Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

This endpoint has several restrictions.

The only operations you in practice can perform on an existing user through the PATCH endpoint are:

-Change roles
-Change ‘active-status’ (Soft delete)

Endpoint

Method

/scim/Users/[USER-ID]
USER-ID is the identifier for the entity in Talentech

PATCH

 
This endpoint is a PATCH endpoint and supports 1 or more changes through a list of Operation elements

Request-object:

{
    "Operations": [
        {
            "op": "<Operation>",
            "path": "<property-path",
            "value": "<new-property-value>"
        } ,
        {
            "op": "<Operation>",
            "path": "<property-path",
            "value": "<new-property-value>"
        }                
    ]
}

Property

Type

Required

 

op

Type of operation.
Support values are:
-Replace
-Add

yes

Replaceshould be used for all path-values except Roles.

When a Roles path is used, the operationType MUST be Add

path

The path to the property to change

yes

value

The value of the property to change

yes



Sample-Request:

curl --location --request PATCH '[API-URL]/scim/Users/a3792aca-8f99-4d4b-a1f2-2b31e871b634' \
--header 'Authorization: Bearer [API-TOKEN]' \
--header 'Content-Type: application/json' \
--data-raw '{
    "Operations": [
        {
            "op": "Replace",
            "path": "externalId",
            "value": "externalId-changed"
        },
        {
            "op": "Replace",
            "path": "userName",
            "value": "newUsername@domain.com"
        },
        {
            "op": "Replace",
            "path": "active",
            "value": true
        },        
        {
            "op": "Replace",
            "path": "name.givenName",
            "value": "NewFirstname"
        },
        {
            "op": "Replace",
            "path": "name.familyName",
            "value": "NewLastname"
        },                
        {
            "op": "Add",
            "path": "roles",
            "value": [
                {
                    "value": "{\"value\":\"TalentechGroupTest1\"}"
                },
                {
                    "value": "{\"value\":\"TalentechGroupTest2\"}"
                }                
            ]
        }
    ]
}'

Special Notes:


Roles-path : Alway use OP=ADD and supply ALL roles the user should have
When using the path 'Roles, the operationtype(op) MUST be of value “Add”.
The Value parameter should contain ALL the roles the user should have, not just the roles you want added.
This is a known limitation/discrepancy in the API currently.
Each “value” element inside the “value” array, must contain a serialized string of an object with a “value” property.
The reasoning behind this, is that this is how AzureAD has currently implemented the usage of SCIM, and how they send data.

Violation of Uniqueness for ExternalId and Username results in 500-Exception
If a user within the same integration has the same ExternalId or Username ,the API will throw a 500 exception without any further explanations

Username-change causes user to be placed in sync-quarantine
TalentechAdmin does currently not support username-changes. Users who have their username changed will be placed in quarantine. The change will not be synced to Talentechadmin and the username for a TalentechId account will not be changed.

Firstname & lastname change will NOT propagate
TalentechAdmin does currently not support changing a users firstname and lastname.
These changes will not propagate to Talentechadmin or the TalentechId accounts.



Responses:

200 OK

Statuscode

200

Response-body: The User after the change

Sample-response:

{
    "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {},
    "active": true,
    "meta": {
        "resourceType": "User"
    },
    "name": {
        "familyName": "NewLastname",
        "givenName": "NewFirstname"
    },
    "roles": [
        {
            "display": "TalentechGroupTest1",
            "value": "TalentechGroupTest1",
            "type": "WindowsAzureActiveDirectoryRole",
            "primary": false
        },
        {
            "display": "TalentechGroupTest2",
            "value": "TalentechGroupTest2",
            "type": "WindowsAzureActiveDirectoryRole",
            "primary": false
        }
    ],
    "userName": "newUsername@domain.com",
    "externalId": "externalId-changed",
    "id": "a3792aca-8f99-4d4b-a1f2-2b31e871b634",
    "schemas": [
        "urn:ietf:params:scim:schemas:core:2.0:User",
        "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
    ]
}

 

 

 

  • No labels