SCIM Reference

SCIM Request

Processes a request from a SCIM IdP, creates a response, and alerts of required changes to make to your users.

Arguments

method 'GET' | 'POST' | 'PUT' | 'PATCH' | 'DELETE' required

The HTTP method of the request from the SCIM IdP

pathAndQueryParams string required

The path and any included URL query parameters from the request URL (e.g. '/Users?filter=userName eq example@propelauth.com')

body object

The body of the request from the SCIM IdP

scimApiKey string

The SCIM Connection API Key from the Authorization header (can also pass the full 'Bearer scim_...' header)

Successful Response

status 'Completed' | 'ActionRequired'

When 'Completed', the SCIM request was fully processed and you can return the response to the IdP. When 'ActionRequired', you need to take action in your system (like creating/disabling a user) before responding to the IdP. See here for more information.

connectionId string

The ID of the SCIM connection

responseData object

The response data to return to the SCIM IdP (only when status is 'Completed')

responseHttpCode number

The HTTP status code to return to the SCIM IdP (only when status is 'Completed')

affectedUserIds string[]

Array of user IDs affected by this request (only when status is 'Completed')

action 'LinkUser' | 'DisableUser' | 'EnableUser' | 'DeleteUser'

The action required (only when status is 'ActionRequired')

commitId string

The ID to use when committing this change (only when status is 'ActionRequired')

userId string

The ID of the user to act upon (for DisableUser, EnableUser, DeleteUser actions)

primaryEmail string | null

The primary email of the SCIM user

userName string

The username from the SCIM request (only for LinkUser action)

parsedUserData object

Parsed user data based on your SCIM configuration

active boolean

Whether the user should be active (only for LinkUser action)

ssoUserSubject string | null

The SSO subject identifier (only for LinkUser action)

Error Types

statusToReturn

The HTTP status code to return to the SCIM IdP

bodyToReturn

The error response body to return to the SCIM IdP

underlyingError

Details about the specific error that occurred (e.g. InvalidApiKey, UserNotFound, MissingRequiredField)

const auth = createClient({ url, integrationKey });

// Set up a route handler to receive SCIM requests from your IdP
// Forward the method, path, body, and API key from the incoming request
const result = await auth.scim.scimRequest({
  method: req.method, // Forward HTTP method from IdP
  pathAndQueryParams: req.url, // Forward path and query params from IdP
  body: req.body, // Forward request body from IdP
  scimApiKey: req.headers.authorization, // Forward Authorization header from IdP
});

if (result.ok) {
  if (result.data.status === "Completed") {
    // Respond to SCIM IdP with the response data
    res.status(result.data.responseHttpCode).json(result.data.responseData);
  } else {
    // Action required - handle based on action type
    const { action, commitId } = result.data;
    console.log(`Action required: ${action} with commitId: ${commitId}`);
  }
} else {
  // Return error to SCIM IdP
  res.status(result.error.statusToReturn).json(result.error.bodyToReturn);
}

def get_full_url(request):
    return request.url.path + ("?" + request.url.query if request.url.query else "")

async def get_body(request):
    return await request.json() if request.method != "GET" else None

client = create_client(url=url, integration_key=integration_key)

# Set up a route handler to receive SCIM requests from your IdP
# Forward the method, path, body, and API key from the incoming request
result = await client.scim.scim_request(
    method=request.method, # Forward HTTP method from IdP
    path_and_query_params=get_full_url(request), # Forward path and query params from IdP
    body=await get_body(request), # Forward request body from IdP
    scim_api_key=request.headers.get("authorization"), # Forward Authorization header from IdP
)

if is_ok(result):
    if result.data.status == "Completed":
        # Respond to SCIM IdP with the response data
        return JSONResponse(
            status_code=result.data.response_http_code,
            content=result.data.response_data
        )
    else:
        # Action required - handle based on action type
        action = result.data.action
        commit_id = result.data.commit_id
        print(f"Action required: {action} with commit_id: {commit_id}")
else:
    # Return error to SCIM IdP
    return JSONResponse(
        status_code=result.error.status_to_return,
        content=result.error.body_to_return
    )

