SCIM API
- Tier: Premium, Ultimate
- Offering: GitLab.com
Use this API to manage SCIM identities in groups.
Prerequisites:
- You must enable Group SSO.
- You must enable SCIM for Group SSO.
This API differs from the internal group SCIM API and the instance SCIM API:
This API:
- Does not implement the RFC7644 protocol.
- Gets, checks, updates, and deletes SCIM identities within groups.
The internal group and instance SCIM APIs:
- Are for system use for SCIM provider integration.
- Implement the RFC7644 protocol.
- Get a list of SCIM provisioned users for the group or instance.
- Create, delete and update SCIM provisioned users for the group or instance.
Get SCIM identities for a group
GET /groups/:id/scim/identitiesSupported attributes:
| Attribute | Type | Required | Description |
|---|---|---|---|
id | integer/string | Yes | The ID or URL-encoded path of the group |
If successful, returns 200 and the following
response attributes:
| Attribute | Type | Description |
|---|---|---|
extern_uid | string | External UID for the user |
user_id | integer | ID for the user |
active | boolean | Status of the identity |
Example response:
[
{
"extern_uid": "be20d8dcc028677c931e04f387",
"user_id": 48,
"active": true
}
]Example request:
curl --location --request GET "https://gitlab.example.com/api/v4/groups/33/scim/identities" \
--header "PRIVATE-TOKEN: <PRIVATE-TOKEN>"Get a single SCIM identity
GET /groups/:id/scim/:uidSupported attributes:
| Attribute | Type | Required | Description |
|---|---|---|---|
id | integer | yes | The ID or URL-encoded path of the group |
uid | string | yes | External UID of the user. |
Example request:
curl --location --request GET "https://gitlab.example.com/api/v4/groups/33/scim/be20d8dcc028677c931e04f387" --header "PRIVATE-TOKEN: <PRIVATE TOKEN>"Example response:
{
"extern_uid": "be20d8dcc028677c931e04f387",
"user_id": 48,
"active": true
}Update extern_uid field for a SCIM identity
Fields that can be updated are:
| SCIM/IdP field | GitLab field |
|---|---|
id/externalId | extern_uid |
PATCH /groups/:groups_id/scim/:uidParameters:
| Attribute | Type | Required | Description |
|---|---|---|---|
id | integer/string | yes | The ID or URL-encoded path of the group |
uid | string | yes | External UID of the user. |
Example request:
curl --location --request PATCH "https://gitlab.example.com/api/v4/groups/33/scim/be20d8dcc028677c931e04f387" \
--header "PRIVATE-TOKEN: <PRIVATE TOKEN>" \
--form "extern_uid=yrnZW46BrtBFqM7xDzE7dddd"Delete a single SCIM identity
DELETE /groups/:id/scim/:uidSupported attributes:
| Attribute | Type | Required | Description |
|---|---|---|---|
id | integer | yes | The ID or URL-encoded path of the group. |
uid | string | yes | External UID of the user. |
Example request:
curl --location --request DELETE "https://gitlab.example.com/api/v4/groups/33/scim/yrnZW46BrtBFqM7xDzE7dddd" --header "PRIVATE-TOKEN: <your_access_token>"Example response:
{
"message" : "204 No Content"
}Docs
Edit this page to fix an error or add an improvement in a merge request.
Create an issue to suggest an improvement to this page.
Product
Create an issue if there's something you don't like about this feature.
Propose functionality by submitting a feature request.
Feature availability and product trials
View pricing to see all GitLab tiers and features, or to upgrade.
Try GitLab for free with access to all features for 30 days.
Get help
If you didn't find what you were looking for, search the docs.
If you want help with something specific and could use community support, post on the GitLab forum.
For problems setting up or using this feature (depending on your GitLab subscription).
Request support