Fixed

SCIM gateway: department/manager not working, extra attributes wanted

2 years ago in UNIFYBroker Service • updated by 2 years ago • 7

Hi guys,

I am using the SCIM gateway in v5.3.2 and the department and manager attributes don't appear to work (i.e. the values sent by SCIM are not populated into the UNIFYBroker adapter fields).

Here's my configuration in Azure:

It seems possible that the problem might be related to the fact those two attributes are extension attributes and not part of the SCIM core user schema: https://datatracker.ietf.org/doc/html/rfc7643#section-4.1

As a separate request could you please add support for the givenName and familyName core user attributes?

Vote

Replies 7
Oldest first
- Newest first
- Oldest first

2 years ago

0000 00 0d 3a c8 54 9b 12 34 56 78 9a bc 08 00 45 02 ..:.T..4Vx....E.

0010 01 ca 89 18 40 00 80 06 1a 77 28 7e 23 1a 0a 01 ....@....w(~#...

0020 00 04 25 c2 ea 55 2f f5 9a 3d c4 7c 36 c3 50 18 ..%..U/..=.|6.P.

0030 40 28 09 d8 00 00 7b 22 73 63 68 65 6d 61 73 22 @(....{"schemas"

0040 3a 5b 22 75 72 6e 3a 69 65 74 66 3a 70 61 72 61 :["urn:ietf:para

0050 6d 73 3a 73 63 69 6d 3a 73 63 68 65 6d 61 73 3a ms:scim:schemas:

0060 63 6f 72 65 3a 32 2e 30 3a 55 73 65 72 22 2c 22 core:2.0:User","

0070 75 72 6e 3a 69 65 74 66 3a 70 61 72 61 6d 73 3a urn:ietf:params:

0080 73 63 69 6d 3a 73 63 68 65 6d 61 73 3a 65 78 74 scim:schemas:ext

0090 65 6e 73 69 6f 6e 3a 65 6e 74 65 72 70 72 69 73 ension:enterpris

00a0 65 3a 32 2e 30 3a 55 73 65 72 22 5d 2c 22 65 78 e:2.0:User"],"ex

00b0 74 65 72 6e 61 6c 49 64 22 3a 22 61 64 72 69 61 ternalId":"adria

00c0 6e 2e 63 6f 72 73 74 6f 6e 40 75 6e 69 66 79 73 n.corston@unifys

00d0 6f 6c 75 74 69 6f 6e 73 2e 6e 65 74 22 2c 22 75 olutions.net","u

00e0 73 65 72 4e 61 6d 65 22 3a 22 61 64 72 69 61 6e serName":"adrian

00f0 2e 63 6f 72 73 74 6f 6e 40 75 6e 69 66 79 73 6f .corston@unifyso

0100 6c 75 74 69 6f 6e 73 2e 6e 65 74 22 2c 22 61 63 lutions.net","ac

0110 74 69 76 65 22 3a 74 72 75 65 2c 22 64 69 73 70 tive":true,"disp

0120 6c 61 79 4e 61 6d 65 22 3a 22 41 64 72 69 61 6e layName":"Adrian

0130 20 43 6f 72 73 74 6f 6e 22 2c 22 6d 65 74 61 22 Corston","meta"

0140 3a 7b 22 72 65 73 6f 75 72 63 65 54 79 70 65 22 :{"resourceType"

0150 3a 22 55 73 65 72 22 7d 2c 22 74 69 74 6c 65 22 :"User"},"title"

0160 3a 22 48 6f 62 62 69 74 20 57 72 61 6e 67 6c 65 :"Hobbit Wrangle

0170 72 22 2c 22 75 72 6e 3a 69 65 74 66 3a 70 61 72 r","urn:ietf:par

0180 61 6d 73 3a 73 63 69 6d 3a 73 63 68 65 6d 61 73 ams:scim:schemas

0190 3a 65 78 74 65 6e 73 69 6f 6e 3a 65 6e 74 65 72 :extension:enter

01a0 70 72 69 73 65 3a 32 2e 30 3a 55 73 65 72 22 3a prise:2.0:User":

01b0 7b 22 64 65 70 61 72 74 6d 65 6e 74 22 3a 22 48 {"department":"H

01c0 6f 62 62 69 74 20 4d 61 6e 61 67 65 6d 65 6e 74 obbit Management

01d0 20 55 6e 69 74 22 7d 7d Unit"}}

The packet trace above shows department passed as "Hobbit Management" but the corresponding field ends up NULL in the adapter/connector:

2 years ago

Update: after more investigation I've identified that the issue with manager not coming through is quite different, so I will raise a separate ticket for that. This ticket is still valid though, for the missing department problem and the additional field request.

Under review

2 years ago

Hi Adrian

Here is a patch that

Fixes mappings for extension values (manager, department, employeeNumber)
Adds additional fields for mapping, including givenName and familyName
Fix for the PATCH issue discussed yesterday

Install into the Services directory. I don't think this will be an issue, but after installation double check your mappings while editing the SCIM gateway for any that have been lost. These will just need to be re-set.

patch-4299.zip