RFC Errata


Errata Search

 
Source of RFC  
Summary Table Full Records

RFC 7644, "System for Cross-domain Identity Management: Protocol", September 2015

Source of RFC: scim (art)

Errata ID: 5295
Status: Reported
Type: Technical
Publication Format(s) : TEXT

Reported By: Marcel van den Dungen
Date Reported: 2018-03-22

Section 3.5.2.1 says:

If the user was already a member of this group, no changes should be
made to the resource, and a success response should be returned.
The server responds with either the entire updated Group or no
response body:

   HTTP/1.1 204 No Content
   Authorization: Bearer h480djs93hd8
   ETag: W/"b431af54f0671a2"
   Location:
   "https://example.com/Groups/acbf3ae7-8463-...-9b4da3f908ce"

It should say:

If the user was already a member of this group, no changes should be
made to the resource, and a success response should be returned.
The server responds with either the entire updated Group or no
response body:

   HTTP/1.1 204 No Content
   ETag: W/"b431af54f0671a2"

Notes:

The Authorization header is a request header and should not be included in a response.
The Location header is used to redirect a client to a new location or indicate the location of a new resource. Neither is the case here, so the header should be omitted.

Also, it's unclear from the text whether it's valid to respond with 204 No Content if the user was successfully added to the group.

Report New Errata