From 704fe20cf20f7c3b612cedbad9dd8d1ce309116d Mon Sep 17 00:00:00 2001 From: Alejandro Olivares Date: Thu, 4 Dec 2025 14:03:20 +0100 Subject: [PATCH 1/3] Implement DELETE for SCIM Groups --- github/enterprise_scim.go | 16 ++++++++++++++++ github/enterprise_scim_test.go | 27 +++++++++++++++++++++++++++ 2 files changed, 43 insertions(+) diff --git a/github/enterprise_scim.go b/github/enterprise_scim.go index 3243841a88c..490a51e3369 100644 --- a/github/enterprise_scim.go +++ b/github/enterprise_scim.go @@ -257,3 +257,19 @@ func (s *EnterpriseService) UpdateSCIMUserAttribute(ctx context.Context, enterpr return user, resp, nil } + +// DeleteSCIMGroup deletes a SCIM group from an enterprise. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/scim#delete-a-scim-group-from-an-enterprise +// +//meta:operation DELETE /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id} +func (s *EnterpriseService) DeleteSCIMGroup(ctx context.Context, enterprise, scimGroupID string) (*Response, error) { + u := fmt.Sprintf("scim/v2/enterprises/%v/Groups/%v", enterprise, scimGroupID) + req, err := s.client.NewRequest("DELETE", u, nil) + if err != nil { + return nil, err + } + req.Header.Set("Accept", mediaTypeV3) + + return s.client.Do(ctx, req, nil) +} diff --git a/github/enterprise_scim_test.go b/github/enterprise_scim_test.go index 4f65c27ff71..8f8d1a3ce4c 100644 --- a/github/enterprise_scim_test.go +++ b/github/enterprise_scim_test.go @@ -660,3 +660,30 @@ func TestEnterpriseService_UpdateSCIMUserAttribute(t *testing.T) { return resp, err }) } + +func TestEnterpriseService_DeleteSCIMGroup(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/scim/v2/enterprises/ee/Groups/abcd", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "DELETE") + testHeader(t, r, "Accept", mediaTypeV3) + w.WriteHeader(http.StatusNoContent) + }) + + ctx := t.Context() + _, err := client.Enterprise.DeleteSCIMGroup(ctx, "ee", "abcd") + if err != nil { + t.Fatalf("Enterprise.DeleteSCIMGroup returned unexpected error: %v", err) + } + + const methodName = "DeleteSCIMGroup" + testBadOptions(t, methodName, func() (err error) { + _, err = client.Enterprise.DeleteSCIMGroup(ctx, "\n", "\n") + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Enterprise.DeleteSCIMGroup(ctx, "ee", "abcd") + }) +} From 41e5f3e9bb4332d527c7e93ae318ec0e07ebf7c1 Mon Sep 17 00:00:00 2001 From: Alejandro Olivares Date: Thu, 4 Dec 2025 17:41:37 +0100 Subject: [PATCH 2/3] Implement DELETE for SCIM Users --- github/enterprise_scim.go | 22 +++++++++++++++++++++- github/enterprise_scim_test.go | 27 +++++++++++++++++++++++++++ 2 files changed, 48 insertions(+), 1 deletion(-) diff --git a/github/enterprise_scim.go b/github/enterprise_scim.go index 490a51e3369..572c37dc25e 100644 --- a/github/enterprise_scim.go +++ b/github/enterprise_scim.go @@ -269,7 +269,27 @@ func (s *EnterpriseService) DeleteSCIMGroup(ctx context.Context, enterprise, sci if err != nil { return nil, err } - req.Header.Set("Accept", mediaTypeV3) + + return s.client.Do(ctx, req, nil) +} + +// DeleteSCIMUser deletes a SCIM user from an enterprise. +// +// Suspends a SCIM user permanently from an enterprise. This action will: +// remove all the user's data, anonymize their login, email, and display name, +// erase all external identity SCIM attributes, delete the user's emails, +// avatar, PATs, SSH keys, OAuth authorizations, GPG keys, and SAML mappings. +// This action is irreversible. +// +// GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/scim#delete-a-scim-user-from-an-enterprise +// +//meta:operation DELETE /scim/v2/enterprises/{enterprise}/Users/{scim_user_id} +func (s *EnterpriseService) DeleteSCIMUser(ctx context.Context, enterprise, scimUserID string) (*Response, error) { + u := fmt.Sprintf("scim/v2/enterprises/%v/Users/%v", enterprise, scimUserID) + req, err := s.client.NewRequest("DELETE", u, nil) + if err != nil { + return nil, err + } return s.client.Do(ctx, req, nil) } diff --git a/github/enterprise_scim_test.go b/github/enterprise_scim_test.go index 8f8d1a3ce4c..431f34d1f69 