--- openapi: 3.1.0 info: title: Adra SCIM 2 API version: '1.0' description: System for Cross-domain Identity Management (SCIM) API for Adra Suite. This API allows you to provision and manage user identities using REST API operations following the SCIM 2.0 specification with Adra-specific groups. contact: name: API Support url: https://success.adra.com/s/ email: support@adra.com license: name: Proprietary License url: https://www.trintech.com/terms-and-conditions/adra/ x-feedbackLink: url: https://success.adra.com/s/resources/ideas label: Give Feedback x-topics: - title: SCIM Groups content: |- The SCIM Groups in Adra are a conversion of the access levels a user can obtain through the Adra Setup Portal for Engagement and Licensed Applications ### Access Levels to Group Conversion Here is a table with an overview of the Access Levels and the SCIM Groups expected to exist assuming the Engagement has a license in all the Adra Products. | Access Level | Engagement | Balancer | Task Manager | Matcher | Journal | Analytics | Integration Hub | |--------------|------------|----------|--------------|----------|----------|-----------|----------------| | LimitedUser | N/A | NO | NO | YES | NO | N/A | N/A | | User | N/A | YES | YES | YES | YES | YES | YES | | Auditor | N/A | YES | YES | YES | YES | N/A | N/A | | Admin | YES | YES | YES | YES | YES | N/A | N/A | | FinancialAdmin | YES | N/A | N/A | N/A | N/A | N/A | N/A | | Multiple Allowed* | N/A | NO | NO | NO | NO | N/A | N/A | servers: - url: https://setup.adra.com/api/organizations/{organizationSid}/scim description: Production server variables: organizationSid: description: The unique identifier of the organization in Adra - url: https://setup.adrastage.com/api/organizations/{organizationSid}/scim description: Stage server variables: organizationSid: description: The unique identifier of the organization in Adra - url: https://setup.adratest.com/api/organizations/{organizationSid}/scim description: Test server variables: organizationSid: description: The unique identifier of the organization in Adra - url: https://setup.adradev.com/api/organizations/{organizationSid}/scim description: Dev server variables: organizationSid: description: The unique identifier of the organization in Adra tags: - name: Configuration description: |- Operations related to SCIM configuration. These endpoints are essential for SCIM 2.0 service discovery and schema understanding: - `/ServiceProviderConfig`: Returns supported features and capabilities of this SCIM implementation - `/Schemas`: Describes the data models, attributes, and constraints for SCIM resources - `/ResourceTypes`: Lists available SCIM resource endpoints and their associated schemas Clients should use these endpoints to discover service capabilities and adapt their integration accordingly. - name: Groups description: |- The SCIM Groups in Adra are a conversion of the access levels a user can obtain through the Adra Setup Portal for Engagement and Licensed Applications. See [SCIM Groups](#topic-scim-groups) ### Adra SCIM Groups Naming Convention The SCIM Groups contain a displayName property which Adra uses to represent the Access Level, separated by a pipe ( | ) into 3 sections. Engagement name | Application name | Access Level. For the User Access to Task Manager in the Ortiz and Sons engagement the group will show the following displayName: `Ortiz and Sons|TaskManager|User` ### Adra as SCIM Provider for Groups Adra will provide the SCIM Groups so the SCIM Client can add or remove members. These groups will be dynamically generated based on the active engagements that the organization has access to. Therefore the Adra Groups can't be Created or Deleted from the outside. Group Members can be added, removed, or replaced from an Adra SCIM Group. ### Group Member Provisioning is for SCIM Users Only employees of the Organization (in Adra) are candidates to be added or removed from groups. These are the already provisioned SCIM Users. In other words, successful SCIM User provisioning must exists to expect a successful Group Membership for the same user. If multiple organizations have access to the same engagement, each organization can only add or remove its employees from the engagements. Since these are different SCIM Provisionings. ### BPO and Concern Organizations Engagement Access Because BPO and Concern Organizations are expected to manage all the engagements they have access to, these types of organizations will be able to assign employees to any active Engagement they have access to (under Organization Details → Engagements) Any other type of organization in Adra is limited to assigning users to the active Engagements