By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Retrieve created/updated by 'SCIM' in Identity center group details

0

Hi,

Inside Identity Center, I have setup an Idp using SCIM from Google Workspace. I also have manually created Identity Center groups.

In the Web console, I can see Created by: SCIM or Created by: Manual according to the provisioning type.

But I cannot find this information is the APIs. I have looked at IdentityStore API as well as the SCIM implementation

Can you help me please?

Topics
Security, Identity, & Compliance
Tags
AWS IAM Identity Center
Language
English
steyssier
asked 10 months ago318 views
1 Answer
0

Hi There

You wont see the "CreatedBy" specifically in the API, but you can look for an ExternalID if you are trying to decide whether a user or group was provisioned by SCIM. If a user was provisioned by SCIM, the DescribeUser API will return the ExternalIDs field.

See https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeUser.html#singlesignon-DescribeUser-response-ExternalIds

profile pictureAWS
EXPERT
Matt-B
answered 10 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content