Add GET endpoints for instance-level SCIM
What does this MR do and why?
- 'GET api/scim/v2/application/Users'
- 'GET api/scim/v2/application/Users/:id'
- We will also be adding other endpoints but adding only 2 to start in order to make a smaller MR.
- Instance-level SCIM will behave very similarly to group SCIM but will be for self-managed GitLab only and will be for an entire instance rather than a Group.
- This is for Premium and Ultimate
- #378599 (closed)
Screenshots or screen recordings
Screenshots are required for UI changes, and strongly recommended for all other merge requests.
How to set up and validate locally
Test /Users
endpoint:
- Create a scim access token in a rails console and copy the token value
token = ScimOauthAccessToken.create! token.token => $YOUR_SECRET_TOKEN
- Make a curl request using the token
curl --location --request GET "http://localhost:3000/api/scim/v2/application/Users" --header "Authorization: Bearer $YOUR_SECRET_TOKEN" --header "Content-Type: application/scim+json"
- Response json should look like:
{"schemas":["urn:ietf:params:scim:api:messages:2.0:ListResponse"],"totalResults":0,"itemsPerPage":20,"startIndex":1,"Resources":[]}
Test /Users/:id
endpoint:
- Create a scim user in Rails console
service_params = { email: 'work@example.com', name: 'Test Name', extern_uid: 'test_uid', username: 'username' } EE::Gitlab::Scim::ProvisioningService.new(service_params).execute
- Make a curl request using the token you created when testing other endpoint
curl --location --request GET "http://localhost:3000/api/scim/v2/application/Users/test_uid" --header "Authorization: Bearer $YOUR_SECRET_TOKEN" --header "Content-Type: application/scim+json"
- Response json should look like:
{"schemas":["urn:ietf:params:scim:schemas:core:2.0:User"],"id":"test_uid","active":true,"emails":[{"type":"work","value":"work@example.com","primary":true}],"name":{"formatted":"Test Name","givenName":"Test","familyName":"Name"},"meta":{"resourceType":"User"},"userName":"username"
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Edited by Sean Arnold