These days, setting up SCIM provisioning is usually a very easy ask. A quick copy paste of information between the application and your identity provider, and done.
But have you ever wondered what is going on under the hood? Or run into some weird issues with an application's provisioning process? Or want your application's SCIM setup not to skimp by?
I could rewrite summaries of this protocol, but to be honest, better writers have done it already. And let's be efficient/lazy like a good IT engineer and not waste their good work.
Let's dive into this widely useful and adopted protocol.
The goal of this article is to provide a collection of useful resources about the SCIM protocol, and some tips and tricks for the interested (or frustrated) IT professional. I will be updating this over time with new information.
The Basic Stuff - What is SCIM
The Gritty Stuff - How it actually works
The Interesting Stuff - What you can do
Source material and other good resources
We start with the best, Wikipedia: System for Cross-domain Identity Management - Wikipedia
These articles have some great talking points if you need to talk to non-technical decision makers about SCIM:
There are some prerequisite subjects you should be familiar with before we get into the weeds.
Check out SCIM: System for Cross-domain Identity Management for a great walk through of protocol.
An important note is that vendor's don't usually follow these standards to the T, so not everything will apply to every SCIM setup.
For example, the financial tool Ramp has SCIM provisioning available, but customers are not able to send DELETE calls or use the /Schemas endpoint.
While copy/pasting SCIM information during setup, I would recommend saving any tokens/secrets in secure password manager. If you have the application's SCIM endpoint URL and the token, you can run some of these API calls yourself!
SCIM: System for Cross-domain Identity Management
RFC 7643 - System for Cross-domain Identity Management: Core Schema
System for Cross-domain Identity Management - Wikipedia
If you complete all these readings, congrats! You are now an unofficial super SCIM wizard.