Skip to content
Insights
Request Services
← All OSS projects

Developer tooling · Apache 2.0

scim-compliance-tester

Go CLI that tests a SCIM 2.0 endpoint against the spec — idempotency, PATCH semantics, group membership, deactivation flow.

View on GitHub →Go

About

Open-source CLI tool that exercises a SCIM 2.0 endpoint against the seven failure patterns most commonly found in production SCIM implementations: non-idempotent endpoints, broken PATCH semantics, group-membership desync between User and Group resources, deactivation semantics, incorrect HTTP error codes, missing rate limiting / backpressure, and missing audit trails.

Designed to be runnable in CI against any SCIM 2.0 endpoint. Output is human-readable + JSON. Built to complement the official IdP SCIM validators (Okta SCIM Spec Test, Microsoft Entra Validator).

Features

  • →Tests SCIM 2.0 endpoint against the 7 most common failure patterns
  • →Idempotency check on User create + PATCH
  • →PATCH path-filter semantics validation
  • →Group membership consistency (User.groups ↔ Group.members)
  • →Deactivation semantics
  • →HTTP error code conformance
  • →Rate-limit + backpressure verification
  • →CI-friendly exit codes + JUnit XML output

Install

# Homebrew
brew install askmeidentity/tap/scim-compliance-tester

# Go install
go install github.com/askmeidentity/scim-compliance-tester@latest

# Docker
docker pull ghcr.io/askmeidentity/scim-compliance-tester:latest

Usage

scim-compliance-tester run \
  --endpoint https://api.example.com/scim/v2 \
  --auth-token $SCIM_TOKEN \
  --output json

Related resources

  • Insight: Why SCIM 2.0 implementations fail →
  • Tool: SCIM payload validator →
Last reviewed: 2026-05-26

Identity, cybersecurity, and custom software for regulated enterprises. Audit-ready operations from advisory through audit.

Americas HQ

Wilmington, DE

America/New York

India HQ

Hyderabad, TG

Asia/Kolkata

Services
  • IAM Consulting
  • IAM Technologies
  • Custom Software & AI
  • IAM Staffing
  • Request Services
  • Case Studies
Resources
  • All Resources
  • Complete Guide to IAM
  • IAM Frameworks Compared
  • IAM Certification Roadmap
  • IAM API Hub
  • IAM Explainers
  • IAM Vendor Status
  • Release Notes
  • State of Identity
  • State of PAM
  • State of IGA
  • State of CIAM
  • State of AI Agent Identity
  • IAM Salary Benchmark
  • Vendor Pricing Index
  • Year in Review 2026
  • Acquisition Tracker
  • Outage Tracker
  • Identity Incidents
  • Vulnerability Tracker
  • Cheat Sheets
  • Standards Explainers
  • Migration Playbooks
  • Audit Checklists
  • Reference Architectures
  • RFP Templates
  • IAM Anti-Patterns
  • Compliance Crosswalk
  • Market Landscape
  • Awesome IAM
  • IAM Glossary
  • Compliance Frameworks
  • Integration Guides
  • Vendor Alternatives
  • IAM by Industry
  • Salary Lookup
  • Directory
Research & media
  • IAM Compensation 2026
  • Vendor Moves Q3 2026
  • Identity Incidents Q3 2026
  • Vendor Security Posture 2026
  • Vendor Pricing 2026
  • AI Citation Tracker
  • Top 50 IAM Tools 2026
  • Podcast
  • Videos
  • Newsletter
  • Newsletter Archive
  • Embed Widgets
Free tools
  • JWT Decoder
  • JWT Signer
  • SAML Decoder
  • SAML Metadata Diff
  • OAuth Flow Visualizer
  • OIDC Debugger
  • OIDC Discovery Validator
  • PKCE Generator
  • WebAuthn Tester
  • Bearer Token Inspector
  • SCIM Validator
  • Password Entropy
  • IAM RFP Template
  • PAM Vendor Selector
  • Maturity Assessment
  • ROI Calculator
  • TCO Calculator
  • MFA Bypass Risk
  • Audit-Prep Burden
  • Quizzes
Company
  • About
  • Leadership
  • Approach
  • Why Choose Us
  • Partners
  • Press Kit
  • Press Topics
  • Global Presence
  • Locations
  • Insights
  • Now
  • Community
  • Open Roles
  • Submit Resume
  • Training
  • Contact

© 2026 askmeidentity, Inc.. Safeguard your digital frontier.

  • Privacy Policy
  • Terms of Service
  • Accessibility