SCIM Webservices

1. Overview

These services expose capabilities to manage employees lifecycle with SAP Identity Authentication Service and SAP Identity Provisioning Service.

1.1. Version information

Version : 2.0.0

1.2. License information

License : Use of this file is subject to the terms of your agreement with SAP SE or its affiliates respecting the use of the SAP product for which this file relates.
Terms of service : null

1.3. URI scheme

Host : hostname
BasePath : /scim/v2

1.4. Tags

Scim Groups : Scim Groups Controller
Scim Users : Scim Users Controller

2. Paths

2.1. Create a scim group in Commerce

POST /Groups

2.1.1. Description

Endpoint to create a scim group in Commerce

2.1.2. Parameters

Type	Name	Description	Schema
Body	scimGroup optional	The ScimGroup that contains information about the group.	ScimGroup

Type

Name

Description

Schema

Body

scimGroup
optional

The ScimGroup that contains information about the group.

ScimGroup

2.1.3. Responses

HTTP Code	Description	Schema
200	OK	ScimGroup
401	Unauthorized	No Content
403	Forbidden	No Content
404	Not Found	No Content

HTTP Code

Description

Schema

200

ScimGroup

401

Unauthorized

No Content

403

Forbidden

No Content

404

Not Found

No Content

2.1.4. Consumes

application/json

2.1.5. Produces

application/json

2.1.6. Tags

Scim Groups

2.1.7. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

2.2. Get all scim groups from commerce

GET /Groups

2.2.1. Description

Endpoint to retrieve all existing scim groups along with their members from Commerce.

2.2.2. Parameters

Type Name Description Schema Default

Type	Name	Description	Schema	Default
Query	count optional	Total number of scim groups to be fetched from Commerce on a page.	integer (int32)	`0`
Query	startIndex optional	The starting point for fetch of scim groups from Commerce on a page.	integer (int32)	`1`

Query

count
optional

Total number of scim groups to be fetched from Commerce on a page.

integer (int32)

0

Query

startIndex
optional

The starting point for fetch of scim groups from Commerce on a page.

integer (int32)

1

2.2.3. Responses

HTTP Code	Description	Schema
200	OK	ScimGroupList
401	Unauthorized	No Content
403	Forbidden	No Content
404	Not Found	No Content

HTTP Code

Description

Schema

200

ScimGroupList

401

Unauthorized

No Content

403

Forbidden

No Content

404

Not Found

No Content

2.2.4. Produces

application/json

2.2.5. Tags

Scim Groups

2.2.6. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

2.3. Get group from Commerce

GET /Groups/{groupId}

2.3.1. Description

Endpoint to get the details of scim group along with members from Commerce according to the group-id provided

2.3.2. Parameters

Type	Name	Description	Schema
Path	groupId required	Group ID of the Scim Group to fetch.	string

Type

Name

Description

Schema

Path

groupId
required

Group ID of the Scim Group to fetch.

string

2.3.3. Responses

HTTP Code	Description	Schema
200	OK	ScimGroup
401	Unauthorized	No Content
403	Forbidden	No Content
404	Not Found	No Content

HTTP Code

Description

Schema

200

ScimGroup

401

Unauthorized

No Content

403

Forbidden

No Content

404

Not Found

No Content

2.3.4. Produces

application/json

2.3.5. Tags

Scim Groups

2.3.6. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

2.4. Update group in Commerce

PUT /Groups/{groupId}

2.4.1. Description

Endpoint to update details of a scim group in Commerce for which Id is provided

2.4.2. Parameters

Type	Name	Description	Schema
Path	groupId required	Group ID of the Scim Group to update.	string
Body	scimGroup optional	The ScimGroup that contains the information to be updated.	ScimGroup

Type

Name

Description

Schema

Path

groupId
required

Group ID of the Scim Group to update.

string

Body

scimGroup
optional

The ScimGroup that contains the information to be updated.

