Stack Overflow
Stack Overflow

Questions tagged [scim2]

The SCIM 2.0 specifications designed to make managing user identities in cloud-based applications and services easier.

The specification suite seeks to build upon experience with existing schemas and deployments, placing specific emphasis on simplicity of development and integration, while applying existing authentication, authorization, and privacy models. Its intent is to reduce the cost and complexity of user management operations by providing a common user schema and extension model, as well as binding documents to provide patterns for exchanging this schema using standard protocols. In essence: make it fast, cheap, and easy to move users in to, out of, and around the cloud.

SCIM 2.0 is released as RFC7642, RFC7643 and RFC7644 under IETF in September 2015.

SCIM Homepage http://www.simplecloud.info/

85 questions
11
votes
1 answer

Okta SCIM Deprovisioning via PUT method?

Our backend server doesn't support HTTP PATCH method (only PUT). As the result we cannot properly Unassign User from SCIM app. When I try Unassign User, Okta SCIM seems make PATCH request (not PUT). The Okta SCIM docs says: Okta also does a PUT if…
Andrii Furmanets
  • 771
  • 2
  • 8
  • 29
4
votes
0 answers

Configure SCIM user provisioning with GSuite Google Workspace

I would like to provision my SaaS application and Google Workspace (ex GSuite) using SCIM. I do not find any documentation for this. Just a list of pre-configured applications. It seems to be well supported on Microsoft Azure AD and other identity…
poiuytrez
  • 18,348
  • 28
  • 100
  • 156
4
votes
0 answers

How do you publish a SCIM 2.0 provisioning app in the G Suite Marketplace?

I'd like to publish an app on the G Suite Marketplace that allows user and group management/provisioning via SCIM 2.0. Where do I need to go to configure that? This article from 2016 made me think it would be possible…
Chance Ramey
  • 41
  • 1
4
votes
3 answers

PATCH request for SCIM 2.0

We are sending PATCH request to a server in SCIM specification. As per the SCIM specifications, the request should contain following attributes in PATCH request. op path value So if we are changing the 'givenName' attribute from core schema then…
Ravi
  • 94
  • 4
  • 12
3
votes
1 answer

Where is the Swagger definition located of Scim2 on WSO2 Identity server

I'm looking for the location of the swagger file(if it exist) on the WSO2 identity server 5.7.0 though i cant seem to find it, and the documentation on it (link:https://docs.wso2.com/display/IS570/apidocs/SCIM2-endpoints/) does not have a download…
Martin B
  • 33
  • 4
2
votes
1 answer

Handling unsupported SCIM attributes in a PATCH request

I am unsure of how my API should respond when it receives a PATCH request to add/update a SCIM User attribute when the User model does not support that. Let's assume that my User model doesn't have a "title" attribute, but the identity provider…
TimmyTango
  • 23
  • 4
2
votes
1 answer

Expose custom claims in SCIM2 endpoints - WSO2

I'm using WSO2 v5.7, I added a custom claims namely "status" through Local claims and added a respective External claims too. Local Claim: External Claim: WSO2 IS Portal: Shows the newly added claim namely Status I triggered the SCIM2 End point…
B.Balamanigandan
  • 3,915
  • 5
  • 55
  • 107
2
votes
2 answers

Azure AD User Provisioning with SCIM 2.0

I'm trying SCIM 2.0 provisioning with Azure AD As premise, I have SCIM a server for my product and I'm implementing PATCH endpoints for use with Okta and Microsoft Azure AD. I'm done testing with Okta, so I'm trying with Azure AD now. I read this…
Daichi
  • 188
  • 1
  • 11
2
votes
1 answer

OneLogin SCIM provisioning for Groups

I am building OneLogin SCIM Provisioner with SAML (Core Schema) app. I've created two controllers - Users and Groups. UsersController logic works perfectly - I can provision users and do all CRUD operations. But I am having issues with provisioning…
Loki
  • 21
  • 2
1
vote
0 answers

Onelogin role Rename doesn't work as expected in onelogin scim provisioning

I build SCIM Provisioning integration with OneLogin. I use role as user groups and rule to connect roles to the SCIM Provisioning App. When I rename role, I expect to get patch command for group rename, Something like: { "schemas": [ …
neverEugene
  • 57
  • 8
1
vote
1 answer

Azure Active Directory SCIM: Deprovision member of a group not working

Using Azure AD Premium, Enterprise App & SCIM 2.0 Provisioning Scope - Only assigned Users & Groups I'm trying to work through the use case below: SCIM provisioning of users that are assigned to a given AD Group When a user is added (provisioned)…
hannes neukermans
  • 8,470
  • 5
  • 30
  • 44
1
vote
2 answers

How to support multiple tenants and secret tokens in azure ad scim provisioning

I am trying to create Azure AD provisioning for our Saas product (using scim2). I want multiple customers to be able to connect with their Azure AD tenant. Microsoft has reference code here: https://github.com/AzureAD/SCIMReferenceCode However, that…
Rickard Liljeberg
  • 826
  • 1
  • 11
  • 35
1
vote
1 answer

Patch request in SCIM with Azure AD

How should I handle the following PATCH request, for a user that when initially added didn't have any address (not even an empty addresses array)? { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations": [ …
Patman
  • 115
  • 1
  • 11
1
vote
1 answer

User provisioning via SCIM with and without SSO

I would like to understand why most IdPs only offer the SCIM service together with SSO (especially SAML). For me, these are two different concepts SSO: loging in SCIM: user provisioning I'm referring to user provisioning via SCIM via an API, not…
ezdazuzena
  • 5,250
  • 4
  • 35
  • 65
1
vote
1 answer

Azure AD Enterprise application role change doesn't trigger provisioning update for Zoom or DocuSign

I've set up Zoom and DocuSign with SSO and Automatic provisioning in Azure AD Enterprise Applications. Just in Time provisioning works as expected after ensuring roles are correctly mapped. Automatic provisioning however only appears to add users…
Mark Davidson
  • 13
  • 4
1
2 3 4 5 6