API Reference/Management/Tenants

Group Management

Overview

The Descope service supports the ability to load details about associated external SSO groups. The API opens the below endpoints for loading these details.

Use Cases

  1. Load All External Groups for a Tenant
  2. Load All External Groups for Specific Members
  3. Load All Members of a specific External Group

Examples

Example - Load all groups associated with a tenant

Utilizing the Load All External Groups for a Tenant administrators can load the associated external groups of a tenant. This allows administrators to be able to verify the associated groups and make any necessary changes via SCIM or their SSO IdP.

Was this helpful?

Load SCIM Service Provider Config GET

### Load the supported SCIM provisioning service provider configuration, using a valid access key. This API endpoint allows administrators to load the supported SCIM provisioning service provider configuration. The response includes detailed information on the applicable configurations and schemas within your IdP for SCIM provisioning. It is important to note the bearer token for SCIM API endpoints. The format is `ProjectId:AccessKey` the access key must be associated with the applicable tenant and associated with the tenant admin role. ### See also - See [SCIM Management](/scim) for further details on managing SCIM provisioning. ### Endpoint Authentication Use authorization bearer header with the following format: `Authorization: Bearer <ProjectId:AccessKey>`

Load All External Groups for a Tenant POST

### Load all external groups for a tenant, using a valid management key. This API endpoint allows administrators to load all external groups that are associated to a tenant. The response contains an array of group objects including the group id, display name, and an array of associated members. ### Next Steps Administrators can review this information and make changes within their IdP or if necessary, [Create a SCIM Group](/api/management/tenants/scim/create-scim-group), [Update an Existing SCIM Group (adding new members)](/api/management/tenants/scim/update-scim-group), or [Delete an Existing SCIM Group](/api/management/tenants/scim/delete-scim-group) ### See also - See [SSO Configuration](/sso) for further details on managing SSO Configurations on a tenant. ### Endpoint Authentication Use authorization bearer header with the following format: `Authorization: Bearer <ProjectId:ManagementKey>`

On this page