Generic SCIM Endpoint - Create Group
The Create Group endpoint creates the requested Role in strongDM and assigns it to any designated Users.
Request
Endpoint
/provisioning/generic/v2/Groups
HTTP method
POST
Parameters
None
Request body attributes
The following request body attributes are required.
Attribute | Description | Notes | Example |
---|---|---|---|
displayName | The display name of the Role | Returns a 400 if the provided value is empty; returns a 409 if the provided value is already in use | "RoleName" |
members | A list of the members of the group/Role with subattributes value (User ID) and display (human-readable descriptor of the User, for your own use) of the User(s) to be assigned to the Role from creation | Returns a 400 if the IDs are formatted incorrectly or are invalid; ignores IDs that are correctly formatted but cannot be found. | {"value": "a-66f584886171b51d", "display": "userEmail@example.test"} |
schemas | The schema URI for representing groups | Include the value as indicated in the example. | "urn:ietf:params:scim:schemas:core:2.0:Group" |
Example request
POST app.strongdm.com/provisioning/generic/v2/Groups
{"schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],"displayName": "RoleName","members": [{"value": "a-66f584886171b51d","display": "userEmail@example.test"}]}
Response
Example success response
{"schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],"displayName": "RoleName","id": "r-027230536171b51d","members": [{"value": "a-66f584886171b51d","display": "userEmail@example.test"}],"meta": { "resourceType": "Group", "location": "Groups/r-027230536171b51d" }}
Example response if displayName was not provided
{"schemas": ["urn:ietf:params:scim:api:messages:2.0:Error"],"detail": "could not create role: cannot create role: invalid operation: name cannot be empty","status": "400"}
Example response if displayName is already in use
{"schemas": ["urn:ietf:params:scim:api:messages:2.0:Error"],"scimType": "uniqueness","detail": "One or more of the attribute values are already in use or are reserved.","status": "409"}