Skip to content

Add GET endpoints for instance-level SCIM

Jessie Young requested to merge jy-scim-endpoints-smaller into master

What does this MR do and why?

  • 'GET api/scim/v2/application/Users'
  • 'GET api/scim/v2/application/Users/:id'
  • We will also be adding other endpoints but adding only 2 to start in order to make a smaller MR.
  • Instance-level SCIM will behave very similarly to group SCIM but will be for self-managed GitLab only and will be for an entire instance rather than a Group.
  • This is for Premium and Ultimate
  • #378599 (closed)

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other merge requests.

How to set up and validate locally

Test /Users endpoint:

  1. Create a scim access token in a rails console and copy the token value 
    token = ScimOauthAccessToken.create!
token.token
=> $YOUR_SECRET_TOKEN
  2. Make a curl request using the token 
    curl --location --request GET "http://localhost:3000/api/scim/v2/application/Users" --header "Authorization: Bearer $YOUR_SECRET_TOKEN" --header "Content-Type: application/scim+json"
  3. Response json should look like: 
     {"schemas":["urn:ietf:params:scim:api:messages:2.0:ListResponse"],"totalResults":0,"itemsPerPage":20,"startIndex":1,"Resources":[]}

Test /Users/:id endpoint:

  1. Create a scim user in Rails console 
    service_params =   {
  email: 'work@example.com',
  name: 'Test Name',
  extern_uid: 'test_uid',
  username: 'username'
}

EE::Gitlab::Scim::ProvisioningService.new(service_params).execute
  2. Make a curl request using the token you created when testing other endpoint 
    curl --location --request GET "http://localhost:3000/api/scim/v2/application/Users/test_uid" --header "Authorization: Bearer $YOUR_SECRET_TOKEN" --header "Content-Type: application/scim+json"
  3. Response json should look like: 
     {"schemas":["urn:ietf:params:scim:schemas:core:2.0:User"],"id":"test_uid","active":true,"emails":[{"type":"work","value":"work@example.com","primary":true}],"name":{"formatted":"Test Name","givenName":"Test","familyName":"Name"},"meta":{"resourceType":"User"},"userName":"username"

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Sean Arnold

Merge request reports