SCIM Rotate Token Complete

POSThttps://test.stytch.com/v1/b2b/scim/{organization_id}/connections/{connection_id}/rotate/complete

Completes a SCIM token rotation. This will complete the current token rotation process and update the active token to be the new token supplied in the start SCIM token rotation response.

Our RBAC implementation offers out-of-the-box handling of authorization checks for this endpoint. If you pass in a header containing a session_token or a session_jwt for an unexpired Member Session, we will check that the Member Session has permission to perform the update action on the stytch.scim Resource.

If the Member Session does not contain a Role that satisfies the requested permission, or if the Member's Organization does not match the organization_id passed in the request, a 403 error will be thrown. Otherwise, the request will proceed as normal.

To learn more about our RBAC implementation, see our RBAC guide.

Path parameters

organization_id*string
connection_id*string

Header parameters

X-Stytch-Member-Sessionstring
X-Stytch-Member-SessionJWTstring

Response fields

status_codeint
request_idstring
connectionobject
curl --request POST \
  --url https://test.stytch.com/v1/b2b/scim/organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931/connections/scim-connection-test-cdd5415a-c470-42be-8369-5c90cf7762dc/rotate/complete \
  -u 'PROJECT_ID:SECRET' \
  -H 'Content-Type: application/json'

RESPONSE

200
{
  "connection": {
      "organization_id": "organization-test-07971b06-ac8b-4cdb-9c15-63b17e653931"
      "connection_id": "scim-connection-test-cdd5415a-c470-42be-8369-5c90cf7762dc"
      "status": "active",
      "display_name": "My SCIM Connection"
      "idp": "okta"
      "base_url": "https://test.stytch.com/v1/b2b/scim/scim-connection-test-cdd5415a-c470-42be-8369-5c90cf7762dc"
      "bearer_token_expires_at": "2029-03-20T21:28:28Z"
      "bearer_token_last_four": "sdko"
  },
}