SCIM API

1.1 Overview

The SCIM API is based on the System for Cross-domain Identity Management (SCIM), which is an open standard for automating the exchange of user data between different user identity domains.

1.1.1 Postman Collection

The following file contains the supported methods and endpoints in JSON format which can be uploaded to Postman:

1.2 Access

The SCIM API uses Oauth 2.0 for authentication. This token is then used in the Authorization header as the bearer.

Attention: In order to receive an access token, you must have ADMINISTRATOR or SUPERUSER privileges.

1.2.1 Get Access Token

The following example shows how to get the access token.

POST https://auth.coresuite.com/api/oauth2/v1/token HTTP/1.1

Authorization Basic [base64 client_id:client_secret]
Content-Type

application/x-www-form-urlencoded

Body urlencoded

grant_type client_credentials

1.2.2 Example Request

curl --location --request POST 'https://auth.coresuite.com/api/oauth2/v1/token' \
--header 'Authorization: Basic [base64 client_id:client_secret]' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials'

1.2.3 Response

The following is an example of a typical response:

{
  "access_token": "77cf4834-a347-4849-839b-4518823a739e",
  "token_type": "bearer",
  "expires_in": 43199,
  "scope": "general",
  "account": "testaccount",
  "account_id" : 284,
  "tenant_id":null,
  "companies": [
    {
      permissionGroupId":42456,
      "name": "SBODemoCH",
      "description": "OEC Computers (Schweiz)"
    }
  ],
 }


1.2.4 Supported Clusters

Depending on the location of the account, requests will be made to one of the following server clusters:

  • EU
  • DE
  • US
  • CN
  • AU

Account information, including cluster assignment, are obtained from the Directory API.

This information is passed into requests made to the User API as follows:

https://{cluster}.coresystems.net

Please note that the example requests contained in this document use the DE cluster. This should be replaced with the cluster associated with your account.


1.3 GET Users

Receive a list of all users.

1.3.1 Request

Method URL
GET https://[cluster].coresystems.net/api/scim/v2/Users

1.3.2 Headers

Header Value Required
Content-Type application/scim+json Required
Accept application/scim+json Required
Authorization Required

1.3.3 Example Request

curl --location --request GET 'https://[cluster].coresystems.net/api/scim/v2/Users' \
--header 'Content-Type: application/scim+json' \
--header 'Accept: application/scim+json' \
--header 'Authorization: Bearer [token]'

1.4 GET Single User

Retrieve a user.

1.4.1 Request

Method URL
GET https://[cluster].coresystems.net/api/scim/v2/Users/[user_id]

1.4.1.1 URL Parameters

Parameter Description Type Required
user_id The unique user ID referenced in the request. Integer Required

1.3.2 Headers

Header Value Required
Content-Type application/scim+json Required
Accept application/scim+json Required
Authorization Required

1.4.2 Example Request

curl --location --request GET 'https://[cluster].coresystems.net/api/scim/v2/Users/[user_id]' \
--header 'Content-Type: application/scim+json' \
--header 'Accept: application/scim+json' \
--header 'Authorization: Bearer [token]'

1.5 POST SCIM User

Create new user record.

1.5.1 Request

Method URL
POST https://[cluster].coresystems.net/api/scim/v2/Users

1.5.2 Headers

Header Value Required
Content-Type application/scim+json Required
Accept application/scim+json Required
Authorization Required

1.5.3 Body

A POST request to the SCIM API must contain the following:

Value Description Type Required
schemas The schema to be used. String Required
userName The SCIM user name of the user. String  
name The first and last name of the user. String  
email The email address of the user. The email must be unique. String Required

The following is an example POST request body made to the SCIM API:

{
  "schemas": [
                  "urn:ietf:params:scim:schemas:core:2.0:User"
              ],
              "userName": "mySCIMUserName1",
              "name": {
                  "familyName": "LastName",
                  "givenName": "FirstName"
              },
              "emails": [
                  {
                      "value": "user@domain.com",
                      "primary": true
                  }
              ]

}

1.5.4 Example Request

curl --location --request POST 'https://[cluster].coresystems.net/api/scim/v2/Users' \
--header 'Content-Type: application/scim+json' \
--header 'Accept: application/scim+json' \
--data-raw '{
            "schemas": [
                "urn:ietf:params:scim:schemas:core:2.0:User"
            ],
            "userName": "mySCIMUserName1",
            "name": {
                "familyName": "LastName",
                "givenName": "FirstName"
            },
            "emails": [
                {
                    "value": "user@domain.com",
                    "primary": true
                    }
            ]

          }

1.6 PUT SCIM Users

Updates the user specified by [user_id].

