", "resourceType": "AllowedScope" }, "scope": "*", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6617977 } ], "openidMechanism": [ "PA", "AC" ], "openidLogoutUrl": [], "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6617976", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "Dynamic Register SP", "openidUrl": [], "id": 6617976, "maxRegistrations": 2, "allowRegister": false, "publicId": "DR", "serviceProviderType": "openid-dynamic-register" }, { "classe": "S", "internal": false, "allowRecover": false, "disableSSL": false, "virtualIdentityProvider": [], "impersonations": [], "roles": [ "SOFFID_USER@soffid" ], "registrationTokenExpiration": "2022-11-10 00:00:00", "entityGroup": { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/5462422", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-demoIdP", "id": 5462422 }, "keytabs": [], "allowedScopes": [ { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6622593", "resourceType": "AllowedScope" }, "scope": "*", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6622593 }, { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6622594", "resourceType": "AllowedScope" }, "scope": "openid", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6622594 } ], "openidMechanism": [], "openidLogoutUrl": [], "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6622589", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "Dynamic Register SP 2", "openidUrl": [], "id": 6622589, "maxRegistrations": 1, "allowRegister": false, "publicId": "DR2", "serviceProviderType": "openid-dynamic-register" } ] } Query by id Query a federation member by its id (primary key).  Request GET http:///soffid/webservice/scim2/v1/FederationMember/6617976 Response 200 OK { "classe": "S", "internal": false, "allowRecover": false, "disableSSL": false, "virtualIdentityProvider": [], "impersonations": [], "roles": [ "SOFFID_USER@soffid" ], "registrationTokenExpiration": "2023-11-09 07:57:20", "entityGroup": { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/5462422", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-demoIdP", "id": 5462422 }, "keytabs": [], "allowedScopes": [ { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6617980", "resourceType": "AllowedScope" }, "scope": "openid", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6617980 }, { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6617977", "resourceType": "AllowedScope" }, "scope": "*", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6617977 } ], "openidMechanism": [ "PA", "AC" ], "openidLogoutUrl": [], "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6617976", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "Dynamic Register SP", "openidUrl": [], "id": 6617976, "maxRegistrations": 2, "allowRegister": false, "publicId": "DR", "serviceProviderType": "openid-dynamic-register" } Create (SAML) Request POST http:///soffid/webservice/scim2/v1/FederationMember JSON { "name": "App SAML Cloud" , "publicId" : "http://:8090/apps/user_saml/saml/metadata", "classe": "S", "serviceProviderType": "saml", "entityGroup": { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 } } Response 201 Created { "classe": "S", "internal": false, "allowRecover": false, "disableSSL": false, "virtualIdentityProvider": [], "impersonations": [], "roles": [], "entityGroup": { "metadataUrl": "test-2", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 }, "keytabs": [], "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6798992", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "App SAML Cloud", "id": 6798992, "allowRegister": false, "publicId": "http://:8090/apps/user_saml/saml/metadata", "serviceProviderType": "saml" } Create (SAML API client) Request POST http:///soffid/webservice/scim2/v1/FederationMember JSON { "name": "Test-IdP" , "publicId" : "https://some.idp.com/identifier/", "classe": "S", "serviceProviderType": "soffid-saml", "entityGroup": { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 } } Response 201 Created { "classe": "S", "internal": true, "allowRecover": false, "disableSSL": false, "virtualIdentityProvider": [], "impersonations": [], "roles": [], "entityGroup": { "metadataUrl": "test-2", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 }, "keytabs": [], "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6787237", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "Test-IdP", "id": 6787237, "allowRegister": false, "publicId": "https://some.idp.com/identifier/", "serviceProviderType": "soffid-saml" } Create (OpenID Connect) Request POST http:///soffid/webservice/scim2/v1/FederationMember JSON { "name": "AngularAppOpenID", "publicId": "AngularAppOpenID", "classe": "S", "serviceProviderType": "openid-connect", "roles": [ "SOFFID_HRMANAGER@soffid", "SOFFID_MUSIC@soffid" ], "entityGroup": { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 }, "allowedScopes": [ { "scope": "profile", "roles": [ "SOFFID_MUSIC@soffid" ], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ] }, { "scope": "email", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ] } ], "openidMechanism": [ "PA", "AC", "PC", "IM" ], "openidUrl": [ "http://localhost:4204" ], "openidClientId" : "angularClientID", "openidSecret": "XXXXXXX", "openidLogoutUrlFront": "http://demolab.soffid.pat.lab:8080/soffid/anonymuuslogout.zul", "openidLogoutUrlBack": "", "openidLogoutUrl" : [], "openidSectorIdentifierUrl": "" } 📌 openidMechanism PA: User's password AC: Authorization code PC: User's password + Client credentials IM: Implicit Response 201 Created { "internal": false, "allowRecover": false, "disableSSL": false, "virtualIdentityProvider": [], "impersonations": [], "roles": [ "SOFFID_MUSIC@soffid", "SOFFID_HRMANAGER@soffid" ], "entityGroup": { "metadataUrl": "test-2", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 }, "openidLogoutUrlBack": "", "openidMechanism": [ "PA", "AC", "PC", "IM" ], "openidSecret": { "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.api.Digest" ] }, "id": 6787194, "serviceProviderType": "openid-connect", "classe": "S", "openidLogoutUrlFront": "http://demolab.soffid.pat.lab:8080/soffid/anonymuuslogout.zul", "keytabs": [], "allowedScopes": [ { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6787199", "resourceType": "AllowedScope" }, "scope": "email", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6787199 }, { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6787197", "resourceType": "AllowedScope" }, "scope": "profile", "roles": [ "SOFFID_MUSIC@soffid" ], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6787197 }, { "scope": "openid", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ] } ], "openidLogoutUrl": [], "openidSectorIdentifierUrl": "", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6787194", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "AngularAppOpenID", "openidClientId": "angularClientID", "openidUrl": [ "http://localhost:4204" ], "allowRegister": false, "publicId": "AngularAppOpenID" } Create (Radius) Request POST http:///soffid/webservice/scim2/v1/FederationMember JSON { "name": "SP-RADIUS" , "publicId" : "SP-RADIUS-publicId", "classe": "S", "serviceProviderType" : "radius", "radiusSecret" : "XXxxzzaasssDD", "sourceIps": "127.0.01,192.168.133.0/24", "roles": ["SOFFID_HRMANAGER@soffid", "SOFFID_MUSIC@soffid"], "system": "BABELTEST", "entityGroup": { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 } } Response 201 Created { "classe": "S", "internal": false, "allowRecover": false, "disableSSL": false, "virtualIdentityProvider": [], "impersonations": [], "roles": [ "SOFFID_MUSIC@soffid", "SOFFID_HRMANAGER@soffid" ], "entityGroup": { "metadataUrl": "test-2", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 }, "keytabs": [], "sourceIps": "127.0.01,192.168.133.0/24", "system": "BABELTEST", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6787250", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "SP-RADIUS", "radiusSecret": "5GsnYxLvT0D0W4GQ9Zae", "id": 6787250, "allowRegister": false, "publicId": "SP-RADIUS-publicId", "serviceProviderType": "radius" } Create (Cas) Request POST http:///soffid/webservice/scim2/v1/FederationMember JSON { "name": "CAS", "publicId": "CAS-publicId", "classe": "S", "serviceProviderType": "cas", "roles": [ "SOFFID_HRMANAGER@soffid", "SOFFID_MUSIC@soffid" ], "system": "BABELTEST", "consent": true, "entityGroup": { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 }, "openidUrl": [ "https://www.testcasserver.lab/cas/" ], "openidLogoutUrl": [ "https://www.testcasserver.lab/cas/logout?service=" ] } Response 201 Created { "classe": "S", "internal": false, "allowRecover": false, "disableSSL": false, "virtualIdentityProvider": [], "impersonations": [], "roles": [ "SOFFID_MUSIC@soffid", "SOFFID_HRMANAGER@soffid" ], "consent": true, "entityGroup": { "metadataUrl": "test-2", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 }, "keytabs": [], "system": "BABELTEST", "openidLogoutUrl": [ "https://www.testcasserver.lab/cas/logout?service=" ], "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6804777", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "CAS", "openidUrl": [ "https://www.testcasserver.lab/cas/" ], "id": 6804777, "allowRegister": false, "publicId": "CAS-publicId", "serviceProviderType": "cas" } Create (OpenID Dynamic Register) The OpenID Dynamic Register has to be created in the Soffid console For more information, you can visit the Openid-connect Dynamic Register documentation Update partial Only attributes with changes will be updated, the others will maintain the same value. Request PATCH http:///soffid/webservice/scim2/v1/FederationMember/6787388 JSON { "Operations" : [ { "op" : "replace", "path" : "openidMechanism", "value": ["AC", "PC"] }, { "op" : "replace", "path" : "consent", "value": "true" } ] } Response 200 OK { "classe": "S", "internal": false, "allowRecover": false, "disableSSL": false, "openidLogoutUrlFront": "http://demolab.soffid.pat.lab:8080/soffid/anonymuuslogout.zul", "virtualIdentityProvider": [], "impersonations": [], "roles": [ "SOFFID_MUSIC@soffid", "SOFFID_HRMANAGER@soffid" ], "entityGroup": { "metadataUrl": "test-2", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 }, "openidLogoutUrlBack": "", "keytabs": [], "allowedScopes": [ { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6787199", "resourceType": "AllowedScope" }, "scope": "email", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6787199 }, { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6787197", "resourceType": "AllowedScope" }, "scope": "profile", "roles": [ "SOFFID_MUSIC@soffid" ], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6787197 }, { "scope": "openid", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ] } ], "openidMechanism": [ "AC", "PC" ], "openidLogoutUrl": [], "openidSectorIdentifierUrl": "", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6787194", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "AngularAppOpenID", "openidClientId": "angularClientID", "openidUrl": [ "http://localhost:4204" ], "id": 6787194, "allowRegister": false, "publicId": "AngularAppOpenID", "serviceProviderType": "openid-connect" } Update all This operation replaces all values in the entity group. Note that the attribute id is required to confirm that the resource "...EntityGroup/" is the same that the JSON EntityGroup. Note that all the attributes not included in the request will be cleared in the EntityGroup and their data will be lost. Note that not all the attributes are updatable, for example, tag meta, avoid these tags. For more information see the Resource data model page Request PUT http:///soffid/webservice/scim2/v1/EntityGroup/6787194 JSON { "classe": "S", "internal": false, "allowRecover": false, "disableSSL": false, "openidLogoutUrlFront": "http://demolab.soffid.pat.lab:8080/soffid/anonymuuslogout.zul", "virtualIdentityProvider": [], "impersonations": [], "roles": [ ], "entityGroup": { "metadataUrl": "test-2", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 }, "openidLogoutUrlBack": "", "keytabs": [], "allowedScopes": [ { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6787199", "resourceType": "AllowedScope" }, "scope": "email", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6787199 }, { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6787197", "resourceType": "AllowedScope" }, "scope": "profile", "roles": [ "SOFFID_MUSIC@soffid" ], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6787197 }, { "scope": "openid", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ] } ], "openidMechanism": [ "PA", "AC", "PC", "IM" ], "openidLogoutUrl": [], "openidSectorIdentifierUrl": "", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6787194", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "AngularAppOpenID", "openidClientId": "angularClientID", "openidUrl": [ "http://localhost:4204" ], "allowRegister": false, "publicId": "AngularAppOpenID", "serviceProviderType": "openid-connect" } Response 200 OK { "classe": "S", "internal": false, "allowRecover": false, "disableSSL": false, "openidLogoutUrlFront": "http://demolab.soffid.pat.lab:8080/soffid/anonymuuslogout.zul", "virtualIdentityProvider": [], "impersonations": [], "roles": [ "SOFFID_MUSIC@soffid", "SOFFID_HRMANAGER@soffid" ], "entityGroup": { "metadataUrl": "test-2", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/EntityGroup/6780683", "resourceType": "EntityGroup" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.EntityGroup" ], "name": "test-2", "id": 6780683 }, "openidLogoutUrlBack": "", "keytabs": [], "allowedScopes": [ { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6802723", "resourceType": "AllowedScope" }, "scope": "openid", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6802723 }, { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6787199", "resourceType": "AllowedScope" }, "scope": "email", "roles": [], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6787199 }, { "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/AllowedScope/6787197", "resourceType": "AllowedScope" }, "scope": "profile", "roles": [ "SOFFID_MUSIC@soffid" ], "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.AllowedScope" ], "id": 6787197 } ], "openidMechanism": [ "PA", "AC", "PC", "IM" ], "openidLogoutUrl": [], "openidSectorIdentifierUrl": "", "meta": { "location": "http://demolab.soffid.pat.lab:8080/soffid/webservice/scim2/v1/FederationMember/6787194", "resourceType": "FederationMember" }, "schemas": [ "urn:soffid:com.soffid.iam.addons.federation.common.FederationMember" ], "name": "AngularAppOpenID", "openidClientId": "angularClientID", "openidUrl": [ "http://localhost:4204" ], "id": 6787194, "allowRegister": false, "publicId": "AngularAppOpenID", "serviceProviderType": "openid-connect" } Delete Please note, after this deletion, the entity group has to be created again to use it in the following examples. Request DELETE http:///soffid/webservice/scim2/v1/FederationMember/6784722 Response 204 No Content 204 No Content Error response For more information about error response visit https://bookstack.soffid.com/link/116#bkmrk-error-response Cross-Origin Resource Sharing (CORS) By default, for security reasons, the SCIM interface is published for any server application, but not for client-side (javascript) applications. In order to allow client-side applications to query or modify SCIM objects, the CORS protocol states how to define the restrictions that apply to client-side applications. CORS settings can be tuned adding two parameters: Parameter Value soffid.scim.cors.origin Set a comma separated list of DNS domains allowed to perform SCIM operations. Set to * to allow access from any domain soffid.scim.cors.methods Set a comma-separated list of allowed operations. By default, it is set to GET, OPTIONS, HEAD To allow any operation, set it to  GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD   These parameters can be changed in real-time for any tenant. Mind that setting these values for the master tenant applies to master tenant, but also applies as default values for any child tenant.       