Generic SCIM Endpoint - Create Group
The Create Group endpoint creates the requested role in StrongDM and assigns it to any designated users.
Request
Endpoint
/provisioning/generic/v2/Groups
HTTP method
POST
Parameters
None
Request body attributes
displayName
Required
Display name of the role
Returns a 400 if the provided value is empty; returns a 409 if the provided value is already in use
"RoleName"
members
Required
List of the members of the group/role with subattributes value (user ID) and display (human-readable descriptor of the user, for your own use) of the user(s) to be assigned to the role from creation
Returns a 400 if the IDs are formatted incorrectly or are invalid; ignores IDs that are correctly formatted but cannot be found
[{"value": "a-66f584886171b51d", "display": "[email protected]"}]
schemas
Required
Schema URI for representing groups
Include the value as indicated in the example.
["urn:ietf:params:scim:schemas:core:2.0:Group"]
Example request
POST app.strongdm.com/provisioning/generic/v2/Groups
{
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
"displayName": "RoleName",
"members": [
{
"value": "a-66f584886171b51d",
"display": "[email protected]"
}
]
}Response
Example success response
{
"schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
"displayName": "RoleName",
"id": "r-027230536171b51d",
"members": [
{
"value": "a-66f584886171b51d",
"display": "[email protected]"
}
],
"meta": { "resourceType": "Group", "location": "Groups/r-027230536171b51d" }
}Example response if displayName was not provided
{
"schemas": ["urn:ietf:params:scim:api:messages:2.0:Error"],
"detail": "could not create role: cannot create role: invalid operation: name cannot be empty",
"status": "400"
}Example response if displayName is already in use
{
"schemas": ["urn:ietf:params:scim:api:messages:2.0:Error"],
"scimType": "uniqueness",
"detail": "One or more of the attribute values are already in use or are reserved.",
"status": "409"
}Last updated
Was this helpful?