You can verify the configuration of the SCIM 1.1 extension by navigating to a SCIM resource URL via the command line or through a browser window.

To verify the SCIM servlet extension configuration:

  • Run curl to verify that the SCIM extension is running. The -k (or --insecure) option is used to turn off curl's verification of the server certificate, since the example PingDirectory server is using a self-signed certificate.
    $ curl -u "cn=Directory Manager:password" \
    -k "https://localhost:8443/scim/ServiceProviderConfigs"
    
    {"schemas":["urn:scim:schemas:core:1.0"],"id":"urn:scim:schemas:core:1.0",
    "patch":{"supported":true},"bulk":{"supported":true,"maxOperations":10000,
    "maxPayloadSize":10485760},"filter":{"supported":true,"maxResults":100},
    "changePassword":{"supported":true},"sort":{"supported":true},
    "etag":{"supported":false},"authenticationSchemes":[{"name":"HttpBasic",
    "description":"The HTTP Basic Access Authentication scheme. This scheme is 
    not considered to be a secure method of user authentication (unless used in 
    conjunction with some external secure system such as SSL), as the user 
    name and password are passed over the network as cleartext.","specUrl":
    "http://www.ietf.org/rfc/rfc2617","documentationUrl":
    "http://en.wikipedia.org/wiki/Basic_access_authentication"}]} 
  • If the user ID is a valid DN (such as cn=Directory Manager), the SCIM extension authenticates by binding to the PingDirectory server as that user. If the user ID is not a valid DN, the SCIM extension searches for an entry with that uid value, and binds to the server as that user. To verify authentication to the server as the user with the uid of user.0, run the following command:
    $ curl -u "user.0:password" \
      -k "https://localhost:8443/scim/ServiceProviderConfigs"