Textual Index Textual Index Introduction  A textual index is a data structure used in database systems to facilitate efficient search and retrieval of text-based information. It is designed to handle large volumes of textual data and provide quick access to relevant documents or records based on specified search criteria. When a search query is performed on a database with a textual index, the index is queried to identify relevant documents or records that match the search terms. The index provides information about the location and relevance of the documents, which enables the database system to retrieve and present the results in a timely manner. Textual indexes play a crucial role in enabling efficient search and retrieval of textual information in databases, making them an essential component in applications that handle large volumes of textual data, such as search engines, content management systems, and document repositories. Soffid incorporates the textual index from version 3.5 using the Apache Lucene library .  Index  configuration Soffid allows you to configure the objects you want to use in the textual index. To do this, you must select the proper object from the metadata page and enable the option "Use textual index". Once you enable this option, the textual index will be applied to the attributes of this object that have been included in the quick search. Notice, from the user interface, it is not interpreted as a Lucene expression. Example 1. Enable the "Use textual index" on the User object and save the changes. 2. Check the attributes included in the quick search. How does the user interface search work? Once you have configured the textual index for a specific object, Soffid will apply it when you use Quick Search on this object. Example 1 1. If you search for users using the text "frankin" , then Soffid will display all the users whose userName, firstName, lastName, or middleName match, to some degree, with the typed text following the textual index rules. 2. If you include the attribute manager in the quick search: 3. And search for "frankin",   then Soffid will display all the users whose userName, firstName, lastName, middleName, or manager match with the typed text following the textual index rules. Example 2 1. If you search for users using the text "manager:frank"  Soffid will display all users whose manager matches the text "frank". Notice the difference by searching "manager:frank?": And by searching "manager:frank*":  And also by searching "manager:fr*" Example 3 1. If you search for users using the text "userName:frank*"  Soffid will display all users whose user name matches the text "frank" followed by any other text. Notice the difference by searching the text "userName:frank?": Example 4 1. If you search for users using the text "frank" plus the wildcard "?", Soffid will display all users whose userName, firstName, lastName, middleName, or manager match the typed text as long as it has variation in the characters where the wildcard has been used. Notice the difference by searching "fran?" How does the SCIM interface search work? 1. First of all, you must install the SCIM addon in Soffid. For more information, you can visit the How to install SCIM in Soffid? page . 2. Then, you can use any REST client to test and consume our SCIM REST web service. For more information, you can visit the Testing tool page . 3. Finally, you can start to use the SCIM interface search by using Lucene syntaxis Lucene syntaxis  Please browse the standard specifications in this link: https://bookstack.soffid.com/books/soffid-3-reference-guide/page/lucene-query-parser-syntax Term Modifiers Lucene supports modifying query terms to provide a wide range of search options. Here are the most common ones:  Wildcard Searches To perform a single character wildcard search use the "?" symbol. To perform a multiple character wildcard search use the "*" symbol. Regular Expression Searches Lucene supports regular expression searches matching a pattern between forward slashes "/" Fuzzy Searches To do a fuzzy search use the tilde, "~", symbol at the end of a Single word Term Soffid Console <= 3.4 version ~0.8: stricter search ~0.1: more lax search Soffid Console > 3.4 version An additional (optional) parameter can specify the maximum number of edits allowed. The value is between 0 and 2. Range Searches Range Queries allow one to match documents whose field(s) values are between the lower and upper bound specified by the Range Query Boosting a Term To boost a term use the caret, "^", symbol with a boost factor (a number) at the end of the term you are searching. The higher the boost factor, the more relevant the term will be. Boolean Operators OR The OR operator links two terms and finds a matching document if either of the terms exist in a document. This is equivalent to a union using sets AND The AND operator matches documents where both terms exist anywhere in the text of a single document. This is equivalent to an intersection using sets.  + The "+" or required operator requires that the term after the "+" symbol exist somewhere in a the field of a single document. NOT The NOT operator excludes documents that contain the term after NOT. This is equivalent to a difference using sets.  - The "-" or prohibit operator excludes documents that contain the term after the "-" symbol. Escaping Special Characters Lucene supports escaping special characters that are part of the query syntax. The current list of special characters are + - && || ! ( ) { } [ ] ^ " ~ * ? : \ / Examples Example 1 1. Use the wildcard search 1.1. * Request GET http:///webservice/scim2/v1/User?textFilter=fran* Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 4, "startIndex": 1, "Resources": [ { "lastName": "Franklin", "createdByUser": "ActiveDirectory", "fullName": "Rosalind Franklin", "active": true, "userName": "rfranklin", "mailAlias": "", "firstName": "Rosalind", "createdDate": "2023-08-08 14:26:14", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/2862", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'rfranklin'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'rfranklin'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'rfranklin'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'rfranklin'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/2862/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "ActiveDirectory", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-08-08 14:26:14", "attributes": {}, "id": 2862, "userType": "I", "primaryGroupDescription": "scientist", "primaryGroup": "scientist" }, { "lastName": "Franklin", "createdByUser": "ActiveDirectory", "fullName": "Aretha