/
SCIM 2.0 Examples

SCIM 2.0 Examples

The examples below uses the curl and jq command line tools (available on most systems) and are simple examples showing the overall concept. For defined (closed) OpenID Security Domains , Buypass will provide OpenAPI (Swagger) resources with greater detail (on restricted URLs).

Get Access Token

How to retrieving a access (bearer) token from the OAuth2/OIDC server is described here: SCIM 2.0 API authentication and here: token (details will vary with the OpenID Security Domains).

An illustrating example for getting an access token:

BASEURL="https://auth.buypass.no/auth/realms/SECURITYDOMAIN/protocol/openid-connect"; CLIENT_ID="scim-client" CLIENT_SECRET="mysecret" BASIC_AUTH=`echo -n "${CLIENT_ID}:${CLIENT_SECRET}"| base64` SCOPE="scim.data_read scim.data_write" curl -i -w "\n" \ -H "Content-Type: application/x-www-form-urlencoded" \ -H "Authorization: Basic ${BASIC_AUTH}" \ -X POST "${BASEURL}/token" \ -d "grant_type=client_credentials"\ "&scope=${SCOPE}" | jq # Use ex. the "jq" tool to pick the Access Token and put it in the ACCESS_TOKEN environment variable

Add user using SCIM

USERNAME=someuser MOBILE=+4711223344 curl -d "{\"schemas\":[\"urn:ietf:params:scim:schemas:core:2.0:User\"], \"userName\":\"${USERNAME}\", \"active\":\"true\", \"phoneNumbers\":[{\"value\":\"${MOBILE}\",\"type\":\"mobile\"}] }" \ -H "Content-Type: application/scim+json" \ -H "Authorization: Bearer ${ACCESS_TOKEN}" \ -X POST https://api.buypass.no/SECURITYDOMAIN/scim/v2/Users | jq

Search user using SCIM

USERNAME=someuser curl -X GET "https://api.buypass.no/SECURITYDOMAIN/scim/v2/Users?filter=userName%20eq%20%22${USERNAME}%22" \ -H "accept: application/scim+json" \ -H "Authorization: Bearer ${ACCESS_TOKEN}" | jq

Get user using SCIM

USERNAME=someuser TEMP_USER_UUID=`curl -X GET "https://api.buypass.no/SECURITYDOMAIN/scim/v2/Users?filter=userName%20eq%20%22${USERNAME}%22" \ -H "accept: application/scim+json" \ -H "Authorization: Bearer ${ACCESS_TOKEN}" | jq -r '.Resources[0].id'` echo $TEMP_USER_UUID curl -X GET "https://api.buypass.no/SECURITYDOMAIN/scim/v2/Users/${TEMP_USER_UUID}" \ -H "accept: application/scim+json" \ -H "Authorization: Bearer ${ACCESS_TOKEN}" | jq

Remove user using SCIM

USERNAME=someuser TEMP_USER_UUID=`curl -X GET "https://api.buypass.no/SECURITYDOMAIN/scim/v2/Users?filter=userName%20eq%20%22${USERNAME}%22" \ -H "accept: application/scim+json" \ -H "Authorization: Bearer ${ACCESS_TOKEN}" | jq -r '.Resources[0].id'` echo $TEMP_USER_UUID curl -X DELETE "https://api.buypass.no/SECURITYDOMAIN/scim/v2/Users/${TEMP_USER_UUID}" \ -H "Authorization: Bearer ${ACCESS_TOKEN}"