Understanding PAM360 SCIM APIs

Introduction

SCIM APIs serve as the foundation for seamlessly integrating identity management processes across various systems and applications. With SCIM implementation in PAM360, SCIM APIs enable administrators to automate user and group provisioning tasks, ensuring efficient management of access to critical resources. SCIM APIs use the GET, POST, PUT, PATCH, and DELETE methods to offer a wide range of CRUD operations.

To access PAM360 SCIM APIs, authentication from PAM360 is required. This involves creating a REST API user account with the respective role and using the generated user authentication token for authentication purposes. The generated authentication token can be sent in two ways for authentication:

  • As an Authentication Token header, similar to REST APIs.
  • As a Bearer Token in the Authorization header.

This document will help you understand the supported SCIM endpoints, APIs, and attributes. The supported SCIM Endpoints are listed below:

  1. Users
  2. Groups
  3. SCIM Configuration
    3.1 ServiceProviderConfig
    3.2 Schemas
    3.3 ResourceTypes

1. Users

To manage users in PAM360, you can make use of the PAM360 SCIM APIs provided in this section.

Supported Core Attributes

Attributes Data type Required? (for POST) Required? (for PUT)

userName

String

Yes

No

givenName

String

Yes

Yes

familyName

String

Yes

Yes

emails

Array

Yes

Yes

password

String

No

No

roles

Array

Yes

No

active

Boolean

Yes

No

Supported Custom Schema Extension Attributes

urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User:userType

urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User:domain

Attributes Types Descriptions

userType

0|1|2|3

Types of users. 0 - Local, 1 - AD, 2 - Entra ID, 3- LDAP.

domain

String

Domain to which the domain user is affiliated.

Below are the PAM360 SCIM APIs for the User endpoint:

1.1 Get User

Description

To get the details of a user in PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/{userId}

HTTP Method

GET

Sample Request

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/2101

Sample Response

{
"emails": [
{
"type": "work",
"value": "john@teams.com",
"primary": true
}
],
"roles": [
{
"value": "Privileged Administrator",
"primary": true
}
],
"meta": {
"created": "2024-02-29 13:54:37.451",
"location": "https://192.168.176.251 :8282/scim/v2/Users/2101",
"resourceType": "User"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"name": {
"givenName": "John",
"familyName": "G"
},
"active": true,
"id": 2101,
"userName": "john@teams.onmicrosoft.com",
"urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User": {
"userType": "0"
},
}


1.2 Get All Users

Description

To get all the details of users in PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users

HTTP Method

GET

Query Syntax

Utilize SCIM endpoints for querying users based on attributes. Each query includes an operator, attribute, and attribute value in this format:

<baseURL>/scim/users?filter=<attribute> <operator> "<attributeValue>"

Supported Attributes

Attributes Descriptions

userName

Identifies a user based on their username.

active

Returns a list of users based on their status, which is `true` (active) or `false` (inactive).

Supported Operators

Operators Definitions

eq

equals

sw

starts with

co

contains

ew

ends with

Sample Request

For Querying,

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users?filter=userName eq "test1"


https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users?filter=active eq "true"

For Pagination,

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users?startIndex=1&count=50


https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users?startIndex=51&count=50

For combining Querying and Pagination,

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users?filter=userName eq "test1"&startIndex=1&count=50

Sample Response

{
"totalResults": 2,
"startIndex": 1,
"itemsPerPage": 100,
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"Resources": [
{
"emails": [
{
"type": "work",
"value": "guest@teams.onmicrosoft.com",
"primary": true
}
],
"meta": {
"created": "2024-04-02 11:04:45.235",
"location": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/2",
"resourceType": "User"
},
"roles": [
{
"value": "Password User",
"primary": true
}
],
"urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User": {
"userType": "0"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User"
],
"name": {
"givenName": "guest",
"familyName": ""
},
"active": true,
"id": 2,
"userName": "guest"
},
{
"emails": [
{
"type": "work",
"value": "aaaadmin@teams.onmicrosoft.com",
"primary": true
}
],
"meta": {
"created": "2024-04-02 11:04:45.235",
"location": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/1",
"resourceType": "User"
},
"roles": [
{
"value": "Privileged Administrator",
"primary": true
}
],
"urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User": {
"userType": "0"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User"
],
"name": {
"givenName": "admin",
"familyName": ""
},
"active": true,
"id": 1,
"userName": "admin"
}
]
}


1.3 Create a New User

Description

To create a new user or Entra domain user to PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users

HTTP Method

POST

Sample Request

{
"userName": "john@teams.onmicrosoft.com",
"name": {
"givenName": "John",
"familyName": "G"
},
"emails": [
{
"type": "work",
"value": "john@teams.com",
"primary": true
}
],
"roles": [
{
"value": "Privileged Administrator",
"primary": true
}
],
"active": true,
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User"
],
"urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User": {
"userType": "0"
}
}

