Azure AD SCIM provisioning - Patch Group update tests are failing in scim validator without any exception message

Ruchi 386 Reputation points
2023-10-25T09:56:32.8233333+00:00

We are testing our provisioning application using scim validator. Below scenarios are failing without any exception message:

1. Patch Group - Replace Attributes

Request:

PATCH https://id85services.far360.com/scim-provisioning-apis/70298852/scim/v2/Groups/445158434 1.1
Host: id85services.far360.com
Content-Type: application/scim+json; charset=utf-8
{
  "Operations": [
    {
      "op": "replace",
      "value": {
        "displayName": "QZ8VBENMYTC0",
        "externalId": "dfbf417d-687d-4f93-9211-d6e5110fa616"
      }
    }
  ],
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:PatchOp"
  ]
}

Actual Response:
Response Status: 204 NoContent
Response Headers

Date: Wed, 25 Oct 2023 09:10:17 GMT
Server: Apache
Via: 1.1 id85services.far360.com
Content-Type: application/scim+json
  1. Patch Group - Remove Member
    Request:
PATCH https://id85services.far360.com/scim-provisioning-apis/70298852/scim/v2/Groups/445158432 1.1
Host: id85services.far360.com
Content-Type: application/scim+json; charset=utf-8
{
  "Operations": [
    {
      "op": "remove",
      "path": "members[value eq \"244FA18B6E60C701813E1BF689FFE085\"]"
    }
  ],
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:PatchOp"
  ]
}

Actual Response:
Response Status: 204 NoContent

Response Headers

Date: Wed, 25 Oct 2023 09:10:20 GMT
Server: Apache
Via: 1.1 id85services.far360.com

Both scenarios are failing with this message: This test must pass for compliance.
Could you please suggest the expected response for both scenarios?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,189 questions
0 comments No comments
{count} votes

Accepted answer
  1. Owino Akelo - MSFT 76 Reputation points Microsoft Employee
    2023-10-25T16:14:20.5333333+00:00

    Hi. This seems to be a bug in the validator that is not accepting 204/NoContent response. It however allows 200/ok. We have reached out to the engineering team for a fix. You can ignore the error or temporarily use the 200 while still developing.

    0 comments No comments

0 additional answers

Sort by: Most helpful