SCIM validator: why does it fail with `The response should contain be serialized to SCIM2 Core User` even if my response is the entire User schema

Andy Lii 10 Reputation points
2024-02-23T15:56:23.3066667+00:00

The error: 截圖 2024-02-23 晚上11.52.15

My response:

{
  "Resources": [
    {
      "id": "PERSON~84461131A6C6D866CD22E50E525D085B",
      "active": true,
      "schemas": [
        "urn:ietf:params:scim:schemas:core:2.0:User",
        "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
      ],
      "displayName": "HRJMBOWBDEIR",
      "emails": [
        {
          "type": "work",
          "value": "eula.frami@hilpert.uk",
          "primary": true
        }
      ],
      "name": {
        "givenName": "Davon",
        "familyName": "Eldred",
        "formatted": "Pearline",
        "middleName": "Tiara",
        "honorificPrefix": "Kurtis",
        "honorificSuffix": "Richie"
      },
      "nickName": "JNDZABDCWQAZ",
      "phoneNumbers": [
        {
          "type": "work",
          "value": "48-667-4776",
          "primary": true
        },
        {
          "type": "mobile",
          "value": "48-667-4776"
        },
        {
          "type": "fax",
          "value": "48-667-4776"
        }
      ],
      "userType": "LUOJDABDSADM",
      "preferredLanguage": "en-ZA",
      "addresses": [
        {
          "type": "work",
          "formatted": "RJWCFCSCKMKR",
          "streetAddress": "998 Rolfson Walks",
          "locality": "XEZVHMGPEFAW",
          "region": "BZSDCHGNITMO",
          "postalCode": "wr52 2hc",
          "primary": true,
          "country": "Isle of Man"
        }
      ],
      "userName": "kameron@kozey.biz",
      "title": "NYDDLVZXLGZB",
      "locale": "OMQRMXGEASAK",
      "roles": [
        {
          "primary": "True",
          "display": "BOFFQEKVNZZM",
          "value": "HKPVDCSOHUNB",
          "type": "CGHWOYMMJSSM"
        }
      ],
      "timezone": "Africa/Mbabane",
      "profileUrl": "CLSRYYGKDBAQ",
      "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
        "employeeNumber": "MARNWFHKRKFR",
        "department": "HXIPMKGSIMYH",
        "costCenter": "JXLPXNZOVPBS",
        "organization": "HZSXXJVYTSLF",
        "division": "FMCPAZYPDZVT",
        "manager": {
          "value": "NIKZALUDHKPH"
        }
      }
    }
  ],
  "itemsPerPage": 10,
  "schemas": [
    "urn:ietf:params:scim:api:messages:2.0:ListResponse"
  ],
  "startIndex": 1,
  "totalResults": 1
}

I don't think any key is missing in my response. Why is this error happening?

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,452 questions
{count} vote

1 answer

Sort by: Most helpful
  1. Shweta Mathur 29,741 Reputation points Microsoft Employee
    2024-02-26T08:24:52.4266667+00:00

    Hi @Andy Lii ,

    Thanks for reaching out.

    Based on the error message you received, it seems that the SCIM validator is expecting a response that is serialized to the SCIM2 Core User schema.

    The core user schema only requires three below attributes, all other attributes are optional.

    • id - service provider defined identifier.
    • username - a unique identifier for the user (generally maps to the Microsoft Entra user principal name)
    • meta- read-only metadata maintained by the service provider.

    As per above, it seems meta is missing in your response. Could you try to add meta in your request to test the schema

    Reference - https://learn.microsoft.com/en-us/entra/identity/app-provisioning/use-scim-to-provision-users-and-groups#design-your-user-and-group-schema

    Hope this will help.

    Thanks,

    Shweta

    Please remember to "Accept Answer" if answer helped you.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.