1.6.1 Request

Method URL
PUT https://[cluster].coresystems.net/api/scim/v2/Users/[user_id]

1.6.1.1 URL Parameters

Parameter Description Type Required
user_id The unique user ID referenced in the request. Integer Required

1.6.2 Headers

Header Value Required
Content-Type application/scim+json Required
Accept application/scim+json Required
Authorization Required

1.6.3 Body

A PUT request to the SCIM API must contain the following:

Value Description Type Required
schemas The schema to be used. String Required
userName The SCIM user name of the user. String Required
name The first and last name of the user. String  
active The active status of the user. True/False Boolean Required

The following is an example PUT request body made to the SCIM API:

{
  "schemas": [
                  "urn:ietf:params:scim:schemas:core:2.0:User"
              ],
              "userName": "mySCIMUserName1",
              "name": {
                  "familyName": "LastName",
                  "givenName": "FirstName"
              },
              "active": true
}

1.6.4 Example Request

curl --location --request PUT 'https://[cluster].coresystems.net/api/scim/v2/Users/[user_id]' \
--header 'Content-Type: application/scim+json' \
--header 'Accept: application/scim+json' \
--data-raw '{
            "schemas": [
                "urn:ietf:params:scim:schemas:core:2.0:User"
            ],
            "userName": "mySCIMUserName5",
            "name": {
                "familyName": "LastName",
                "givenName": "FirstName"
            },
            "active": true
        }'

1.7 DELETE SCIM User

Delete an existing SCIM user record by user_id.

Note: batch user delete requests are currently NOT supported.

1.7.1 Request

Method URL
DELETE https://[cluster].coresystems.net/api/scim/v2/Users/[user_id]

1.7.1.1 URL Parameters

Parameter Description Type Required
user_id The unique user ID referenced in the request. Integer Required

1.7.2 Headers

Header Value Required
Content-Type application/scim+json Required
Accept application/scim+json Required
Authorization Required

1.7.3 Example Request

curl --location --request DELETE 'https://[cluster].coresystems.net/api/scim/v2/Users/[user_id]' \
--header 'Accept: application/scim+json' \
--header 'Content-Type: application/scim+json'


1.8 GET Groups

Retrieve a list of all Groups.

1.8.1 Request

Method URL
GET https://[cluster].coresystems.net/api/scim/v2/Groups

1.8.2 Headers

Header Value Required
Content-Type application/scim+json Required
Accept application/scim+json Required
Authorization Required

1.8.3 Example Request

curl --location --request GET 'https://[cluster].coresystems.net/api/scim/v2/Groups' \
--header 'Content-Type: application/scim+json' \
--header 'Accept: application/scim+json' \
--header 'Authorization: Bearer [token]'

1.9 POST SCIM Group

Create new group record.

1.9.1 Request

Method URL
POST https://[cluster].coresystems.net/api/scim/v2/Groups

1.9.2 Headers

Header Value Required
Content-Type application/scim+json Required
Accept application/scim+json Required
Authorization Required

1.9.3 Body

A POST request to the SCIM API must contain the following:

Value Description Type Required
schemas The schema to be used. String Required
displayName The SCIM group name of the group. String  
members The user_ids of the group members. String  

The following is an example POST request body made to the SCIM API:

{
  "schemas": [
                  "urn:ietf:params:scim:schemas:core:2.0:Group"
              ],
              "displayName": "Group Name",
              "members": [
                  {
                      "value": "user_id"
                  },
                  {
                      "value": "user_id"
                  }
              ]
}

1.9.4 Example Request

curl --location --request POST 'https://[cluster].coresystems.net/api/scim/v2/Groups' \
--header 'Content-Type: application/scim+json' \
--header 'Accept: application/scim+json' \
--data-raw '{
            "schemas": [
                "urn:ietf:params:scim:schemas:core:2.0:Group"
            ],
            "displayName": "Group Name",
            "members": [
                {
                    "value": "user_id"
                },
                {
                    "value": "user_id"
                }


1.10 PUT SCIM Group

Updates the group specified by [group_id].