PropelAuthClient client = PropelAuthClient.create(url, integrationKey);

ScimRequestCommand command = ScimRequestCommand.builder()
    .method(HttpMethod.valueOf(request.getMethod()))
    .pathAndQueryParams(request.getRequestURI() +
        (request.getQueryString() != null ? "?" + request.getQueryString() : ""))
    .body(JsonValue.of(requestBody))
    .scimApiKey(request.getHeader("Authorization"))
    .build();

try {
    ScimRequestResponse scimResponse = client.scim.scimRequest(command);

    if (scimResponse instanceof ScimRequestResponse.Completed) {
        ScimRequestResponse.Completed completed = (ScimRequestResponse.Completed) scimResponse;
        return ResponseEntity
            .status(completed.getResponseHttpCode())
            .body(completed.getResponseData());
    } else if (scimResponse instanceof ScimRequestResponse.ActionRequired) {
        ScimRequestResponse.ActionRequired actionRequired =
            (ScimRequestResponse.ActionRequired) scimResponse;
        // Handle based on action type (LinkUser, DisableUser, EnableUser, DeleteUser)
        System.out.println("Action required with commitId: " + actionRequired.getCommitId());
    }
} catch (ScimClientFacingException e) {
    return ResponseEntity
        .status(e.getStatusToReturn())
        .body(e.getBodyToReturn());
}

var client = new PropelAuthClient(new PropelAuthOptions { Url = url, IntegrationKey = integrationKey });

var command = new ScimRequestCommand
{
    Method = Enum.Parse<HttpMethod>(request.Method),
    PathAndQueryParams = request.Path + (request.QueryString.HasValue ? request.QueryString.Value : ""),
    Body = requestBody,  // JsonElement from request
    ScimApiKey = request.Headers["Authorization"]
};

try
{
    var scimResponse = await client.Scim.ScimRequestAsync(command);

    return scimResponse switch
    {
        ScimRequestResponseCompleted completed =>
            Results.Json(completed.ResponseData, statusCode: completed.ResponseHttpCode),
        ActionRequired.LinkUser linkUser =>
            HandleLinkUserAction(linkUser),
        ActionRequired.DisableUser disableUser =>
            HandleDisableUserAction(disableUser),
        // ... EnableUser, DeleteUser
    };
}
catch (ScimClientFacingException ex)
{
    // Return error to SCIM IdP
    return Results.Json(ex.BodyToReturn, statusCode: ex.StatusToReturn);
}

Response

// When status is 'Completed':
{
  ok: true,
  data: {
    status: 'Completed',
    connectionId: 'Yhc4Nan2ZiIPp7kyoyhT9c',
    responseData: {
      /* SCIM response object to return to IdP */
    },
    responseHttpCode: 200,
    affectedUserIds: ['057806f5-6e19-45ef-ba31-238471a16fc5']
  }
}

// When status is 'ActionRequired':
{
  ok: true,
  data: {
    status: 'ActionRequired',
    connectionId: 'Yhc4Nan2ZiIPp7kyoyhT9c',
    action: 'LinkUser',
    commitId: 'a7272904-686e-4097-bdf5-ce1e2bd5707f',
    primaryEmail: 'example@propelauth.com',
    userName: 'example@propelauth.com',
    parsedUserData: {
      // Your parsed user data, based on your property configuration
      firstName: "Example",
      lastName: "User",
      department: "Engineering",
      employeeId: "00utc0x6na8aflr0E697"
    },
    active: true,
    ssoUserSubject: null
  }
}

# When status is 'Completed':
Result(
    data=CompletedScimRequestResponse(
        status='Completed',
        connection_id='Yhc4Nan2ZiIPp7kyoyhT9c',
        response_data={
            # SCIM response object to return to IdP
        },
        response_http_code=200,
        affected_user_ids=['057806f5-6e19-45ef-ba31-238471a16fc5']
    )
)

