Skip to main content

Bulk operations

POST 
/nevisidm/api/scim/v1/:clientExtId/Bulk

Executes multiple SCIM operations (GET, POST, DELETE) in a single HTTP request. Each operation targets the /Users path and is processed sequentially.

The failOnErrors field in the request controls the maximum number of errors allowed before the bulk operation is aborted with 422 Unprocessable Entity.

Individual operation results are returned with per-operation status codes in the response body.

Request

Path Parameters

    clientExtId stringrequired

    Client's external identifier.

    Example: 100

Body

required
    failOnErrors int32required

    An integer specifying the number of errors that the service provider will accept before the operation is terminated and an error response is returned. OPTIONAL in a request.

    Operations object[]required

    List of operations to be performed.

  • Array [
    • method stringrequired

    HTTP method that indicates the operation to be performed.

    bulkId string

    Identifier to identify the single operations in the response.

    version string

    The current resource version to supports entity-tags (ETags).

    path stringrequired

    SCIM resource path. Currently only one path is supported: /Users.

    data ScimUserrequired

    SCIM provides a resource type for "User" resources. The core schema for "User" is identified using the following schema URI: urn:ietf:params:scim:schemas:core:2.0:User.

    userName stringrequired

    Unique identifier for the User for the actual customer. This is mapped to the loginId property of User.

    name ScimName

    SCIM defined complex to hold name of user. Defined for ScimUser.

    familyName string

    The family name of the User, or Last Name in most Western languages. This is mapped to name property of User.

    givenName string

    The given name of the User, or First Name in most Western languages. This is mapped to firstName attribute of User.

    middleName string

    The middle name(s) of the User. This is not mapped to any property of User, yet.

    honorificPrefix string

    The honorific prefix(es) of the User, or Title in most Western languages. This is mapped to title property of User.

    preferredLanguage string

    Indicates the User's preferred written or spoken language. This is mapped to languageId property of User.

    locale string

    Used to indicate the User's default location for purposes of localizing items such as currency, date time format, numerical representations, etc. This is mapped to locality property of User.

    active booleanrequired

    A Boolean value indicating the User's administrative status. This it mapped to status property of User. 'true' => ACTIVE, 'false' => DISABLED; ACTIVE => 'true', otherwise 'false'.

    emails ScimMultiAttribute[]required

    E-mail addresses for the user. The Idm can accept only one email address. By default the email address is mandatory and must be unique. This is mapped to email and uniqueEmail properties of User.

  • Array [
    • value stringrequired

    Attribute value (eg. email address, prhone number. This part is mapped to the referred property of User.

    display string

    A human readable name, primarily used for display purposes. This part is not mapped, for output the value is repeated here.

    type string

    A label indicating the attribute's function; e.g. 'work', 'home', etc. For email this part is not mapped. For phone the following values are accepted and required: 'telephone', 'telefax' or 'mobile'. Other types are not supported, yet.

    primary boolean

    A Boolean value indicating the 'primary' or preferred. This part is not mapped, the first one always true the rest always false.

  • ]
    • phoneNumbers ScimMultiAttribute[]

    Phone numbers for the User. The Idm can accept three kind of phone numbers. Indicate the type as 'telephone', 'telefax' or 'mobile'. These values are mapped to properties indicated in type attribute.

  • Array [
    • value stringrequired

    Attribute value (eg. email address, prhone number. This part is mapped to the referred property of User.

    display string

    A human readable name, primarily used for display purposes. This part is not mapped, for output the value is repeated here.

    type string

    A label indicating the attribute's function; e.g. 'work', 'home', etc. For email this part is not mapped. For phone the following values are accepted and required: 'telephone', 'telefax' or 'mobile'. Other types are not supported, yet.

    primary boolean

    A Boolean value indicating the 'primary' or preferred. This part is not mapped, the first one always true the rest always false.

  • ]
    • addresses ScimPhysicalAddress[]

    Physical mailing addresses for this User. The Idm can accept only one address.This is mapped to country, city, postalcode, addressline2 and addressline1 properties of User.

  • Array [
    • streetAddress string

    The full street address component. This part is mapped to addressline1 and addressline2 properties of User with separating new line character (only one supported).

    locality string

    The city or locality component. This part is mapped to city property of User.

    region string

    The state or region component. This part is not mapped to any property of User, yet.

    postalCode string

    The zipcode or postal code component. This part is mapped to postalcode property of User.

    country string

    The country name component. This part is mapped to country property of User.

    type string

    A label indicating the attribute's function; e.g. 'work' or 'home'. This part is not mapped to any property of User, yet.

    primary boolean

    A Boolean value indicating the 'primary' or preferred. This part is not mapped to any property of User, yet.

