This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(201.6, 15%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EB%3C/text%3E%3C/svg%3E)
I'm using Microsoft's SCIM validator, and I've gotten most of it passing now, but I'm down to one test that fails and without explaining why exactly.
The test is DELETE /Groups/Id on the substep GET filter on deleted Group should not return any Groups. It deletes a group, then tries to fetch the group after deletion, but is unhappy that my API is returning a 404 in such a situation.
GET https://3c71-208-52-28-191.ngrok-free.app/vendor/scim/v2/organizations/matjsvug6vb7javsjsugxbjtiy/Groups/toj33fwyyrcnrga4h2maveyqx4 1.1
Host: 3c71-208-52-28-191.ngrok-free.app
Response Received
Response Status: 404 NotFound
{
"detail": "Resource gzzowxsplzbyxfebhcbwdtp3ze not found",
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:Error"
],
"status": "404"
}
(Screenshot below.)
This is specifically covered in the SCIM spec in section 3.6 [2], and 404 is the mandated response code.
I don't understand what the validator is expecting here, and it doesn't tell me.
I tried throwing a whole bunch of stuff at the wall to see if I could get it passing via trial and error:
{}) response.None of these did the trick.
A very broad problem with the validator is that in case of a failure, it won't tell you what the problem is — just that there is one. I was able to fix most problems via trial and error, but this thing would be infinitely easier to use with better error diagnostics.
[1] https://scimvalidator.microsoft.com/ [2] https://datatracker.ietf.org/doc/html/rfc7644#section-3.6
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 20%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESM%3C/text%3E%3C/svg%3E)
@Brandur Just checking in to see if the below answer helped. If this answers your query, please don’t forget to click "Accept Answer" and Up-Vote for the same, which might be beneficial to other community members reading this thread. And, if you have any further query do let us know.
Never mind — this turned out to have nothing to do with the "group get" request which is supposed to be a 404. The validator was making a follow up "group list" request that was doing the wrong thing on my end, but showing the wrong request in the informational pane.
Thanks for following up with what you determined - I'm a product manager on the provisioning team and have shared this post with our engineering team. We've got the work needed to improve this experience in our backlog.
Hi @Brandur ,
Thanks for reaching out.
The SCIM specification mandates that a 404-response code should be returned when a deleted resource is requested.
I'm glad that you were able to figure out your issue and thank you for posting so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others", I'll repost your solution in case you'd like to "Accept" the answer.
Thanks