0

Can anyone please confirm what a tenant means from SCIM RFC https://www.rfc-editor.org/rfc/rfc7644.html#section-6?

If resources (i.e users/groups) synced from client (i.e, Azure AD or Okta) can also be accessible or in-accessible by other clients, then does it means multi-tenant scenario?

user1180969
  • 95
  • 11

1 Answers1

0

Think of a SaaS service provider like Dropbox - where the SaaS provider may host hundreds or thousands of separate environments, typically broken by customer/organizational boundaries. That is what multi-tenancy means in this context.

Zollnerd
  • 725
  • 4
  • 5
  • Thank you. Do you if it is possible to manage users in different tenants using one client? For example, one Azure AD syncs users to different environments in Dropbox? – user1180969 Sep 12 '22 at 23:27
  • Yes - in Azure AD this would typically be via multiple provisioning jobs configured, with each job pointing to a separate SCIM app tenant. This is typically specified either by a value in the bearer/oauth token that indicates the target environment, or via a URL (i.e.: rather than api.whatever.com/scim, it could be api.whatever.com/directoryId/scim) – Zollnerd Sep 13 '22 at 14:59