nopcoder
diff --git a/‎content/rest/enterprise-admin/scim.md
Lines changed: 68 additions & 1 deletion b/‎content/rest/enterprise-admin/scim.md
Lines changed: 68 additions & 1 deletion
diff --git a/‎data/release-notes/enterprise-server/3-3/12.yml
Lines changed: 1 addition & 0 deletions b/‎data/release-notes/enterprise-server/3-3/12.yml
Lines changed: 1 addition & 0 deletions
diff --git a/‎lib/redirects/static/client-side-rest-api-redirects.json
Lines changed: 2 additions & 2 deletions b/‎lib/redirects/static/client-side-rest-api-redirects.json
Lines changed: 2 additions & 2 deletions
diff --git a/‎lib/rest/static/apps/enabled-for-apps.json
Lines changed: 4 additions & 4 deletions b/‎lib/rest/static/apps/enabled-for-apps.json
Lines changed: 4 additions & 4 deletions
diff --git a/‎lib/rest/static/decorated/api.github.com.json
Lines changed: 27 additions & 3 deletions b/‎lib/rest/static/decorated/api.github.com.json
Lines changed: 27 additions & 3 deletions
@@ -1,10 +1,77 @@
 ---
 title: SCIM
-intro: ''
+intro: 'You can automate user creation and team memberships using the SCIM API.'
 versions:
   ghes: '>=3.6'
 topics:
   - API
 miniTocMaxHeadingLevel: 3
 ---
 
+{% note %}
+
+**Note:** The SCIM API for {% data variables.product.product_name %} is currently in private beta and subject to change. To access the private beta and test the API, contact your account manager on {% data variables.contact.contact_enterprise_sales %}.
+
+{% endnote %}
+
+## About the SCIM API
+
+{% data variables.product.product_name %} provides a SCIM API for use by SCIM-enabled Identity Providers (IdPs). An integration on the IdP can use the API to automatically provision, manage, or deprovision user accounts on a {% data variables.product.product_name %} instance that uses SAML single sign-on (SSO) for authentication. For more information about SAML SSO, see "[About SAML for enterprise IAM](/admin/identity-and-access-management/using-saml-for-enterprise-iam/about-saml-for-enterprise-iam)."
+
+The SCIM API is based on SCIM 2.0. For more information, see the [specification](https://www.simplecloud.info/#Specification).
+
+### SCIM endpoint URLs
+
+An IdP can use the following root URL to communicate with the SCIM API for a {% data variables.product.product_name %} instance.
+
+```
+{% data variables.product.api_url_code %}/scim/v2/
+```
+
+Endpoint URLs for the SCIM API are case-sensitive. For example, the first letter in the `Users` endpoint must be capitalized.
+
+```shell
+GET /scim/v2/Users/{scim_user_id}
+```
+
+### Authenticating calls to the SCIM API
+
+The SCIM integration on the IdP performs actions on behalf of an enterprise owner for the {% data variables.product.product_name %} instance. For more information, see "[Roles in an enterprise](/admin/user-management/managing-users-in-your-enterprise/roles-in-an-enterprise#enterprise-owners)."
+
+To authenticate requests to the API, the person who configures SCIM on the IdP must use a personal access token (classic) with `admin:enterprise` scope, which the IdP must provide in the request's `Authorization` header. For more information about personal access tokens (classic), see "[Creating a personal access token](/authentication/keeping-your-account-and-data-secure/creating-a-personal-access-token)".
+
+{% note %}
+
+**Note:** Enterprise owners must generate and use a personal access token (classic) for authentication of requests to the SCIM API. {% ifversion ghes > 3.8 %}Fine-grained personal access tokens and {% endif %}GitHub app callers are not supported at this time.
+
+{% endnote %}
+
+### About mapping of SAML and SCIM data
+  
+The {% data variables.product.product_name %} instance links each user who authenticates successfully with SAML SSO to a SCIM identity. To link the identities successfully, the SAML IdP and the SCIM integration must use matching SAML `NameID` and SCIM `userName` values for each user.
