Stack Overflow
Stack Overflow

Questions tagged [scim2]

The SCIM 2.0 specifications designed to make managing user identities in cloud-based applications and services easier.

The specification suite seeks to build upon experience with existing schemas and deployments, placing specific emphasis on simplicity of development and integration, while applying existing authentication, authorization, and privacy models. Its intent is to reduce the cost and complexity of user management operations by providing a common user schema and extension model, as well as binding documents to provide patterns for exchanging this schema using standard protocols. In essence: make it fast, cheap, and easy to move users in to, out of, and around the cloud.

SCIM 2.0 is released as RFC7642, RFC7643 and RFC7644 under IETF in September 2015.

SCIM Homepage http://www.simplecloud.info/

126 questions
0
votes
0 answers

How to create a 3rd party app for SAML + Auto Proviosning for Google Workspace Admin

How can I create a 3rd party SAML app that also supports Auto User Provisioning ( like Salesforce app in Saml Catalog)? What are the steps to create a SAML app to show in the list of Web and Mobile Apps? I am looking for steps other than…
user3400371
  • 109
  • 1
  • 9
0
votes
1 answer

Azure AD provisioning IS never sending request to the POST /Users/ endpoint when creating user

I am trying to implement the Azure AD Scim provisioning, I have successfully setup the /Users/ GET endpoint. But when starting the provisioning process, it just never sends the POST request to create the User. I have tested all of the /Users/…
bzzzzzz
  • 88
  • 1
  • 12
0
votes
1 answer

WSO2 IS - SCIM2.0 API - Create User without setting password

I want to call the SCIM2.0 API to create a new user. In the documentation it's written that one of the field of the request body must be the user password. But I'd like to create the user without setting a password and sending him an email with a…
ffff
  • 35
  • 9
0
votes
1 answer

WSO2 IDENTITY SERVER SCIM2.0 API - GET USER BY ID

I want to use the wso2 SCIM2.0 API for CRUD operations on my users. When I call the API to get ALL the users, it works, but when I try to call the API to get a specific User by its ID, it returns a 403 forbidden error. The API I'm calling is this…
ffff
  • 35
  • 9
0
votes
1 answer

Assign different role to a group member

I am looking for advice on a not so particular situation. I currently have roughly 20000 stores. All stores have admins, managers and user roles. An admin can create/manage any roles A manager can create/manage only user role A user can login and…
WaZz
  • 47
  • 5
0
votes
2 answers

Authorization code flow - how to get Code parameter value

I've implemented an application that redirects to the wso2 identity server login page. If the login is successfull the user is redirected to a page where he can read his profile details. Based on his role he can perform certain action, like create a…
ffff
  • 35
  • 9
0
votes
1 answer

Spring and WSO2 Identity Server - SCIM2.0 API for User CRUD

I'm implementing an application with Spring Boot. From the application some users will have the permission to create, update, delete other users. To do so I'm using WSO2 Idenity server SCIM 2.0 APIs. When I try with postman to call for example this…
ffff
  • 35
  • 9
0
votes
1 answer

What are usually the token grant type needed for the secret token in scim provisioning?

From the service providers documents. Access or bear token is mentioned. It does not say what is the token grant type needed….
jetpack
  • 169
  • 1
  • 9
0
votes
1 answer

What does scim multi-tenant mean?

Can anyone please confirm what a tenant means from SCIM RFC https://www.rfc-editor.org/rfc/rfc7644.html#section-6? If resources (i.e users/groups) synced from client (i.e, Azure AD or Okta) can also be accessible or in-accessible by other clients,…
user1180969
  • 95
  • 11
0
votes
1 answer

Distinguish between requests coming from Azure and Okta

During provisioning phase, what's a reliable way to distinguish between requests coming from Azure ActiveDirectory and Okta? We're implementing SCIM and SSO in our app. To aid user UX, we would like to render better errors to users, for cases when…
oldhomemovie
  • 14,621
  • 13
  • 64
  • 99
0
votes
1 answer

Deleting data from a Azure Ad user field doesn't trigger a provisioning change in SCIM

I have Scim provisioning setup and connected to azure ad using a custom application which isn't in the marketplace. Provisioning new users and changing data on existing appears to work fine. But when I delete data from a previously synched field,…
user3269662
  • 1
  • 1
0
votes
1 answer

SCIM 2.0 and external AD groups

We implemented SCIM for an enterprise app and it is working fine. We were told that we could add external AD groups to allow our partners users to be able to access the app as well. For example, Company A (us) uses Azure AD and wants to add a…
James Craig
  • 473
  • 3
  • 9
  • 22
0
votes
1 answer

Extending custom fields in SCIM schema

I'm currently working on SCIM users provisioning and I have a problem with extending custom fields. I was following this tutorial: https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/customize-application-attributes I've…
zden4
  • 1
  • 2
0
votes
2 answers

WSO2 IS - SCIM2 Invalid Token after PATCH

I am trying to figure out if the following behavior is the expected. In my case, I am logged in as a user with username: testuser I make a PATCH request from my Blazor SPA to the following URL https://myidentityserver/scim2/Me. This is the location…
Yiannr
  • 1,110
  • 2
  • 8
  • 20
0
votes
1 answer

Role Change lag - WSO2 IS 5.11.0 and WSO2 APIM 3.2.0

I'm using WSO2 APIM 3.2.0 and WSO2 IS 5.11.0 Both of them use the common shared_db (Postgres DB) using JDBC. So the users and roles created in WSO2 IS (using carbon portal / scim 2.0 API) will be reflected in the WSO2 APIM also. When I perform role…
nivedhav
  • 27
  • 5
1 2 3
8 9