Skip to main content

Introduction to SCIM

What is SCIM?

SCIM is a standard created to simplify user management in the cloud by defining a schema for representing users and groups with a REST API for all the necessary CRUD operations.

This standard could be extended to other resources like accounts, roles, etc.

Soffid is compatible with SCIM 2 protocol but uses its owns schema for users, groups, roles and so one. That is why Soffid implements SCIM protocols (RFC7644 and EFC 7644), but not SCIM core schema (RFC7643).

Information about SCIM

All the information about SCIM is published in the following link: http://www.simplecloud.info/

Currently, the last available version of the standard is SCIM 2.0.

The most relevant link about the specification of this protocol is: https://tools.ietf.org/html/rfc7644

Use cases of SCIM

SCIM could be used to create a new identity from third part application assign or revoke permissions, create or disable accounts, or even take part of new or existing workflows.

You can leverage SCIM protocol to extend current Soffid functionality adapting the Identity Platform to your needs.

Example of SCIM

SCIM uses JSON specification for the data model containing the requests and responses. For instance, the data information of a user would be:

{
  "schemas": [
    "urn:ietf:params:scim:schemas:core:2.0:User"
  ],
  "userName": "bjensen",
  "externalId": "bjensen",
  "name": {
    "formatted": "Ms. Barbara J Jensen III",
    "familyName": "Jensen",
    "givenName": "Barbara"
  }
}

SCIM also uses REST specification for HTTP communication between clients and servers. For instance, a request to create a user would be:

POST /Users  HTTP/1.1
Host: example.com
Accept: application/scim+json
Content-Type: application/scim+json
Authorization: Bearer h480djs93hd8
Content-Length: ...

The HTTP codes are very important in the responses. For instance:

HTTP/1.1 200 Response is ok
HTTP/1.1 201 Resource created
HTTP/1.1 404 Resource not found
etc


Back to top