SCIM JSON format

Request format

In the PUT and PATCH methods, a JSON stream with the data model is required (please see this format in the following link:  Resource data model).

Response format

The response format will be represented as a SCIM JSON response, but all the keys in the response will depend on the method requested and the result of the operation.

HTTP Method

GET

Retrieves one or more complete or partial resources.

POST

Depending on the endpoint, creates new resources, creates a search request, or MAY be used to bulk-modify resources.

PUT

Modifies a resource by replacing existing attributes with a specified set of replacement attributes (replace). PUT MUST NOT be used to create new resources.

PATCH

Modifies a resource with a set of client-specified changes

(partial update).

DELETE

Deletes a resource.

HTTP Status

The most commons responses

Successful Responses

200

OK

201

Created

204 

No Content

Error Response

400

Bad Request

401

Unauthorized

403

Forbidden

404

Not Found

500

Internal Server Error

For example, when you search by id but no resource is found, only a 404 HTTP code is included in the response (the body is empty, no JSON is provided).

User cases:

  • Search by id but no resource is found (404 code).
  • Update all, the id is not found (404 code).
  • Update partial, the id is not found (404 code).
  • Delete, the id is not found (404 code).
  • A "/<resource>" (in the URL) not exist (404 code).
  • Other errors (404 or 500 code).

SCIM JSON error

For example, if an attempt to delete a resource is made, but this resource is not found the following JSON response will be obtained:

{
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:Error"
  ],
  "detail": "User 1234 not found",
  "status": "404"
}

This is the description of this type of response:

Attribute
Description
schemas Defined by SCIM protocl. Always: "urn:ietf:params:scim:api:messages:2.0:Error"
detail Returns the description on the validation, problem, error, etc
status Is the HTTP status, that is the same that the HTTP code of the HTTP response

User cases:

  • When you try to delete a resource but it's not found (404 code).
  • When you try to delete a group, the solution is to disable it by PATCH (500 code).
  • Generic errors (500 code).

SCIM JSON list

For example, when a list of resources is requested, this is the JSON output format:

Note, to simplify the JSON output every resource has been replaced by {...}

{
  "totalResults": 3,
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:ListResponse"
  ],
  "resources": [
    {...},
    {...},
    {...}
  ]
}

This is the description of this type of response:

Attribute
Description
totalResults Number of the resources returned in the response
schemas Defined by SCIM protocl. Always: "urn:ietf:params:scim:api:messages:2.0:ListResponse"
resources  List of resources returned

User cases:

  • A list all operation (200 code).
  • A search by filter operation  (200 code).
  • The delete operation (204 code).

JSON resource

For example, when a resource by id is requested, this is the JSON format:

Note, to simplify the JSON output every resource has been replaced by {...}

{
  "id": 11345
  "organizational": true,
  ...
}

In this case, the JSON stream of the resource is included directly in the response.

User cases:

  • Search by id operations (200 code).
  • Successful create operations (201 code).
  • Successful complete update operations (200 code).
  • Successful partial update operations (200 code).