PureCloud SCIM rest API incorrect "$ref" URL in resposes

gurubook · October 14, 2019, 9:55am

Hello.

We've written an app that perform sync of users between LDAP and your rest SCIM API endpoint.

We noted that SCIM API respond with wrong URI in "$ref" and "location".
In detail, every URL should be relative, instead SCIM API reports URL like this :

/api/v2/scim/v2/users/2c5a51c9-f035-4efc-a57b-f66b6ed3349a

As you can see, URL is incorrect, as "/api/v2/scim/v2" take you to an inevitable 404.

I can provide you with a complete sample, but the forum does not allow me to paste here complaining of a "two link limit for new users".

Jason_Mathison · October 14, 2019, 2:04pm

Hi Gurubook,

Can you give me an example of what you are doing (include the HTTP Verb), what you are getting back, what you would have expected and a correlation ID from the response? Feel free to redact any content, I just want to make sure we understand where you are seeing this problem.

--Jason

Becky_Powell · October 14, 2019, 2:18pm

@gurubook I have upgraded your access so that the two link limit no longer applies to you.

gurubook · October 14, 2019, 2:53pm

thank you for the upgrade

Doing this request :

curl "https://api.mypurecloud.ie/api/v2/scim/users/5e842539-e2ef-4c9d-bbc3-1dd81b181f87" -H "Authorization: Bearer " | jq

we've got this :

{
"id": "5e842539-e2ef-4c9d-bbc3-1dd81b181f87",
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
],
"active": true,
"userName": "luca.sacchi@bizmatica.com",
"displayName": "Luca Sacchi",
"emails": [
{
"value": "luca.sacchi@bizmatica.com",
"type": "other",
"primary": true
}
],
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"division": "Home",
"manager": {
"value": "2c5a51c9-f035-4efc-a57b-f66b6ed3349a",
"$ref": "/api/v2/scim/v2/users/2c5a51c9-f035-4efc-a57b-f66b6ed3349a"
}
},
"meta": {
"resourceType": "User",
"lastModified": "2019-10-14T08:58:47.000Z",
"location": "/api/v2/scim/v2/users/5e842539-e2ef-4c9d-bbc3-1dd81b181f87",
"version": "31"
}
}

as you can see :
"$ref": "/api/v2/scim/v2/users/2c5a51c9-f035-4efc-a57b-f66b6ed3349a"
and
"location": "/api/v2/scim/v2/users/5e842539-e2ef-4c9d-bbc3-1dd81b181f87",

are not SCIM API valid locations, as the base path is "https://api.mypurecloud.ie/api/v2/scim" and by RFC the response should be relative
to that, so basically should be just "/users/5e842539-e2ef-4c9d-bbc3-1dd81b181f87".

Also there is an additiona "/v2/", so it's a sure 404, even if treated as root relative.

Thanks
Luca Sacchi

Jason_Mathison · October 14, 2019, 3:12pm

It looks like if you use
https://api.mypurecloud.ie
as the base URI, everything should work.

The /v2 after the /scim is specifying that this route is using v2 of the SCIM specification. If you omit that /v2 you will be using the "default" version of SCIM, which is currently also v2 of the SCIM spec. The default version can change if/when there is another version of the SCIM spec released.

Did we publish https://api.mypurecloud.ie/api/v2/scim as the base URL somewhere?

I will also discuss internally if using "https://api.mypurecloud.ie/api/v2/scim" as the base URI would be a better choice.

--Jason

gurubook · October 14, 2019, 3:35pm

I got the relevant SCIM API information from here :
https://developer.mypurecloud.com/api/rest/v2/scim/

I feel that the URL of referenced object should be navigable, and my client use that to deserialize fully.

I've a workaround in place, where i "relativize" all incoming response URL and it's work as now, but i'm reluctant to consider it as "good".

--
Luca

Jason_Mathison · October 14, 2019, 4:43pm

Hi gurubook,

I looked at the documentation that you pointed to, but I don't see anything in it that specifies the base URI. Could you quote the part of the documentation you are referring to?

--Jason

Greg_Cunningham · October 28, 2019, 3:04pm

We return the values relative to the Public API base path because we are implemented within our Public API, so we are returning ref paths following our Public APIs host name in keeping with our Public API conventions on self URIs.
If this does break a convention in the spec, please point out to use the relevant. I am not sure how feasible it is to change within our Public API framework, be if we are doing it wrong, we will want to check options for improving.

system · November 28, 2019, 3:16pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.