Hi Frank
In order to trigger a SCIM / REST call for AD group creation, AD would need to be defined as a SCIM endpoint (using Connector Xpress 2.0 interface). Are you planning to manage AD users and entitlements entirely via AD SCIM endpoint connector? Assuming this is not the case, your AD Endpoint (via the OOTB connector) would still need to be explored for this group to be known for future provisioning activities.
IM has a default task for creating an AD Group - this could be called via a TEWS request which is probably simpler?
(There is always the option to use AD Entra SCIM interface for creating an AD group, in which case your AD Endpoint - again, via the OOTB connector, would still need to be explored for this group to be known for future provisioning activities.
It would be good if we could understand the overall use case and reason for choosing SCIM to create AD groups (but not users etc)
Thank you
Original Message:
Sent: Oct 16, 2024 09:04 AM
From: Frank Moris
Subject: REST API / SCIM: Creating AD groups
Have anyone tried to trigger a creation of an AD group from an external system through the SCIM / REST API?
We have a system that we would like to be able to send a request to the IDM API and trigger a creation of a group. We have succeeded in creating a local IDM group, but not one that is being provisioned to the AD endpoint.