For security reasons, error messages specifically regarding LDAP systems are suppressed and do not appear in the HTTP responses from the server. Instead, you will see something like the following.

{
	"schemas": [
	"urn:ietf:params:scim:api:messages:2.0:Error"
	],
	"status": "400",
	"detail": "Request failed: correlationID='073eb1a8-8c51-48b3-83a0-380e1d4b4ab9'"
}
  • To view these messages, enable the Debug Trace Logger through the administrative console or with the following dsconfig command.
    dsconfig set-log-publisher-prop --publisher-name "Debug Trace Logger" \
    			--set enabled:true --add scim-message-type:error

    After you enable the Debug Trace Logger, the server begins logging information related to SCIM operations to the /logs/debug-trace file, as in the following example.

    [09/Jun/2020:05:23:10.992 -0500] HTTP REQUEST requestID=3
    correlationID="073eb1a8-8c51-48b3-83a0-380e1d4b4ab9" product="Ping Identity
    Directory Server" instanceName="example" startupID="Xt9fJg==" threadID=173
    from=[0:0:0:0:0:0:0:1]:53978 method=POST
    url="https://0:0:0:0:0:0:0:1:9443/scim/v2/Users"
    Note:

    The presence of correlationID in these messages allows for matching the ID in the HTTP responses to the messages in the debug-trace log so that the appropriate LDAP error message can be determined.