Franklin", "active": true, "userName": "aretha", "mailAlias": "", "firstName": "Aretha", "createdDate": "2023-09-06 13:12:54", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276397", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'aretha'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'aretha'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'aretha'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'aretha'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276397/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "ActiveDirectory", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-09-06 13:12:54", "attributes": {}, "id": 276397, "userType": "I", "primaryGroupDescription": "World", "primaryGroup": "world" }, { "lastName": "Sinatra", "createdByUser": "ActiveDirectory", "fullName": "Frank Sinatra", "active": true, "userName": "frank", "mailAlias": "", "firstName": "Frank", "createdDate": "2023-09-06 13:12:54", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'frank'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'frank'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'frank'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'frank'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "ActiveDirectory", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-09-06 13:12:55", "attributes": {}, "id": 276435, "userType": "I", "primaryGroupDescription": "Music", "primaryGroup": "Music" }, { "lastName": "Sherwood", "createdByUser": "pgarcia", "fullName": "Frank Sherwood", "active": true, "userName": "franks", "mailAlias": "", "firstName": "Frank", "createdDate": "2023-10-05 15:32:40", "multiSession": false, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/432644", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'franks'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'franks'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'franks'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'franks'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/432644/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "pgarcia", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-10-05 15:32:40", "attributes": {}, "id": 432644, "userType": "I", "primaryGroupDescription": "scientist", "primaryGroup": "scientist" } ] } 1.2. ? Request  http:///webservice/scim2/v1/User?textFilter=fran? Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "lastName": "Sinatra", "createdByUser": "ActiveDirectory", "fullName": "Frank Sinatra", "active": true, "userName": "frank", "mailAlias": "", "firstName": "Frank", "createdDate": "2023-09-06 13:12:54", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'frank'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'frank'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'frank'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'frank'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "ActiveDirectory", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-09-06 13:12:55", "attributes": {}, "id": 276435, "userType": "I", "primaryGroupDescription": "Music", "primaryGroup": "Music" }, { "lastName": "Sherwood", "createdByUser": "pgarcia", "fullName": "Frank Sherwood", "active": true, "userName": "franks", "mailAlias": "", "firstName": "Frank", "createdDate": "2023-10-05 15:32:40", "multiSession": false, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/432644", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'franks'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'franks'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'franks'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'franks'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/432644/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "pgarcia", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-10-05 15:32:40", "attributes": {}, "id": 432644, "userType": "I", "primaryGroupDescription": "scientist", "primaryGroup": "scientist" } ] } Example 2 1. Use the wildcard search in a specific attribute Request  GET http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User?textFilter=userName:frank Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "lastName": "Sinatra", "profileServer": "Void host", "createdByUser": "admin", "fullName": "Frankaaa Sinatra", "active": true, "userName": "frank", "mailAlias": "", "mailServer": "Void host", "firstName": "Frankaaa", "emailAddress": "pgarcia@soffid.com", "mailDomain": "soffid.com", "createdDate": "2023-06-02 07:41:47", "multiSession": false, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/3910", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'frank'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'frank'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'frank'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/3910/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-06-02 07:41:47", "attributes": { "picture": "/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHCBYWFRgVFRYYGRgaGhkYGhgaGBoYGhoYHBkaGhgZGhgcIS4lHB4rIRgYJjgmKy8xNTU1GiQ7QDs0Py40NTEBDAwMBgYGEAYGEDEdFh0xMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMf/AABEIAKgBKwMBIgACEQEDEQH/xAAcAAABBQEBAQAAAAAAAAAAAAADAQIEBQYABwj/xABFEAACAQIDBAcECAQFAgcBAAABAgADEQQSIQUxQVEGEyJhcYGRMkKhsQcjUnKSwdHwFGKCoiQzY7LhU3NDZIOTo8LxFf/EABQBAQAAAAAAAAAAAAAAAAAAAAD/xAAUEQEAAAAAAAAAAAAAAAAAAAAA/9oADAMBAAIRAxEAPwDeqIVZwEcBAQQiCIBHqIDgItogjwICWiqIto4CAqiZn6ScNnwDn7DI/wAcp/3TUKJX9JcNnwldOdNj5qMw+UD5zcQYh6qG+gPpGrQblAdThBHUsK3MfEw4wR5n5QG4dtd8t8JU3DT0/wCZBpYVRvI9ZMpqg97ytxgTi44n8zz3D9+k4G+4ee79iR/4pF3C/iY2rtIAakD0gT6WHOlz4/v97oZEpL7RzHu5/nM/U2wg3Fm+Eh1NsN7oA+MDWfxir7Kj975FxO0re04Xuvb+0a+kyVTaDtvc+ANh6CANQwNFW2wg3ZnP4R6nX4SFV2y59kKv9x9Tp8JUXMab3gS62MZvaYnxOnpI7Vo0oeAJiVKLAXINoCl41njAJzixsdPnAUNEZpY7H2FiMSbUabMOLnsoPFzp6XM9G6O/R/SpEPiCKrjULb6tT906ue86d0DLdEuhz4krVqhkob+IaoOSclP2vTmPWqNFUUIihVUBVUCwAG4AQw3RpEBhEYVhjGkQAOsCZJYQbLAjO0ZeFqLBQNAqwgSKphFgMCRwSEAhVWAFUsCToBqSdwHEmUmI6YYJCQapJH2Uc/G0r/pH2y1FEpLcBwSx5gaBfz9J4/isWzHfaB61ivpKwqexTrP32RB8Wv8ACU2J+lVrkU8MgHAvULf2qo+c8xZol4G1xn0kY5/ZdKY/00F/V80pMX0jxNX/ADMTVYHeM5VfwrYfCUmaITAmCoI7r5BzTrmBYDFGDav3yJaKtNjwgGOJPjGHFNFXCkyTR2cDqxPgIEA12PExERmPZBPgCZd0cIgOiE+MtKeznb2QQDwtv/esDLjBPxGXx/SOTB8zfwm2w/Rose1eXOH6PUltm3wMBhtiM5si+usu8N0KdvaNvKwm/wAFhUQjIl7d36y1COfcC+JEDzE9Csu8mFodF1G+3pN9XRuQ+cjFLDUQMvh+j6BtRbyhdq7DTJu56j9JatvvFxL9gg3/AHxgeYYjZ6qWPLlu8ZsuhfRzDPSGIemHcsw7faUZTYWTdfxvKNkzswtcA30F766D4fGekbCw4TD01At2Qbd51J8TeBNRQAABYDcBuHlHho2dAfeJmgyY0mATNGs0YzRmeA8tBu0VngWeAjtBZo4vB5oGlQwimAVo4PAkq0KryIHjg8CJ0k2DSxtLq6hZWGqOp7SHjpuIPEGeN9IuhWKwpLMhqU+FRAWFv5l3p56d89yDxy1IHzNEn0BtTozg8QSalBMx3ul0bzKWv5zM4z6L8M2tOtVp9zZXHyB+MDyOJPRqv0VVPcxKH71Nl+TGQNofRzWoI9Z61Iog1Az5iScqgXHMiBjUp3498lrhlG+DanlPwlmaV0Q/y/L/APIEXIL6CEWnynDfJ2BVScpNoDMNgGYiwB85ZJsuotiU08QZabMwigg38949RNKmFDLrYwMxgKS3CurKeFx++c02GwAt2XBHDSSKOFKqLi45b/Cd1AGqi3h+kB38Jbe/oJJpBFGm+N0y8z6RmGIBvx5wDde5PZB8bWkoI1u03kJyMOJnVsQAL6Ad/OAKpSHf6yvxNhuvFq7U1IW1++RhXz3vpADm3yJjn7DW0IBsYdjyOm6QsShyt90/KBUbOw/YVt9xmJ14k6fAes3+DZcqoHViqqDYi+gHDhMLhELhETQMoGhsQNM5PLfaW+MxaU6iJTUllIuw9lRbUM3EnlA1BE6DLxM8B5Ea0b1k7NAY4g4UxpEATGBYw7iDKwAxmWHIEbpAv1hAIJYQGA4R4jBHKYBBFiAziYCGKI0mKIDxKHp4p/gnt9unfwzj87S+WVnSxL4Kv3Jn/Awb8oHi+LpAtpwCmTqVH6pL8j/uMFTp7yfD0AEnYpciIOBRfjrAqkoXa1o9sMyG/wCWnpCqLax+P2oEAAAzHXUcOEBuG2w9M3yg25f8S2wnTNcwDIV4XHw0mTxWIe/bsugPAWvz7+6Ds9sxW4G/mLgEEjkQQbwPYdnbdpOtlYa+nfLBmVhpuni2G2nk5ibjox0jD9g+1A09OoBmEitj0Q9owi4RzrKDaxdWsqFiONtLwJe1Nt1stqKgXF8zfvTjKHE9o3r4nX71hfmBI2JNUkK1xfQKDqSeQ4eJg2Z8Ndy6U7OEuEzszWubs29R690C1wGKw6nLnDHd2jL1KiMNDfvvYD0kKjgKuJpO2alXZGKulSmACAAVNNxYrcHiN8yiYoo/1QqBNzI3a6sg20f3l+UDb1TcaayG99YLDVibZuUk110vAhbBpXJHHMU8r3NvIXlxWpAOVAFrgj9+szmA26uHxLoVuxF8xPshgCQB4W9Zf5y75h7639bpf+4QLmn7I8B8opESLAQRSZxEYRAW84xVE5lgBYxpjmSMcQBuYO8c0HaBqFEdaIojhA60UCdaKIC3nTohMDoojLxYBVMbjsP1lGpT+2jp+JSBOWSKZgeB1Kp0Oul7jkbk/vwlli6oegjjgSvkDp8CI/pbs/qcXWp7lc51+6/at4A3HlImFX6t6ZG7tr8j+UAlLCO40F4zEbH7S52sx0vb2eXjNL0VIZATb/n9/KWu19kBxmXQj98IGOTYFU5lennDEMHVwpzDQWO+1uGnHnNbsvolSSiyOLs5zWXUILAKoYgXsANe+Q8Hh6yEAG/jrL6i1S3bbTugYXaXQ1kVnDLZbm2rE6nyGhHpM9sZiuJS2mtp6ltrFKtJgd1tTPLqFT65SN94HsuGfsAnu+Ufhgt75QfLjIuz+1RvxtHYapAj4/C02a5WxBBvoDod17eMqcZsNajEq+W9iylQwJGgOp0PfNTXoh1uN8rv4fnp++cBcFhkw6ZFYm9yxvqzHS5t4W8pG/gUe5YAchbcJMTBrvzEwopiBUrg8h/4lZtB7dkbyQB56TQ4phaZjFDNUQd9/Td8bQI229jI9RKiXznsuP5V7Kn0EvcEgzKo1ChU89Xb/avrCVqJVLKbE72tckHSwHG5Mk7OweRdd9txNyL6knmx4+AECTOvHGNIgcTEvEvHgQODTs04iNJgKRBOsfnjWeBHcRto52gs8DUARwjVMdA4CLEvEJgLmiXnRsB0VYwQloDhDI0AIRTAxP0o7PNqWJUaLenUI4Am6E+eYeYmDw9UBh37/Oe5VqSujI6hkYZWU6gg8JgdrdBEo5qwxGSiNSGQu4/lQgjOeAvr4wM1sXH9VVKndfT4zd0cfmE80xrIxFSncKb2DEFhY21K6E7t3OXuwto7lJ8PlA2Ard3nO6y5sYGlVBj0S8Cg6Z4oCnkHEzE7Io56qjvvL/ppibsEXgLmM6G4G5LnU7v1gej7Jp2pnw/f78JGXeRLHZOnZ5iQ8ahDHxgHwb8L/v8AZkhwDvEqkdl13jjJlDFBhA51I3QLsRvk1jIWJ4wKjG4nWU+GrMa6sqlramys1hY6kKCQOEtMYmhJ/fKO6LJ2qrfcF/xE/lAs8Iju2dxlA0VbWPiV90b9DrrraTTFtOgDjSsIREgCyx6xWEEzQFcwbGNZ4wtAdeNaNBjjAG8FDNBWgaVIVYNBCCAtowwgEaywEnRLR0DgI4CII4QHARwWcsKggKizyb6SuknWv1CEdWhsbnss/E2Gr24DcOPdrun3SL+HpGjTI611Nze2SnuJJ4E7v+bTxqtUN81wt9c7DtH7icB+7wJWz3GQ7rF2IsLC4VLi3C418pJw1TIwPCQcC+dKiBizLaqtxY2HZf4FT5Q9B8ynmNfKBv8AAV8wUjWWO0topRpFjvI0HMzObBq2S54CUO2tqmq1+A3DugQ8XiC7Mx1JMteiWOCVCjGwOovzmezzkuzALcnhaB7LhMcpbRh6ynx/SJDV6tFeq17HIhZVPe268pNh7EZSHrs1j7oNvWbzB00RQEUKOAAAgOw1AhbuLE7xy7ryn2jQek3WJdk3uo3gfaHdLt60jjFKDraBFwe0VdbqZ1epbUyi21hjSb+IoeyT9YnAX94Dh3jvklMVnTN3XgLjDmU21PLvgMBtE4cMhpliTc62bcBfLa5XvGmshPisis53LZv7h+svMLthHUHQ8bwOo9JUb3G13ZSGv929s3leSqe26De/bhqDv46jSGQYeotmRCDvuo1MhbU6NKwLJdWt97dqAQfbHc3kRAnjF0yLiolueYTqeJRjZXRjyDAn0BmAqsyOUcEMBmsLtdQdXS+rqOK+2ttcwgXRDe9gGs5INldRufMpF1ud+4ccu6B6SwgnWYXCbfq4dsrl3UvlyN1aJTW1xZyBw58LTZbO2lTrpnpsDb2gGBKnkcpIgPYRhEKyxloAwJ0JlnZYAmg80M6wVoGlURyiDVo9WgEUzmiRYDZ1o4LHBYAwIRRHBI9afpA5Fld0g22mFplmILkHIv8A9jyUSDtXpfQpBshFRl35TdR4kanyE8l25t56zl3bUm4JF2HIIl7IOV9YAdtY96jmo7asbl21uearvbkCQAOHOVYJOqIW/nqaj46R5ze0EAv79Q3Y9/a/SMrFTrUqM55LrbuudPSBKwGOenVR3emQDZl7PsEWYaC24mWO1MAcPUsuqPc025rxUnmNPKxmeDJuWmW8ST8BN30bdMVhuoqqQUsNfaAt2HUnlqPLvgR9m1s1F1XeFOg4ixmeqLlAvLV6L4StkfVT7LcGXn+o4SHj6gZrj0gRKKK28i3jNVsJcOhzM6X7yJjqyEbxLXZWyKdXXPc8V9lh+vH1gennFUKlO6upAtexBt6RKG0aIATrVuObCZzBdEcPa+errycDcByGssE6MYNd6FiL+3UbXfwB8IFliNoU1FzUQD74/WQ6rmqv1Op0IY6KdeHP5QB2bhUYFKNPNwsoNvM6k+Mt6LhBfjAr8ArglKo9rnuInbSpBFsDpu/WO2lWLLpvGt5SYmpUqsiXsSQo8WNh5m8CJjaud0QA5ew5W2joHAbXkCJXdSp60K/VFKpSmST1be2VVrjsaL7V7a6jjLPpIow2ITLotHEVKZ/7bpTqW/C7yp2jh7L1V7t1qlydNVZqRPhYo3/qXgEo4qrTdHd2K0zldCMrI/DOOIPBhoZ6XsnaiuoN73nmW0axavinDG1IBRfVWBdaZpsOKntaeYtJOysU9FkKezUynIWGZMwzDxUjc3rY7w3nSHYi10upKPcMjrvVx7LDv+YnntXOjMjjqyHGew0pVW0TEU/9J9zLuveeobLrFls2t5lOm2FAIrBc2VWWon/Uot/mKOZA7Y+6YGXF7dWUANygQ3KrUHabDk7zTcdpD7p3RNlY16Lq9JaRQDsgkU6zpftIdbOym6kHiNN8FVXQqXuAEps/NG7WExPipshPIyLinS4esjFHZg6Icpp11stS3DWwax/KB6xhMStRFqJqrC4594I4EboRhMj0Hx62egHzrq9Jjo2XQOjD7amxP3r8Zq2eAhMS8S8SBzmBzwjiDtA0Aj1M4COtAVWhVMCBCKIBRHARiiRNq7XTDrdu05BKotyzd9hqB3wD7R2hToJnqNbkPeY8gPz3Cefbb6Q1MV2EJCfYp1aYc/eBBznuB8oLaWJq1nNR1qDk3ULUVV5atoB4CQEqVGPZGGxAPuZFV/JLIw8rwKDGk7hUL2YDIyZKwN9ymx1vyPlK50ZfdWn3sbufz+E021aYrLlCZKo0FOr7R5CnVNmBvuV9OR4SrOAFuxg3J+1UZiPSyiBRsyX1Lufwj8zHpm9ykB3kFj6tJGIp1UOuSn3Bk09CZFc39qrfuAY/OwgPdXPtOq92YD4LJmwdonD1lfrMynsuNTdTvI7xv8u+Vl6Y4OfML+s4svBP7mMD1fauAXE0SgIv7dN+Aa2mv2Tx9eE87VGRzTcFWU5WB3gzRdCtsAr/AA7XBXVNd68VvzHyPdLHpPsXrl62mPrUH/uKPdP8w4engFDiMASugvpKhsM6nshr915ouju0Vaytv3WPxmjQICCANf3+/CBisM2ONsgqW3bv1Es8NsrHsczs4B3gkCbZKigX+EmJXUiBQbP2a6bxr6n1lg1Mrv3yfUrASqx+LAHfuA4k8LCBWba2itJc7nTlxJ5DmZA6C4tsTjKebgxcjkEBK/HLKfpc5Y6nQbhy5zQ/Q3hO3WrHgqovmczH4CAP6SFHW4pbah8NVH9aGkf9qiE2bsF6/wBY3YLomZSAe2qKGPgSin+kS8x2CTEYypiASUKU0A91shJzeFybeF5Z136pVYaWdAfBjl+ZEDzTpXQqUi6OEyuVLMihCxW5UtbedTIH8cGxKuoIRVRFB3gKoFj33BM3PTvCipTzDhr+v5TzzDUi7qote/tW1sPnA9d2HUBUGQemastPrE1ZCHA+0FN3XzXMPOSdh0cqAdwndKCwoO6i7IpcDmV7VvO0Dzg0kVsl70xZM3PC4jWm39Dnfwgu0wdH9tlI3X/xOGNhod5en63hCiEZfcQ5Cf8AyuJ7VNv6HIgqrsCKje2pV3H+rQcUq/4kZWgM2btIJUTEU1C9pespjQB7WLIPsuuYW4G3dPUetDAMpupAIPMEXE8uxRp1M9RRlKXSqqjUoHHV107xZcwm56J4o1MMoNsyMyG27TVSO4gi0C2Dzs84rGEQH5oy8WMtA0itHgwSiFUQHrDoINU4zGdIek3WXo4c3QGzuC/a5gdWpIXzF/DeFztjpMlO6Uu2/wBoK7IvgUUhjMJjHaqxLujltSr1alIn8YRYF6ii1+qB/mOLuPMyRQqZtFBb/s1s/wD8Fa5bwgREwrUzmFDEp/NScOO7ULb4yQtRa182WsRvV16rEabyrrcOd+hJPdEZFQK9xlL5M6B8PURt5zpqmnd6wjJUc5Hb/E02z0yQt6iWuAHHtEAZhqQdYA8QV6tTmaphnOVs4+sovpoDztqOBA3XlXicJTRnTE1atwQaZUB1dCLhrsRv/MS4p4hAGqZPqqnYxFIb0YnR0HAX1XkbjlB1kdCEV1z01vSqEArUwzm7C5BtYdsb9zCBncSuEX2RWfvZkXX+mV75T7FEkcNWf8psHbEnQYnDaaAhqY9Oxf4SsxeHrn28ZT8qxPwUAQKEdYNyZf6Lf7o1jV4sB/Uo+XhCYvCoNTXVj3Bm+N5DyJ9o+SwDU69VHV1cZlII7SnX9P1nqGx9pJWpo67yO0L+y3vCeTOE4FvSXHRnaYo1At+w5AJ3Wf3Tv47vTlA1u2+jpZzXw1g+903BjxZTuDcxuO/TjQrtipSbI6spG9WFj6H5zbUsRcSPjXUizqGHJgGHxgRMN0ipMmrWPIx9Hb6D3x6yH/8AzqbGwo0/wLNBszohhaq2enlb7SGx9LW9RArK/SBdynOeAGvryjMCjM2dzdzcADco7uZ75dYno3h6JP1yIBpeoMgNt4DAENbQHdaRa+TIWoulWxCk03R+0QSq2U3zEA2HceUCsw1Km1Zmex6u1g1rDjmN+QmgwLtUzCklkIKs9ygdTvAG8i3Ezz7Z2MV8Qrkgrmtl4HS4J5ier7LqLYeEBlNcgHYJUb8upHlxHhrIfSHFKcJWdWBC0y6nvWzD4iX7rxEwfTqkiISzMqVDcqpsrOpv6nTTja8Cg2p0g69FppfddzyEi7FT64abpV0WBHYBuxsANSeQ75othbJc1O2xVtDlWxIHedwgegbLY2F5Kx9MMpHAjXzkbD0coGpPiZIfVbwPLsVhVpv1TaJrh3v/ANGsSabX5JUVvK0hKC5AbewGcfz64asfU03mk6V0Q532zjqSeRftU2Pg6IP6zM2WLHNuNTK/eDUU0qg7stVEPnAFg665ErFRmpDqcQm7rKT9gP4i+U94Uy96A1slSpSvcG4/qT2GH3lLfglFtHDhLOvsYijUvbXtg3YfiVJJ2VieorLWJy5KjUqwIJ3lijEDXUZlvwtxgemMIwiSaRV1V0IZWAII1BB3WIiMkCPaDtJBgvOBoEWFd1RS7sFUbyTYTp0DC9Iekj1wUpgrR5nKvWcLl3ITL/KA/eAZQI/86eeKcHw7ChR6Tp0Agruuod7aC9PGo1rm2qtra54+sI6Z2am7KtVWVqfWU6ahxbRS677k6Xup011iToBqdRsz5UIc/wCdhXvapzemTx423jeMwjKioEUhyaOb6up/4mHqb8j21tfXTxHI9OgdUZyzOFXrkU9fT9yvSPtOoGhuLE27mG6MWmjotLP2HzNh6jWBR/foudwBNvPKdxnToFfhKN1KnCO7U2NNyr1PbXmoBANiDbviVqCa5sFWHi9QfNPGLOgVmKRPdwr373qH4BRKmop4Ubd1nPznToAWY/YH4W/WNKnflsNxGtjOnQNv0Y2pnQKx7SaG/EcD+veJpKeEaoQBOnQNJs3YoWxI1/f6SZtnGU8Jh3rsAci3VLhc77kQHvNok6B5JT2saH+ISun8TUqVC6OjMtMPmcvncZb3IAABOp7xM2+LZ83ZA7CltWIZlv23Gt3OY2JtlvpaLOgDw+Is2lgBusLcbi/E8tZ6p0a2mHRTfXd5zp0DV0sRKjpdsX+ModWrhGDBwxGYXAIsRcEXvvE6dAotl9HqeDQsVNSqB7ZsLE7gg90X85Z7D2aEGdtXY3J8Yk6BdVGAtIuKJtp8506BjNvIztkU+32A2mj5WZCP60UTO583aC2LXcDgpqA51/pr0x+KLOgBwo6xBTJ0FSoi62s1VCafkXQjzkps9UU61NVZ3BpVUYLlNSmAwJDGxLIN3MGdOgazoNtEWfDFSjKSwpNe6X9oITqUvrY6i54Wmqczp0ATiAnToH//2Q==" }, "id": 3910, "userType": "I", "homeServer": "Void host", "shortName": "pgarcia", "primaryGroupDescription": "Music", "primaryGroup": "Music" } ] } Example 3 1. Use the Fuzzy Searches Request GET http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User?textFilter=fran~ Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "lastName": "Sinatra", "createdByUser": "ActiveDirectory", "fullName": "Frank Sinatra", "active": true, "userName": "frank", "mailAlias": "", "firstName": "Frank", "createdDate": "2023-09-06 13:12:54", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'frank'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'frank'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'frank'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'frank'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "ActiveDirectory", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-09-06 13:12:55", "attributes": {}, "id": 276435, "userType": "I", "primaryGroupDescription": "Music", "primaryGroup": "Music" }, { "lastName": "Sherwood", "createdByUser": "pgarcia", "fullName": "Frank