ScimGroup

2.4.3. Responses

HTTP Code	Description	Schema
200	OK	ScimGroup
401	Unauthorized	No Content
403	Forbidden	No Content
404	Not Found	No Content

HTTP Code

Description

Schema

200

ScimGroup

401

Unauthorized

No Content

403

Forbidden

No Content

404

Not Found

No Content

2.4.4. Consumes

application/json

2.4.5. Produces

application/json

2.4.6. Tags

Scim Groups

2.4.7. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

2.5. Delete scim group from Commerce

DELETE /Groups/{groupId}

2.5.1. Description

Endpoint to delete scim group from Commerce for which id is provided

2.5.2. Parameters

Type	Name	Description	Schema
Path	groupId required	Group ID of the Scim Group to delete.	string

Type

Name

Description

Schema

Path

groupId
required

Group ID of the Scim Group to delete.

string

2.5.3. Responses

HTTP Code	Description	Schema
200	OK	boolean
204	No Content	No Content
401	Unauthorized	No Content
403	Forbidden	No Content

HTTP Code

Description

Schema

200

boolean

204

No Content

401

Unauthorized

No Content

403

Forbidden

No Content

2.5.4. Tags

Scim Groups

2.5.5. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

2.6. Patch update scim group in commerce

PATCH /Groups/{groupId}

2.6.1. Description

Endpoint to update scim group in Commerce with the details provided

2.6.2. Parameters

Type	Name	Description	Schema
Path	groupId required	Group ID of the Scim Group to update.	string
Body	scimGroup optional	The ScimGroup that contains the information to be updated.	ScimGroup

Type

Name

Description

Schema

Path

groupId
required

Group ID of the Scim Group to update.

string

Body

scimGroup
optional

The ScimGroup that contains the information to be updated.

ScimGroup

2.6.3. Responses

HTTP Code	Description	Schema
200	OK	ScimGroup
204	No Content	No Content
401	Unauthorized	No Content
403	Forbidden	No Content

HTTP Code

Description

Schema

200

ScimGroup

204

No Content

401

Unauthorized

No Content

403

Forbidden

No Content

2.6.4. Consumes

application/json

2.6.5. Produces

application/json

2.6.6. Tags

Scim Groups

2.6.7. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

2.7. Create user of type Employee

POST /Users

2.7.1. Parameters

Type	Name	Description	Schema
Body	scimUser optional	The ScimUser that contains information about the user	ScimUser

Type

Name

Description

Schema

Body

scimUser
optional

The ScimUser that contains information about the user

ScimUser

2.7.2. Responses

HTTP Code	Description	Schema
201	Created	ScimUser
401	Unauthorized	No Content
403	Forbidden	No Content
404	Not Found	No Content

HTTP Code

Description

Schema

201

Created

ScimUser

401

Unauthorized

No Content

403

Forbidden

No Content

404

Not Found

No Content

2.7.3. Consumes

application/json

2.7.4. Produces

*/*

2.7.5. Tags

Scim Users

2.7.6. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

2.8. Get users of type Employee

GET /Users

2.8.1. Description

Endpoint to retrive all users of type Employee from Commerce

2.8.2. Parameters

Type Name Description Schema Default

Type	Name	Description	Schema	Default
Query	count optional	Total number of users to be fetched from Commerce on a page.	integer (int32)	`0`
Query	startIndex optional	The starting point for fetch of users from Commerce on a page.	integer (int32)	`1`

Query

count
optional

Total number of users to be fetched from Commerce on a page.

integer (int32)

0

Query

startIndex
optional

The starting point for fetch of users from Commerce on a page.

integer (int32)

1

2.8.3. Responses

HTTP Code	Description	Schema
200	OK	ScimUserList
401	Unauthorized	No Content
403	Forbidden	No Content
404	Not Found	No Content

HTTP Code

Description

Schema

200

ScimUserList

401

Unauthorized

No Content

403

Forbidden

No Content

404

Not Found

No Content

2.8.4. Produces

application/json

2.8.5. Tags

Scim Users

2.8.6. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

2.9. Get user of type Employee

GET /Users/{userId}

2.9.1. Parameters

Type	Name	Description	Schema
Path	userId required	User ID of the User	string

Type

Name

Description

Schema

Path

userId
required

User ID of the User

string

2.9.2. Responses

HTTP Code	Description	Schema
200	OK	ScimUser
401	Unauthorized	No Content
403	Forbidden	No Content
404	Not Found	No Content

