Using Update group by ID (PATCH) returns empty array for "members"

XMLWordPrintable

    • Severity 3 - Minor

      Issue Summary

      The example response for Update group by ID (PATCH) indicates that "members" in the response should include an array of the SCIM users with memberships in the group after the update. However, when using the Update group by ID (PATCH) for "path":"members" and "op":"add", "op":"remove", or "op":"replace" consistently returns an empty array [] for "members" in the response. As such, a customer needs to make an additional API call to verify that the attempted change to the group's memberships actually succeeded.

      Steps to Reproduce

      1. Send a PATCH call to the /scim/directory/<directoryId>/Groups/<groupId> endpoint with a valid bearer token and any of the below request bodies: 
        • {
	"schemas": [
		"urn:ietf:params:scim:api:messages:2.0:PatchOp"
	],
	"operations": [
		{
			"op": "add",
			"path":"members",
			"value": [
				{"value":"<ScimUserId1>"},
				{"value":"<ScimUserId2>"}
			]
		}
	]
}
        • {
	"schemas": [
		"urn:ietf:params:scim:api:messages:2.0:PatchOp"
	],
	"operations": [
		{
			"op": "remove",
			"path":"members",
			"value": [
				{"value":"<ScimUserId1>"},
				{"value":"<ScimUserId2>"}
			]
		}
	]
}
        • {
	"schemas": [
		"urn:ietf:params:scim:api:messages:2.0:PatchOp"
	],
	"operations": [
		{
			"op": "replace",
			"path":"members",
			"value": [
				{"value":"<ScimUserId1>"},
				{"value":"<ScimUserId2>"}
			]
		}
	]
}

           

      Expected Results

      Response body contains membership data in the "members" array:

      {
    "schemas": [
        "urn:ietf:params:scim:schemas:core:2.0:Group"
    ],
    "id": "<groupId>",
    "displayName": "<groupName>",
    "members": [
        {
            "type": "<string>",
            "value": "<ScimUserId1>",
            "display": "<ScimUserName1>",
            "$ref": "<ScimUserRef1>"
        },
        {
            "type": "<string>",
            "value": "<ScimUserId2>",
            "display": "<ScimUserName2>",
            "$ref": "<ScimUserRef2>"
        }
    ],
    "meta": {
        "resourceType": "Group",
        "location": "https://api.atlassian.com/scim/directory/<directoryId>/Groups/<groupId>",
        "lastModified": "2023-08-28T23:10:52.97377Z",
        "created": "2023-03-27T19:37:25.973539Z"
    }
}

      Actual Results

      Response body contains an empty array for "members":

      {
    "schemas": [
        "urn:ietf:params:scim:schemas:core:2.0:Group"
    ],
    "id": "<groupId>",
    "displayName": "<groupName>",
    "members": [],
    "meta": {
        "resourceType": "Group",
        "location": "https://api.atlassian.com/scim/directory/<directoryId>/Groups/<groupId>",
        "lastModified": "2023-08-28T23:10:52.97377Z",
        "created": "2023-03-27T19:37:25.973539Z"
    }
}

      Workaround

      Make one or more separate API calls to verify the change in group memberships:

      • Get a group by ID to verify the current members of the modified group, OR 
      • Get groups to verify the current members of all groups, including those modified, OR
      • Get a user by ID to verify the current membership(s) of the modified users, OR
      • Get users to verify the current memberships of all users, including those modified.

              Assignee:
              Drake Sanderson
              Reporter:
              John A [Atlassian Support]
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: