I'm implementing SCIM group provision from Azure AD. But I don't support nested groups. Below is the patch call from Azure AD (When a member is added).
{
"schemas": [
"urn:ietf:params:scim:api:messages:2.0:PatchOp"
],
"Operations":[{
"op":"add",
"path":"members",
"value":[{
"ref":"https://example.com/v2/Users/45",
"value": "45"
}]
}]
}
I'm unable to identify whether the member is of user type or group type resource. Kindly, help me how I can restrict this in the code or is there any way I can restrict it directly from Azure AD to not send the Group type members.