HTTP Code

Description

Schema

200

ScimUser

401

Unauthorized

No Content

403

Forbidden

No Content

404

Not Found

No Content

2.9.3. Produces

*/*

2.9.4. Tags

Scim Users

2.9.5. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

2.10. Update user of type Employee

PUT /Users/{userId}

2.10.1. Parameters

Type	Name	Description	Schema
Path	userId required	User ID of the User	string
Body	scimUser optional	The ScimUser that contains information about the user	ScimUser

Type

Name

Description

Schema

Path

userId
required

User ID of the User

string

Body

scimUser
optional

The ScimUser that contains information about the user

ScimUser

2.10.2. Responses

HTTP Code	Description	Schema
200	OK	ScimUser
201	Created	No Content
401	Unauthorized	No Content
403	Forbidden	No Content
404	Not Found	No Content

HTTP Code

Description

Schema

200

ScimUser

201

Created

No Content

401

Unauthorized

No Content

403

Forbidden

No Content

404

Not Found

No Content

2.10.3. Consumes

application/json

2.10.4. Produces

*/*

2.10.5. Tags

Scim Users

2.10.6. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

2.11. Disable Employee

DELETE /Users/{userId}

2.11.1. Parameters

Type	Name	Description	Schema
Path	userId required	User ID of the User	string

Type

Name

Description

Schema

Path

userId
required

User ID of the User

string

2.11.2. Responses

HTTP Code	Description	Schema
200	OK	boolean
204	No Content	No Content
401	Unauthorized	No Content
403	Forbidden	No Content

HTTP Code

Description

Schema

200

boolean

204

No Content

401

Unauthorized

No Content

403

Forbidden

No Content

2.11.3. Produces

*/*

2.11.4. Tags

Scim Users

2.11.5. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

2.12. Patch update Employee

PATCH /Users/{userId}

2.12.1. Parameters

Type	Name	Description	Schema
Path	userId required	User ID of the User	string
Body	scimUser optional	The ScimUser that contains information about the user	ScimUser

Type

Name

Description

Schema

Path

userId
required

User ID of the User

string

Body

scimUser
optional

The ScimUser that contains information about the user

ScimUser

2.12.2. Responses

HTTP Code	Description	Schema
200	OK	ScimUser
204	No Content	No Content
401	Unauthorized	No Content
403	Forbidden	No Content

HTTP Code

Description

Schema

200

ScimUser

204

No Content

401

Unauthorized

No Content

403

Forbidden

No Content

2.12.3. Consumes

application/json

2.12.4. Produces

*/*

2.12.5. Tags

Scim Users

2.12.6. Security

Type	Name	Scopes
oauth2	oauth2_client_credentials	basic

Type

Name

Scopes

oauth2

oauth2_client_credentials

basic

3. Definitions

3.1. ScimGroup

An authorization group in Commerce

Name Description Schema

Name	Description	Schema
displayName optional	name of the scim group Example : `"ServiceGroup1"`	string
id optional	id of the scim group Example : `"SG1"`	string
members optional	list of members of the group	< ScimGroupMember > array
meta optional		ScimGroupMeta

displayName
optional

name of the scim group
Example : "ServiceGroup1"

string

id
optional

id of the scim group
Example : "SG1"

string

members
optional

list of members of the group

< ScimGroupMember > array

meta
optional

ScimGroupMeta

3.2. ScimGroupList

List of all the scim groups

Name Description Schema

Name	Description	Schema
itemsPerPage optional	Total number of scim groups to be fetched from Commerce on a page. Example : `5`	integer (int32)
resources optional	List of all the scim groups fetched from Commerce	< ScimGroup > array
startIndex optional	The starting point for fetch of scim groups from Commerce on a page. Example : `3`	integer (int32)
totalResults optional	Total number of scim groups exists in Commerce. Example : `10`	integer (int32)

itemsPerPage
optional

Total number of scim groups to be fetched from Commerce on a page.
Example : 5

integer (int32)

resources
optional

List of all the scim groups fetched from Commerce

< ScimGroup > array

startIndex
optional

The starting point for fetch of scim groups from Commerce on a page.
Example : 3

integer (int32)

totalResults
optional

Total number of scim groups exists in Commerce.
Example : 10

integer (int32)

3.3. ScimGroupMember

Users who are members of the scim group

Name Description Schema

Name	Description	Schema
display optional	name of the member Example : `"John Doe"`	string
value optional	id of the member Example : `"E001"`	string

display
optional

name of the member
Example : "John Doe"

string

value
optional

id of the member
Example : "E001"

string

3.4. ScimGroupMeta

Metadata of a scim group

Name Description Schema

Name	Description	Schema
created optional	creation date and time of the scim group Example : `"2019-11-05T16:58:29+0000"`	string (date-time)
lastModified optional	date and time when scim group was last updated Example : `"2019-11-05T16:58:29+0000"`	string (date-time)
resourceType optional	type of scim resource Example : `"group"`	string
version optional	version of scim Example : `2`	integer (int32)

created
optional

creation date and time of the scim group
Example : "2019-11-05T16:58:29+0000"

string (date-time)

lastModified
optional

date and time when scim group was last updated
Example : "2019-11-05T16:58:29+0000"

string (date-time)

resourceType
optional

type of scim resource
Example : "group"

string

version
optional

version of scim
Example : 2

integer (int32)

3.5. ScimUser

Name	Schema
active optional	boolean
created optional	string (date-time)
displayName optional	string
emails optional	< ScimUserEmail > array
externalId optional	string
groups optional	< ScimUserGroup > array
id optional	string
lastModified optional	string (date-time)
locale optional	string
meta optional	ScimUserMeta
name optional	ScimUserName
nickName optional	string
phoneNumbers optional	< ScimUserPhoneNumber > array
preferredLanguage optional	string
profileUrl optional	string
timezone optional	string
title optional	string
userName optional	string
userType optional	string
verified optional	boolean

Name

Schema

active
optional

boolean

created
optional

string (date-time)

displayName
optional

string

emails
optional

< ScimUserEmail > array

externalId
optional

string

groups
optional

< ScimUserGroup > array

id
optional

string

lastModified
optional

string (date-time)

locale
optional

string

meta
optional

ScimUserMeta

name
optional

ScimUserName

nickName
optional

string

phoneNumbers
optional

< ScimUserPhoneNumber > array

preferredLanguage
optional

string

profileUrl
optional

string

timezone
optional

string

title
optional

string

userName
optional

string

userType
optional

string

verified
optional

boolean

3.6. ScimUserEmail

Name	Schema
primary optional	boolean
value optional	string

Name

Schema

primary
optional

boolean

value
optional

string

3.7. ScimUserGroup

Name	Schema
display optional	string
type optional	string
value optional	string

Name

Schema

display
optional

string

type
optional

string

value
optional

string

3.8. ScimUserList

List of all the users of type employee

Name Description Schema

Name	Description	Schema
itemsPerPage optional	Total number of users of type employee to be fetched from Commerce on a page. Example : `5`	integer (int32)
resources optional	List of all the users of type employee fetched from Commerce	< ScimUser > array
startIndex optional	The starting point for fetch of users of type employee to be fetched from Commerce on a page. Example : `1`	integer (int32)
totalResults optional	Total number of users of type employee exists in Commerce. Example : `10`	integer (int32)

itemsPerPage
optional

Total number of users of type employee to be fetched from Commerce on a page.
Example : 5

integer (int32)

resources
optional

List of all the users of type employee fetched from Commerce

< ScimUser > array

startIndex
optional

The starting point for fetch of users of type employee to be fetched from Commerce on a page.
Example : 1

integer (int32)

totalResults
optional

Total number of users of type employee exists in Commerce.
Example : 10

integer (int32)

3.9. ScimUserMeta

Name	Schema
created optional	string (date-time)
lastModified optional	string (date-time)
version optional	integer (int32)

Name

Schema

created
optional

string (date-time)

lastModified
optional

string (date-time)

version
optional

integer (int32)

3.10. ScimUserName

Name	Schema
displayName optional	string
familyName optional	string
givenName optional	string
honorificPrefix optional	string

Name

Schema

displayName
optional

string

familyName
optional

string

givenName
optional

string

honorificPrefix
optional

string

3.11. ScimUserPhoneNumber

Name	Schema
type optional	string
value optional	string

Name

Schema

type
optional

string

value
optional

string

4. Security

4.1. oauth2_client_credentials

Type : oauth2
Flow : application
Token URL : https://{oauth2_url}/authorizationserver/oauth/token

Name
basic

Name

basic