For creating an Entra domain user in PAM360,

{
"userName": "john@teams.onmicrosoft.com",
"name": {
"givenName": "John",
"familyName": "G"
},
"emails": [
{
"type": "work",
"value": "john@teams.com",
"primary": true
}
],
"roles": [
{
"value": "Privileged Administrator",
"primary": true
}
],
"active": true,
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User"
],
"urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User": {
"userType": "2",
"domain": "teams.onmicrosoft.com"
}
}

Sample Response

{
"emails": [
{
"type": "work",
"value": "john@teams.com",
"primary": true
}
],
"meta": {
"location": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/601",
"resourceType": "User"
},
"roles": [
{
"value": "Privileged Administrator",
"primary": true
}
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"name": {
"givenName": "John",
"familyName": "G"
},
"active": true,
"id": 601,
"userName": "john@teams.onmicrosoft.com"
}


1.4 Update User Details

Description

To update the details of a user in PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/{userId}

HTTP Method

PUT

Sample Request

{
"userName": "john@teams.onmicrosoft.com",
"name": {
"givenName": "John",
"familyName": "Doe"
},
"emails": [
{
"type": "work",
"value": "john.doe@teams.com",
"primary": true
}
],
"roles": [
{
"value": "Password User",
"primary": true
}
],
"active": true,
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
}

Sample Response

{
"emails": [
{
"type": "work",
"value": "john.doe@teams.com",
"primary": true
}
],
"meta": {
"location": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/601",
"resourceType": "User"
},
"roles": [
{
"value": "Password User",
"primary": true
}
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"name": {
"givenName": "John",
"familyName": "Doe"
},
"active": true,
"id": 601,
"userName": "john@teams.onmicrosoft.com"
}


1.5 Patch User Details

Description

To update specific values of a user.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/{userId}

HTTP Method

PATCH

Supported Path Values

Paths Data Types of the Value

active

Boolean

emails

Array

emails[type eq \"work\"].value

String

name

JSON Object

name.familyName

String

name.givenName

String

roles

Array

roles[primary eq\"True\"].value

String

Sample Request

{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations": [
{
"op": "Replace",
"path": "active",
"value": true
},
{
"op": "Replace",
"path": "name.familyName",
"value": "asdf"
}
]
}

To change the email of a user,

{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations": [
{
"op": "Replace",
"path": "emails[type eq \"work\"].value",
"value": true
}
]
}


To change the role of a user,

{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations": [
{
"op": "Replace",
"path": "roles[primary eq \"True\"].value",
"value": "Password User"
}
]
}


Sample Response

Upon successful update, you will get the HTTP Status Code 204.


2. Groups

To manage SCIM provisioned groups in PAM360.

Supported Core Attributes

Attributes Descriptions

displayName

Identifies a group based on its display name.

id

Identifies a group based on its ID.

members

Provides a list of users associated with the group.

Below are the PAM360 SCIM APIs for the Group endpoint:

2.1 Get Details of a Group

Description

To get the details of a group added to PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups/{groupId}

HTTP Method

GET

Sample Request

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups/1202

Sample Response

{
"displayName": "Group4",
"meta": {
"created": "2024-01-30 14:01:08.461",
"location": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups/1202",
"resourceType": "Group"
},
"members": [
{
"value": 9,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/9"
},
{
"value": 301,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/301"
}
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"id": 1202
}


2.2 Get Details of All Groups

Description

To get the details of all the groups added to PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups

HTTP Method

GET

Query Syntax

Utilize SCIM endpoints for querying groups based on attributes. Each query includes an operator, attribute, and attribute value in this format:

<baseURL>/scim/groups?filter=<attribute> <operator> "<attributeValue>"

Supported Attributes

Attributes Description

displayName

Identifies a group based on its display name.

Supported Operators

Operators Definitions

eq

equals

sw

starts with

co

contains

ew

ends with

Sample Request

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups


For Querying,

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups?filter=displayName eq "group1"


For Pagination,

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups?startIndex=1&count=50


https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups?startIndex=51&count=50


For combining Querying and Pagination,

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups?filter=displayName eq "group1"&startIndex=1&count=50


Sample Response

{
"totalResults": 7,
"startIndex": 6,
"itemsPerPage": 2,
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"Resources": [
{
"displayName": "Group4",
"meta": {
"created": "2024-01-30 14:01:08.461",
"location": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups/1202",
"resourceType": "Group"
},
"members": [
{
"value": 301,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/301"
}
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"id": 1202
},
{
"displayName": "john",
"meta": {
"created": "2024-01-31 18:13:30.024",
"location": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups/1501",
"resourceType": "Group"
},
"members": [
{
"value": 9,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/9"
}
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"id": 1501
}
]
}


