Introduction to SCIM

What is SCIM? 

 SCIM is a standard created to simplify user management in the cloud by defining a schema for representing users and groups with a REST API for all the necessary CRUD operations. 

 This standard could be extended to other resources like accounts, roles, etc. 

 Soffid is compatible with SCIM 2 protocol but uses its owns schema for users, groups, roles and so one. That is why Soffid implements SCIM protocols (RFC7644 and EFC 7644), but not SCIM core schema (RFC7643). 

 Information about SCIM 

 All the information about SCIM is published in the following link:  http://www.simplecloud.info/ 

 Currently, the last available version of the standard is SCIM 2.0. 

 The most relevant link about the specification of this protocol is:  https://tools.ietf.org/html/rfc7644 

 Use cases of SCIM 

 SCIM could be used to create a new identity from third part application assign or revoke permissions, create or disable accounts, or even take part of new or existing workflows. 

 You can leverage SCIM protocol to extend current Soffid functionality adapting the Identity Platform to your needs. 

 Example of SCIM 

 SCIM uses JSON specification for the data model containing the requests and responses. For instance, the data information of a user would be: 

 {

 "schemas": [

 "urn:ietf:params:scim:schemas:core:2.0:User"

 ],

 "userName": "bjensen",

 "externalId": "bjensen",

 "name": {

 "formatted": "Ms. Barbara J Jensen III",

 "familyName": "Jensen",

 "givenName": "Barbara"

 }

} 

 SCIM also uses REST specification for HTTP communication between clients and servers. For instance, a request to create a user would be: 

 POST /Users HTTP/1.1

Host: example.com

Accept: application/scim+json

Content-Type: application/scim+json

Authorization: Bearer h480djs93hd8

Content-Length: ... 

 The HTTP codes are very important in the responses. For instance: 

 HTTP/1.1 200 Response is ok

HTTP/1.1 201 Resource created

HTTP/1.1 404 Resource not found

etc