Skip to content

User federation via SCIM - System for Cross-Domain Identity Management

SCIM is a specification created to make the management of users in applications and services running in a cloud environment easier. The idea is to use a common schema for user information, which enables a fixed set of rules when it comes to user data and how it should be passed between different cloud-based services. This enables a customer to easily move users from an existing Identity manager to IFS Cloud, if SCIM support is enabled. The mapping of existing user data is chosen by the external party. A document that describes which SCIM attributes is being mapped to which IFS attribute will be provided for the purpose of making this mapping as easy as possible.

Purpose

SCIM in IFS Cloud uses one-way communication. This means that only the external Identity provider sends information that creates, updates or deletes user information. Changes made to users within IFS Cloud will not trigger an update to the external Identity provider. The purpose of SCIM in IFS cloud is simple user management.

Usage

SCIM 2.0 uses REST API for all operations.

Operations

All user data passed to the Create and Update endpoints must be encoded as a SCIM object in JSON. Resources stored in attributes that is not mapped to an IFS attribute will not be stored.