  • ]
    • urn:nevis:idm:scim:schemas:v1:extension:User ScimUserExtension

    SCIM User IDM extension for properties in IDM "User" that has not been covered by the ScimUser. Schema: "urn:nevis:idm:scim:schemas:v1:extension:User".

    remarks string

    Description for the user.

    sex string

    Gender of the user.

    birthDate date-time

    Birthdate of the user.

    validFrom date-time

    Validity starting timestamp can be defined for the user.

    validTo date-time

    Validity ending timestamp can be defined for the user.

    technical booleanrequired

    Indicates if it the user is technical or not.

    street string

    Street name of user's address.

    houseNumber string

    House number of user's address.

    dwellingNumber string

    Property unit number of user's address.

    postOfficeBoxText string

    Post office box text of user's address.

    postOfficeBoxNumber int32

    Post office box number of user's address.

    templateCollectionName string

    Name of template collection assigned to the user.

    credentials ScimCredential[]required

    List of credential a assigned to the user.

  • Array [
    • clientExtId string
    extId stringrequired

    External identifier for the credential. Must be unique.

    type stringrequired

    Possible values: [PASSWORD, GENERIC, FIDO2, TICKET, MTAN, RECOVERY_CODE, TEMPSTRONGPASSWORD, SAFEWORDUSER, SECURID, PUK, FIDO_UAF, CONTEXTPASSWORD, CERTIFICATE, KERBEROS, VASCO, URLTICKET, MOBILESIGNATURE, SAMLFEDERATION, DEVICEPASSWORD, OATH, OTP, SECURITYQUESTIONS, UNSUPPORTED]

    Type of the credential.

    name string

    Name attribute for the credential.

    state stringrequired

    Possible values: [INITIAL, ACTIVE, TMP_LOCKED, FAIL_LOCKED, RESET_CODE, ADMIN_CHANGED, DISABLED, ARCHIVED]

    Enumeration value indicating the credential's administrative status.

    validFrom date-timerequired

    Validity starting timestamp for the credential.

    validTo date-timerequired

    Validity ending timestamp for the credential.

    properties object

    Name value pairs map of Credential's custom properties.

    property name* string

    Name value pairs map of Credential's custom properties.

    policyExtId string

    The external ID of the used policy.

  • ]
    • profiles ScimProfile[]required

    List of assigned profiles to the user. At least one is mandatory.

  • Array [
    • state stringrequired

    Possible values: [ACTIVE, DISABLED, ARCHIVED]

    An enumeration value indicating the profile's administrative status.

    name stringrequired

    Name of the profile.

    remarks string

    Description for the profile.

    extId stringrequired

    External identifier for the profile. Must be unique.

    defaultProfile booleanrequired

    Indicates it is the default profile of user or not. One and only one must true.

    validFrom date-time

    Validity starting timestamp can be defined for the profile.

    validTo date-time

    Validity ending timestamp can be defined for the profile.

    deputedProfileExtId string

    External identifier of deputed profile if exists.

    unitExtId string

    Unit external identifier belonging to the client that the profile refers. By default the configured default unit for the client is used to.

    properties object

    Name value pairs map of Profile's custom properties.

    property name* string

    Name value pairs map of Profile's custom properties.

    idmAuthorizations ScimIdmAuthorization[]required

    IDM role assignments for the profile.

  • Array [
    • extId stringrequired

    External identifier for the enterprise authorization of profile. Must be unique.

    validFrom date-time

    Validity starting timestamp can be defined for the enterprise authorization of profile.

    validTo date-time

    Validity ending timestamp can be defined for the enterprise authorization of profile.

    roleExtId stringrequired

    The assigned role external identifier for the authorization of profile.

    authorizedForAllClients booleanrequired

    The user is authorized to manage all clients in the system.

    authorizedForAllUnits booleanrequired

    The user is authorized to manage all units in the system.

    authorizedForAllApplications booleanrequired

    The user is authorized to manage all applications in the system.

    authorizedForAllEnterpriseRoles booleanrequired

    The user is authorized to manage all enterprise roles in the system.

    authorizedClientExtIds string[]

    The user is authorized to manage the selected clients in case all clients flag is false.

    authorizedApplicationExtIds string[]

    The user is authorized to manage the selected applications in case all applications flag is false.

    authorizedUnitExtIdSetForClients object

    The user is authorized to manage the selected client:units associations in case all units flag is false.

    property name* string[]

    The user is authorized to manage the selected client:units associations in case all units flag is false.

  • Array [

    • string

  • ]
    • authorizedEnterpriseRoleExtIdSetForClients object

    The user is authorized to manage the selected client:enterprise-roles associations in case all roles flag is false.

    property name* string[]

    The user is authorized to manage the selected client:enterprise-roles associations in case all roles flag is false.

  • Array [

    • string

  • ]
  • ]
    • appAuthorizations ScimAppAuthorization[]required

    Application role assignments for the profile.

  • Array [
    • extId stringrequired

    External identifier for the enterprise authorization of profile. Must be unique.

    validFrom date-time

    Validity starting timestamp can be defined for the enterprise authorization of profile.

    validTo date-time

    Validity ending timestamp can be defined for the enterprise authorization of profile.

    roleExtId stringrequired

    The assigned role external identifier for the authorization of profile.

    properties object

    Name value pairs map of Authorization's custom properties.

    property name* string

    Name value pairs map of Authorization's custom properties.

