SCIM authentication

On your SCIM integration page you list 3 acceptable authentication methods for SCIM server APIs: (1) OAuth Code Grant Flow, (2) Basic Authentication, and (3) Custom HTTP header. Is there any documentation available for the custom header? (The SCIM page doesn’t say anything about it.) In particular is there a way to do authentication with long-lived credentials that are used to sign SAML assertions?

Hi @philnew, Did you get any documentation for the custom header authentication?

Hi @devSagar

What type of credentials would you like to use for SCIM authentication?

Hi @dragos, we need to use (3) Header Auth for SCIM authentication.

Hi @devSagar

You can use SCIM 2.0 Test App (Header Auth) application which will send a custom authorization header, for example

will send the request with the following header

Authorization: Bearer c29tZVN0cmluZ0hlcmU=
1 Like

Our SCIM endpoint requires multiple headers (Bearer and APIKey).
Is there a way to pass them both in the API Token field or add another header field?


1 Like

Hi @SteveDz

At the moment, we do not have an option to send multiple headers inside the requests from Okta to a SCIM server.

@dragos multiple headers will be really very useful for SCIM servers to filters the requests easily.