2.3 Create a Group

Description

To add a group to PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups

HTTP Method

POST

Sample Request

{
"displayName": "Group14",
"meta": {
"created": "2024-01-30 14:01:08.461",
"resourceType": "Group"
},
"members": [
{
"value": 9,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/9"
},
{
"value": 301,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/301"
}
],
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
]
}

Sample Response

{
"displayName": "Group14",
"meta": {
"created": "2024-01-30 14:01:08.461",
"location": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups/2101",
"resourceType": "Group"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"members": [
{
"value": 9,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/9"
},
{
"value": 301,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/301"
}
],
"id": 2101
}


2.4 Update Group Details

Description

To update the details of the group added in PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups/{groupId}

HTTP Method

PUT

Sample Request

{
[
"displayName": "Group24",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"members": [
{
"value": 9,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/9"
},
{
"value": 2,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/2"
}
]
}

Sample Response

{
"displayName": "Group24",
"meta": {
"created": "2024-01-30 14:01:08.461",
"location": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups/1202",
"resourceType": "Group"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:Group"
],
"members": [
{
"value": 9,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/9"
},
{
"value": 2,
"$ref": "https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Users/2"
}
],
"id": 1202
}


2.5 Patch Group

Description

To update a detail of the group added to PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups/{groupId}

HTTP Method

PATCH

Sample Request

{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations": [
{
"op": "Replace",
"path": "displayName",
"value": "Group4"
},
{
"op": "Add",
"path": "members",
"value": [
{
"value": "1504"
}
]
},
{
"op": "Remove",
"path": "members",
"value": [
{
"value": "1501"
},
{
"value": "1502"
}
]
}
]
}

Sample Response

Upon successful update, you will receive the HTTP Status code 204.


2.6 Delete Group

Description

To delete a group from PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups/{groupId}

HTTP Method

DELETE

Sample Request

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Groups/2101

Sample Response

Upon successful deletion, you will receive the HTTP Status code 204.


3. SCIM Configuration

Below are the PAM360 SCIM APIs for the ServiceProviderConfig, Schemas, and ResourceTypes endpoints:

3.1 ServiceProviderConfig

Description

To get all the details of SCIM implementation in PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/ServiceProviderConfig

HTTP Method

GET

Sample Request

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/ServiceProviderConfig

Sample Response

{
"patch": {
"supported": true
},
"filter": {
"maxResults": 0,
"supported": true
},
"documentationUri": "https://www.manageengine.com/privileged-access-management/help/scim-config.html",
"authenticationSchemes": [
{
"documentationUri": "https://www.manageengine.com/privileged-access-management/help/scim-config.html",
"name": "API Token",
"description": "Authentication scheme using the API Token",
"type": "apitoken",
"primary": true
},
{
"documentationUri": "https://www.manageengine.com/privileged-access-management/help/scim-config.html",
"name": "OAuth Bearer Token",
"description": "Authentication scheme using the OAuth Bearer Token Standard",
"type": "oauthbearertoken",
"primary": false
}
],
"meta": {
"location": "/ServiceProviderConfig",
"resourceType": "ServiceProviderConfig"
},
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig"
],
"etag": {
"supported": false
},
"sort": {
"supported": false
},
"bulk": {
"maxPayloadSize": 0,
"maxOperations": 0,
"supported": false
},
"changePassword": {
"supported": false
}
}


3.2 Schemas

3.2.1 Get a Schema

Description

To get a schema using its ID.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Schemas/{schemaId}

HTTP Method

GET

Sample Request

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Schemas/urn:ietf:params:scim:schemas:core:2.0:Group

Sample Response

{
"meta": {
"location": "Schemas/urn:ietf:params:scim:schemas:core:2.0:Group",
"resourceType": "Schema"
},
"name": "Group",
"description": "Group",
"attributes": [
{
"uniqueness": "none",
"name": "displayName",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "members",
"mutability": "readWrite",
"type": "complex",
"multiValued": true,
"returned": "default",
"required": false,
"subAttributes": [
{
"uniqueness": "none",
"name": "value",
"description": "Identifier of the member of this Group.",
"mutability": "immutable",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"uniqueness": "none",
"name": "$ref",
"description": "Location of the member of this Group.",
"mutability": "immutable",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
}
]
}
],
"id": "urn:ietf:params:scim:schemas:core:2.0:Group"
}


3.2.2 Get All Schemas

Description

To get all the schemas implemented and the supported params in PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Schemas

