Skip to content
English
Sign in
Go to ideascale.com
  • There are no suggestions because the search field is empty.

SCIM Audit Logs

Audit logs for SCIM process

Path: Manage Workspace >> Security >> SCIM Audit Logs

SCIM Audit Logs capture every SCIM request—such as read, create, update, and delete operations—and record how each one was handled by the system. By reviewing these entries, workspace admins can monitor identity lifecycle events, verify that automated provisioning is working correctly, and quickly troubleshoot integration issues when they arise.

Screenshot 2026-05-07 at 2.50.43 PM

TABLE OF CONTENTS

SCIM Log Columns
Filters

SCIM Log Columns

scim audit logs-1

SCIM Audit Logs provide a record of each SCIM operation and indicate whether it succeeded or failed. Each entry includes the following key columns:

1. Request ID: A unique reference identifier for the SCIM request. This ID can be used to trace a specific transaction across systems or when working with support teams.

2. Time: The exact date and time when the request was made. This helps to place events in sequence, correlate them with other system activity, and investigate time-bound incidents.

3. Status: Indicates whether the request was completed successfully or failed. If the status is Failed, click the more info (i) icon to view the associated error message and better understand what went wrong.

error message

4. HTTP Method: Indicates the type of API operation performed—such as GET (read), POST (create), PUT (replace), or DELETE (remove). Understanding the method helps to quickly identify what kind of change was attempted.

5. Endpoint: Shows the specific API endpoint that was called (for example, `/Users` or `/Groups`). This tells which SCIM resource or collection the operation targeted.

6. Query Parameter: Displays any query parameters that were included with the API call. These parameters refine the request—for instance, by filtering, sorting, or limiting the results.

7. Status Code: Provides the HTTP status code returned by the server, indicating whether the request succeeded or failed. Codes such as 200, 201, and 204 represent successful operations, while codes like 400 and 404 indicate that the request was not completed as intended.

8. Response: Shows the full response returned by the SCIM service. Reviewing this content helps to diagnose issues and verify that the system behaved as expected.

response

9. Request: Displays the full details of the SCIM request that was sent, including the HTTP method, headers, and payload. Reviewing this information helps to understand exactly what data was transmitted and how the client interacted with the SCIM API.

request

Filter

scim filter

The audit logs can be filters as per various parameters as follows:

1. Start date: Use the date picker to choose the earliest date to be included. The system will return only those audit log entries that occurred on or after this date, helping to define the beginning of the analysis period.

2. End date: Use the date picker to select the latest date to be included. The system will return only those entries that occurred on or before this date, allowing to cap the timeframe for review.

3. HTTP Method: From the HTTP Method dropdown, select the type of API call you want to analyse—GET, PUT, POST, PATCH, DELETE, or All. Choosing a specific method helps to focus on particular kinds of SCIM operations, such as reads (GET) or updates (PUT/PATCH), within the audit logs.

4. Resource Type: From the Resource Type dropdown, choose the type of SCIM resource the request targeted—for example, All, Users, Groups, Me, or Bulk. This helps to focus the audit log review on the specific entities that are most relevant to the investigation.

5. EndPoint: In the Endpoint field, enter the specific API endpoint (for example, `/Users` or `/Groups`) that needs to be investigated. This allows to narrow down the audit log results to only those SCIM requests that targeted that particular path.

6. Status: From the Status dropdown, choose whether to view only successful requests, only failed requests, or all requests. This helps to quickly isolate the types of SCIM events that are most relevant to your analysis.

7. Reset: Click the Reset button to clear all selected filter criteria and return the SCIM Audit Logs view to its default state. This is useful to start a new search without any previously applied filters influencing the results.

After the filter criteria is configured, click the Filter button. The system will then display only those audit log entries that match the selected parameters, allowing to focus on the most relevant SCIM activity.

filtered result

Last Updated: May 13, 2026