1.10.1 Request

Method URL
PUT https://[cluster].coresystems.net/api/scim/v2/Groups/[group_id]

1.10.1.1 URL Parameters

Parameter Description Type Required
group_id The unique group ID referenced in the request. Integer Required

1.10.2 Headers

Header Value Required
Content-Type application/scim+json Required
Accept application/scim+json Required
Authorization Required

1.10.3 Body

A PUT request to the SCIM API must contain the following:

Value Description Type Required
schemas The schema to be used. String Required
displayName The SCIM group name of the group. String  
members The user_ids of the group members. String  

The following is an example PUT request body made to the SCIM API:

{
  "schemas": [
      "urn:ietf:params:scim:schemas:core:2.0:Group"
  ],
  "displayName": "Group Name",
  "members": [
      {
          "value": "user_id"
      },
      {
          "value": "user_id"
      }
  ]
}

1.10.4 Example Request

curl --location --request PUT 'https://[cluster].coresystems.net/api/scim/v2/Groups/[group_id]' \
--header 'Content-Type: application/scim+json' \
--header 'Accept: application/scim+json' \
--data-raw '{
            "schemas": [
                "urn:ietf:params:scim:schemas:core:2.0:Group"
            ],
            "displayName": "Group Name",
            "members": [
                {
                    "value": "user_id"
                },
                {
                    "value": "user_id"
                }


1.11 PATCH SCIM Groups Members

Partially updates the group specified by [group_id].

1.11.1 Request

Method URL
PATCH https://[cluster].coresystems.net/api/scim/v2/Groups/[group_id]

1.11.1.1 URL Parameters

Parameter Description Type Required
group_id The unique group ID referenced in the request. Integer Required

1.11.2 Headers

Header Value Required
Content-Type application/scim+json Required
Accept application/scim+json Required
Authorization Required

1.11.3 Body

A PATCH request to the SCIM API must contain the following:

Value Description Type Required
schemas The schema to be used. String Required
Operations The SCIM group name of the group. String Required
op The type of operation: add/remove/replace. String  
path The target of the operation String  
value The value targeted by the operation. String  

The following is an example PATCH request body made to the SCIM API:

{
  "schemas":[
    "urn:ietf:params:scim:api:messages:2.0:PatchOp"
  ],
   "Operations": [{
        "op":"add/remove/replace",
        "path":"members",
        "value":[{
            "value": "user_id"
        }]
    }]
}

1.11.4 Example Request

curl --location --request PATCH 'https://[cluster].coresystems.net/api/scim/v2/Groups/[group_id]' \
--header 'Content-Type: application/scim+json' \
--header 'Accept: application/scim+json' \
--data-raw '{
  "schemas":[
    "urn:ietf:params:scim:api:messages:2.0:PatchOp"
  ],
   "Operations": [{
        "op":"add/remove/replace",
        "path":"members",
        "value":[{
            "value": "user_id"
        }]
    }]
}'


1.12 DELETE SCIM Group

Delete an existing SCIM group record by user_id.

Note: batch user delete requests are currently NOT supported.

1.12.1 Request

Method URL
DELETE https://[cluster].coresystems.net/api/scim/v2/Groups/[user_id]

1.12.1.1 URL Parameters

Parameter Description Type Required
user_id The unique user ID referenced in the request. Integer Required

1.12.2 Headers

Header Value Required
Content-Type application/scim+json Required
Accept application/scim+json Required
Authorization Required

1.12.3 Example Request

curl --location --request DELETE 'https://[cluster].coresystems.net/api/scim/v2/Groups/[user_id]' \
--header 'Content-Type: application/scim+json' \
--header 'Accept: application/scim+json'