in which it is registered as the "Financial owner" (under Organization Details → Engagements). This is also known as the "Company" Engagements. ### Adra SCIM Groups for Licensed Applications are exclusive If the company is using the principle of least privilege (PoLP), it will not run into the following issues. It is strongly recommended to use it. At any given time, a user can only have one access level to log in to an Adra application. So given the following SCIM Groups: ``` Ortiz and Sons|Balancer|Auditor Ortiz and Sons|Balancer|User Ortiz and Sons|Balancer|Admin ``` Making a user member of more than one of these groups will result in the user not being able to log in to the application. Furthermore, Engagement Admin and Auditor are also incompatible: ``` Ortiz and Sons|Balancer|Auditor Ortiz and Sons|Engagement|Admin ``` Making a user member of these 2 groups will result in the user not being able to log in to the application. - name: Users description: Operations for managing SCIM user resources. These endpoints allow you to create, read, update, and deactivate user identities. externalDocs: description: Adra Success Center url: https://success.adra.com/s/article/Setup-SCIM-Implementation-for-Automated-User-Provisioning-Using-Microsoft-Entra-ID paths: "/serviceConfiguration": get: tags: - Configuration operationId: getServiceConfiguration summary: Get SCIM Service Provider Configuration description: Returns the capabilities of the Adra SCIM implementation responses: '200': description: OK content: application/scim+json: schema: "$ref": "#/components/schemas/ServiceConfigurationBase" example: schemas: - urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig documentationUri: https://success.adra.com/s/article/Setup-SCIM-Implementation-for-Automated-User-Provisioning-Using-Microsoft-Entra-ID patch: supported: true bulk: supported: false maxOperations: 0 maxPayloadSize: 0 filter: supported: true maxResults: 200 changePassword: supported: false sort: supported: false etag: supported: false authenticationSchemes: - name: OAuth Bearer Token description: Authentication using Bearer token specUrl: https://datatracker.ietf.org/doc/html/rfc6750 type: oauthbearertoken primary: true '400': description: Bad Request content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '401': description: Unauthorized content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '403': description: Forbidden content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '501': description: Not Implemented content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" default: description: '' content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" security: - adra_personal_access_token: - setup_api.public "/Schemas": get: tags: - Configuration operationId: getSchemas summary: Get SCIM Schemas description: "Returns available fields for each schema, including the attributes of the User that we support. The supported attributes include: \n- **userName**: A unique identifier for the User, required for authentication. \n- **name**: The components of the user's real name, which includes both `givenName` and `familyName`, and can be returned as a full name or individual components. \n- **externalId**: The provider unique ID of a SCIM resource. \n- **title**: The user's title, such as 'Vice President'. \n- **timezone**: The User's time zone in the 'Olson' time zone database format. \n- **active**: A Boolean indicating the User's administrative status. \n- **emails**: Only one email address is supported, which must be of type 'work'. \n- **locale**: Language/region setting (e.g., 'en-GB'). \n- **preferredLanguage**: User's preferred language. \n- **id**: Adra-generated unique user ID. \n- **employeeNumber**: Employee reference number (Enterprise User Schema)." responses: '200': description: OK content: application/scim+json: schema: "$ref": "#/components/schemas/SchemaListResponse" example: schemas: - urn:ietf:params:scim:api:messages:2.0:ListResponse totalResults: 2 itemsPerPage: 10 startIndex: 1 Resources: - id: urn:ietf:params:scim:schemas:core:2.0:User name: User description: User Account attributes: - name: userName type: string multiValued: false description: Unique identifier for the User required: true caseExact: false mutability: readWrite returned: default uniqueness: server - name: name type: complex multiValued: false description: The components of the user's real name required: false subAttributes: - name: givenName type: string multiValued: false description: The given name of the User required: true - name: familyName type: string multiValued: false description: The family name of the User required: true schemas: - urn:ietf:params:scim:schemas:core:2.0:Schema - id: urn:ietf:params:scim:schemas:core:2.0:Group name: Group description: Group attributes: - name: displayName type: string multiValued: false description: A human-readable name for the Group required: true caseExact: false mutability: readWrite returned: default uniqueness: none - name: members type: complex multiValued: true description: A list of members of the Group required: false mutability: readWrite returned: default schemas: - urn:ietf:params:scim:schemas:core:2.0:Schema '400': description: Bad Request content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '401': description: Unauthorized content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '403': description: Forbidden content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '500': description: Internal Server Error content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '501': description: Not Implemented content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" security: - adra_personal_access_token: - setup_api.public "/ResourceTypes": get: tags: - Configuration operationId: getResourceTypes summary: Get SCIM Resource Types description: Returns available resources for each schema responses: '200': description: OK content: application/scim+json: schema: "$ref": "#/components/schemas/ResourceTypeListResponse" example: schemas: - urn:ietf:params:scim:api:messages:2.0:ListResponse totalResults: 2 itemsPerPage: 10 startIndex: 1 Resources: - id: User name: User endpoint: "/Users" schema: urn:ietf:params:scim:schemas:core:2.0:User schemas: - urn:ietf:params:scim:schemas:core:2.0:ResourceType - id: Group name: Group endpoint: "/Groups" schema: urn:ietf:params:scim:schemas:core:2.0:Group schemas: - urn:ietf:params:scim:schemas:core:2.0:ResourceType '400': description: Bad Request content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '401': description: Unauthorized content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '403': description: Forbidden content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '501': description: Not Implemented content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" security: - adra_personal_access_token: - setup_api.public "/Groups": get: tags: - Groups operationId: getGroups summary: List or filter groups description: Returns a list of available groups, optionally filtered by query parameters parameters: - name: filter in: query description: Filter string (e.g. displayName eq "GroupName") schema: type: string - name: startIndex in: query description: The 1-based index of the first result schema: type: integer format: int32 minimum: 1 default: 1 - name: count in: query description: Maximum number of results to return schema: type: integer format: int32 minimum: 1 responses: '200': description: OK content: application/scim+json: schema: "$ref": "#/components/schemas/GroupListResponse" example: schemas: - urn:ietf:params:scim:api:messages:2.0:ListResponse totalResults: 2 itemsPerPage: 10 startIndex: 1 Resources: - schemas: - urn:ietf:params:scim:schemas:core:2.0:Group id: a1b2c3d4-e5f6-7890-abcd-ef1234567890 displayName: Ortiz and Sons|Balancer|User members: - value: 9876fedc-ba09-8765-4321-0fedcba98765 display: John Smith meta: resourceType: Group - schemas: - urn:ietf:params:scim:schemas:core:2.0:Group id: b2c3d4e5-f6a1-7890-abcd-ef1234567890 displayName: Ortiz and Sons|TaskManager|User members: [] meta: resourceType: Group '400': description: Bad Request content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '401': description: Unauthorized content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '403': description: Forbidden content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '500': description: Internal Server Error content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '501': description: Not Implemented content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" security: - adra_personal_access_token: - setup_api.public "/Groups/{identifier}": get: tags: - Groups operationId: getGroup summary: Get group details description: Returns details and members of a specific group parameters: - name: identifier in: query schema: type: string - name: identifier in: path description: Identifier of the group to retrieve required: true schema: type: string responses: '200': description: OK content: application/scim+json: schema: "$ref": "#/components/schemas/Core2Group" example: schemas: - urn:ietf:params:scim:schemas:core:2.0:Group id: a1b2c3d4-e5f6-7890-abcd-ef1234567890 displayName: Ortiz and Sons|Balancer|User members: - value: 9876fedc-ba09-8765-4321-0fedcba98765 display: John Smith meta: resourceType: Group '400': description: Bad Request content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '401': description: Unauthorized content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '403': description: Forbidden content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '404': description: Group not found '500': description: Internal Server Error content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '501': description: Not Implemented content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" security: - adra_personal_access_token: - setup_api.public patch: tags: - Groups operationId: patchGroup summary: Modify group membership description: Modify group members using SCIM PATCH operations parameters: - name: identifier in: path description: Identifier of the group to modify required: true schema: type: string requestBody: content: application/json: schema: "$ref": "#/components/schemas/PatchRequest2" example: schemas: - urn:ietf:params:scim:api:messages:2.0:PatchOp Operations: - op: add path: members value: - value: 9876fedc-ba09-8765-4321-0fedcba98765 required: true responses: '200': description: OK content: application/scim+json: schema: "$ref": "#/components/schemas/Core2Group" '204': description: Operation successful '400': description: Bad Request content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '401': description: Unauthorized content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '403': description: Forbidden content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '500': description: Internal Server Error content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '501': description: Not Implemented content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" security: - adra_personal_access_token: - setup_api.public "/Users": get: tags: - Users operationId: getUsers summary: List or filter users description: Returns a list of users, optionally filtered by query parameters parameters: - name: filter in: query description: Filter string (e.g. userName eq "user@example.com") schema: type: string - name: startIndex in: query description: The 1-based index of the first result schema: type: integer format: int32 minimum: 1 default: 1 - name: count in: query description: Maximum number of results to return schema: type: integer format: int32 minimum: 1 responses: '200': description: OK content: application/scim+json: schema: "$ref": "#/components/schemas/UserListResponse" example: schemas: - urn:ietf:params:scim:api:messages:2.0:ListResponse totalResults: 2 itemsPerPage: 10 startIndex: 1 Resources: - schemas: - urn:ietf:params:scim:schemas:core:2.0:User - urn:ietf:params:scim:schemas:extension:enterprise:2.0:User id: 9876fedc-ba09-8765-4321-0fedcba98765 userName: jsmith@example.com name: givenName: John familyName: Smith emails: - value: jsmith@example.com type: work primary: true active: true meta: resourceType: User - schemas: - urn:ietf:params:scim:schemas:core:2.0:User - urn:ietf:params:scim:schemas:extension:enterprise:2.0:User id: abcdef12-3456-7890-abcd-ef1234567890 userName: jdoe@example.com name: givenName: Jane familyName: Doe emails: - value: jdoe@example.com type: work primary: true active: true meta: resourceType: User '400': description: Bad Request content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '401': description: Unauthorized content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '403': description: Forbidden content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '500': description: Internal Server Error content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '501': description: Not Implemented content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" security: - adra_personal_access_token: - setup_api.public post: tags: - Users operationId: createUser summary: Create a new user description: "Creates a new user with the provided SCIM attributes.\n\n## ✅ Supported SCIM User Properties in Adra\n\nThese properties are the only ones recognized by Adra; others are ignored at runtime.