Thanks, Jose,
I have resolved issue with certificate(it was problem with the read access) so **searchUsers** was invoked successfully, but now **createUser** operation fails. I am using user entity from [docs](https://www.gluu.org/docs/ce/user-management/scim2/#user-object) without any changes, but receive bad request(400) status, my client logs:
```
01:33:21.077 [main] DEBUG org.apache.http.headers - >> POST /identity/restv1/scim/v2/Users HTTP/1.1
01:33:21.077 [main] DEBUG org.apache.http.headers - >> Authorization: Bearer dba2f6af-fec8-4c8f-83c4-41b0d2f11e40_59BE.E32E.8483.4E87.6667.2ECB.895C.2769
01:33:21.077 [main] DEBUG org.apache.http.headers - >> Accept: application/scim+json;charset=utf-8
01:33:21.077 [main] DEBUG org.apache.http.headers - >> Accept-Encoding: gzip, deflate
01:33:21.078 [main] DEBUG org.apache.http.headers - >> Content-Length: 1119
01:33:21.078 [main] DEBUG org.apache.http.headers - >> Content-Type: application/scim+json;charset=utf-8
01:33:21.078 [main] DEBUG org.apache.http.headers - >> Host: gluu-de.local
01:33:21.078 [main] DEBUG org.apache.http.headers - >> Connection: Keep-Alive
01:33:21.078 [main] DEBUG org.apache.http.headers - >> User-Agent: Apache-HttpClient/4.5.3 (Java/1.8.0_144)
01:33:21.078 [main] DEBUG org.apache.http.wire - >> "{"id":null,"externalId":null,"meta":{"created":null,"lastModified":null,"location":null,"version":null,"resourceType":"User"},"schemas":["urn:ietf:params:scim:schemas:core:2.0:User"],"userName":"newUser_1510183994570","name":{"formatted":"Given Name Family Name","familyName":"Family Name","givenName":"Given Name","middleName":null,"honorificPrefix":null,"honorificSuffix":null},"displayName":null,"nickName":null,"profileUrl":null,"title":null,"userType":null,"preferredLanguage":"US_en","locale":null,"timezone":null,"active":true,"password":"secret","emails":[{"operation":null,"value":"a@b.com","display":"a@b.com","primary":true,"type":"work","$ref":""}],"phoneNumbers":[{"operation":null,"value":"123-456-7890","display":"123-456-7890","primary":true,"type":"work","$ref":""}],"ims":[],"photos":[],"addresses":[{"operation":null,"primary":true,"formatted":"My Formatted Address","streetAddress":"My Street","locality":"My Locality","region":"My Region","postalCode":"12345","country":"My Country","type":"work","$ref":""}],"groups":[],"entitlements":[],"roles":[],"pairwiseIdentitifers":[],"x509Certificates":[]}"
01:33:21.206 [main] DEBUG org.apache.http.wire - << "HTTP/1.1 400 Bad Request[\r][\n]"
01:33:21.206 [main] DEBUG org.apache.http.wire - << "Date: Wed, 08 Nov 2017 23:33:21 GMT[\r][\n]"
01:33:21.206 [main] DEBUG org.apache.http.wire - << "Server: Jetty(9.3.15.v20161220)[\r][\n]"
01:33:21.206 [main] DEBUG org.apache.http.wire - << "X-Xss-Protection: 1; mode=block[\r][\n]"
01:33:21.206 [main] DEBUG org.apache.http.wire - << "X-Content-Type-Options: nosniff[\r][\n]"
01:33:21.206 [main] DEBUG org.apache.http.wire - << "Strict-Transport-Security: max-age=31536000; includeSubDomains[\r][\n]"
01:33:21.207 [main] DEBUG org.apache.http.wire - << "Content-Type: application/scim+json;charset=utf-8[\r][\n]"
01:33:21.208 [main] DEBUG org.apache.http.wire - << "Connection: close[\r][\n]"
01:33:21.208 [main] DEBUG org.apache.http.wire - << "Transfer-Encoding: chunked[\r][\n]"
01:33:21.208 [main] DEBUG org.apache.http.wire - << "[\r][\n]"
```
I assumed that something wrong with user entity, I have checked oxtrust.log, there is 401 Anuthorized status from UmaPermissionService:
```
2017-11-08 23:44:55,569 DEBUG [oxTrustScheduler_Worker-5] [org.xdi.service.timer.RequestJobListener] (RequestJobListener.java:62) - Bound request ended
