This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Prior to IS 5.4.0, SCIM 2.0 was supported as an external connector that could be plugged in to WSO2 Identity Server. From 5.4.0 onwards, SCIM 2.0 is supported OOTB with WSO2 IS.

For information on user and tenant management using SCIM 2.0 REST APIs, see the REST API swagger docs for SCIM APIs.

The default permissions required to access each resource in SCIM 2.0 are given below. 

EndpointHTTP MethodPermission
/scim2/Users
POST
/permission/admin/manage/identity/usermgt/create
/scim2/Users
GET
/permission/admin/manage/identity/usermgt/list
/scim2/Groups
POST
/permission/admin/manage/identity/rolemgt/create
/scim2/Groups
GET
/permission/admin/manage/identity/rolemgt/view
/scim2/Users/(.*)
GET
/permission/admin/manage/identity/usermgt/view
/scim2/Users/(.*)
PUT
/permission/admin/manage/identity/usermgt/update
/scim2/Users/(.*)
PATCH
/permission/admin/manage/identity/usermgt/update
/scim2/Users/(.*)
DELETE
/permission/admin/manage/identity/usermgt/delete
/scim2/Groups/(.*)
GET
/permission/admin/manage/identity/rolemgt/view
/scim2/Groups/(.*)
PUT
/permission/admin/manage/identity/rolemgt/update
/scim2/Groups/(.*)
PATCH
/permission/admin/manage/identity/rolemgt/update
/scim2/Groups/(.*)
DELETE
/permission/admin/manage/identity/rolemgt/delete
/scim2/Me
GET
/permission/admin/login
/scim2/Me
DELETE
/permission/admin/login
/scim2/Me
PUT
/permission/admin/login
/scim2/Me
PATCH
/permission/admin/login
/scim2/Me
POST
/permission/admin/manage/identity/usermgt/create
/scim2/ServiceProviderConfig
all-
/scim2/ResourceType
all-
/scim2/Bulk
all
/permission/admin/manage/identity/usermgt

More information about how to secure the REST APIs and configure authorization level can be found from Authenticating and Authorizing REST APIs

  • No labels