# When status is 'ActionRequired':
Result(
    data=ScimRequestResponseActionRequiredLinkUser(
        status='ActionRequired',
        connection_id='Yhc4Nan2ZiIPp7kyoyhT9c',
        action='LinkUser',
        commit_id='a7272904-686e-4097-bdf5-ce1e2bd5707f',
        primary_email='example@propelauth.com',
        user_name='example@propelauth.com',
        parsed_user_data={
            # Your parsed user data, based on your property configuration
            'first_name': 'Example',
            'last_name': 'User',
            'department': 'Engineering',
            'employee_id': '00utc0x6na8aflr0E697'
        },
        active=True,
        sso_user_subject=None
    )
)

// When status is 'Completed':
ScimRequestResponse.Completed(
    status="Completed",
    connectionId="Yhc4Nan2ZiIPp7kyoyhT9c",
    responseData={...},
    responseHttpCode=200,
    affectedUserIds=["057806f5-6e19-45ef-ba31-238471a16fc5"]
)

// When status is 'ActionRequired':
ScimRequestResponse.ActionRequired.ActionRequiredLinkUser(
    status="ActionRequired",
    action="LinkUser",
    connectionId="Yhc4Nan2ZiIPp7kyoyhT9c",
    commitId="a7272904-686e-4097-bdf5-ce1e2bd5707f",
    primaryEmail="example@propelauth.com",
    userName="example@propelauth.com",
    parsedUserData={
        firstName="Example",
        lastName="User",
        department="Engineering",
        employeeId="00utc0x6na8aflr0E697"
    },
    active=true,
    ssoUserSubject=null
)

// When status is 'Completed':
ScimRequestResponseCompleted
{
    Status = "Completed",
    ConnectionId = "Yhc4Nan2ZiIPp7kyoyhT9c",
    ResponseData = {...},
    ResponseHttpCode = 200,
    AffectedUserIds = ["057806f5-6e19-45ef-ba31-238471a16fc5"]
}

// When status is 'ActionRequired':
ActionRequired.LinkUser
{
    Status = "ActionRequired",
    Action = "LinkUser",
    ConnectionId = "Yhc4Nan2ZiIPp7kyoyhT9c",
    CommitId = "a7272904-686e-4097-bdf5-ce1e2bd5707f",
    PrimaryEmail = "example@propelauth.com",
    UserName = "example@propelauth.com",
    ParsedUserData = {
        // Your parsed user data, based on your property configuration
        FirstName = "Example",
        LastName = "User",
        Department = "Engineering",
        EmployeeId = "00utc0x6na8aflr0E697"
    },
    Active = true,
    SsoUserSubject = null
}

Link SCIM User

Links a new SCIM user to a user in your system. Used when the SCIM Request function returns a "LinkUser" action.

Arguments

connectionId string required

The SCIM Connection ID

commitId string required

The Commit ID returned from the SCIM Request function

userId string required

Your ID for the user

Successful Response

connectionId string

The ID of the SCIM connection

responseData object

The response data to return to the SCIM IdP

responseHttpCode number

The HTTP status code to return to the SCIM IdP

affectedUserIds string[]

Array of user IDs affected by this request

Error Types

ScimConnectionNotFound

The provided SCIM Connection ID could not be found

UserNotFound

The provided User ID could not be found

UnexpectedError

An unexpected error occurred during the operation

const auth = createClient({ url, integrationKey });

const result = await auth.scim.linkScimUser({
  connectionId: "s8vmjNLuieN1feLOya0mf3",
  commitId: "a7272904-686e-4097-bdf5-ce1e2bd5707f",
  userId: "057806f5-6e19-45ef-ba31-238471a16fc5",
});

if (result.ok) {
  // Return the response to the SCIM IdP
  res.status(result.data.responseHttpCode).json(result.data.responseData);
} else {
  console.log(`Error: ${result.error.type}`);
  // Check result.error.type to handle specific errors
}

client = create_client(url=url, integration_key=integration_key)

result = await client.scim.link_scim_user(
    connection_id="s8vmjNLuieN1feLOya0mf3",
    commit_id="a7272904-686e-4097-bdf5-ce1e2bd5707f",
    user_id="057806f5-6e19-45ef-ba31-238471a16fc5"
)

if is_ok(result):
    # Return the response to the SCIM IdP
    data = result.data
    return JSONResponse(
        status_code=data.response_http_code,
        content=data.response_data
    )
else:
    print(f"Error: {result.error.type}")
    # Check result.error.type to handle specific errors

