Overview

Identity Broker can act as a SCIM 2.0 server, enabling interactions with identity managers and cloud platforms using the SCIM 2.0 specification.

Usage

A SCIM gateway enables create/read/update/delete operations against the adapter entity contexts in Identity Broker using the SCIM 2.0 specification. For details on the specification, see rfc7643.

Configuration

In addition to the common gateway configuration shared by all gateways, the SCIM gateway requires the following by way of configuration:

NameDescription
User Adapter The target adapter that contains User objects.
Group Adapter The target adapter that contains Group objects.
Address The address that the endpoint is hosted on.
Audience The audience claim to validate. This value is provided by the service provider and is often of the form of a unique identifier.
Tenant The tenant claim to validate. This value is provided by the service provider, and is often part of the url for the directory, e.g. https://{tenant}.example.com/.
User ID Lookup Field The field in the User Adapter to use when looking up the ID for references, e.g. for Manager and Members.
User mappings Schema mapping between SCIM fields and Adapter fields for the User object.
Group mappings Schema mapping between SCIM fields and Adapter fields for the Group object.

Is this article helpful for you?