Sherwood", "active": true, "userName": "franks", "mailAlias": "", "firstName": "Frank", "createdDate": "2023-10-05 15:32:40", "multiSession": false, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/432644", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'franks'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'franks'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'franks'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'franks'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/432644/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "pgarcia", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-10-05 15:32:40", "attributes": {}, "id": 432644, "userType": "I", "primaryGroupDescription": "scientist", "primaryGroup": "scientist" } ] } 2. Use the Fuzzy Searches: specify the maximum number of edits allowed Request GET http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User?textFilter=frankl~2 Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 4, "startIndex": 1, "Resources": [ { "lastName": "Franklin", "createdByUser": "ActiveDirectory", "fullName": "Rosalind Franklin", "active": true, "userName": "rfranklin", "mailAlias": "", "firstName": "Rosalind", "createdDate": "2023-08-08 14:26:14", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/2862", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'rfranklin'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'rfranklin'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'rfranklin'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'rfranklin'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/2862/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "ActiveDirectory", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-08-08 14:26:14", "attributes": {}, "id": 2862, "userType": "I", "primaryGroupDescription": "scientist", "primaryGroup": "scientist" }, { "lastName": "Franklin", "createdByUser": "ActiveDirectory", "fullName": "Aretha Franklin", "active": true, "userName": "aretha", "mailAlias": "", "firstName": "Aretha", "createdDate": "2023-09-06 13:12:54", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276397", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'aretha'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'aretha'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'aretha'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'aretha'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276397/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "ActiveDirectory", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-09-06 13:12:54", "attributes": {}, "id": 276397, "userType": "I", "primaryGroupDescription": "World", "primaryGroup": "world" }, { "lastName": "Sinatra", "createdByUser": "ActiveDirectory", "fullName": "Frank Sinatra", "active": true, "userName": "frank", "mailAlias": "", "firstName": "Frank", "createdDate": "2023-09-06 13:12:54", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'frank'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'frank'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'frank'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'frank'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "ActiveDirectory", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-09-06 13:12:55", "attributes": {}, "id": 276435, "userType": "I", "primaryGroupDescription": "Music", "primaryGroup": "Music" }, { "lastName": "Sherwood", "createdByUser": "pgarcia", "fullName": "Frank Sherwood", "active": true, "userName": "franks", "mailAlias": "", "firstName": "Frank", "createdDate": "2023-10-05 15:32:40", "multiSession": false, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/432644", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'franks'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'franks'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'franks'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'franks'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/432644/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "pgarcia", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-10-05 15:32:40", "attributes": {}, "id": 432644, "userType": "I", "primaryGroupDescription": "scientist", "primaryGroup": "scientist" } ] } Example 4 1. Use the boolean operator AND Request GET http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User?textFilter=fran~ AND Sinatra Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "lastName": "Sinatra", "profileServer": "Void host", "createdByUser": "admin", "fullName": "Frankaaa Sinatra", "active": true, "userName": "frank", "mailAlias": "", "mailServer": "Void host", "firstName": "Frankaaa", "emailAddress": "pgarcia@soffid.com", "mailDomain": "soffid.com", "createdDate": "2023-06-02 07:41:47", "multiSession": false, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/3910", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'frank'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'frank'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'frank'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/3910/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "admin", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-06-02 07:41:47", "attributes": { "picture": "/9j/4AAQSkZJRgABAQAAAQABAAD/2wCEAAoHCBYWFRgVFRYYGRgaGhkYGhgaGBoYGhoYHBkaGhgZGhgcIS4lHB4rIRgYJjgmKy8xNTU1GiQ7QDs0Py40NTEBDAwMBgYGEAYGEDEdFh0xMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMf/AABEIAKgBKwMBIgACEQEDEQH/xAAcAAABBQEBAQAAAAAAAAAAAAADAQIEBQYABwj/xABFEAACAQIDBAcECAQFAgcBAAABAgADEQQSIQUxQVEGEyJhcYGRMkKhsQcjUnKSwdHwFGKCoiQzY7LhU3NDZIOTo8LxFf/EABQBAQAAAAAAAAAAAAAAAAAAAAD/xAAUEQEAAAAAAAAAAAAAAAAAAAAA/9oADAMBAAIRAxEAPwDeqIVZwEcBAQQiCIBHqIDgItogjwICWiqIto4CAqiZn6ScNnwDn7DI/wAcp/3TUKJX9JcNnwldOdNj5qMw+UD5zcQYh6qG+gPpGrQblAdThBHUsK3MfEw4wR5n5QG4dtd8t8JU3DT0/wCZBpYVRvI9ZMpqg97ytxgTi44n8zz3D9+k4G+4ee79iR/4pF3C/iY2rtIAakD0gT6WHOlz4/v97oZEpL7RzHu5/nM/U2wg3Fm+Eh1NsN7oA+MDWfxir7Kj975FxO0re04Xuvb+0a+kyVTaDtvc+ANh6CANQwNFW2wg3ZnP4R6nX4SFV2y59kKv9x9Tp8JUXMab3gS62MZvaYnxOnpI7Vo0oeAJiVKLAXINoCl41njAJzixsdPnAUNEZpY7H2FiMSbUabMOLnsoPFzp6XM9G6O/R/SpEPiCKrjULb6tT906ue86d0DLdEuhz4krVqhkob+IaoOSclP2vTmPWqNFUUIihVUBVUCwAG4AQw3RpEBhEYVhjGkQAOsCZJYQbLAjO0ZeFqLBQNAqwgSKphFgMCRwSEAhVWAFUsCToBqSdwHEmUmI6YYJCQapJH2Uc/G0r/pH2y1FEpLcBwSx5gaBfz9J4/isWzHfaB61ivpKwqexTrP32RB8Wv8ACU2J+lVrkU8MgHAvULf2qo+c8xZol4G1xn0kY5/ZdKY/00F/V80pMX0jxNX/ADMTVYHeM5VfwrYfCUmaITAmCoI7r5BzTrmBYDFGDav3yJaKtNjwgGOJPjGHFNFXCkyTR2cDqxPgIEA12PExERmPZBPgCZd0cIgOiE+MtKeznb2QQDwtv/esDLjBPxGXx/SOTB8zfwm2w/Rose1eXOH6PUltm3wMBhtiM5si+usu8N0KdvaNvKwm/wAFhUQjIl7d36y1COfcC+JEDzE9Csu8mFodF1G+3pN9XRuQ+cjFLDUQMvh+j6BtRbyhdq7DTJu56j9JatvvFxL9gg3/AHxgeYYjZ6qWPLlu8ZsuhfRzDPSGIemHcsw7faUZTYWTdfxvKNkzswtcA30F766D4fGekbCw4TD01At2Qbd51J8TeBNRQAABYDcBuHlHho2dAfeJmgyY0mATNGs0YzRmeA8tBu0VngWeAjtBZo4vB5oGlQwimAVo4PAkq0KryIHjg8CJ0k2DSxtLq6hZWGqOp7SHjpuIPEGeN9IuhWKwpLMhqU+FRAWFv5l3p56d89yDxy1IHzNEn0BtTozg8QSalBMx3ul0bzKWv5zM4z6L8M2tOtVp9zZXHyB+MDyOJPRqv0VVPcxKH71Nl+TGQNofRzWoI9Z61Iog1Az5iScqgXHMiBjUp3498lrhlG+DanlPwlmaV0Q/y/L/APIEXIL6CEWnynDfJ2BVScpNoDMNgGYiwB85ZJsuotiU08QZabMwigg38949RNKmFDLrYwMxgKS3CurKeFx++c02GwAt2XBHDSSKOFKqLi45b/Cd1AGqi3h+kB38Jbe/oJJpBFGm+N0y8z6RmGIBvx5wDde5PZB8bWkoI1u03kJyMOJnVsQAL6Ad/OAKpSHf6yvxNhuvFq7U1IW1++RhXz3vpADm3yJjn7DW0IBsYdjyOm6QsShyt90/KBUbOw/YVt9xmJ14k6fAes3+DZcqoHViqqDYi+gHDhMLhELhETQMoGhsQNM5PLfaW+MxaU6iJTUllIuw9lRbUM3EnlA1BE6DLxM8B5Ea0b1k7NAY4g4UxpEATGBYw7iDKwAxmWHIEbpAv1hAIJYQGA4R4jBHKYBBFiAziYCGKI0mKIDxKHp4p/gnt9unfwzj87S+WVnSxL4Kv3Jn/Awb8oHi+