IdentityIQ SCIM REST API (8.3)

Download OpenAPI specification:Download

IdentityIQ REST Endpoint Interface Documentation for SCIM

Authentication

basicAuth

Security Scheme Type HTTP
HTTP Authorization Scheme basic

Accounts

Returns all Account resources.

This endpoint returns all Account resources.

Authorizations:
query Parameters
filter
string
Example: filter=application.value eq "7f000001804444fe818051b44414444c" and displayName sw "G"

Allows for query filters according to RFC-7644, Section 3.4.2.2 - not all operations are supported.

sortBy
string
Example: sortBy=displayName

Allows sorting the results by a resource's attributes.

sortOrder
string
Default: "ascending"
Example: sortOrder=descending

Determines what order to sort results in.

startIndex
integer
Default: 1
Example: startIndex=2313

Determines the starting index of the result set.

count
integer
Default: 1000
Example: count=10

Specifies the number of results per page.

attributes
string
Example: attributes=displayName,active

A comma-separated list of attributes to return in the response. This query parameter supersedes excludedAttributes, so providing the same attribute(s) to both will result in the attribute(s) being returned.

excludedAttributes
string
Example: excludedAttributes=displayName,active

A comma-separated list of attributes to exclude from the response. Some attributes cannot be excluded.

Responses

Response samples

Content type
{
  • "totalResults": "18,",
  • "startIndex": 1,
  • "schemas": [
    ],
  • "Resources": [
    ]
}

Creates an Account.

The endpoint used to create an Account resource. The required payload fields can differ drastically depending on the Application.

Authorizations:
query Parameters
attributes
string
Example: attributes=displayName,active

A comma-separated list of attributes to return in the response. This query parameter supersedes excludedAttributes, so providing the same attribute(s) to both will result in the attribute(s) being returned.

excludedAttributes
string
Example: excludedAttributes=displayName,active

A comma-separated list of attributes to exclude from the response. Some attributes cannot be excluded.

Request Body schema:
required
object

The corresponding User object of the Account.

required
object

The corresponding Application object of the Account.

nativeIdentity
required
string

The Account unique identifier associated with the native application. This field is immutable.

displayName
string

The name of the Account, suitable for display to end-users.

instance
string

The instance identifier of the Account. This field is immutable.

password
string

The password of the Account, used in created or changing the Account password. This attribute is write-only and will never be returned in a response.

currentPassword
string

The current password of the Account, used in created or changing the Account password. This attribute is write-only and will never be returned in a response.

required
object

Provide the name of Application that corresponds to this Account in APPLICATION NAME. This field contains an object structure dependent on the Application that the Account applies to.

Example: urn:ietf:params:scim:schemas:sailpoint:1.0:Application:Schema:My Application1:account: { "department": "IT"}

active
boolean

Flag to indicate this account is enabled or disabled.

locked
boolean

Flag to indicate this account is locked. An account may be unlocked by setting this attribute to false, but can not be locked by setting a false value to true.

Responses

Request samples

Content type
{