Stack Overflow
Stack Overflow

Questions tagged [scim2]

The SCIM 2.0 specifications designed to make managing user identities in cloud-based applications and services easier.

The specification suite seeks to build upon experience with existing schemas and deployments, placing specific emphasis on simplicity of development and integration, while applying existing authentication, authorization, and privacy models. Its intent is to reduce the cost and complexity of user management operations by providing a common user schema and extension model, as well as binding documents to provide patterns for exchanging this schema using standard protocols. In essence: make it fast, cheap, and easy to move users in to, out of, and around the cloud.

SCIM 2.0 is released as RFC7642, RFC7643 and RFC7644 under IETF in September 2015.

SCIM Homepage http://www.simplecloud.info/

126 questions
0
votes
1 answer

Provision functional/delegated/group accounts from Azure AD using SCIM

we use SCIM 2.0 to provision accounts from a source, like AD, to our app. However, increasingly customers move to AzureAD. Provision 'normal' acounts from Azure AD is supported and is straight forward. However, we can find no information on how…
Rick Goud
  • 105
  • 5
0
votes
1 answer

How to enable SCIM2 on WSO2 API Manager 3.2.0

After some help that users gave me here I'm having troubles with understanding how to actually use SCIM2 with WSO2 API Manager 3.2.0 I've installed wso2am via docker, and looking inside its folder I see a lot of configuration files regarding scim2,…
hubfix
  • 49
  • 7
0
votes
0 answers

WSO2 SCIM2 APIs always return 401 Unauthorized

I'm trying to create a new carbon user with wso2 v3.2.0 installed on docker, using scim2 endpoints. When I try to issue a POST request on /scim2/Users endpoint, I always get a 401 Unauthorized response even though properly authenticated with…
hubfix
  • 49
  • 7
0
votes
1 answer

Azure AD SCIM - How to Enable the Provisioning Section

I need Azure AD users to be synced into my application, so I've been researching how to implement SCIM and configure Azure AD to work with it. My end goal is to have my application listed as the ones here:…
Miroslav Nedyalkov
  • 1,101
  • 1
  • 10
  • 22
0
votes
1 answer

Sample java code for adding extension attributes using SCIM for Wso2

I am new to Wso2 IS , currently I am working on adding new extended attributes into WSO2 for user creation however I could not find any example which shows how to do that using Java. The one I see…
manojx
  • 11
  • 1
  • 5
0
votes
1 answer

WSO2 Identity Server SCIM /Me endpoint issue for non admin user

I just want to use SCIM 2.0 REST APIs that per this guide are out of the box from 5.4.0 version of WSO2IS. I'm using WSO2 IS 5.7. When I GET /scim2/Me with admin user (HTTP basic authentication), I get a 200 OK response, but when I try to call this…
vortex.alex
  • 1,105
  • 3
  • 11
  • 24
0
votes
1 answer

SCIM: What is the preferred no. of members should I return in Get group response or is it optional?

Can we limit the group members in SCIM Get Group response? If we return all members in group response with heavy data then it will impact the performance. SCIM Get Group Response: { "schemas": [ …
Ravindra Bidhuri
  • 1
  • 1
0
votes
1 answer

SCIM : How to restrict Group type members in Group patch request while provisioning from Azure AD

I'm implementing SCIM group provision from Azure AD. But I don't support nested groups. Below is the patch call from Azure AD (When a member is added). { "schemas": [ "urn:ietf:params:scim:api:messages:2.0:PatchOp" ], "Operations":[{ …
Anurag Maheshwari
  • 137
  • 1
  • 9
0
votes
1 answer

Get groups of user during provisioning on Enterprise application in Azure AD

I am writing Azure AD provisioning support for our SAAS. I am using the SCIM standard to get user and group data from Azure AD. However I am only getting groups that is actively added to the application (as it is set up to only sync users added to…
Rickard Liljeberg
  • 966
  • 1
  • 12
  • 39
0
votes
1 answer

Does WSO2 api manager support SCIM APIs?

I found that WSO2 identity server has a set of SCIM APIs. Would like to know if there are a same set of APIs for WSO2 api manager? If yes, then how to enable it? Thanks!
ysong4
  • 131
  • 1
  • 9
0
votes
1 answer

WSO2 Identity Server 5.11.0 My Account personal info not working with Active Directory userstore

I am operating a WSO2 identity server 5.11.0 behind an Apache proxy with a Samba based Active Directory user store. The most relevant claims have been mapped to the local claim dialect. The authentication to services works and the claim attributes…
Werni
  • 11
  • 4
0
votes
2 answers

How to handle PUT of a group resource in SCIM? What happens with members?

We have a SCIM api running on production and we are running into problems with a Group PUT. I have scanned the official SCIM spec, but I am not able to find an answer for this-what should happen when a Group PUT is called with a payload that has…
Capaj
  • 4,024
  • 2
  • 43
  • 56
0
votes
1 answer

Add users is faded out on Azure Active Directory newly created app

I'm testing my SCIM integration with Azure AD. I created an app in Azure active directory, provisioning credentials are OK, but Add user option is not active (faded out). When I create Databricks scim intergration, it's ok and it works. Any ideas?
neverEugene
  • 69
  • 10
0
votes
1 answer

Should the SCIM lastModified timestamp be updated when set of groups changes?

I'm adding SCIM support to an application which already has a user directory (with support for groups, including nested such etc). RFC 6743 defines an attribute of resources called lastModified. That this attribute should change when mutable…
Jens Borgland
  • 753
  • 4
  • 15
0
votes
1 answer

Implementing a SCIM 2.0 server with OAuth 2.0 and supporting multi-tenancy (with multiple possible IdPs)

I've implemented a test SCIM 2.0 server with OAuth 2.0 and managed to integrate it with Okta, mostly by modifying code from here https://github.com/andreihava-okta/sample-node-scim-server. As I understand, the integration would need an access token…
markwongsk
  • 41
  • 4
1 2 3
8 9