PropelAuthClient client = PropelAuthClient.create(url, integrationKey);

LinkScimUserCommand command = LinkScimUserCommand.builder()
    .connectionId("s8vmjNLuieN1feLOya0mf3")
    .commitId("a7272904-686e-4097-bdf5-ce1e2bd5707f")
    .userId("057806f5-6e19-45ef-ba31-238471a16fc5")
    .build();

try {
    CompletedScimRequestResponse response = client.scim.linkScimUser(command);
    // Return the response to the SCIM IdP
    return ResponseEntity
        .status(response.getResponseHttpCode())
        .body(response.getResponseData());
} catch (LinkScimUserException.ScimConnectionNotFound e) {
    System.out.println("SCIM connection not found");
} catch (LinkScimUserException.UserNotFound e) {
    System.out.println("User not found");
} catch (LinkScimUserException e) {
    System.out.println("Error: " + e.getMessage());
}

var client = new PropelAuthClient(new PropelAuthOptions { Url = url, IntegrationKey = integrationKey });

var command = new LinkScimUserCommand
{
    ConnectionId = "s8vmjNLuieN1feLOya0mf3",
    CommitId = "a7272904-686e-4097-bdf5-ce1e2bd5707f",
    UserId = "057806f5-6e19-45ef-ba31-238471a16fc5"
};

try
{
    var response = await client.Scim.LinkScimUserAsync(command);
    // Return the response to the SCIM IdP
    return StatusCode(response.ResponseHttpCode, response.ResponseData);
}
catch (LinkScimUserException.ScimConnectionNotFound)
{
    Console.WriteLine("SCIM connection not found");
}
catch (LinkScimUserException.UserNotFound)
{
    Console.WriteLine("User not found");
}
catch (LinkScimUserException ex)
{
    Console.WriteLine($"Error: {ex.Message}");
}

Response

{
  ok: true,
  data: {
    connectionId: 'Yhc4Nan2ZiIPp7kyoyhT9c',
    responseData: {
      /* SCIM user object to return to IdP */
    },
    responseHttpCode: 201,
    affectedUserIds: ['057806f5-6e19-45ef-ba31-238471a16fc5']
  }
}

Result(
    ok=True,
    data=CompletedScimRequestResponse(
        connection_id='Yhc4Nan2ZiIPp7kyoyhT9c',
        response_data={
            # SCIM user object to return to IdP
        },
        response_http_code=201,
        affected_user_ids=['057806f5-6e19-45ef-ba31-238471a16fc5']
    )
)

CompletedScimRequestResponse(
    connectionId="Yhc4Nan2ZiIPp7kyoyhT9c",
    responseData={...},
    responseHttpCode=201,
    affectedUserIds=["057806f5-6e19-45ef-ba31-238471a16fc5"]
)

CompletedScimRequestResponse
{
    ConnectionId = "Yhc4Nan2ZiIPp7kyoyhT9c",
    ResponseData = {...},
    ResponseHttpCode = 201,
    AffectedUserIds = ["057806f5-6e19-45ef-ba31-238471a16fc5"]
}

Commit SCIM User Change

Used after the SCIM Request function returns an "EnableUser", "DisableUser" or "DeleteUser" action to confirm you have taken said action on the user.

