I now tried to use the Java client, but the same error appears in the oxauth.log:
```
2018-03-12 09:56:43,975 INFO [qtp2008017533-17] [org.xdi.oxauth.auth.AuthenticationFilter] (AuthenticationFilter.java:395) - JWT authentication failed: {}
org.xdi.oxauth.model.exception.InvalidJwtException: Cannot verify the JWT
[...]
Caused by: org.xdi.oxauth.model.exception.InvalidJwtException: Invalid authentication method
[...]
```
I followed the docs: https://www.gluu.org/docs/ce/user-management/scim2/.
I enabled the SCIM Support in the Organization Configuration and enabled the custom script uma_client_authz_rpt_policy.
Then I got the client ID from the setup properties file. It matches the one listed in the "allowed_clients" property in the custom script "uma_client_authz_rpt_policy", so I guess I got the right one.
I copied the scim-rp.jks to the root directory of my Java project and made sure, the default password "secret" works. I copied the first alias from the JKS to the variable umaAatClientKeyId in the Java program (which according to the docs is redundant).
What I'm doing on the Java side is simply executing the example from the docs. When it comes to run ```client.searchUsers()```, an IOException is thrown.
The only thing that looks suspicious to me is the setting "scimUmaClientKeyId" in the Gluu configuration. It was empty by default and I entered the first alias from the _scim-rp.jks_ file.
One thing that I observed was, that the path to the jsk I pass to the Java client has no effect at all. I can point to a non-existent file and still get the same IOException. This makes me guess, that the error occurs before the authentication with the server even starts. It seems to be a configuration issue with the Gluu server. But I can't figure out where to search for.
Thank you for any further help!