Sep 26 2022 03:59 AM - edited Sep 26 2022 04:00 AM
You can now validate the compatibility of your SCIM provisioning endpoint and Azure AD code base using our Azure AD SCIM Validator. This tool can be used by ISVs who want to build SCIM compatible servers either for gallery app or generic app and developers building their line of business SCIM apps. https://learn.microsoft.com/azure/active-directory/app-provisioning/scim-validator-tutorial
Sep 27 2023 07:16 AM
This is from memory, but Is this because the microsoft validator is expecting your SCIM implementation to ensure the external id is unique?
Also, to the best of my knowledge you are better asking questions on
https://learn.microsoft.com/en-us/answers/tags/49/azure-active-directory
Make sure you use the Azure Active Directory tag
Oct 04 2023 07:22 AM - edited Oct 04 2023 07:26 AM
Hello.
These days, I'm working on implementing support for the SCIM protocol into a client application and using the SCIM Validator to check its functionality. A few days ago, the SCIM Validator sent me a multi-value PATCH operation for nested parameters in this format:
"Operations": [
{
"op":"replace",
"value":
{
"name.givenName":"Aron",
"name.familyName":"Raul",
}
}
]
Today, I noticed that instead of the original nine tests, a tenth one, "PATCH User- Disable User," has appeared, and the format of the patch replace operation has changed. Now, the multi-value operation for nested parameters looks like this:
"Operations": [
{
"op": "replace",
"value": {
"name": {
"givenName": "Trevion",
"familyName": "Larissa"
},
}
}
]
Does an SCIM client that wants to collaborate with AAD need to support both the above-mentioned variations, or will the one from today be sufficient?
Oct 04 2023 07:58 AM - edited Oct 04 2023 08:07 AM
@marhav This is an issue on our end and an appropriate fix has been deployed and is rolling out now. Please support the one you received previously.
Mar 14 2024 10:51 AM
@owinoakeloSchema Discovery does not seem to work for us, the SCIM validator then fails to execute any tests. However, it does work when using the Default schema option.
Our endpoint supports the following attributes: userName, externalId, active, displayName, emails, roles. If I select Default schema and manually edit the attribute mappings, the SCIM Validator succesfully validates the SCIM endpoint implementation in our application. All 10 tests are completed succesfully.
If I select Schema Discovery, the SCIM validator successfully fetches the attribute definitions from our /Schemas endpoint. However, if I then click Test Schema, the validator always returns an error message: SCIM Validation failed. NetworkError when attempting to fetch resource.
The browser console log shows some CORS errors. I do not see any incoming requests in our application.
Why would Test Schema fail to contact our endpoint when using Schema Discovery?
Mar 14 2024 09:54 PM
@WMRutten , yes we are experiencing a network issue with some endpoints thus the CORS issue. There is an active work to fix it. I recommend you use the default schema or upload schema options as we work on fixing the issue affecting schema discovery.
Mar 15 2024 05:22 AM - edited Mar 15 2024 05:23 AM