When creating an account through the ISC native SCIM connector, attributes declared under the “urn:ietf:params:scim:schemas:extension:custom:2.0:User” namespace are not included in the payload sent to the target API, despite:
- The extension schema being declared in the “schemas” array
- The attributes (“codeUni”, “codePar”) being defined in the source **Provisioning Policy**
- The target API expecting the following payload structure:
The connector correctly sends **core** attributes (“userName”, “name”, “emails”) but **silently drops** the custom extension block, causing the target API to return “HTTP 400”.
In ISC, defining the custom extension URN and adding codeUni / codePar in the provisioning policy may not be enough if the target expects them under a nested SCIM extension object during CREATE. SailPoint’s SCIM extended-attributes guidance points to using a Before Provisioning rule to modify the provisioning plan for this kind of case.
I would read the flat values from the provisioning policy, remove them as standalone attributes, and then add a single attribute request for the extension block with the nested structure.
Also note that these are complex multi-valued attributes, so the exact array/object shape matters. If the native SCIM connector still doesn’t serialize the extension correctly on CREATE after that, I’d consider a Web Services source for full payload control.