In order to initiate the Inbound Provisioning Configuration, you need to create a user who can access and edit an OAuth2 client app. Once this is established, the authenticated user can create an OAuth 2.0 Client App to retrieve a Bearer Token. This Bearer Token validates the SCIM system when imported to a RESTful API-testing program.
- Log in to the Admin Portal with an administrative account.
- Click Core Services > Users > Add User.
- Give your user a login name, display name, and password.
- In the Status section in the account information page, select Is OAuth confidential client in order to change your user's permission settings, then click Create User.
- Create a new role that authorizes access to the OAuth2 App.
- Click Core Services > Roles > Add Role.
- Enter a suitable name for the SCIM role (e.g. SCIM Client) and save the role
- On the Administrative Rights page, add the User Management and Role Management rights. These allow any user added to this role to edit user and role settings in the SCIM system.
- Navigate to the Members page, then click *Add to add a new member to the role. Type the username created previously to find your user.
The OAuth 2.0 Client App allows third-party applications to obtain access to user information. Third party applications can use HTTP requests including GET, POST, PUT in order to communicate with the user interface and make changes to user information. The following steps describe how to create an OAuth 2.0 Client App and configure it so that the SCIM User can access it, as well as making sure that it can easily run when applied to an API testing application.
- Log in to the Admin Portal with administrative credentials.
- Click Web Apps > Add Web Apps, then click Add next to OAuth2 Client.
- Add a distinctive name to your application and personalize it by including a description and optionally a logo.
- On the General Usage page, make sure that the Client ID Type is Confidential, Must be OAuth Client (users with the OAuth role can access the application).
- On the Tokens page, select Client Creds.
- On the Scope page, add a new scope by clicking Add and enter a name for the scope.
- Under Allowed Rest APIs, click Add and then enter scim* in the REST Regex Box.
- Navigate to the Permissions page, then add the role you created previously.
The application is now deployed.
- Copy the bearer token so you can authenticate with the app when you test the endpoints.
- On the OAuth2 Client app, select Actions > Create Bearer Token and enter the OAuth 2.0 Client user information.
- Copy the Bearer Token listed.
This Bearer Token will be used in order to authenticate your access to the scim endpoints.
Updated about a year ago