Arguments

connectionId string required

The SCIM Connection ID

commitId string required

The Commit ID returned from the SCIM Request function

Successful Response

connectionId string

The ID of the SCIM connection

responseData object

The response data to return to the SCIM IdP

responseHttpCode number

The HTTP status code to return to the SCIM IdP

affectedUserIds string[]

Array of user IDs affected by this request

Error Types

ScimConnectionNotFound

The provided SCIM Connection ID could not be found

StagedChangeNotFound

The provided commitId was not found

UnexpectedError

An unexpected error occurred during the operation

const auth = createClient({ url, integrationKey });

const result = await auth.scim.commitScimUserChange({
  connectionId: "s8vmjNLuieN1feLOya0mf3",
  commitId: "a7272904-686e-4097-bdf5-ce1e2bd5707f",
});

if (result.ok) {
  // Return the response to the SCIM IdP
  res.status(result.data.responseHttpCode).json(result.data.responseData);
} else {
  console.log(`Error: ${result.error.type}`);
  // Check result.error.type to handle specific errors
}

client = create_client(url=url, integration_key=integration_key)

# Commit a SCIM user change after taking action
result = await client.scim.commit_scim_user_change(
    connection_id="s8vmjNLuieN1feLOya0mf3",
    commit_id="a7272904-686e-4097-bdf5-ce1e2bd5707f"
)

if is_ok(result):
    data = result.data
    # Return the response to the SCIM IdP
    return JSONResponse(
        content=data.response_data,
        status_code=data.response_http_code
    )
else:
    print(f"Error: {result.error.type}")
    # Check result.error.type to handle specific errors

PropelAuthClient client = PropelAuthClient.create(url, integrationKey);

CommitScimUserChangeCommand command = CommitScimUserChangeCommand.builder()
    .connectionId("s8vmjNLuieN1feLOya0mf3")
    .commitId("a7272904-686e-4097-bdf5-ce1e2bd5707f")
    .build();

try {
    CompletedScimRequestResponse response = client.scim.commitScimUserChange(command);
    // Return the response to the SCIM IdP
    System.out.println("Response code: " + response.getResponseHttpCode());
} catch (CommitScimUserChangeException.ScimConnectionNotFound e) {
    System.out.println("SCIM connection not found");
} catch (CommitScimUserChangeException.StagedChangeNotFound e) {
    System.out.println("Staged change not found");
} catch (CommitScimUserChangeException e) {
    System.out.println("Error: " + e.getMessage());
}

var client = new PropelAuthClient(new PropelAuthOptions { Url = url, IntegrationKey = integrationKey });

var command = new CommitScimUserChangeCommand
{
    ConnectionId = "s8vmjNLuieN1feLOya0mf3",
    CommitId = "a7272904-686e-4097-bdf5-ce1e2bd5707f"
};

try
{
    var response = await client.Scim.CommitScimUserChangeAsync(command);
    // Return the response to the SCIM IdP
    Console.WriteLine($"Response code: {response.ResponseHttpCode}");
}
catch (CommitScimUserChangeException.ScimConnectionNotFound)
{
    Console.WriteLine("SCIM connection not found");
}
catch (CommitScimUserChangeException.StagedChangeNotFound)
{
    Console.WriteLine("Staged change not found");
}
catch (CommitScimUserChangeException ex)
{
    Console.WriteLine($"Error: {ex.Message}");
}

Response

{
  ok: true,
  data: {
    connectionId: 'Yhc4Nan2ZiIPp7kyoyhT9c',
    responseData: {
      /* SCIM user object to return to IdP */
    },
    responseHttpCode: 200,
    affectedUserIds: ['057806f5-6e19-45ef-ba31-238471a16fc5']
  }
}

Result(
    data=CompletedScimRequestResponse(
        connection_id='Yhc4Nan2ZiIPp7kyoyhT9c',
        response_data={
            # SCIM user object to return to IdP
        },
        response_http_code=200,
        affected_user_ids=['057806f5-6e19-45ef-ba31-238471a16fc5']
    )
)

CompletedScimRequestResponse(
    connectionId="Yhc4Nan2ZiIPp7kyoyhT9c",
    responseData={/* SCIM user object to return to IdP */},
    responseHttpCode=200,
    affectedUserIds=["057806f5-6e19-45ef-ba31-238471a16fc5"]
)

CompletedScimRequestResponse
{
    ConnectionId = "Yhc4Nan2ZiIPp7kyoyhT9c",
    ResponseData = /* SCIM user object to return to IdP */,
    ResponseHttpCode = 200,
    AffectedUserIds = ["057806f5-6e19-45ef-ba31-238471a16fc5"]
}

Get SCIM User

Retrieves the full SCIM user information including their groups.

