SCIM API

原文：https://docs.gitlab.com/ee/api/scim.html

• Get a list of SAML users
• Get a single SAML user
• Create a SAML user
• Update a single SAML user
• Remove a single SAML user
• Available filters
• Available operations

SCIM API

Introduced in GitLab Silver 11.10.

SCIM API 实现RFC7644 协议 .

警告：此 API 供内部系统用于与 SCIM 提供程序连接. 虽然可以直接使用，但如有更改，恕不另行通知.注意：必须为组启用组 SSO . 有关更多信息，请参见SCIM 设置文档 .

Get a list of SAML users

注意：此端点用作 SCIM 同步机制的一部分，并且它仅基于唯一 ID（应与用户的extern_uid相匹配）返回一个用户.

GET /api/scim/v2/groups/:group_path/Users

Parameters:

注意：分页遵循SCIM 规范，而不是其他地方使用的 GitLab 分页. 如果记录在请求之间更改，则页面可能丢失已移至其他页面的记录，或者重复上一个请求的记录.

请求示例：

curl 'https://example.gitlab.com/api/scim/v2/groups/test_group/Users?filter=id%20eq%20"0b1d561c-21ff-4092-beab-8154b17f82f2"' --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"

响应示例：

{  "schemas":  [  "urn:ietf:params:scim:api:messages:2.0:ListResponse"  ],  "totalResults":  1,  "itemsPerPage":  20,  "startIndex":  1,  "Resources":  [  {  "schemas":  [  "urn:ietf:params:scim:schemas:core:2.0:User"  ],  "id":  "0b1d561c-21ff-4092-beab-8154b17f82f2",  "active":  true,  "name.formatted":  "Test User",  "userName":  "username",  "meta":  {  "resourceType":"User"  },  "emails":  [  {  "type":  "work",  "value":  "name@example.com",  "primary":  true  }  ]  }  ]  }

Get a single SAML user

GET /api/scim/v2/groups/:group_path/Users/:id

Parameters:

请求示例：

curl "https://example.gitlab.com/api/scim/v2/groups/test_group/Users/f0b1d561c-21ff-4092-beab-8154b17f82f2" --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"

响应示例：

{  "schemas":  [  "urn:ietf:params:scim:schemas:core:2.0:User"  ],  "id":  "0b1d561c-21ff-4092-beab-8154b17f82f2",  "active":  true,  "name.formatted":  "Test User",  "userName":  "username",  "meta":  {  "resourceType":"User"  },  "emails":  [  {  "type":  "work",  "value":  "name@example.com",  "primary":  true  }  ]  }

Create a SAML user

POST /api/scim/v2/groups/:group_path/Users/

Parameters:

请求示例：

curl --verbose --request POST "https://example.gitlab.com/api/scim/v2/groups/test_group/Users" --data '{"externalId":"test_uid","active":null,"userName":"username","emails":[{"primary":true,"type":"work","value":"name@example.com"}],"name":{"formatted":"Test User","familyName":"User","givenName":"Test"},"schemas":["urn:ietf:params:scim:schemas:core:2.0:User"],"meta":{"resourceType":"User"}}' --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"

响应示例：

{  "schemas":  [  "urn:ietf:params:scim:schemas:core:2.0:User"  ],  "id":  "0b1d561c-21ff-4092-beab-8154b17f82f2",  "active":  true,  "name.formatted":  "Test User",  "userName":  "username",  "meta":  {  "resourceType":"User"  },  "emails":  [  {  "type":  "work",  "value":  "name@example.com",  "primary":  true  }  ]  }

如果成功，则返回201状态代码.

Update a single SAML user

可以更新的字段是：

PATCH /api/scim/v2/groups/:group_path/Users/:id

Parameters:

请求示例：

curl --verbose --request PATCH "https://example.gitlab.com/api/scim/v2/groups/test_group/Users/f0b1d561c-21ff-4092-beab-8154b17f82f2" --data '{ "Operations": [{"op":"Add","path":"name.formatted","value":"New Name"}] }' --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"

如果成功，则返回带有204状态代码的空响应.

Remove a single SAML user

删除用户的 SSO 身份和组成员身份.

DELETE /api/scim/v2/groups/:group_path/Users/:id

Parameters:

请求示例：

curl --verbose --request DELETE "https://example.gitlab.com/api/scim/v2/groups/test_group/Users/f0b1d561c-21ff-4092-beab-8154b17f82f2" --header "Authorization: Bearer <your_scim_token>" --header "Content-Type: application/scim+json"

如果成功，则返回带有204状态代码的空响应.

Available filters

它们与RFC7644 过滤部分中指定的表达式匹配.

Example:

id eq a-b-c-d

Available operations

They perform an operation as specified in the RFC7644 update section.

Example:

{  "op":  "Add",  "path":  "name.formatted",  "value":  "New Name"  }