SCIM 2.0 Examples
The examples below uses the curl and jq command line tools (available on most systems) and are simple examples showing the overall concept. For defined (closed) https://buypassdev.atlassian.net/wiki/spaces/DEVSPACE/pages/672595971 , Buypass will provide OpenAPI (Swagger) resources with greater detail (on restricted URLs).
Get Access Token
How to retrieving a access (bearer) token from the OAuth2/OIDC server is described here: https://buypassdev.atlassian.net/wiki/spaces/DEVSPACE/pages/1084948497 and here: https://buypassdev.atlassian.net/wiki/spaces/DEVSPACE/pages/672628783 (details will vary with the ).
An illustrating example for getting an access token:
BASEURL="https://auth.buypass.no/auth/realms/SECURITYDOMAIN/protocol/openid-connect";
CLIENT_ID="scim-client"
CLIENT_SECRET="mysecret"
BASIC_AUTH=`echo -n "${CLIENT_ID}:${CLIENT_SECRET}"| base64`
SCOPE="scim.data_read scim.data_write"
curl -i -w "\n" \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "Authorization: Basic ${BASIC_AUTH}" \
-X POST "${BASEURL}/token" \
-d "grant_type=client_credentials"\
"&scope=${SCOPE}" | jq
# Use ex. the "jq" tool to pick the Access Token and put it in the ACCESS_TOKEN environment variableAdd user using SCIM
USERNAME=someuser
MOBILE=+4711223344
curl -d "{\"schemas\":[\"urn:ietf:params:scim:schemas:core:2.0:User\"], \"userName\":\"${USERNAME}\", \"active\":\"true\", \"phoneNumbers\":[{\"value\":\"${MOBILE}\",\"type\":\"mobile\"}] }" \
-H "Content-Type: application/scim+json" \
-H "Authorization: Bearer ${ACCESS_TOKEN}" \
-X POST https://api.buypass.no/SECURITYDOMAIN/scim/v2/Users | jq Search user using SCIM
USERNAME=someuser
curl -X GET "https://api.buypass.no/SECURITYDOMAIN/scim/v2/Users?filter=userName%20eq%20%22${USERNAME}%22" \
-H "accept: application/scim+json" \
-H "Authorization: Bearer ${ACCESS_TOKEN}" | jqGet user using SCIM
Remove user using SCIM