Arguments

userId string required

The ID of the user

scimConnectionId string

The ID of the SCIM connection

customerId string

The customer ID (alternative to scimConnectionId)

Successful Response

connectionId string

The SCIM connection ID

user.connectionId string

The SCIM connection ID

user.scimUser object

The raw SCIM user data from the IdP

user.primaryEmail string | null

The primary email address of the user

user.parsedUserData object

Parsed user data based on SCIM user mapping configuration

user.active boolean

Whether the user is active

user.userId string | null

The linked internal user ID

groups array

Array of group memberships for the user

Error Types

ScimConnectionNotFound

The provided SCIM connection ID could not be found

UserNotFound

The user ID was not found

UnexpectedError

An unexpected error occurred during the operation

const auth = createClient({ url, integrationKey });

const result = await auth.scim.getScimUser({
  userId: "057806f5-6e19-45ef-ba31-238471a16fc5",
  scimConnectionId: "s8vmjNLuieN1feLOya0mf3"
});

if (result.ok) {
  console.log("SCIM user fetched successfully");
  console.log(`User email: ${result.data.user.primaryEmail}`);
  console.log(`Groups: ${result.data.groups.length}`);
} else {
  console.log(`Error: ${result.error}`);
  // Check result.error.type to handle specific errors
}

client = create_client(url=url, integration_key=integration_key)

result = await client.scim.get_scim_user(
    user_id="057806f5-6e19-45ef-ba31-238471a16fc5",
    scim_connection_id="s8vmjNLuieN1feLOya0mf3"
)

if is_ok(result):
    data = result.data
    print("SCIM user fetched successfully")
    print(f"User email: {data.user['primaryEmail']}")
    print(f"Groups: {len(data.groups)}")
else:
    error = result.error
    print(f"Error: {error}")
    # Check error.type to handle specific errors

PropelAuthClient client = PropelAuthClient.create(url, integrationKey);

GetScimUserCommand command = GetScimUserCommand.scimConnectionId.builder()
    .userId("057806f5-6e19-45ef-ba31-238471a16fc5")
    .scimConnectionId("s8vmjNLuieN1feLOya0mf3")
    .build();

try {
    GetScimUserResponse response = client.scim.getScimUser(command);
    System.out.println("SCIM user fetched successfully");
    System.out.println("User email: " + response.getUser().getPrimaryEmail());
    System.out.println("Groups: " + response.getGroups().size());
} catch (GetScimUserException.UserNotFound e) {
    System.out.println("User not found");
} catch (GetScimUserException.ScimConnectionNotFound e) {
    System.out.println("SCIM connection not found");
} catch (GetScimUserException e) {
    System.out.println("Error: " + e.getMessage());
}

var client = new PropelAuthClient(new PropelAuthOptions { Url = url, IntegrationKey = integrationKey });

// Using scimConnectionId
try
{
    var response = await client.Scim.GetScimUserByScimConnectionIdAsync(
        userId: "057806f5-6e19-45ef-ba31-238471a16fc5",
        scimConnectionId: "s8vmjNLuieN1feLOya0mf3"
    );
    Console.WriteLine("SCIM user fetched successfully");
    Console.WriteLine($"User email: {response.User.PrimaryEmail}");
    Console.WriteLine($"Groups: {response.Groups.Count}");
}
catch (GetScimUserException.UserNotFound)
{
    Console.WriteLine("User not found");
}
catch (GetScimUserException.ScimConnectionNotFound)
{
    Console.WriteLine("SCIM connection not found");
}
catch (GetScimUserException ex)
{
    Console.WriteLine($"Error: {ex.Message}");
}

