Zoom SCIM2 'Deactivate A User' API Inaccurate Error Response

Format Your New Topic as Follows:

API Endpoint(s) and/or Zoom API Event(s)
SCIM2 - Deactivate a user

Description
When sending a request to deactivate a user, improper capitalization of the ‘Operations’ property of the JSON for the request Body causes a response error of: ‘The request JSON did not contains valid active field’.

In testing, sending a request payload with a lower case ‘o’ for the operations property resulted in a 400 - Bad Request. When sending with a capital ‘O’ the request would be successful and the response back would be 200 - Ok.

The response message/details are inaccurate/misleading because the issue isn’t caused by any ‘fields’ of the object which the request would be trying to modify if successful; specifically the ‘active’ field, which both the JSON itself and the field itself are properly formed in the request Body (shown below in the Parameters dump, included as an attachment).

The ZoomSCIM2APISpec for a different endpoint: Update a group → PATCH /scim2/Groups/{groupId}, has more accurate 400 responses - SCIM2 - Update a group

Error?
PowerShell Invoke-WebRequest Response

{
  "ErrorDetails": {
    "Message": {
      "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:Error"
      ],
      "detail": "The request json did not contains valid active field.",
      "status": 400
    }
  }
}

How To Reproduce
Steps to reproduce the behavior:

  1. Send PowerShell API Request with lowercase ‘o’ for Operations property of request Body
$Parameters = @{
    Uri         = "https://api.zoom.us/scim2/Users/${UserId}"
    Method      = 'PATCH'
    ContentType = 'application/json'
    Headers     = @{ 'Accept' = 'application/scim+json'; 'Authorization' = "Bearer ${AccessToken}" }
    Body        = $DeactivateUserBodyJson
}

$response = Invoke-WebRequest @Parameters

→ Request URL / Headers

{
  "Uri": "https://api.zoom.us/scim2/Users/<user-id>",
  "ContentType": "application/json",
  "Body": "{\"operations\":[{\"value\":{\"active\":false},\"op\":\"replace\"}],\"schemas\":[\"urn:ietf:params:scim:api:messages:2.0:PatchOp\",\"urn:ietf:params:scim:api:messages:2.0:ListResponse\"]}",
  "Method": "PATCH",
  "Headers": {
    "Accept": "application/scim+json",
    "Authorization": "Bearer <token>"
  }
}
  1. Authentication method or app type
    Account Level
    Server-to-Server OAuth

  2. Any errors

{
  "ErrorDetails": {
    "Message": {
      "schemas": [
        "urn:ietf:params:scim:api:messages:2.0:Error"
      ],
      "detail": "The request json did not contains valid active field.",
      "status": 400
    }
  },
  "ErrorMessage": "Response status code does not indicate success: 400 (Bad Request).",
  "InvocationInfo": {
    "PositionMessage": "At <script-name>.ps1:119 char:21\r\n+         $response = Invoke-WebRequest @Parameters\r\n+                     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~"
  },
  "ErrorCategory": {
    "Category": 7,
    "Activity": "Invoke-WebRequest",
    "Reason": "HttpResponseException",
    "TargetName": "Method: PATCH, RequestUri: 'https://api.zoom.us/scim2/Users/<user-id>', Version: 1.1, Content: System.Net.Http.ByteArrayContent, Headers:\r\n{\r\n  Accept: application/scim+json\r\n  Authorization: Bearer ****VEpg\r\n  User-Agent: Mozilla/5.0\r\n  User-Agent: (Windows NT 10.0; Microsoft Windows 10.0.19044; en-US)\r\n  User-Agent: PowerShell/7.4.0\r\n  Accept-Encoding: gzip\r\n  Accept-Encoding: deflate\r\n  Accept-Encoding: br\r\n  Content-Type: application/json\r\n  Content-Length: 171\r\n}",
    "TargetType": "HttpRequestMessage"
  },
  "ErrorTimestamp": "2023-12-15T13:42:33.0082336-05:00"
}
1 Like

Thank you for reporting @cabosticgardner , I’ll inquire about this further to see if it can be updated.

1 Like

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.