Generic SCIM Endpoint - Create Group

Last modified on October 25, 2022

The Create Group endpoint creates the requested role in StrongDM and assigns it to any designated users.

Request

Endpoint

/provisioning/generic/v2/Groups

HTTP method

POST

Parameters

None

Request body attributes

AttributeRequirementDescriptionNotesExample
displayNameRequiredDisplay name of the roleReturns a 400 if the provided value is empty; returns a 409 if the provided value is already in use"RoleName"
membersRequiredList of the members of the group/role with subattributes value (user ID) and display (human-readable descriptor of the user, for your own use) of the user(s) to be assigned to the role from creationReturns a 400 if the IDs are formatted incorrectly or are invalid; ignores IDs that are correctly formatted but cannot be found[{"value": "a-66f584886171b51d", "display": "userEmail@example.test"}]
schemasRequiredSchema URI for representing groupsInclude the value as indicated in the example.["urn:ietf:params:scim:schemas:core:2.0:Group"]

Example request

POST app.strongdm.com/provisioning/generic/v2/Groups

{
  "schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
  "displayName": "RoleName",
  "members": [
    {
      "value": "a-66f584886171b51d",
      "display": "userEmail@example.test"
    }
  ]
}

Response

Example success response

{
  "schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
  "displayName": "RoleName",
  "id": "r-027230536171b51d",
  "members": [
    {
      "value": "a-66f584886171b51d",
      "display": "userEmail@example.test"
    }
  ],
  "meta": { "resourceType": "Group", "location": "Groups/r-027230536171b51d" }
}

Example response if displayName was not provided

{
  "schemas": ["urn:ietf:params:scim:api:messages:2.0:Error"],
  "detail": "could not create role: cannot create role: invalid operation: name cannot be empty",
  "status": "400"
}

Example response if displayName is already in use

{
  "schemas": ["urn:ietf:params:scim:api:messages:2.0:Error"],
  "scimType": "uniqueness",
  "detail": "One or more of the attribute values are already in use or are reserved.",
  "status": "409"
}
Top