SCIM2 Models

0.6.12 · active · verified Thu Apr 16

scim2-models is a Python library providing Pydantic models for SCIM (System for Cross-domain Identity Management) schemas, specifically RFC7643 and RFC7644. It facilitates the serialization and validation of SCIM2 payloads using native Python objects. The library includes features like context-aware validation and dynamic schema extensions, serving as a foundational block for building SCIM2 servers and clients. The current version is 0.6.12, and it is actively maintained with frequent releases.

Common errors

```
pydantic.ValidationError: ... field required (type=value_error.missing)
```
cause The input JSON payload is missing a required attribute as defined by the SCIM schema (RFC7643/7644) or a custom schema extension. This is a common Pydantic validation error when data does not conform.

fix Review the SCIM RFCs (e.g., RFC7643 Section 2 for core resources) or your custom schema definitions to identify all mandatory attributes. Ensure the JSON payload includes all required fields with correct data types.
```
AttributeError: type object 'User' has no attribute 'schemas'
```
cause This error typically occurs if you've upgraded from `scim2-models <0.6.0` to `0.6.0` or later and your code or custom models relied on accessing a `schemas` attribute directly from a resource class. The `schemas` field was replaced by the `__schema__` class variable.

fix If you were accessing a class-level `schemas` attribute, update your code to use the `__schema__` class variable directly or instantiate the model and access the `schemas` field from the instance (which is dynamically populated based on `__schema__`). For custom models, ensure `__schema__` is defined as a class variable.

Warnings

breaking In version 0.6.0, the mechanism for defining schema URNs on custom SCIM resource models changed. Resources now define their schema URN with a `__schema__` class variable instead of a `schemas` default value.
Fix: If you have custom SCIM resource models, update them to use `__schema__ = ["urn:ietf:params:scim:schemas:core:2.0:User"]` (or your specific URN) as a class variable instead of a default value for a 'schemas' field.
gotcha The library is officially marked as '3 - Alpha' status on PyPI. This indicates that the API might still be unstable, and backward-incompatible changes could occur in minor versions without strict adherence to semantic versioning until a stable '1.0' release.
Fix: Be prepared for potential API adjustments when upgrading, and consult the changelog for details on each new release.
gotcha The library supports context-aware validation (e.g., for creation, query, or replacement operations). This means that validation behavior can differ based on the `context` parameter provided to validation methods. An attribute that is optional during a PUT (replacement) might be required during a POST (creation).
Fix: Always consider the SCIM operation context when validating payloads. If validation errors occur unexpectedly, verify that the `context` parameter (if used) correctly reflects the intended SCIM operation.

Install

pip install scim2-models Install stable version

Imports

User
```
from scim2_models.resources import User
```
Commonly imported SCIM core resource.
Group
```
from scim2_models.resources import Group
```
Commonly imported SCIM core resource.
Schema
```
from scim2_models.schemas import Schema
```
Used for managing SCIM schemas themselves.

Quickstart

This quickstart demonstrates how to validate an existing SCIM User payload against the `User` model and how to construct a new `User` object directly. The `model_validate` method from Pydantic is used for parsing dictionary data, and `model_dump_json` for serialization.

from scim2_models.resources import User
from pydantic import ValidationError

user_data = {
    "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
    "userName": "bjensen@example.com",
    "id": "2819c223-7f76-453a-919d-413861904646",
    "name": {
        "givenName": "Babs",
        "familyName": "Jensen"
    },
    "emails": [
        {
            "value": "bjensen@example.com",
            "type": "work",
            "primary": True
        }
    ],
    "meta": {
        "resourceType": "User",
        "created": "2024-04-13T12:00:00Z",
        "lastModified": "2024-04-13T12:00:00Z",
        "location": "https://example.com/v2/Users/2819c223-7f76-453a-919d-413861904646"
    }
}

try:
    user = User.model_validate(user_data)
    print(f"Successfully validated user: {user.user_name}")
    print(f"User ID: {user.id}")
except ValidationError as e:
    print(f"Validation error: {e}")

# You can also create a user directly
new_user = User(
    userName="testuser",
    emails=[{"value": "test@example.com", "type": "work", "primary": True}]
)
print(f"Created new user: {new_user.model_dump_json(indent=2)}")

view raw JSON →