100644 --- a/github/enterprise_scim_test.go +++ b/github/enterprise_scim_test.go @@ -687,3 +687,30 @@ func TestEnterpriseService_DeleteSCIMGroup(t *testing.T) { return client.Enterprise.DeleteSCIMGroup(ctx, "ee", "abcd") }) } + +func TestEnterpriseService_DeleteSCIMUser(t *testing.T) { + t.Parallel() + client, mux, _ := setup(t) + + mux.HandleFunc("/scim/v2/enterprises/ee/Users/7fce", func(w http.ResponseWriter, r *http.Request) { + testMethod(t, r, "DELETE") + testHeader(t, r, "Accept", mediaTypeV3) + w.WriteHeader(http.StatusNoContent) + }) + + ctx := t.Context() + _, err := client.Enterprise.DeleteSCIMUser(ctx, "ee", "7fce") + if err != nil { + t.Fatalf("Enterprise.DeleteSCIMUser returned unexpected error: %v", err) + } + + const methodName = "DeleteSCIMUser" + testBadOptions(t, methodName, func() (err error) { + _, err = client.Enterprise.DeleteSCIMUser(ctx, "\n", "\n") + return err + }) + + testNewRequestAndDoFailure(t, methodName, client, func() (*Response, error) { + return client.Enterprise.DeleteSCIMUser(ctx, "ee", "7fce") + }) +} From 3903d4e0b0c0ad701f6ac3124808830ced25d749 Mon Sep 17 00:00:00 2001 From: Alejandro Olivares Date: Thu, 4 Dec 2025 18:21:33 +0100 Subject: [PATCH 3/3] Enhance the methods documentation --- github/enterprise_scim.go | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/github/enterprise_scim.go b/github/enterprise_scim.go index 572c37dc25e..e31ce219adb 100644 --- a/github/enterprise_scim.go +++ b/github/enterprise_scim.go @@ -162,6 +162,9 @@ type SCIMEnterpriseAttributeOperation struct { // ListProvisionedSCIMGroups lists provisioned SCIM groups in an enterprise. // +// You can improve query search time by using the `excludedAttributes` query +// parameter with a value of `members` to exclude members from the response. +// // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/scim#list-provisioned-scim-groups-for-an-enterprise // //meta:operation GET /scim/v2/enterprises/{enterprise}/Groups @@ -189,6 +192,10 @@ func (s *EnterpriseService) ListProvisionedSCIMGroups(ctx context.Context, enter // ListProvisionedSCIMUsers lists provisioned SCIM enterprise users. // +// When members are part of the group provisioning payload, they're designated +// as external group members. Providers are responsible for maintaining a +// mapping between the `externalId` and `id` for each user. +// // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/scim#list-scim-provisioned-identities-for-an-enterprise // //meta:operation GET /scim/v2/enterprises/{enterprise}/Users @@ -216,6 +223,14 @@ func (s *EnterpriseService) ListProvisionedSCIMUsers(ctx context.Context, enterp // UpdateSCIMGroupAttribute updates a provisioned group’s individual attributes. // +// The `attribute` parameter must include at least one of the following +// Operations: `add`, `remove`, or `replace`. +// +// The update function can also be used to add group memberships. +// +// You can submit group memberships individually or in batches for improved +// efficiency. +// // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/scim#update-an-attribute-for-a-scim-enterprise-group // //meta:operation PATCH /scim/v2/enterprises/{enterprise}/Groups/{scim_group_id} @@ -238,6 +253,16 @@ func (s *EnterpriseService) UpdateSCIMGroupAttribute(ctx context.Context, enterp // UpdateSCIMUserAttribute updates a provisioned user's individual attributes. // +// The `attribute` parameter must include at least one of the following +// Operations: `add`, `remove`, or `replace`. +// +// Note: Complex SCIM path selectors that include filters are not supported. +// For example, a path selector defined as `"path": "emails[type eq \"work\"]"` +// will be ineffective. +// +// Warning: Setting `active: false` will suspend a user, and their handle and +// email will be obfuscated. +// // GitHub API docs: https://docs.github.com/enterprise-cloud@latest/rest/enterprise-admin/scim#update-an-attribute-for-a-scim-enterprise-user // //meta:operation PATCH /scim/v2/enterprises/{enterprise}/Users/{scim_user_id}