SCIM Sync Logs are the audit of operations between the identity provider (IdP) and the SCIM service. Operations that change the state of the users and groups are presented on the SCIM Sync Logs page.

About the SCIM Sync Logs Page

On the SCIM Sync Logs page (Authentication > User Authentication > SCIM Management > SCIM Sync Logs), you can do the following:

1. Filter the information that appears in the table over a period between 7 Days and 14 Days, or you can select Custom Range. If you use a Custom Range, the start and end date must be within the last two weeks. By default, this is set to two weeks.
2. View a list of applied filters available from the current and previous user sessions. Applied filters must be saved to the user session first before they can be viewed. Use the drop-down menu to select the applied filters to view. To learn more, see Using Tables.
3. Hide the filters on the page by clicking Hide Filters. Click Show Filters to display the filters.
4. Refresh the SCIM Sync Logs page to reflect the most current information.
5. Filter the information that appears in the table. By default, no filters are selected. You can search for SCIM logs using the following filters:
   • Entity Name: The name of the entity (i.e., User Name, Group Name).
   • IdP SCIM Entity ID: ZPA's IdP SCIM entity ID for the user or group obtained from the IdP.
   • Internal Entity ID: ZPA's internal ID for the user or group is obtained from the IdP, which is generated by the ZPA SCIM service.
   • Payload Search Entity ID: ZPA's internal ID that matches either the entity ID resource or is part of an associated user or group resource.
   • Entity Type: The type of the entity (i.e., user or group).
   • Response Status Code: The HTTP status code in the response (i.e., 200, 201, 204, 400, 403, 404, 409).
   • HTTP Method: The type of the HTTP method (i.e., POST, PUT, PATCH, DELETE).
   • Response Duration: The duration of the response in the following increments:
     • Up to 200 milliseconds
     • Up to 500 milliseconds
     • Up to 1 second
     • Up to 3 seconds
     • More than 3 seconds
6. Select a SCIM-enabled IdP to generate a list of SCIM logs in the table.
7. View a list of SCIM sync logs. For each log, you can see:
   • Request Time: The date and time of the request.
   • Request (Method - URL): The type of HTTP method (i.e., POST, PUT, PATCH, DELETE) and the URL endpoint.
   • Entity (Type: Internal Entity ID): ZPA's internal ID for the user or group.
   • Entity Name: The name of the entity (i.e., User Name, Group Name).
   • IdP SCIM Entity ID: ZPA's IdP SCIM Entity ID for the user or group obtained from the IdP.
   • Response Duration (ms): The duration of the response in milliseconds.
   • Status Code: The HTTP status code associated with the request.
8. Click the View icon () to open the Sync Log Details drawer and see the GID and request details.
9. Modify the columns displayed in the table.
10. Display more rows or a different page of the table.
11. Open the Zscaler Help Browser and view Help Portal articles without leaving the ZPA Admin Portal.
12. Go to the SCIM Attributes page to view the SCIM attributes for the selected IdP.
13. Go to the SCIM Users page to view the users provisioned for the IdP using SCIM.
14. Go to the SCIM Groups page to view the groups provisioned for the IdP using SCIM.