  • ]
    • enterpriseAuthorizations ScimEnterpriseAuthorization[]required

    Enterprise role assignments for the profile.

  • Array [
    • extId stringrequired

    External identifier for the enterprise authorization of profile. Must be unique.

    validFrom date-time

    Validity starting timestamp can be defined for the enterprise authorization of profile.

    validTo date-time

    Validity ending timestamp can be defined for the enterprise authorization of profile.

    roleExtId stringrequired

    The assigned role external identifier for the authorization of profile.

  • ]
  • ]
    • properties object

    Name value pairs map of User's custom properties.

    property name* string

    Name value pairs map of User's custom properties.

    extensions object

    Possible list of extensions. Only the 'urn:nevis:idm:scim:schemas:v1:extension:User' extension is supported.

    description
    title
  • ]

Responses

Bulk operations completed successfully

Schema
    schemas string[]required

    An array of Strings containing URIs that are used to indicate the namespaces of the SCIM schemas that define the attributes present in the current JSON structure.

    meta ScimMeta

    SCIM defined complex to hold meta information.

    resourceType stringrequired

    The name of the resource type of the resource.

    created date-time

    The date and time that the resource was added to the service provider.

    lastModified date-time

    The most recent date and time that the details of this resource were updated at the service provider.

    location uri

    The URI of the resource being returned.

    version string

    The version of the resource being returned.

    Operations ScimBulkResponseOperation[]required

    List of operations performed.

  • Array [
    • method stringrequired

    HTTP method that indicates the operation to be performed.

    bulkId string

    Identifier to identify the single operations in the response.

    version string

    The current resource version to supports entity-tags (ETags).

    location uri

    Resource URI to get the single SCIM resource.

    response ResponseEntityScimBase

    The HTTP response body for the specified request operation. Included with a response with an HTTP status other than a 200-series response,.

    headers object
    empty boolean
    location uri
    host object
    address object
    address byte
    hostAddress string
    linkLocalAddress boolean
    hostName string
    multicastAddress boolean
    anyLocalAddress boolean
    loopbackAddress boolean
    siteLocalAddress boolean
    mcglobal boolean
    mcnodeLocal boolean
    mclinkLocal boolean
    mcsiteLocal boolean
    mcorgLocal boolean
    canonicalHostName string
    port int32
    hostName string
    unresolved boolean
    hostString string
    lastModified int64
    date int64
    contentLength int64
    allow HttpMethod[]
    origin string
    connection string[]
    cacheControl string
    vary string[]
    accept MediaType[]
  • Array [
    • type string
    subtype string
    parameters object
    property name* string
    qualityValue double
    charset object
    registered boolean
    concrete boolean
    subtypeSuffix string
    wildcardType boolean
    wildcardSubtype boolean
  • ]
    • acceptPatch MediaType[]
  • Array [
    • type string
    subtype string
    parameters object
    property name* string
    qualityValue double
    charset object
    registered boolean
    concrete boolean
    subtypeSuffix string
    wildcardType boolean
    wildcardSubtype boolean
  • ]
    • range HttpRange[]
    acceptLanguage object[]
  • Array [
    • range string
    weight double
  • ]
    • contentDisposition ContentDisposition
    type string
    name string
    filename string
    charset object
    registered boolean
    size int64
    creationDate date-time
    modificationDate date-time
    readDate date-time
    attachment boolean
    formData boolean
    inline boolean
    acceptLanguageAsLocales string[]
    accessControlAllowCredentials boolean
    accessControlAllowHeaders string[]
    accessControlAllowMethods HttpMethod[]
    accessControlAllowOrigin string
    accessControlExposeHeaders string[]
    accessControlMaxAge int64
    accessControlRequestHeaders string[]
    accessControlRequestMethod HttpMethod
    acceptCharset object[]
  • Array [
    • registered boolean
  • ]
    • contentLanguage string
    etag string
    expires int64
    ifMatch string[]
    ifNoneMatch string[]
    ifUnmodifiedSince int64
    pragma string
    upgrade string
    ifModifiedSince int64
    contentType MediaType
    type string
    subtype string
    parameters object
    property name* string
    qualityValue double
    charset object
    registered boolean
    concrete boolean
    subtypeSuffix string
    wildcardType boolean
    wildcardSubtype boolean
    property name* string[]
  • Array [

    • string

  • ]
    • body ScimBase

    SCIM defined abstract complex as basis of SCIM types, like ScimUser, ScimSchema.

    schemas string[]required

    An array of Strings containing URIs that are used to indicate the namespaces of the SCIM schemas that define the attributes present in the current JSON structure.

    statusCode HttpStatusCode

    The HTTP status code.

    error boolean
    is1xxInformational boolean
    is2xxSuccessful boolean
    is3xxRedirection boolean
    is4xxClientError boolean
    is5xxServerError boolean
    statusCodeValue int32
    status HttpStatusCoderequired

    The HTTP status code.

    error boolean
    is1xxInformational boolean
    is2xxSuccessful boolean
    is3xxRedirection boolean
    is4xxClientError boolean
    is5xxServerError boolean
  • ]
Loading...
Last updated on