+
+{% ifversion ghes > 3.7 %}
+{% note %}
+
+**Note:** If the {% data variables.product.product_name %} uses Azure AD as a SAML IdP, {% data variables.product.product_name %} will also check the SCIM `externalId` claim and SAML `http://schemas.microsoft.com/identity/claims/objectidentifier` claim to match users first, instead of using `NameID` and `userName`. 
+
+{% endnote %}
+{% endif %}
+
+### Supported SCIM user attributes
+
+The SCIM API's `User` endpoints support the following attributes within a request's parameters.
+
+| Name | Type | Description |
+| :- | :- | :- |
+| `displayName` | String | Human-readable name for a user. |
+| `name.formatted` | String | The user's full name, including all middle names, titles, and suffixes, formatted for display.
+| `name.givenName` | String | The first name of the user. |
+| `name.familyName` | String | The last name of the user. |
+| `userName` | String | The username for the user, generated by the IdP. Undergoes [normalization](/admin/identity-and-access-management/managing-iam-for-your-enterprise/username-considerations-for-external-authentication#about-username-normalization) before being used. 
+| `emails` | Array | List of the user's emails. |
+| `roles` | Array | List of the user's roles. |
+| `externalId` | String | This identifier is generated by an IdP provider. You can find the `externalId` for a user either on the IdP, or by using the [List SCIM provisioned identities](#list-scim-provisioned-identities-for-an-enterprise) endpoint and filtering on other known attributes, such as a user's username or email address on the {% data variables.product.product_name %} instance. |
+| `id` | String | Identifier generated by the instance's SCIM endpoint. |
+| `active` | Boolean | Indicates whether the identity is active (`true`) or should be suspended (`false`). |
+
@@ -20,3 +20,4 @@ sections:
     - Resource limits that are specific to processing pre-receive hooks may cause some pre-receive hooks to fail.
     - '{% data variables.product.prodname_actions %} storage settings cannot be validated and saved in the {% data variables.enterprise.management_console %} when "Force Path Style" is selected, and must instead be configured with the `ghe-actions-precheck` command line utility.'
     - '{% data reusables.release-notes.ghas-3.4-secret-scanning-known-issue %}'
+    - The [file finder](/search-github/searching-on-github/finding-files-on-github) does not return any results. To restore functionality, reinstall the 3.3.12 patch release using a full upgrade package. For more information, see "[Upgrading GitHub Enterprise Server](/admin/enterprise-management/updating-the-virtual-machine-and-physical-resources/upgrading-github-enterprise-server#upgrading-with-an-upgrade-package)."
@@ -956,8 +956,8 @@
   "/rest/teams#unlink-external-idp-group-team-connection": "/rest/teams/external-groups#unlink-external-idp-group-team-connection",
   "/rest/teams#list-idp-groups-for-a-team": "/rest/teams/team-sync#list-idp-groups-for-a-team",
   "/rest/teams#create-or-update-idp-group-connections": "/rest/teams/team-sync#create-or-update-idp-group-connections",
-  "/rest/actions/oidc#get-the-opt-out-flag-of-an-oidc-subject-claim-customization-for-a-repository": "/rest/actions/oidc#get-the-opt-out-flag-of-an-oidc-subject-claim-customization-for-a-repository",
-  "/rest/actions/oidc#set-the-opt-out-flag-of-an-oidc-subject-claim-customization-for-a-repository": "/rest/actions/oidc#set-the-opt-out-flag-of-an-oidc-subject-claim-customization-for-a-repository",
+  "/rest/actions/oidc#get-the-customization-template-for-an-oidc-subject-claim-for-a-repository": "/rest/actions/oidc#get-the-customization-template-for-an-oidc-subject-claim-for-a-repository",
+  "/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-a-repository": "/rest/actions/oidc#set-the-customization-template-for-an-oidc-subject-claim-for-a-repository",
   "/rest/teams#list-idp-groups-for-a-team-legacy": "/rest/teams/team-sync#list-idp-groups-for-a-team-legacy",
   "/rest/teams#create-or-update-idp-group-connections-legacy": "/rest/teams/team-sync#create-or-update-idp-group-connections-legacy",
   "/rest/enterprise-admin#list-global-webhooks": "/rest/enterprise-admin/global-webhooks#list-global-webhooks",
 
@@ -4115,13 +4115,13 @@
         "requestPath": "/repos/{owner}/{repo}/actions/jobs/{job_id}/rerun"
