SCIM API • Extend User schema to include group memberships

[marianooriosplit]

SCIM API • Extend User schema to include group memberships

Problem

We need to provide the groups that a user belongs to as part of the GET /api/scim/resource/v2/Users and GET /api/scim/resource/v2/Users/{userId} User SCIM APIs.

In SCIM user’s Resource Schema • Multi value attributes specifies that the attribute groups can be included as the list of groups that the user belongs to.

Additional context

The group attribute should include the next sub-attributes:

• value, the group's id
• $ref, the URI of the corresponding group resource
• display, a human-readable name

Split's customers are being blocked by requiring this information on the APIs.

[arietimmerman]

I agree that this feature would be a useful. I think best practice is to return the groups attribute only if it is explicitly requested by specifying the attributes parameter. Like /Users?attributes=groups as shown here https://scim.dev/playground/users.html#list-users-including-groups