wso2scim2wso2-identity-server

WSO2 Identity Server SCIM /Me endpoint issue for non admin user


I just want to use SCIM 2.0 REST APIs that per this guide are out of the box from 5.4.0 version of WSO2IS. I'm using WSO2 IS 5.7.

When I GET /scim2/Me with admin user (HTTP basic authentication), I get a 200 OK response, but when I try to call this API with a different user, I get the following HTTP response:

{
    "schemas": "urn:ietf:params:scim:api:messages:2.0:Error",
    "scimType": "invalidValue",
    "detail": "Required attribute id is missing in the SCIM Object.",
    "status": "400"
}

What's the problem here? Maybe I miss some basics on WSO2IS SCIM APIs usage?


Solution

  • As per the error message, your user doesn't have a SCIM id. Log in to the management console and navigate Claims -> List -> wso2.org/claims and select User ID claim. Check Supported by Default by clicking the edit button of that claim and save. Then, navigate to Users and Roles -> List and see the user's profile and check whether the scim id is empty / not.

    If the SCIM id is empty the above error would be expected.

    There is a config (SCIMEnabled) to enable SCIM for the user store (https://docs.wso2.com/display/IS570/Configuring+a+Read-write+LDAP+User+Store). Navigate to <IS-HOME>/repository/conf/user-mgt.xml and check whether SCIMEnabled is set to true in your userstore.