       },
       {
-        "slug": "get-the-opt-out-flag-of-an-oidc-subject-claim-customization-for-a-repository",
+        "slug": "get-the-customization-template-for-an-oidc-subject-claim-for-a-repository",
         "subcategory": "oidc",
         "verb": "get",
         "requestPath": "/repos/{owner}/{repo}/actions/oidc/customization/sub"
       },
       {
-        "slug": "set-the-opt-in-flag-of-an-oidc-subject-claim-customization-for-a-repository",
+        "slug": "set-the-customization-template-for-an-oidc-subject-claim-for-a-repository",
         "subcategory": "oidc",
         "verb": "put",
         "requestPath": "/repos/{owner}/{repo}/actions/oidc/customization/sub"
@@ -22133,7 +22133,7 @@
         "requestPath": "/scim/v2/enterprises/{enterprise}/Groups"
       },
       {
-        "slug": "provision-a-scim-enterprise-group-and-invite-users",
+        "slug": "provision-a-scim-enterprise-group",
         "subcategory": "scim",
         "verb": "post",
         "requestPath": "/scim/v2/enterprises/{enterprise}/Groups"
@@ -22169,7 +22169,7 @@
         "requestPath": "/scim/v2/enterprises/{enterprise}/Users"
       },
       {
-        "slug": "provision-and-invite-a-scim-enterprise-user",
+        "slug": "provision-a-scim-enterprise-user",
         "subcategory": "scim",
         "verb": "post",
         "requestPath": "/scim/v2/enterprises/{enterprise}/Users"
 
@@ -88571,6 +88571,10 @@
               "contentType": "application/json",
               "description": "Example",
               "acceptHeader": "application/vnd.github.v3+json",
+              "bodyParameters": {
+                "subscribed": true,
+                "ignored": false
+              },
               "parameters": {
                 "owner": "OWNER",
                 "repo": "REPO"
@@ -241395,6 +241399,10 @@
               "contentType": "application/json",
               "description": "Example",
               "acceptHeader": "application/vnd.github.v3+json",
+              "bodyParameters": {
+                "limit": "collaborators_only",
+                "expiry": "one_month"
+              },
               "parameters": {
                 "org": "ORG"
               }
@@ -383879,7 +383887,7 @@
             "type": "string",
             "name": "merge_method",
             "in": "body",
-            "description": "<p>Merge method to use. Possible values are <code>merge</code>, <code>squash</code> or <code>rebase</code>. Default is <code>merge</code>.</p>",
+            "description": "<p>The merge method to use.</p>",
             "enum": [
               "merge",
               "squash",
@@ -383890,11 +383898,15 @@
         "enabledForGitHubApps": true,
         "codeExamples": [
           {
-            "key": "default",
+            "key": "response-if-merge-was-successful",
             "request": {
               "contentType": "application/json",
               "description": "Example",
               "acceptHeader": "application/vnd.github.v3+json",
+              "bodyParameters": {
+                "commit_title": "Expand enum",
+                "commit_message": "Add a new value to the merge_method enum"
+              },
               "parameters": {
                 "owner": "OWNER",
                 "repo": "REPO",
@@ -441091,7 +441103,14 @@
             "request": {
               "contentType": "application/json",
               "description": "Example",
-              "acceptHeader": "application/vnd.github.v3+json"
+              "acceptHeader": "application/vnd.github.v3+json",
+              "bodyParameters": {
+                "name": "Hello-World",
+                "description": "This is your first repo!",
+                "homepage": "https://github.com",
+                "private": false,
+                "is_template": true
+              }
             },
             "response": {
               "statusCode": "201",
@@ -448469,6 +448488,11 @@
               "contentType": "application/json",
               "description": "Example",
               "acceptHeader": "application/vnd.github.v3+json",
+              "bodyParameters": {
+                "organization": "octocat",
+                "name": "Hello-World",
+                "default_branch_only": true
+              },
               "parameters": {
                 "owner": "OWNER",
                 "repo": "REPO"