LpAtpwCmTqVH6pL8j/uMFTp7yfD0AEnYpciIOBRfjrAqkoXa1o9sMyG/wCWnpCqLax+P2oEAAAzHXUcOEBuG2w9M3yg25f8S2wnTNcwDIV4XHw0mTxWIe/bsugPAWvz7+6Ds9sxW4G/mLgEEjkQQbwPYdnbdpOtlYa+nfLBmVhpuni2G2nk5ibjox0jD9g+1A09OoBmEitj0Q9owi4RzrKDaxdWsqFiONtLwJe1Nt1stqKgXF8zfvTjKHE9o3r4nX71hfmBI2JNUkK1xfQKDqSeQ4eJg2Z8Ndy6U7OEuEzszWubs29R690C1wGKw6nLnDHd2jL1KiMNDfvvYD0kKjgKuJpO2alXZGKulSmACAAVNNxYrcHiN8yiYoo/1QqBNzI3a6sg20f3l+UDb1TcaayG99YLDVibZuUk110vAhbBpXJHHMU8r3NvIXlxWpAOVAFrgj9+szmA26uHxLoVuxF8xPshgCQB4W9Zf5y75h7639bpf+4QLmn7I8B8opESLAQRSZxEYRAW84xVE5lgBYxpjmSMcQBuYO8c0HaBqFEdaIojhA60UCdaKIC3nTohMDoojLxYBVMbjsP1lGpT+2jp+JSBOWSKZgeB1Kp0Oul7jkbk/vwlli6oegjjgSvkDp8CI/pbs/qcXWp7lc51+6/at4A3HlImFX6t6ZG7tr8j+UAlLCO40F4zEbH7S52sx0vb2eXjNL0VIZATb/n9/KWu19kBxmXQj98IGOTYFU5lennDEMHVwpzDQWO+1uGnHnNbsvolSSiyOLs5zWXUILAKoYgXsANe+Q8Hh6yEAG/jrL6i1S3bbTugYXaXQ1kVnDLZbm2rE6nyGhHpM9sZiuJS2mtp6ltrFKtJgd1tTPLqFT65SN94HsuGfsAnu+Ufhgt75QfLjIuz+1RvxtHYapAj4/C02a5WxBBvoDod17eMqcZsNajEq+W9iylQwJGgOp0PfNTXoh1uN8rv4fnp++cBcFhkw6ZFYm9yxvqzHS5t4W8pG/gUe5YAchbcJMTBrvzEwopiBUrg8h/4lZtB7dkbyQB56TQ4phaZjFDNUQd9/Td8bQI229jI9RKiXznsuP5V7Kn0EvcEgzKo1ChU89Xb/avrCVqJVLKbE72tckHSwHG5Mk7OweRdd9txNyL6knmx4+AECTOvHGNIgcTEvEvHgQODTs04iNJgKRBOsfnjWeBHcRto52gs8DUARwjVMdA4CLEvEJgLmiXnRsB0VYwQloDhDI0AIRTAxP0o7PNqWJUaLenUI4Am6E+eYeYmDw9UBh37/Oe5VqSujI6hkYZWU6gg8JgdrdBEo5qwxGSiNSGQu4/lQgjOeAvr4wM1sXH9VVKndfT4zd0cfmE80xrIxFSncKb2DEFhY21K6E7t3OXuwto7lJ8PlA2Ard3nO6y5sYGlVBj0S8Cg6Z4oCnkHEzE7Io56qjvvL/ppibsEXgLmM6G4G5LnU7v1gej7Jp2pnw/f78JGXeRLHZOnZ5iQ8ahDHxgHwb8L/v8AZkhwDvEqkdl13jjJlDFBhA51I3QLsRvk1jIWJ4wKjG4nWU+GrMa6sqlramys1hY6kKCQOEtMYmhJ/fKO6LJ2qrfcF/xE/lAs8Iju2dxlA0VbWPiV90b9DrrraTTFtOgDjSsIREgCyx6xWEEzQFcwbGNZ4wtAdeNaNBjjAG8FDNBWgaVIVYNBCCAtowwgEaywEnRLR0DgI4CII4QHARwWcsKggKizyb6SuknWv1CEdWhsbnss/E2Gr24DcOPdrun3SL+HpGjTI611Nze2SnuJJ4E7v+bTxqtUN81wt9c7DtH7icB+7wJWz3GQ7rF2IsLC4VLi3C418pJw1TIwPCQcC+dKiBizLaqtxY2HZf4FT5Q9B8ynmNfKBv8AAV8wUjWWO0topRpFjvI0HMzObBq2S54CUO2tqmq1+A3DugQ8XiC7Mx1JMteiWOCVCjGwOovzmezzkuzALcnhaB7LhMcpbRh6ynx/SJDV6tFeq17HIhZVPe268pNh7EZSHrs1j7oNvWbzB00RQEUKOAAAgOw1AhbuLE7xy7ryn2jQek3WJdk3uo3gfaHdLt60jjFKDraBFwe0VdbqZ1epbUyi21hjSb+IoeyT9YnAX94Dh3jvklMVnTN3XgLjDmU21PLvgMBtE4cMhpliTc62bcBfLa5XvGmshPisis53LZv7h+svMLthHUHQ8bwOo9JUb3G13ZSGv929s3leSqe26De/bhqDv46jSGQYeotmRCDvuo1MhbU6NKwLJdWt97dqAQfbHc3kRAnjF0yLiolueYTqeJRjZXRjyDAn0BmAqsyOUcEMBmsLtdQdXS+rqOK+2ttcwgXRDe9gGs5INldRufMpF1ud+4ccu6B6SwgnWYXCbfq4dsrl3UvlyN1aJTW1xZyBw58LTZbO2lTrpnpsDb2gGBKnkcpIgPYRhEKyxloAwJ0JlnZYAmg80M6wVoGlURyiDVo9WgEUzmiRYDZ1o4LHBYAwIRRHBI9afpA5Fld0g22mFplmILkHIv8A9jyUSDtXpfQpBshFRl35TdR4kanyE8l25t56zl3bUm4JF2HIIl7IOV9YAdtY96jmo7asbl21uearvbkCQAOHOVYJOqIW/nqaj46R5ze0EAv79Q3Y9/a/SMrFTrUqM55LrbuudPSBKwGOenVR3emQDZl7PsEWYaC24mWO1MAcPUsuqPc025rxUnmNPKxmeDJuWmW8ST8BN30bdMVhuoqqQUsNfaAt2HUnlqPLvgR9m1s1F1XeFOg4ixmeqLlAvLV6L4StkfVT7LcGXn+o4SHj6gZrj0gRKKK28i3jNVsJcOhzM6X7yJjqyEbxLXZWyKdXXPc8V9lh+vH1gennFUKlO6upAtexBt6RKG0aIATrVuObCZzBdEcPa+errycDcByGssE6MYNd6FiL+3UbXfwB8IFliNoU1FzUQD74/WQ6rmqv1Op0IY6KdeHP5QB2bhUYFKNPNwsoNvM6k+Mt6LhBfjAr8ArglKo9rnuInbSpBFsDpu/WO2lWLLpvGt5SYmpUqsiXsSQo8WNh5m8CJjaud0QA5ew5W2joHAbXkCJXdSp60K/VFKpSmST1be2VVrjsaL7V7a6jjLPpIow2ITLotHEVKZ/7bpTqW/C7yp2jh7L1V7t1qlydNVZqRPhYo3/qXgEo4qrTdHd2K0zldCMrI/DOOIPBhoZ6XsnaiuoN73nmW0axavinDG1IBRfVWBdaZpsOKntaeYtJOysU9FkKezUynIWGZMwzDxUjc3rY7w3nSHYi10upKPcMjrvVx7LDv+YnntXOjMjjqyHGew0pVW0TEU/9J9zLuveeobLrFls2t5lOm2FAIrBc2VWWon/Uot/mKOZA7Y+6YGXF7dWUANygQ3KrUHabDk7zTcdpD7p3RNlY16Lq9JaRQDsgkU6zpftIdbOym6kHiNN8FVXQqXuAEps/NG7WExPipshPIyLinS4esjFHZg6Icpp11stS3DWwax/KB6xhMStRFqJqrC4594I4EboRhMj0Hx62egHzrq9Jjo2XQOjD7amxP3r8Zq2eAhMS8S8SBzmBzwjiDtA0Aj1M4COtAVWhVMCBCKIBRHARiiRNq7XTDrdu05BKotyzd9hqB3wD7R2hToJnqNbkPeY8gPz3Cefbb6Q1MV2EJCfYp1aYc/eBBznuB8oLaWJq1nNR1qDk3ULUVV5atoB4CQEqVGPZGGxAPuZFV/JLIw8rwKDGk7hUL2YDIyZKwN9ymx1vyPlK50ZfdWn3sbufz+E021aYrLlCZKo0FOr7R5CnVNmBvuV9OR4SrOAFuxg3J+1UZiPSyiBRsyX1Lufwj8zHpm9ykB3kFj6tJGIp1UOuSn3Bk09CZFc39qrfuAY/OwgPdXPtOq92YD4LJmwdonD1lfrMynsuNTdTvI7xv8u+Vl6Y4OfML+s4svBP7mMD1fauAXE0SgIv7dN+Aa2mv2Tx9eE87VGRzTcFWU5WB3gzRdCtsAr/AA7XBXVNd68VvzHyPdLHpPsXrl62mPrUH/uKPdP8w4engFDiMASugvpKhsM6nshr915ouju0Vaytv3WPxmjQICCANf3+/CBisM2ONsgqW3bv1Es8NsrHsczs4B3gkCbZKigX+EmJXUiBQbP2a6bxr6n1lg1Mrv3yfUrASqx+LAHfuA4k8LCBWba2itJc7nTlxJ5DmZA6C4tsTjKebgxcjkEBK/HLKfpc5Y6nQbhy5zQ/Q3hO3WrHgqovmczH4CAP6SFHW4pbah8NVH9aGkf9qiE2bsF6/wBY3YLomZSAe2qKGPgSin+kS8x2CTEYypiASUKU0A91shJzeFybeF5Z136pVYaWdAfBjl+ZEDzTpXQqUi6OEyuVLMihCxW5UtbedTIH8cGxKuoIRVRFB3gKoFj33BM3PTvCipTzDhr+v5TzzDUi7qote/tW1sPnA9d2HUBUGQemastPrE1ZCHA+0FN3XzXMPOSdh0cqAdwndKCwoO6i7IpcDmV7VvO0Dzg0kVsl70xZM3PC4jWm39Dnfwgu0wdH9tlI3X/xOGNhod5en63hCiEZfcQ5Cf8AyuJ7VNv6HIgqrsCKje2pV3H+rQcUq/4kZWgM2btIJUTEU1C9pespjQB7WLIPsuuYW4G3dPUetDAMpupAIPMEXE8uxRp1M9RRlKXSqqjUoHHV107xZcwm56J4o1MMoNsyMyG27TVSO4gi0C2Dzs84rGEQH5oy8WMtA0itHgwSiFUQHrDoINU4zGdIek3WXo4c3QGzuC/a5gdWpIXzF/DeFztjpMlO6Uu2/wBoK7IvgUUhjMJjHaqxLujltSr1alIn8YRYF6ii1+qB/mOLuPMyRQqZtFBb/s1s/wD8Fa5bwgREwrUzmFDEp/NScOO7ULb4yQtRa182WsRvV16rEabyrrcOd+hJPdEZFQK9xlL5M6B8PURt5zpqmnd6wjJUc5Hb/E02z0yQt6iWuAHHtEAZhqQdYA8QV6tTmaphnOVs4+sovpoDztqOBA3XlXicJTRnTE1atwQaZUB1dCLhrsRv/MS4p4hAGqZPqqnYxFIb0YnR0HAX1XkbjlB1kdCEV1z01vSqEArUwzm7C5BtYdsb9zCBncSuEX2RWfvZkXX+mV75T7FEkcNWf8psHbEnQYnDaaAhqY9Oxf4SsxeHrn28ZT8qxPwUAQKEdYNyZf6Lf7o1jV4sB/Uo+XhCYvCoNTXVj3Bm+N5DyJ9o+SwDU69VHV1cZlII7SnX9P1nqGx9pJWpo67yO0L+y3vCeTOE4FvSXHRnaYo1At+w5AJ3Wf3Tv47vTlA1u2+jpZzXw1g+903BjxZTuDcxuO/TjQrtipSbI6spG9WFj6H5zbUsRcSPjXUizqGHJgGHxgRMN0ipMmrWPIx9Hb6D3x6yH/8AzqbGwo0/wLNBszohhaq2enlb7SGx9LW9RArK/SBdynOeAGvryjMCjM2dzdzcADco7uZ75dYno3h6JP1yIBpeoMgNt4DAENbQHdaRa+TIWoulWxCk03R+0QSq2U3zEA2HceUCsw1Km1Zmex6u1g1rDjmN+QmgwLtUzCklkIKs9ygdTvAG8i3Ezz7Z2MV8Qrkgrmtl4HS4J5ier7LqLYeEBlNcgHYJUb8upHlxHhrIfSHFKcJWdWBC0y6nvWzD4iX7rxEwfTqkiISzMqVDcqpsrOpv6nTTja8Cg2p0g69FppfddzyEi7FT64abpV0WBHYBuxsANSeQ75othbJc1O2xVtDlWxIHedwgegbLY2F5Kx9MMpHAjXzkbD0coGpPiZIfVbwPLsVhVpv1TaJrh3v/ANGsSabX5JUVvK0hKC5AbewGcfz64asfU03mk6V0Q532zjqSeRftU2Pg6IP6zM2WLHNuNTK/eDUU0qg7stVEPnAFg665ErFRmpDqcQm7rKT9gP4i+U94Uy96A1slSpSvcG4/qT2GH3lLfglFtHDhLOvsYijUvbXtg3YfiVJJ2VieorLWJy5KjUqwIJ3lijEDXUZlvwtxgemMIwiSaRV1V0IZWAII1BB3WIiMkCPaDtJBgvOBoEWFd1RS7sFUbyTYTp0DC9Iekj1wUpgrR5nKvWcLl3ITL/KA/eAZQI/86eeKcHw7ChR6Tp0Agruuod7aC9PGo1rm2qtra54+sI6Z2am7KtVWVqfWU6ahxbRS677k6Xup011iToBqdRsz5UIc/wCdhXvapzemTx423jeMwjKioEUhyaOb6up/4mHqb8j21tfXTxHI9OgdUZyzOFXrkU9fT9yvSPtOoGhuLE27mG6MWmjotLP2HzNh6jWBR/foudwBNvPKdxnToFfhKN1KnCO7U2NNyr1PbXmoBANiDbviVqCa5sFWHi9QfNPGLOgVmKRPdwr373qH4BRKmop4Ubd1nPznToAWY/YH4W/WNKnflsNxGtjOnQNv0Y2pnQKx7SaG/EcD+veJpKeEaoQBOnQNJs3YoWxI1/f6SZtnGU8Jh3rsAci3VLhc77kQHvNok6B5JT2saH+ISun8TUqVC6OjMtMPmcvncZb3IAABOp7xM2+LZ83ZA7CltWIZlv23Gt3OY2JtlvpaLOgDw+Is2lgBusLcbi/E8tZ6p0a2mHRTfXd5zp0DV0sRKjpdsX+ModWrhGDBwxGYXAIsRcEXvvE6dAotl9HqeDQsVNSqB7ZsLE7gg90X85Z7D2aEGdtXY3J8Yk6BdVGAtIuKJtp8506BjNvIztkU+32A2mj5WZCP60UTO583aC2LXcDgpqA51/pr0x+KLOgBwo6xBTJ0FSoi62s1VCafkXQjzkps9UU61NVZ3BpVUYLlNSmAwJDGxLIN3MGdOgazoNtEWfDFSjKSwpNe6X9oITqUvrY6i54Wmqczp0ATiAnToH//2Q==" }, "id": 3910, "userType": "I", "homeServer": "Void host", "shortName": "pgarcia", "primaryGroupDescription": "Music", "primaryGroup": "Music" } ] } 2. Use the boolean operator + Request GET http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User?textFilter=fran~ +bacall Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 3, "startIndex": 1, "Resources": [ { "lastName": "Bacall", "createdByUser": "ActiveDirectory", "fullName": "Lauren Bacall", "active": true, "userName": "lbacall", "mailAlias": "", "firstName": "Lauren", "createdDate": "2023-08-08 