Applications interact with resources (users, typically) using the PingAuthorize Server’s SCIM APIs, a set of REST interfaces based on the SCIM 2.0 standard. Things you can do with these APIs include:

• Creating users.
• Searching for users.
• Retrieving and updating a user’s profile.
• Changing a user’s password.
• Managing a user’s login sessions.
• Retrieving a user’s history of consent to data access.
• Managing second factor authentication settings.

The client APIs are based on SCIM (System for Cross-domain Identity Management) 2.0, a set of standards that is specified in detail by RFC 7643 and RFC 7644. In SCIM, any type of data is called a resource type, and the attributes available for any given resource type are specified by one or more schemas. Resources are formatted as JSON and are requested using standard HTTP methods like GET, POST, or PATCH.

This guide assumes that the PingAuthorize Server is configured to serve user resources at the /scim/v2/Users endpoint. Where example data is shown, the “starter schema” bundled with the PingAuthorize Server is used. Your PingAuthorize Server might be configured differently, but the same APIs will be available even if the endpoint name or the type of data differs.

This document provides the following information about the PingAuthorize Server’s SCIM APIs:

• Data types and resources: Data types and resource format specified by the SCIM 2.0 schema standard.
• Authorization: Authorization to access SCIM API resources.
• Authentication: Authentication requirement to access SCIM APIs.
• Requests and responses: SCIM API requests and responses.
• Service metadata: SCIM 2.0 service metadata.
• User profile: SCIM 2.0 user profile endpoint.
• Me endpoint: SCIM 2.0 Me endpoint.
• Errors: SCIM 2.0 errors.