Content deleted Content added
No edit summary Tag: Reverted |
Updated "Office 365" to "Microsoft 365" to reflect new service name. |
||
| (One intermediate revision by one other user not shown) | |||
Line 31:
'''System for Cross-___domain Identity Management''' ('''SCIM''') is a standard for automating the exchange of user identity information between identity domains, or IT systems.
One example might be that as a company onboards new employees and separates from existing employees, they are added and removed from the company's electronic employee [[Directory service|directory]]. SCIM could be used to automatically add/delete (or, [[account provisioning|provision/de-provision]]) accounts for those users in external systems such as [[Google Workspace]], [[
In addition to simple user-record management (creating and deleting), SCIM can also be used to share information about user attributes, attribute schema, and group membership. Attributes could range from user contact information to group membership. Group membership or other attribute values are generally used to manage user permissions. Attribute values and group assignments can change, adding to the challenge of maintaining the relevant data across multiple identity domains.<ref name="SCIM-19">{{cite book |author = Internet Engineering Task Force, Network Working Group|title = System for Cross-Domain Identity Management: Core Schema|version = Draft 19|date = May 11, 2015|url = http://tools.ietf.org/html/draft-ietf-scim-core-schema-19|accessdate = 2015-05-17}}</ref>
Line 50:
[[Interoperability]] was demonstrated in October, 2011, at the Cloud Identity Summit, an [[Identity management|IAM]] industry conference. There, user accounts were provisioned and de-provisioned across separate systems using SCIM standards, by a collection of [[Identity management system|IdM software]] vendors: [[Okta (identity management)|Okta]], [[CyberArk]], [[Ping Identity]], [[SailPoint]], [[Technology Nexus]] and [[UnboundID]]. In March 2012, at IETF 83 in Paris, [[interoperability]] tests continued by the same vendors, joined by [[Salesforce.com]], BCPSoft, [[WSO2]], Gluu, and Courion (now [[SecureAuth]]) nine companies in total.<ref>{{cite web | title = Logistics and attendee info for the March 2012 SCIM interop event | website = SCIM, Simple Cloud Identity Management | date = April 26, 2012 | url = https://code.google.com/p/scim/wiki/FirstInteropEvent | accessdate = May 11, 2015}}</ref>
SCIM is the second standard for exchanging user data, but it builds on prior standards (e.g. [[Service Provisioning Markup Language|SPML]], [[Portable Contacts|PortableContacts]], [[vCard]]s, and [[LDAP Data Interchange Format|LDAP directory services]]) in an attempt to be a simpler and more widely adopted solution for cloud services providers.<ref name="SCIM-19-intro">{{cite book | author= Internet Engineering Task Force, Network Working Group | title = System for Cross-Domain Identity Management: Core Schema | version = RFC7643 | date = September 2015 | section = Section 1, Introduction | url = https://datatracker.ietf.org/doc/html/rfc7643#section-1 | accessdate = 2023-05-19}}</ref>
The SCIM standard is growing in popularity and has been adopted by numerous identity providers as well as applications. As adoption of the standard grows, so do the number of tools available. The standard leverages a number of open-source libraries<ref>{{Cite web|url=https://techcommunity.microsoft.com/t5/identity-standards-blog/provisioning-with-scim-design-build-and-test-your-scim-endpoint/ba-p/1204883|title = Provisioning with SCIM – design, build, and test your SCIM endpoint|date = 2 March 2020}}</ref> to facilitate development and testing frameworks<ref>{{Cite web|url=https://github.com/AzureAD/SCIMReferenceCode/wiki/Test-Your-SCIM-Endpoint|title = Test Your SCIM Endpoint · AzureAD/SCIMReferenceCode Wiki|website = [[GitHub]]}}</ref> ensure that endpoint's compliance with the SCIM standard.
| |||