3
Know more about SAP IAS SCIM APIs - Latest
source link: https://community.sap.com/t5/technology-blogs-by-sap/know-more-about-sap-ias-scim-apis-latest/ba-p/13527075
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Dear All,
This article is mainly for partners and customers who wants to automate internal & external users sync (on-boarding) to SAP IAS by using the below SCIM APIs from your external system or applications. I have listed out all the examples for you to understand..This below flow makes you understand to automate Users Sync from any of your 3rd party applications, so once user is on-boarded they would get appropriate access to SAP Applications
Note :SAP Cloud Identity Services offers standard user provisioning sync through SAP IPS for user sync process with SCIM 2.0 |
IAS SCIM REST API provides developers to Create & Manage users, groups and custom schemas in the cloud.
For more information, see the latest SCIM API Documentation: .
The identity directory provides a System for Cross-domain Identity Management (SCIM) 2.0 REST API for managing resources (users, groups and custom schema)
Get's Started
Read Users
### https://api.sap.com/api/IdDS_SCIM/resource Identity Directory Service
GET https://<iastenant>.accounts.ondemand.com/scim/Users
Content-Type: application/scim+json
Authorization: Basic @{{token}}
This is how you compare 2 different results from Deprecated API endpoint vs latest API endpoint
Filter Method
#### Filter on userName
GET https://<iastenant>.accounts.ondemand.com/scim/Users?filter=userName eq "[email protected]"
Authorization: Basic @{{token}}
Another example using sub filter on Json value#### Filter on emails.value
GET https://<iastenant>.accounts.ondemand.com/scim/Users?filter=emails.value eq "[email protected]"
Authorization: Basic @{{token}}
Another example to filter Users based on count and Index### https://api.sap.com/api/IdDS_SCIM/resource Identity Directory Service
GET https://<iastenant>.accounts.ondemand.com/scim/Users?startIndex=2&count=5
Content-Type: application/scim+json
Authorization: Basic @{{token}}
Create User
###
POST https://<iastenant>.accounts.ondemand.com/scim/Users
Content-Type: application/scim+json
Authorization: Basic @{{token}}
{
"emails": [
{
"primary": true,
"value": "[email protected]"
}
],
"active":"True",
"name": {
"familyName": "Muthaiah",
"givenName": "Yogananda"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"userName": "yoga"
}
Delete a User
#### Delete the user
DELETE https://<iastenant>.accounts.ondemand.com/scim/Users/280b8446-7ce2-4a91-b6a0-18777d1ffea2
Authorization: Basic @{{token}}
id refers Users GUID
Read Groups
###
GET https://<iastenant>.accounts.ondemand.com/scim/Groups
Content-Type: application/scim+json
Authorization: Basic @{{token}}
Create Groups
###
POST https://<iastenant>.accounts.ondemand.com/scim/Groups
Content-Type: application/scim+json
Authorization: Basic @{{token}}
{
"displayName": "New group name",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group",
"urn:sap:cloud:scim:schemas:extension:custom:2.0:Group"
]
}
Assign Group to a User
###
PATCH https://<iastenant>.accounts.ondemand.com/scim/Groups/e26f6138-c382-4be5-addb-459186030f6e
Content-Type: application/scim+json
Authorization: Basic @{{token}}
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations": [
{
"op": "add",
"path": "members",
"value": [
{
"display": "yoga",
"value": "280b8446-7ce2-4a91-b6a0-18777d1ffea2"
}
]
}
]
}
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK