API ReferenceManagementTenantsSCIM
PUT
/scim/v2/Users/{userId}

Authorization

Descope Project ID:Access Key
AuthorizationBearer <token>

Project ID:Access Key as bearer token.

In: header

Path Parameters

userId*string

Request Body

application/json

userId?string
displayName?string

The following values are manipulated by the marshaler in httpgateway/marshaler.go in case of changing or adding new ones, need to edit the marshaler as well

emails?array<SCIMUserEmail>
active?boolean
name?object
userName?string
attributes?object
originalRequest?object

originalRequest holds the full inbound SCIM payload as received from the IdP (including schemas and extended-schema attributes), with sensitive values redacted. It is populated internally and used only for the inbound SCIM audit trail.

Update an existing SCIM user, using a valid access key.

This endpoint allows administrators to update an existing SCIM user. Through this API endpoint, administrators can update the displayName, phoneNumbers, emails, and if the user is active.

The response includes the user's object, which includes details about the users including their email, phone, username, name, etc.

It is important to note the bearer token for SCIM API endpoints. The format is ProjectId:AccessKey the access key must be associated with the applicable tenant and associated with the tenant admin role.

See also

curl -X PUT "https://api.descope.com/scim/v2/Users/string" \  -H "Content-Type: application/json" \  -d '{}'
{  "user": {    "schemas": [      "string"    ],    "id": "string",    "userName": "string",    "meta": {      "created": {},      "location": "string",      "lastModified": {},      "resourceType": "string"    },    "emails": [      {        "value": "string",        "primary": true,        "type": "string"      }    ],    "name": {      "givenName": "string",      "familyName": "string",      "middleName": "string"    },    "active": true,    "displayName": "string",    "detail": "string",    "attributes": {},    "status": 0  }}
export interface Response {user?: SCIMGetUsersResource}export interface SCIMGetUsersResource {schemas?: string[]id?: stringuserName?: stringmeta?: SCIMGetUsersResourceMetaemails?: {value?: stringprimary?: booleantype?: string}[]name?: {givenName?: stringfamilyName?: stringmiddleName?: string}active?: booleandisplayName?: stringdetail?: stringattributes?: {}status?: number}export interface SCIMGetUsersResourceMeta {created?: {}location?: stringlastModified?: {}resourceType?: string}
Was this helpful?

Load SCIM User GET

### Load an existing SCIM user, using a valid access key. This endpoint allows administrators to load an existing SCIM user. The response includes the user's object, which includes details about the users including their email, phone, username, name, etc. It is important to note the bearer token for SCIM API endpoints. The format is `ProjectId:AccessKey` the access key must be associated with the applicable tenant and associated with the tenant admin role. ### Next Steps Once you have user data, you can utilize [Update SCIM Group](/api/management/tenants/scim/update-scim-group) to add or remove the user on groups. ### See also - See [SCIM Management](/scim) for further details on managing SCIM provisioning.

Delete SCIM User DELETE

### Delete an existing SCIM User, using a valid access key. This API endpoint allows administrators to delete an existing SCIM user from the Descope tenant. It is important to note the bearer token for SCIM API endpoints. The format is `ProjectId:AccessKey` the access key must be associated with the applicable tenant and associated with the tenant admin role. ### See also - See [SCIM Management](/scim) for further details on managing SCIM provisioning.