You must authenticate all System for Cross-domain Identity Management (SCIM) requests using OAuth 2.0 bearer token authentication.
Bearer tokens are evaluated using access token validators. The
HttpRequest.AccessToken
attribute supplies the validation result to the
policy request, and the TokenOwner
attribute provides the user identity
associated with the token. Policies use this authentication information to affect the
processing of requests and responses.