The group JSON object

The following attributes are available in the group JSON object file.

“scim-outline”
Provides the starting point for constructing a new or complete replacement Verify-SCIM directory group object in JSON format. Each attribute from the LDAP AD entry is processed and added to this object.
“ldap-object-class”
Provides the LDAP AD object class value that is used to detect User LDAP AD entries.
“scim-external-id-attr”
Provides the name of the Verify-SCIM directory attribute in which to store the LDAP AD entry unique value. This unique value is used to connect the LDAP AD entry to the Verify-SCIM directory entry.
"ldap-member-attr"
The LDAP AD attribute that is used to fetch memberships of the group.
"scim-member-add-op"
The Verify-SCIM directory (PATCH) operation that is used to add a user to a group. The {{type}} value is replaced by either “user” or “group” depending on the member type. The token {{value}} is replaced by the Verify-SCIM directory ID for the user or group.
"scim-member-remove-op"
The Verify-SCIM directory (PATCH) operation that is used to remove a user from a group. The token {{jq_value}} is replaced by the double quoted, JSON encoded Verify-SCIM directory ID for the user or group. For example, “6400001FUD”. The double quotation marks are included.
"ldap-to-scim"
Is an array that defines how to map relevant Active Directory attributes to Cloud Directory attributes when you create or modify groups. Each entry in the array defines how to map one Active Directory attribute and consists of:
"ldap"
The name of the Active Directory attribute to map from.
"tweaks"
An optional set of attribute value modification methods to apply to the Active Directory attribute value.
"new-attr"
Specifies how to format the Active Directory value into a Cloud Directory attribute. This attribute is added to the “scim-outline” attribute when a group is created.
"mod-attr"
Specifies how to format the Active Directory value into a Cloud Directory attribute modification request.
"is-dn"
Indicates that the value of the attribute is a distinguished name (DN) that refers to another group that must be mapped to a Verify group before it is set in the Cloud Directory. An example of this type of attribute is group members.
"is-multi-value"
This attribute is supported for the group member attribute only. All other attributes are considered to be single-value, and only one value is used even if multiple values exist.
"is-binary"
This attribute defaults to false. Set it to true if the attribute from Active Directory is binary that is, it contains non-text values. An example is the ObjectGUID attribute. Binary attributes are base 64-encoded before they are applied to the Cloud Directory attribute.