From your request I assume you are using WSO2 APIM (you may be specific in your questions)
I have read that Identity Server (IS) provides SCIM Apis to add users programmatically. Is it possible without IS?
As far I know the SCIM is provided by an identity server (short answer - no), but there are other options you may have to achieve your goals
I would expect that 1) an application should be able to register a new user (with username and password) to Key Manager
- You could manage users with underlying userstore (LDAP, ...)
- You can use Admin Services, see e.g. RemoteUserStoreManagerService (I'd recommend this option if you are using the build-in jdbc userstore)
2) the application should call the /token service in order to get the token, using username, password and Basic Authentication with the API key I have provided.
To get a user token with user credentials you may use OAuth2 password grant type.
IMHO - instead of sending application credentials as basic authentication I suggest to follow pure OAuth2 specification and send the application credentials as parameters (client_id, client_secret). WSO2 supports this option too and this way you stay more aligned to standards (supporting other products/services if needed).