Forum Discussion
Azure AD SCIM Validator is in General Availability (GA) Status
Hello owinoakelo,
I am testing SCIM operations for Groups using your validator to ensure compatibility with MS Entra. Unfortunately, I currently (for now) do not have access to Entra to test the SCIM API in a real environment, so I have to rely solely on your validator.
I have encountered two issues and would like to kindly ask for some clarification.
1. Tested Operation: Patch Group - Add Member
Content-Type: application/scim+json; charset=utf-8
{
"Operations": [
{
"op": "replace",
"path": "members",
"value": [
{
"value": "944"
}
]
}
],
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
]
}
The operation for adding a member to a group should use "op": "Add". However, the validator called the operation with "op":"replace". The documentation https://learn.microsoft.com/en-us/entra/identity/app-provisioning/use-scim-to-provision-users-and-groups#request-11only describes operations for adding and removing members, not a full replacement.
Is this an issue with the validator, or does MS Entra actually send a full replace patch operation for members?
2. Tested Operation: Patch Group - Replace Attributes
Content-Type: application/scim+json; charset=utf-8
{
"Operations": [],
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
]
}
The validator sent a patch request with an empty set of operations, meaning no changes are actually requested, yet it expects a Success (200) result code.
Is this an issue with the validator, or does MS Entra actually send such "empty" operations and expect a Success (200) response?
Thank you in advance for your response.
Best regards,
Martin.