How to pass additional headers in non compliant scim Connector using API Token authentication?

keerthip · December 17, 2025, 6:13pm

IIQ Version 8.2 P2

Hi , I have API token authentication working fine on 8.2 P2 for SCIM 2 connector.

However , I have to pass additional sec headers as part of the requirement .

I tried

<entry>
<value>
<Map>
<entry key="Authorization" value="Bearer tokenValue"/>
<entry key="someheader" value="somevalue"/>
</Map>
</value>
</entry>

The above is not working and giving me the error :

[ InvalidConfigurationException ] [ Possible suggestions ] Please check OAuth2 Token [ Error details ] 401

I unchecked non-compliant server and it started working , but since all the operations are not working as expected like create , update etc.,

Is there any alternate solution for SCIM 2.0 connector to pass additional security headers in the XML config or in the UI or before provisioning rule?

Thanks in Advance.

Keerthi

RAKRHEEM · January 12, 2026, 11:04am

keerthip:

I have API token authentication working fine on 8.2 P2 for SCIM 2 connector.

However , I have to pass additional sec headers as part of the requirement .

I tried
<entry>
<value>
<Map>
<entry key="Authorization" value="Bearer tokenValue"/>
<entry key="someheader" value="somevalue"/>
</Map>
</value>
</entry>
The above is not working and giving me the error :

[ InvalidConfigurationException ] [ Possible suggestions ] Please check OAuth2 Token [ Error details ] 401

I unchecked non-compliant server and it started working , but since all the operations are not working as expected like create , update etc.,

Is there any alternate solution for SCIM 2.0 connector to pass additional security headers in the XML config or in the UI or before provisioning rule?

Based on similar SCIM configuration patterns, potential solutions include:

Custom Authentication - Switch Authentication Type to “Custom” and use customizeRequest rule to inject headers programmatically (approach discussed here)
beforeProvisioning Rule - Add headers in a beforeProvisioning rule that manipulates the request object before it’s sent
Verify noAuthHeaders syntax - Ensure your XML structure matches the connector’s expected format for API token auth with additional headers

keerthip · January 13, 2026, 12:37am

Hi Rakesh,

1.Custom Authentication is not available in SCIM V2.0 Connector Type. It is only available in WebServices Connector.

BeforeProvisioningRule - RequestEndPoint and sending additional headers can be coded in Webservices before Provisioning Rule but not in SCIM Before Provisioning Rule because requestEndPoint is not available.
I verified noAuthHeaders syntax and the test connection is successful when “Non Compliant “ checkbox is unchecked. However , My target is non compliant to scim standards and have to check that box for the remaining operations to be successful.

Please let me know if there is any known solution for Non compliant SCIM server with API Token authentication to pass additional headers.

Topic		Replies	Views
Passing Additional headers in SCIM 2.0 Token based authentication IIQ Discussion and Questions apis , authentication	5	830	August 7, 2023
SCIM Connector - Pass API Key as Header for Authentication ISC Discussion and Questions scim-connector , identity-security-cloud	2	117	May 24, 2025
Pass Custom header to IDN SCIM 2.0 Connector ISC Discussion and Questions scim-connector	1	587	July 19, 2023
How to add additional header value into SCIM 2.0 SAAS connector in IDN ISC Discussion and Questions identity-security-cloud	2	145	April 11, 2025
SCIM 2.0 Connector OAuth 2.0 Configuration, Test connection getting failed IIQ Discussion and Questions identityiq	10	150	December 27, 2025

How to pass additional headers in non compliant scim Connector using API Token authentication?

IIQ Version 8.2 P2

Related topics