\n\n### \U0001F539 SCIM Core Schema (`urn:ietf:params:scim:schemas:core:2.0:User`)\n\n| SCIM Field \ | Type | Description | Internal Mapping | Required |\n|---------------------|---------|--------------------------------------------------------|------------------|----------|\n| `userName` | string | Unique login identifier | `Username` | ✅ |\n| `name.givenName` | string | User's first name | `FirstName` | ✅ |\n| `name.familyName` | string | User's last name | `LastName` | ✅ |\n| `emails` | array | Must be of type `work`, `primary: true`. Only one accepted. | `Email` | ✅ |\n| `active` | boolean | User's activation status | `Active` | ❌ |\n| `title` | string | User's job title | `Title` | ❌ |\n| `timezone` | string | Olson format (e.g., `Europe/London`) | `TimeZone` | ❌ |\n| `locale` | string | Language/region setting (e.g., `en-GB`) | `Culture` | ❌ |\n| `preferredLanguage` | string | User's preferred language | `Language` \ | ❌ |\n| `externalId` | string | External unique ID from IdP | `ExternalId` | ❌ |\n| `id` | string | Adra-generated unique user ID | `OperatorGuid` \ | ❌ |\n\n### \U0001F539 Enterprise User Schema (`urn:ietf:params:scim:schemas:extension:enterprise:2.0:User`)\n\n| SCIM Field | Type | Description | Internal Mapping \ | Required |\n|--------------------|---------|------------------------------|-------------------|---------|\n| `employeeNumber` | string | Employee reference number | `EmployeeNumber` \ | ❌ |\n\n> \U0001F4CC *Fields not listed above are explicitly ignored by the Adra SCIM client.*" requestBody: content: application/json: schema: "$ref": "#/components/schemas/Core2EnterpriseUser" example: schemas: - urn:ietf:params:scim:schemas:core:2.0:User - urn:ietf:params:scim:schemas:extension:enterprise:2.0:User userName: jdoe@example.com name: givenName: Jane familyName: Doe emails: - value: jdoe@example.com type: work primary: true active: true title: Product Manager timezone: America/New_York urn:ietf:params:scim:schemas:extension:enterprise:2.0:User: employeeNumber: '0603' required: true responses: '200': description: OK content: application/scim+json: schema: "$ref": "#/components/schemas/Core2EnterpriseUser" '201': description: User created successfully content: application/scim+json: schema: "$ref": "#/components/schemas/Core2EnterpriseUser" example: schemas: - urn:ietf:params:scim:schemas:core:2.0:User - urn:ietf:params:scim:schemas:extension:enterprise:2.0:User id: abcdef12-3456-7890-abcd-ef1234567890 userName: jdoe@example.com name: givenName: Jane familyName: Doe emails: - value: jdoe@example.com type: work primary: true active: true title: Product Manager timezone: America/New_York meta: resourceType: User urn:ietf:params:scim:schemas:extension:enterprise:2.0:User: employeeNumber: '0603' '400': description: Bad Request content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '401': description: Unauthorized content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '403': description: Forbidden content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '409': description: Resource already exists '500': description: Internal Server Error content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '501': description: Not Implemented content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" security: - adra_personal_access_token: - setup_api.public "/Users/{identifier}": get: tags: - Users operationId: getUser summary: Get user details description: Returns details of a specific user parameters: - name: identifier in: query schema: type: string - name: identifier in: path description: Identifier of the user to retrieve required: true schema: type: string responses: '200': description: OK content: application/scim+json: schema: "$ref": "#/components/schemas/Core2EnterpriseUser" example: schemas: - urn:ietf:params:scim:schemas:core:2.0:User - urn:ietf:params:scim:schemas:extension:enterprise:2.0:User id: 9876fedc-ba09-8765-4321-0fedcba98765 userName: jsmith@example.com name: givenName: John familyName: Smith emails: - value: jsmith@example.com type: work primary: true active: true title: Software Engineer timezone: America/Chicago meta: resourceType: User urn:ietf:params:scim:schemas:extension:enterprise:2.0:User: employeeNumber: '0603' '400': description: Bad Request content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '401': description: Unauthorized content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '403': description: Forbidden content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '404': description: User not found '500': description: Internal Server Error content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '501': description: Not Implemented content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" security: - adra_personal_access_token: - setup_api.public patch: tags: - Users operationId: patchUser summary: Update user attributes description: Modify user attributes using SCIM PATCH operations parameters: - name: identifier in: path description: Identifier of the user to modify required: true schema: type: string requestBody: content: application/json: schema: "$ref": "#/components/schemas/PatchRequest2" example: schemas: - urn:ietf:params:scim:api:messages:2.0:PatchOp Operations: - op: replace path: active value: 'false' required: true responses: '200': description: OK content: application/scim+json: schema: "$ref": "#/components/schemas/Core2EnterpriseUser" '204': description: Operation successful '400': description: Bad Request content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '401': description: Unauthorized content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '403': description: Forbidden content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '404': description: User not found '500': description: Internal Server Error content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '501': description: Not Implemented content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" security: - adra_personal_access_token: - setup_api.public put: tags: - Users operationId: updateUser summary: Replace user attributes description: Replace all user attributes with the provided values parameters: - name: identifier in: path description: Identifier of the user to replace required: true schema: type: string requestBody: content: application/json: schema: "$ref": "#/components/schemas/Core2EnterpriseUser" example: schemas: - urn:ietf:params:scim:schemas:core:2.0:User - urn:ietf:params:scim:schemas:extension:enterprise:2.0:User userName: jsmith@example.com name: givenName: John familyName: Smith emails: - value: jsmith@example.com type: work primary: true active: true title: Senior Software Engineer timezone: America/Denver urn:ietf:params:scim:schemas:extension:enterprise:2.0:User: employeeNumber: '0603' required: true responses: '200': description: OK content: application/scim+json: schema: "$ref": "#/components/schemas/Core2EnterpriseUser" '400': description: Bad Request content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '401': description: Unauthorized content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '403': description: Forbidden content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '404': description: User not found '500': description: Internal Server Error content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" '501': description: Not Implemented content: application/scim+json: schema: "$ref": "#/components/schemas/ProblemDetails" security: - adra_personal_access_token: - setup_api.public components: schemas: UserListResponse: type: object properties: schemas: type: array items: type: string example: - urn:ietf:params:scim:api:messages:2.0:ListResponse totalResults: type: integer format: int32 itemsPerPage: type: integer format: int32 startIndex: type: integer format: int32 nullable: true Resources: type: array items: "$ref": "#/components/schemas/Core2EnterpriseUser" nullable: true additionalProperties: false GroupListResponse: type: object properties: schemas: type: array items: type: string example: - urn:ietf:params:scim:api:messages:2.0:ListResponse totalResults: type: integer format: int32 itemsPerPage: type: integer format: int32 startIndex: type: integer format: int32 nullable: true Resources: type: array items: "$ref": "#/components/schemas/Core2Group" nullable: true additionalProperties: false SchemaListResponse: type: object properties: schemas: type: array items: type: string example: - urn:ietf:params:scim:api:messages:2.0:ListResponse totalResults: type: integer format: int32 itemsPerPage: type: integer format: int32 startIndex: type: integer format: int32 nullable: true Resources: type: array items: "$ref": "#/components/schemas/Schema" nullable: true additionalProperties: false ResourceTypeListResponse: type: object properties: schemas: type: array items: type: string example: - urn:ietf:params:scim:api:messages:2.0:ListResponse totalResults: type: integer format: int32 itemsPerPage: type: integer format: int32 startIndex: type: integer format: int32 nullable: true Resources: type: array items: "$ref": "#/components/schemas/ResourceType" nullable: true additionalProperties: false Schema: type: object properties: id: type: string name: type: string description: type: string attributes: type: array items: "$ref": "#/components/schemas/SchemaAttribute" schemas: type: array items: type: string additionalProperties: false SchemaAttribute: type: object properties: name: type: string type: type: string multiValued: type: boolean description: type: string required: type: boolean mutability: type: string returned: type: string uniqueness: type: string caseExact: type: boolean subAttributes: type: array items: "$ref": "#/components/schemas/SchemaAttribute" additionalProperties: false ResourceType: type: object properties: id: type: string name: type: string endpoint: type: string schema: type: string schemas: type: array items: type: string additionalProperties: false AuthenticationScheme: type: object properties: authenticationType: type: string nullable: true description: type: string nullable: true documentationResource: type: string format: uri nullable: true name: type: string nullable: true primary: type: boolean specificationResource: type: string format: uri nullable: true additionalProperties: false BulkRequestsFeature: type: object properties: concurrentOperations: type: integer format: int32 maximumOperations: type: integer format: int32 maximumPayloadSize: type: integer format: int32 supported: type: boolean additionalProperties: false nullable: true Core2EnterpriseUser: type: object properties: enterpriseExtension: "$ref": "#/components/schemas/ExtensionAttributeEnterpriseUser2" active: type: boolean electronicMailAddresses: type: array items: "$ref": "#/components/schemas/ElectronicMailAddress" nullable: false locale: type: string nullable: true meta: "$ref": "#/components/schemas/Core2Metadata" name: "$ref": "#/components/schemas/Name" preferredLanguage: type: string nullable: true timeZone: type: string nullable: true title: type: string nullable: true userName: type: string nullable: false externalId: type: string nullable: true schemas: type: array items: type: string nullable: true additionalProperties: false Core2Group: type: object properties: meta: "$ref": "#/components/schemas/Core2Metadata" displayName: type: string nullable: true description: The display name of the group, typically in format 'Organization|Product|Role' members: type: array items: "$ref": "#/components/schemas/Member" nullable: true id: type: string nullable: true schemas: type: array items: type: string nullable: true additionalProperties: false Core2Metadata: type: object properties: resourceType: type: string nullable: true additionalProperties: false nullable: true ElectronicMailAddress: type: object properties: value: type: string nullable: true itemType: type: string nullable: true primary: type: boolean additionalProperties: false ExtensionAttributeEnterpriseUser2: type: object properties: employeeNumber: type: string nullable: true additionalProperties: false nullable: true Feature: required: - supported type: object properties: supported: type: boolean additionalProperties: false nullable: true Member: type: object properties: type: type: string example: User value: type: string description: The identifier of the member additionalProperties: false Name: type: object properties: familyName: type: string nullable: false givenName: type: string nullable: false additionalProperties: false nullable: false OperationName: enum: - Add - Remove - Replace type: string PatchOperation2Combined: type: object required: - op - path properties: value: type: array items: type: object properties: value: type: string op: "$ref": "#/components/schemas/OperationName" path: type: string additionalProperties: false PatchRequest2: type: object required: - schemas - operations properties: operations: type: array items: "$ref": "#/components/schemas/PatchOperation2Combined" nullable: true schemas: type: array items: type: string nullable: true additionalProperties: false ProblemDetails: type: object properties: type: type: string nullable: true title: type: string nullable: true status: type: integer format: int32 nullable: true detail: type: string nullable: true instance: type: string nullable: true additionalProperties: false ServiceConfigurationBase: type: object properties: authenticationSchemes: type: array items: "$ref": "#/components/schemas/AuthenticationScheme" nullable: true bulkRequests: "$ref": "#/components/schemas/BulkRequestsFeature" documentationResource: type: string format: uri nullable: true entityTags: "$ref": "#/components/schemas/Feature" filtering: "$ref": "#/components/schemas/Feature" passwordChange: "$ref": "#/components/schemas/Feature" patching: "$ref": "#/components/schemas/Feature" sorting: "$ref": "#/components/schemas/Feature" schemas: type: array items: type: string nullable: true additionalProperties: false securitySchemes: adra_personal_access_token: type: http description: |- This API uses OAuth 2.0 Bearer tokens for authentication. Before using this API, ensure that: 1. **SCIM Feature is Enabled**: Your tenant must have the SCIM feature enabled. This can be configured in: - Tenant Details > Security Settings > SCIM Integration 2. **Authentication Token**: You can obtain a token using: - **Personal Access Tokens**: Generate these tokens for "Identity" from your [user account settings](https://setup.adra.com/profile/access) Once you have a token, include it in the `Authorization` header of your requests: ``` Authorization: Bearer YOUR_TOKEN_HERE ``` Ensure that you keep your tokens secure and do not share them publicly. scheme: Bearer