HTTP Method

GET

Sample Request

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/Schemas

Sample Response

{
"startIndex": 1,
"totalResults": 3,
"itemsPerPage": 100,
"Resources": [
{
"meta": {
"location": "/Schemas/urn:ietf:params:scim:schemas:core:2.0:User",
"resourceType": "Schema"
},
"name": "User",
"description": "User Account",
"attributes": [
{
"uniqueness": "server",
"name": "userName",
"mutability": "immutable",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": true
},
{
"uniqueness": "none",
"name": "name",
"mutability": "readWrite",
"type": "complex",
"multiValued": false,
"returned": "default",
"required": false,
"subAttributes": [
{
"uniqueness": "none",
"name": "familyName",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"uniqueness": "none",
"name": "givenName",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
}
]
},
{
"name": "active",
"mutability": "readWrite",
"type": "boolean",
"multiValued": false,
"returned": "default",
"required": false
},
{
"uniqueness": "none",
"name": "password",
"mutability": "writeOnly",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "never",
"required": false
},
{
"uniqueness": "none",
"name": "emails",
"mutability": "readWrite",
"type": "complex",
"multiValued": true,
"returned": "default",
"required": false,
"subAttributes": [
{
"uniqueness": "none",
"name": "value",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"uniqueness": "none",
"name": "type",
"canonicalValues": [
"work"
],
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "primary",
"mutability": "readWrite",
"type": "boolean",
"multiValued": false,
"returned": "default",
"required": false
}
]
},
{
"name": "roles",
"description": "A list of roles for the User that collectively represent who the User is, e.g., 'Password User', 'Administrator'.",
"mutability": "readWrite",
"type": "complex",
"multiValued": true,
"returned": "default",
"required": false,
"subAttributes": [
{
"uniqueness": "none",
"name": "value",
"description": "The value of a role.",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"uniqueness": "none",
"name": "display",
"description": "A human-readable name, primarily used for display purposes. READ-ONLY.",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"uniqueness": "none",
"name": "type",
"description": "A label indicating the attribute's function.",
"canonicalValues": [],
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "primary",
"description": "A Boolean value indicating the 'primary' or preferred attribute value for this attribute. The primary attribute value 'true' MUST appear no more than once.",
"mutability": "readWrite",
"type": "boolean",
"multiValued": false,
"returned": "default",
"required": false
}
]
}
],
"id": "urn:ietf:params:scim:schemas:core:2.0:User"
},
{
"meta": {
"location": "Schemas/urn:ietf:params:scim:schemas:core:2.0:Group",
"resourceType": "Schema"
},
"name": "Group",
"description": "Group",
"attributes": [
{
"uniqueness": "none",
"name": "displayName",
"mutability": "readWrite",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"name": "members",
"mutability": "readWrite",
"type": "complex",
"multiValued": true,
"returned": "default",
"required": false,
"subAttributes": [
{
"uniqueness": "none",
"name": "value",
"description": "Identifier of the member of this Group.",
"mutability": "immutable",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"uniqueness": "none",
"name": "$ref",
"description": "Location of the member of this Group.",
"mutability": "immutable",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
}
]
}
],
"id": "urn:ietf:params:scim:schemas:core:2.0:Group"
},
{
"meta": {
"location": "Schemas/urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User",
"resourceType": "Schema"
},
"name": "Domain",
"description": "Domain of the User in case of AD, LDAP or Entra ID.",
"attributes": [
{
"uniqueness": "none",
"name": "userType",
"canonicalValues": [
"0",
"1",
"2",
"3"
],
"mutability": "immutable",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
},
{
"uniqueness": "none",
"name": "domain",
"mutability": "immutable",
"type": "string",
"multiValued": false,
"caseExact": false,
"returned": "default",
"required": false
}
],
"id": "urn:ietf:params:scim:schemas:extension:pam360_domain:2.0:User"
}
]
}


3.3 ResourceTypes

3.3.1 Get a Resource Type

Description

To get the details of a SCIM resource implemented in PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/ResourceTypes/{typeId}

HTTP Method

GET

Sample Request

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/ResourceTypes/Group

Sample Response

{
"schema": "urn:ietf:params:scim:schemas:core:2.0:Group",
"endpoint": "/Groups",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ResourceType"
],
"name": "Group",
"description": "Group",
"id": "Group"
}


3.3.2 Get all Resource Types

Description

To get the details of all the SCIM resources implemented in PAM360.

URL

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/ResourceTypes

HTTP Method

GET

Sample Request

https://<Host-Name-of-PAM360-Server OR IP address>:<Port>/scim/v2/ResourceTypes

Sample Response

{
"totalResults": 2,
"startIndex": 1,
"itemsPerPage": 100,
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:ListResponse"
],
"Resources": [
{
"schema": "urn:ietf:params:scim:schemas:core:2.0:User",
"endpoint": "/Users",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ResourceType"
],
"name": "User",
"description": "User Account",
"id": "User"
},
{
"schema": "urn:ietf:params:scim:schemas:core:2.0:Group",
"endpoint": "/Groups",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:ResourceType"
],
"name": "Group",
"description": "Group",
"id": "Group"
}
]
}
Top