// Using customerId
try
{
    var response = await client.Scim.GetScimUserByCustomerIdAsync(
        userId: "057806f5-6e19-45ef-ba31-238471a16fc5",
        customerId: "customer-123"
    );
    Console.WriteLine("SCIM user fetched successfully");
}
catch (GetScimUserException ex)
{
    Console.WriteLine($"Error: {ex.Message}");
}

Response

{
  ok: true,
  data: {
    connectionId: "Yhc4Nan2ZiIPp7kyoyhT9c",
    user: {
      connectionId: "Yhc4Nan2ZiIPp7kyoyhT9c",
      primaryEmail: "example@propelauth.com",
      parsedUserData: {
        // Your parsed user data, based on your property configuration
        firstName: "Example",
        lastName: "User",
        department: "Engineering",
        employeeId: "00utc0x6na8aflr0E697"
      },
      active: true,
      userId: "057806f5-6e19-45ef-ba31-238471a16fc5",
      scimUser: {
        // This is the full raw SCIM user data
        emails: [
          {
            primary: true,
            type: "work",
            value: "example@propelauth.com"
          }
        ],
        // ...
      }
    },
    groups: [
      {
        groupId: "g123456",
        displayName: "Engineering",
        externalId: "eng-001"
      }
    ]
  }
}

GetScimUserResponse(
    connection_id="Yhc4Nan2ZiIPp7kyoyhT9c",
    user={
        "connectionId": "Yhc4Nan2ZiIPp7kyoyhT9c",
        "primaryEmail": "example@propelauth.com",
        "parsedUserData": {
            # Your parsed user data, based on your property configuration
            "firstName": "Example",
            "lastName": "User",
            "department": "Engineering",
            "employeeId": "00utc0x6na8aflr0E697"
        },
        "active": True,
        "userId": "057806f5-6e19-45ef-ba31-238471a16fc5",
        "scimUser": {
            # This is the full raw SCIM user data
            "emails": [
                {
                    "primary": True,
                    "type": "work",
                    "value": "example@propelauth.com"
                }
            ],
            # ...
        }
    },
    groups=[
        ScimGroupMembershipResponse(
            group_id="g123456",
            display_name="Engineering",
            external_id="eng-001"
        )
    ]
)

GetScimUserResponse(
    connectionId="Yhc4Nan2ZiIPp7kyoyhT9c",
    user=CompleteScimUserResponse(
        connectionId="Yhc4Nan2ZiIPp7kyoyhT9c",
        primaryEmail="example@propelauth.com",
        parsedUserData={
            firstName="Example",
            lastName="User",
            department="Engineering",
            employeeId="00utc0x6na8aflr0E697"
        },
        active=true,
        userId="057806f5-6e19-45ef-ba31-238471a16fc5",
        scimUser={
            emails=[
                {
                    primary=true,
                    type="work",
                    value="example@propelauth.com"
                }
            ],
            ...
        }
    ),
    groups=[
        ScimGroupMembershipResponse(
            groupId="g123456",
            displayName="Engineering",
            externalId="eng-001"
        )
    ]
)

GetScimUserResponse
{
    ConnectionId = "Yhc4Nan2ZiIPp7kyoyhT9c",
    User = new CompleteScimUserResponse
    {
        ConnectionId = "Yhc4Nan2ZiIPp7kyoyhT9c",
        PrimaryEmail = "example@propelauth.com",
        ParsedUserData = {
            // Your parsed user data, based on your property configuration
            firstName = "Example",
            lastName = "User",
            department = "Engineering",
            employeeId = "00utc0x6na8aflr0E697"
        },
        Active = true,
        UserId = "057806f5-6e19-45ef-ba31-238471a16fc5",
        ScimUser = {
            // This is the full raw SCIM user data
            emails = [
                {
                    primary = true,
                    type = "work",
                    value = "example@propelauth.com"
                }
            ],
            // ...
        }
    },
    Groups = [
        new ScimGroupMembershipResponse
        {
            GroupId = "g123456",
            DisplayName = "Engineering",
            ExternalId = "eng-001"
        }
    ]
}