Retrieve created/updated by 'SCIM' in Identity center group details

Question

Hi,

Inside Identity Center, I have setup an Idp using SCIM from Google Workspace.
I also have **manually** created Identity Center groups.

In the Web console, I can see **Created by**: **SCIM** or **Created by**: **Manual** according to the provisioning type.

But I cannot find this information is the APIs. I have looked at [IdentityStore API](https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeGroup.html) as well as the [SCIM implementation](https://docs.aws.amazon.com/singlesignon/latest/developerguide/getgroup.html)

Can you help me please?

Answer

Hi There

You wont see the "CreatedBy" specifically in the API, but you can look for an ExternalID if you are trying to decide whether a user or group was provisioned by SCIM.  If a user was provisioned by SCIM, the DescribeUser API will return the `ExternalIDs` field.

See https://docs.aws.amazon.com/singlesignon/latest/IdentityStoreAPIReference/API_DescribeUser.html#singlesignon-DescribeUser-response-ExternalIds

Retrieve created/updated by 'SCIM' in Identity center group details

相关内容