SCIM Client properties, tables, scriptable APIs, and logs

  • Release version: Australia
  • Updated March 12, 2026
  • 2 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of SCIM Client properties, tables, scriptable APIs, and logs

    The SCIM v2 - ServiceNow Cross-domain Identity Management Client plugin (com.snc.integration.scim2.client) provides system properties, database tables, scriptable APIs, and logging capabilities to enable identity provisioning and management through SCIM protocol integrations.

    Show full answer Show less

    SCIM Client Properties

    Two key system properties control logging behavior and log retention:

    • com.snc.integration.scim2.client.log.request.status: Configures whether all log records or only error logs are recorded. Values are ALL (default) or FAILURE.
    • com.snc.integration.scim2.client.log.cleanup.duration: Sets the number of days to retain SCIM client logs before automatic cleanup. Default is 180 days.

    These properties can be managed via All > SCIM > SCIM Client Properties.

    Tables

    The plugin introduces four primary tables that store SCIM integration data:

    • SCIM Provider (sysscimprovider): Stores configuration for each SCIM provider including REST message definitions.
    • SCIM Provider Resource Mapping (sysscimproviderresourcemapping): Contains mappings between providers and their resource names and primary tables.
    • SCIM Attribute Mapping (sysscimattributemapping): Defines source details for each SCIM attribute, such as the specific table field or script used to retrieve values.
    • SCIM Client Log (sysscimclientlogs): Logs the status of each SCIM API call made to providers.

    Scriptable API

    The SCIM2Client API enables programmatic create, update, and delete operations against SCIM providers. It should be used in scripts running in the system context or by system administrators, such as in background scripts, business rules, script includes, workflows, or scheduled jobs.

    Common use cases include:

    • Provisioning identity data via scripts and workflows.
    • Running scheduled or on-demand jobs for identity provisioning.
    • Embedding provisioning calls inside business rules or script includes triggered by non-admin users with proper token access and permissions.

    This API allows flexible and secure automation of identity provisioning processes within ServiceNow.

    SCIM Client Logs

    Provisioning statuses and API call results are recorded in the SCIM Client Logs. These logs can be accessed at All > SCIM > SCIM Client Logs, providing transparency and troubleshooting insights into SCIM operations.

    The SCIM v2 - ServiceNow Cross-domain Identity Management Client (com.snc.integration.scim2.client) plugin includes the following system properties, tables, scriptable APIs, and logs.

    Properties

    SCIM Client adds the following system properties.
    Table 1. Properties
    Name Description
    com.snc.integration.scim2.client.log.request.status This property determines whether to write all the log records or just the error log records. The possible values are FAILURE or ALL.

    Default value: ALL
    com.snc.integration.scim2.client.log.cleanup.duration This property determines the number of days for clearing the logs.

    Default value: 180

    To set the properties, navigate to All > SCIM > SCIM Client Properties.

    Tables

    The SCIM Client adds the following tables.

    Table 2. Tables
    Name Description
    SCIM Provider (sys_scim_provider) Stores data for each SCIM provider, such as the name, REST message resource definitions, and so on.
    SCIM Provider Resource Mapping (sys_scim_provider_resource_mapping) Stores the primary table information for each provider and resource name.
    SCIM Attribute Mapping (sys_scim_attribute_mapping) Stores the source details where each SCIM attribute value should come from, such as the table field, script, and so on.
    SCIM Client Log (sys_scim_client_logs) Stores the statuses of each call triggered to SCIM Provider.

    Scriptable API

    The SCIM2Client API calls the System for Cross-domain Identity Management (SCIM) Provider (server role) to create, update, or delete data in a service provider (SP). The scriptable API of the SCIM Client should be used in the scripts that are running in the system context or by a system admin user.

    For example, you can use the script while running the integration hub workflow as a system user, while running the scheduled jobs, and so on.

    The following are some of the use cases for using the scriptable APIs:

    • As an admin, provision identity information from background scripts, business rules, script include calls, workflows, and so on.
    • As an admin, run a scheduled job or an on-demand job for identity provisioning.
    • Run a workflow or sub-workflow with the Script step using the provision scriptable API call.
    • Add the provision script directly in a business rule or script include. The script can be triggered by non-admin users. This use-case works in the following situations:
      • The user has access to the token, meaning that the user has the role to generate the token from the REST template.
      • The user has access to retrieve the SCIM attribute values from the mapped tables.

    To know more about the scriptable API, see SCIM2Client API.

    SCIM Client Logs

    The SCIM Client Logs display the provisioning status about the SCIM APIs. To view the provisioning status, navigate to All > SCIM > SCIM Client Logs.