SCIM 2.0 Examples
- Kai Bjørnstad (Deactivated)
Owned by Kai Bjørnstad (Deactivated)
The examples below uses the curl and jq command line tools (available on most systems) and are simple examples showing the overall concept. For defined (closed) OpenID Security Domains , Buypass will provide OpenAPI (Swagger) resources with greater detail (on restricted URLs).
Get Access Token
How to retrieving a access (bearer) token from the OAuth2/OIDC server is described here: SCIM 2.0 API authentication and here: token (details will vary with the OpenID Security Domains).
An illustrating example for getting an access token:
BASEURL="https://auth.buypass.no/auth/realms/SECURITYDOMAIN/protocol/openid-connect";
CLIENT_ID="scim-client"
CLIENT_SECRET="mysecret"
BASIC_AUTH=`echo -n "${CLIENT_ID}:${CLIENT_SECRET}"| base64`
SCOPE="scim.data_read scim.data_write"
curl -i -w "\n" \
-H "Content-Type: application/x-www-form-urlencoded" \
-H "Authorization: Basic ${BASIC_AUTH}" \
-X POST "${BASEURL}/token" \
-d "grant_type=client_credentials"\
"&scope=${SCOPE}" | jq
# Use ex. the "jq" tool to pick the Access Token and put it in the ACCESS_TOKEN environment variableAdd user using SCIM
USERNAME=someuser
MOBILE=+4711223344
curl -d "{\"schemas\":[\"urn:ietf:params:scim:schemas:core:2.0:User\"], \"userName\":\"${USERNAME}\", \"active\":\"true\", \"phoneNumbers\":[{\"value\":\"${MOBILE}\",\"type\":\"mobile\"}] }" \
-H "Content-Type: application/scim+json" \
-H "Authorization: Bearer ${ACCESS_TOKEN}" \
-X POST https://api.buypass.no/SECURITYDOMAIN/scim/v2/Users | jq Search user using SCIM
USERNAME=someuser
curl -X GET "https://api.buypass.no/SECURITYDOMAIN/scim/v2/Users?filter=userName%20eq%20%22${USERNAME}%22" \
-H "accept: application/scim+json" \
-H "Authorization: Bearer ${ACCESS_TOKEN}" | jqGet user using SCIM
Remove user using SCIM
Â