SCIM API Overview

Applications interact with resources (users, typically) using the Ping Identity Data Governance Server’s SCIM APIs, a set of REST interfaces based on the SCIM 2.0 standard. Things you can do with these APIs include:

  • Creating users.
  • Searching for users.
  • Retrieving and updating a user’s profile.
  • Changing a user’s password.
  • Managing a user’s login sessions.
  • Retrieving a user’s history of consent to data access.
  • Managing second factor authentication settings.

The client APIs are based on SCIM (System for Cross-domain Identity Management) 2.0, a set of standards that is specified in detail by RFC 7643 and RFC 7644. In SCIM, any type of data is called a resource type, and the attributes available for any given resource type are specified by one or more schemas. Resources are formatted as JSON and are requested using standard HTTP methods like GET, POST, or PATCH.

This guide assumes that the Data Governance Server is configured to serve user resources at the /scim/v2/Users endpoint. Where example data is shown, the “starter schema” bundled with the Data Governance Server is used. Your Data Governance Server may be configured differently, but the same APIs will be available even if the endpoint name or the type of data differs.