2017-11-08 23:44:55,569 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:140) - Starting update of appliance status
2017-11-08 23:44:55,572 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:342) - Setting facter attributes
2017-11-08 23:44:55,595 DEBUG [oxTrustScheduler_Worker-1] [org.xdi.service.timer.RequestJobListener] (RequestJobListener.java:52) - Bound request started
2017-11-08 23:44:55,595 DEBUG [oxTrustScheduler_Worker-1] [org.xdi.service.timer.TimerJob] (TimerJob.java:34) - Fire timer event [org.xdi.service.cdi.event.UpdateScriptEvent] with qualifiers [@org.xdi.service.cdi.event.Scheduled()]
2017-11-08 23:44:55,599 DEBUG [oxTrustScheduler_Worker-1] [org.xdi.service.timer.RequestJobListener] (RequestJobListener.java:62) - Bound request ended
2017-11-08 23:44:55,787 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:465) - Setting facter param: memoryfree
2017-11-08 23:44:55,787 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:485) - memoryfree => 776.68 MB
2017-11-08 23:44:55,787 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:465) - Setting facter param: memorysize
2017-11-08 23:44:55,787 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:485) - memorysize => 3.86 GB
2017-11-08 23:44:55,787 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:465) - Setting facter param: swapfree
2017-11-08 23:44:55,787 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:485) - swapfree => 0.00 MB
2017-11-08 23:44:55,787 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:465) - Setting facter param: swapsize
2017-11-08 23:44:55,787 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:485) - swapsize => 0.00 MB
2017-11-08 23:44:55,787 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:465) - Setting facter param: hostname
2017-11-08 23:44:55,788 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:485) - hostname => gluu-de
2017-11-08 23:44:55,788 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:465) - Setting facter param: ipaddress
2017-11-08 23:44:55,788 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:485) - ipaddress => 172.10.3.54
2017-11-08 23:44:55,788 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:465) - Setting facter param: load_average
2017-11-08 23:44:55,788 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:465) - Setting facter param: bandwidth_usage
2017-11-08 23:44:55,788 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:385) - Setting bandwidth attributes
2017-11-08 23:44:55,788 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:465) - Setting facter param: uptime_seconds
2017-11-08 23:44:55,788 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:485) - uptime_seconds => 1686531
2017-11-08 23:44:55,788 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:409) - Setting df attributes
2017-11-08 23:44:55,793 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:222) - Setting httpd attributes
2017-11-08 23:44:55,806 DEBUG [Thread-294748] [org.gluu.oxtrust.ldap.service.StatusCheckerTimer] (StatusCheckerTimer.java:198) - Appliance status update finished
2017-11-08 23:45:17,954 INFO [qtp985655350-14] [oxtrust.service.scim2.jackson.custom.UserDeserializer] (UserDeserializer.java:45) - deserialize()
2017-11-08 23:45:18,069 DEBUG [qtp985655350-14] [org.gluu.oxtrust.service.uma.UmaPermissionService] (UmaPermissionService.java:186) - Construct response: HTTP 401 (Unauthorized), ??????: '03a712ec-c649-416a-907f-582d6c9679a7'
2017-11-08 23:45:19,546 INFO [qtp985655350-13] [oxtrust.service.scim2.jackson.custom.UserDeserializer] (UserDeserializer.java:45) - deserialize()
```
Do you have any assumptions what is wrong this time?
Thanks,
Alex