SCIM password not reflected

Hi, I’m using SCIM with a nodeJS server, everything works as expected but when a new User is created I receive a random password instead of the password picked on the registration. this applies to self service registration and API registration.

Example create new user:

POST api/v1/users
{
    "profile": {
        "firstName": "Miguel",
        "lastName": "Puig",
        "email": "miguelpuig+scim7@gmail.com",
        "login": "miguelpuig+scim7@gmail.com"
    },
    "credentials": {
        "password": {
            "value": "@Test123123"
        }
    },
    "groupIds": [
        "00g164q45zqORfl8s1d7"
    ]
}

SCIM receives (see the password property):

JSON Payload  {"schemas":["urn:ietf:params:scim:schemas:core:2.0:User"],"userName":"miguelpuig+scim7@gmail.com","name":{"givenName":"Miguel","familyName":"Puig"},"emails":[{"primary":true,"value":"miguelpuig+scim7@gmail.com","type":"work"}],"displayName":"Miguel Puig","locale":"en-US","externalId":"00u1o0u9hfALCYVIC1d7","groups":[],"password":"0F9zLWIi","active":true}

Has anyone seen this issue?
If I manually reset the password or user resets the password, the PATCH endpoint is hit and the correct password received, but not on the create a brand new account.

I have Password sync on the integration set up:

nandos_mpg 2021-10-23 at 11.05.351582×510 38.3 KB

Any help would be welcome!

On create, Okta will only send a dummy password, to fulfill the requirement of many SCIM servers that a password be included during user creation. You should see that when the user next logs in, your SCIM server will receive a PATCH request with their actual password (same if they reset their password)

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.