Will a request to /Users or /Groups return 404 if it doesn't have the right token ?

Community Member

Hi, we're developing an integration that leverages 1password SCIM bridge.

Our integration gets the OAuth token from our customer, and then makes a request to https://{domain}/Groups and https://{domain}/Users.

Both of these requests (and also with {domain}/scim/Users and {domain}/scim/Groups) are returning 404.

Could it be the case that the token is wrong ? We would expect a 401/413/etc error if that was the case rather than a 404.

Also, is there any configuration that our customer could have changed so that these are not the right endpoints ? Any common missing configurations or checks we could have them do to confirm that these endpoints should be accesible?

Thanks in advance!

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided


  • Hey there,

    Thanks for writing in and we apologize for late response on this thread.
    We would need some more details and context to better understand your usecase. Feel free to write us at businesssupport@1password.com and our integration-support can help you.

  • qapf
    Community Member
    edited July 2023

    I believe the service does return a 404 when the bearer token is invalid. My own experiments today seem to prove that out.

    If you put "Bearer :" in your authorization header, you'll also be sad.

    As well, the server does not use the /v2 prefix in the url from the SCIM standard. That is to say

    curl -v -H "authorization: ${API_KEY}" https://example.scim.service/Users\?startIndex\=1\&count\=2

    Is a working command that returns output.

  • Glad to know you figured out solution. Thanks for sharing experience with us.

This discussion has been closed.