SCIM Server API Overview

    SCIM Server API Overview

    This API has been available since 1.36.0

    This page contains all of the APIs for managing Users and Groups using SCIM requests. See our overview of FusionAuth’s support for the SCIM specification for more details.

    FusionAuth supported SCIM Resource API endpoints

    FusionAuth supported Service Provider Configuration endpoints:

    Authentication

    In order to use the authenticated FusionAuth SCIM API endpoints, you must create a SCIM client entity and execute the Client Credentials authorization workflow. Default Entity Types are provided for you with permission configurations for each individual endpoint. A SCIM Client must use credentials for a SCIM Client Entity and that Entity must have the corresponding permission for that endpoint enabled.

    SCIM Error Responses

    All error responses from From FusionAuth SCIM API endpoints will be returned using the SCIM urn:ietf:params:scim:api:messages:2.0:Error schema as defined by RFC 7644 Section 3.12.

    Example SCIM error response
    
{
  "detail": "[UnauthorizedException] Your supplied token is not authorized to make this SCIM request.",
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:Error"
  ],
  "status": "401"
}

    When applicable, additional error details will be provided using the urn:ietf:params:scim:schemas:extension:fusionauth:2.0:Error SCIM schema extension.

    Example SCIM Error Response with FusionAuth custom extension schema
    
{
  "detail": "Request failed, see errors for additional details.",
  "schemas": [
    "urn:ietf:params:scim:schemas:extension:fusionauth:2.0:Error",
    "urn:ietf:params:scim:api:messages:2.0:Error"
  ],
  "status": "400",
  "urn:ietf:params:scim:schemas:extension:fusionauth:2.0:Error": {
    "fieldErrors": {
      "user.username": [
        {
          "code": "[duplicate]user.username",
          "message": "A User with username = [johnny123] already exists."
        }
      ]
    },
    "generalErrors": [
      {
        "code": "[invalid]",
        "message": "Your JSON was invalid"
      }
    ]
  }
}

    Feedback

    How helpful was this page?

    See a problem?

    File an issue in our docs repo

    Have a question or comment to share?

    Visit the FusionAuth community forum.