14:26:14", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/2844", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'lbacall'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'lbacall'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'lbacall'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'lbacall'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/2844/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "pgarcia", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-08-22 17:34:07", "attributes": {}, "id": 2844, "userType": "I", "primaryGroupDescription": "Music", "primaryGroup": "Music" }, { "lastName": "Sinatra", "createdByUser": "ActiveDirectory", "fullName": "Frank Sinatra", "active": true, "userName": "frank", "mailAlias": "", "firstName": "Frank", "createdDate": "2023-09-06 13:12:54", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'frank'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'frank'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'frank'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'frank'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "ActiveDirectory", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-09-06 13:12:55", "attributes": {}, "id": 276435, "userType": "I", "primaryGroupDescription": "Music", "primaryGroup": "Music" }, { "lastName": "Sherwood", "createdByUser": "pgarcia", "fullName": "Frank Sherwood", "active": true, "userName": "franks", "mailAlias": "", "firstName": "Frank", "createdDate": "2023-10-05 15:32:40", "multiSession": false, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/432644", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'franks'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'franks'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'franks'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'franks'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/432644/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "pgarcia", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-10-05 15:32:40", "attributes": {}, "id": 432644, "userType": "I", "primaryGroupDescription": "scientist", "primaryGroup": "scientist" } ] } 3. Use the boolean operator - Request GET http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User?textFilter=fran~ -Sherwood Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 1, "startIndex": 1, "Resources": [ { "lastName": "Sinatra", "createdByUser": "ActiveDirectory", "fullName": "Frank Sinatra", "active": true, "userName": "frank", "mailAlias": "", "firstName": "Frank", "createdDate": "2023-09-06 13:12:54", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'frank'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'frank'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'frank'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'frank'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276435/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "ActiveDirectory", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-09-06 13:12:55", "attributes": {}, "id": 276435, "userType": "I", "primaryGroupDescription": "Music", "primaryGroup": "Music" } ] } Example 5 1. U Request  GET http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User?textFilter=(firstName:aretha OR firstName:Rosalind) AND lastName:Franklin AND birthDate:1979-01-01 Response 200 OK { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:ListResponse" ], "totalResults": 2, "startIndex": 1, "Resources": [ { "lastName": "Franklin", "createdByUser": "ActiveDirectory", "fullName": "Aretha Franklin", "active": true, "userName": "aretha", "mailAlias": "", "firstName": "Aretha", "createdDate": "2023-09-06 13:12:54", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276397", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'aretha'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'aretha'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'aretha'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'aretha'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/276397/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "pgarcia", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-10-05 16:02:40", "attributes": { "birthDate": "1979-01-01 00:00:00" }, "id": 276397, "userType": "I", "primaryGroupDescription": "World", "primaryGroup": "world" }, { "lastName": "Franklin", "createdByUser": "ActiveDirectory", "fullName": "Rosalind Franklin", "active": true, "userName": "rfranklin", "mailAlias": "", "firstName": "Rosalind", "createdDate": "2023-08-08 14:26:14", "multiSession": true, "meta": { "location": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/2862", "links": { "roleAccounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/RoleAccount?filter=userCode+eq+'rfranklin'+and+enabled+eq+true", "groupUsers": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/GroupUser?filter=user+eq+'rfranklin'+and+disabled+eq+false", "accounts": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Account?filter=type+eq+U+and+users.user.userName+eq+'rfranklin'", "issues": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/Issue?filter=user.userName+eq+'rfranklin'", "effectiveGrants": "http://soffid.35x.lab:8089/soffid/webservice/scim2/v1/User/2862/effectiveGrants" }, "resourceType": "User" }, "modifiedByUser": "pgarcia", "schemas": [ "urn:soffid:com.soffid.iam.api.User" ], "modifiedDate": "2023-10-05 16:03:02", "attributes": { "birthDate": "1979-01-01 00:00:00" }, "id": 2862, "userType": "I", "primaryGroupDescription": "scientist", "primaryGroup": "scientist" } ] } Operation Operation The Lucene index information is stored in files arranged in a folder structure. This folder structure is replicated in every Soffid Console and every Sync Server and also is saved in the database. In case an instance (Docker, Kubernetes, or stand-alone) detects an inconsistency, the information will be overwritten with the database data. When you update an object, marked as the textual index, a task will be created. The soffid agent will execute this task and the Sync Server will update the database tables related to the textual index. Folder structure The folder structure is the following: ../index// Example 1. Here you are the folder structure for the Soffid Console 2. And the folder structure for the Sync Server Database  The database tables involved: SC_LUINPA SC_LUNIND Example 1. The database structure soffid agent You can check the soffid agent status by visiting the Sync Server monitoring page: Main Menu  >  Administration  >  Monitoring and reporting  >  Sync server monitoring Example 1. A soffid agent pending task: Step-by-step Example 1 1. You update one user's data and save the changes. 2. New tasks are created and executed. 3. Then Sync Server indexes the updated text and places the index file. 4. Then Sync Server and updates the database table SC_LUNIND by upgrading the LIP_TIMSTA field of the User object or by creating a new record if it did not previously exist. 5. When the following search will be performed, the very first thing to do is check the database file. If it is necessary update the file system and finally perform the search. Example 2 1. The task engine mode is Read only 2. You update one user's data and save the changes. 3. A new task is created and executed 4. Then Sync Server indexes the updated text and places the index file. 5. Then Sync Server and updates the database table SC_LUNIND by upgrading the LIP_TIMSTA field of the User object or by creating a new record if it did not previously exist. 6. When the following search will be performed, the very first thing to do is check the database file. If it is necessary update the file system and finally perform the search.