Get a Long-Lived Token {#long-lived-token}

To use the SCIM API, you need a "long-lived token."
You can get this token from the Provisioning app in the Developer Console.

For how to make an API call, see API Call.

What is a long-lived token {#about-long-lived-token}

A long-lived token is credential information required to use the SCIM API for account and resource management automation.

Field	Description
Token type	Service account token (JWT)
Validity period	90 days (The validity period automatically renews when the token is used.)
Generation rules	• Use Client Credentials to get a token. • You can view the token only once after it is issued; if lost, you can get a new token after revoking the existing one.

How to get a long-lived token {#how-to-issue-long-lived-token}

After a service account is automatically issued, a long-lived token is issued following authentication.
The process is performed automatically, so you can get a result (long-lived token) instantly.

In API > ClientApp in the Developer Console, click Add client app and select Provisioning management to create a provisioning app.
• For more information, see Provisioning app.
On the Manage client apps page, turn on Enable SCIM.
• To issue tokens, you must first enable SCIM.
In Dedicated Token of the app, click Issue Token to get a token.
• Copy the token issued from the Issue Long-lived Token window and save it.
• You can view the token only once to prevent it from being disclosed. Please ensure that the token is not lost.
• If your token is lost, revoke it and get a new token.
• The validity period of a token is 90 days and automatically renews when the token is used.

Provisioning app {#provisioning-app}

A provisioning app, a type of client apps, supports stable and consistent life cycle management tasks such as creating, updating, and deleting user accounts.
It is mainly used for account sync between systems, such as SCIM API integration, to issue and use long-lived tokens to control resources without individual user account authentication.

Only administrators with Developers authority can create, get, update, and delete provisioning apps.
To use provisioning settings and login integration (SSO) at the same time, select LINE WORKS Account for User Key in SSO Type in the Developer Console.

Provisioning app management information {#manage-provisioning-app}

Provisioning apps manage the following information.

■ Basic information {#provisioning-app-basic-information}

The following table shows the basic information of OAuth/API integration apps.

Field	Description
App name	App name specified when an app is added. You can change the app name.
App description	You can add a description about the app.
App access permission	Permission to access the app. You can specify members who can update and delete the app.

■ Client credentials and access scope {#provisioning-app-client-setting}

The following table shows information about the authentication of provisioning integration apps.

Field	Description
Enable SCIM	Enables or disables SCIM. Create a provisioning app and enable SCIM to get a long-lived token.
Token settings	Token action of the app. Issues or revokes long-lived tokens.