Hello everyone,
We want to change the userName attribute for the user in SAP SuccessFactors and want to use the SCIM API for this.
Between SAP SuccessFactors and our IAM, we have SAP Cloud Identity Services as a proxy.
The whole thing also works as long as we use the user ID which uses the SCIM API directly in the URL.
We don't have and don't want to keep this ID in the IAM, as it is something internal to SF and CIS.
With the SCIM API, it is also possible to query other attributes to read out a specific user.
This is done via the URL parameter "filter".
So we can read out a user via SCIM by going to the attribute “personIdExternal”.
This also works if the SCIM API end point is SAP SuccessFactors.
GET {
url: https://<sf-data-center-tenant>/rest/iam/scim/v2/Users?filter=urn:ietf:params:scim:schemas:extension:successfactors:2.0:User:personIdExternal+eq+"1234567892"
body: json
auth: bearer
}
As a result, I get the user who has this “personIdExternal”.
As I have already mentioned, we still have SAP Cloud Identity Services between IAM and SAP SuccessFactors, which acts as a proxy
Unfortunately, this doesn't work.
The SCIM API end point looks like this:
GET {
url: https://xxxxxxxxxx.accounts.cloud.sap/ipsproxy/service/api/v1/scim/<sf-tenant>/Users?filter=urn:ietf:params:scim:schemas:extension:successfactors:2.0:User:personIdExternal+eq+"1234567892"
body: json
auth: basic
}
Here I get the following error:
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:Error"
],
"detail": "Invalid filter value.",
"status": 422
}
From my point of view this should work or is this unsupported by SAP CIS?
Thanks for your tips and help 😄
best regards,
Andy
Bluesky
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.