From cab12be82e0a5251a37f1888dcd321c0f7731a30 Mon Sep 17 00:00:00 2001 From: Matt Linville Date: Tue, 7 Apr 2026 12:26:55 -0700 Subject: [PATCH] Fix SCIM BYOB examples - Providers are case-sensitive and uppercase - Fix provider names for GCP and AWS providers - Adjust order of providers to be alphabetical but show COREWEAVE first Fixes WBDOCS-2015 --- platform/hosting/iam/scim.mdx | 55 +++++++++++++++++++---------------- 1 file changed, 30 insertions(+), 25 deletions(-) diff --git a/platform/hosting/iam/scim.mdx b/platform/hosting/iam/scim.mdx index 6742d991fa..62b2493a86 100644 --- a/platform/hosting/iam/scim.mdx +++ b/platform/hosting/iam/scim.mdx @@ -1240,7 +1240,7 @@ GET /scim/Groups You can configure team-level [Bring your own bucket (BYOB)](/platform/hosting/data-security/secure-storage-connector) during team creation by including a `storageBucket` object. If omitted, the team uses default or instance-level storage. Provision the bucket (policy, CORS, credentials) and determine the storage address format per provider using the BYOB guide. The `storageBucket` object has the following sub-fields: -- **Required**: `name` (bucket name), `provider` (one of 'coreweave`, `aws`, `gcp`, `azure`, `minio`). Case-sensitive. +- **Required**: `name` (bucket name), `provider` (one of `COREWEAVE`, `AWS`, `AZURE`, `GCP`, or `MINIO`). The value is case-sensitive; use uppercase as shown. - **Optional**: `path` (path prefix within the bucket), `kmsKeyId` (KMS key for encryption, for example for AWS), `awsExternalId` (AWS cross-account access), `azureTenantId` (Azure tenant ID), `azureClientId` (Azure managed identity client ID). W&B validates that the bucket exists and is reachable before creating the team. If validation fails, the SCIM request fails and the team is not created. @@ -1269,6 +1269,7 @@ POST /scim/Groups } ``` + ```bash POST /scim/Groups @@ -1287,12 +1288,13 @@ Content-Type: application/scim+json ], "storageBucket": { "name": "wandb-coreweave-bucket", - "provider": "coreweave", + "provider": "COREWEAVE", "path": "ml-training/experiments" } } ``` + ```bash POST /scim/Groups @@ -1311,7 +1313,7 @@ Content-Type: application/scim+json ], "storageBucket": { "name": "my-company-wandb-data", - "provider": "s3", + "provider": "AWS", "path": "ml-team/experiments", "kmsKeyId": "arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012", "awsExternalId": "wandb-external-id-abc123" @@ -1319,7 +1321,30 @@ Content-Type: application/scim+json } ``` - + + +```bash +POST /scim/Groups +Content-Type: application/scim+json +``` + +```json +{ + "schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"], + "displayName": "research-team", + "members": [], + "storageBucket": { + "name": "wandbstorage", + "provider": "AZURE", + "path": "research/artifacts", + "azureTenantId": "12345678-1234-1234-1234-123456789012", + "azureClientId": "87654321-4321-4321-4321-210987654321" + } +} +``` + + + ```bash POST /scim/Groups Content-Type: application/scim+json @@ -1341,33 +1366,13 @@ Content-Type: application/scim+json ], "storageBucket": { "name": "my-gcs-bucket", - "provider": "gcs", + "provider": "GCP", "path": "data-science/runs" } } ``` - -```bash -POST /scim/Groups -Content-Type: application/scim+json -``` -```json -{ - "schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"], - "displayName": "research-team", - "members": [], - "storageBucket": { - "name": "wandbstorage", - "provider": "azure", - "path": "research/artifacts", - "azureTenantId": "12345678-1234-1234-1234-123456789012", - "azureClientId": "87654321-4321-4321-4321-210987654321" - } -} -``` - ```bash