Difference between revisions of "SCIM 2.0"

From MgmtWiki
Jump to: navigation, search
(Created page with " SCIM 2.0 User Management SCIM is a specification designed to reduce the complexity of user management operations by providing a common user schema and the patterns for exchan...")
 
Line 1: Line 1:
 +
==Full Title or Meme==
 +
System for Cross-domain Identity Management is a means to enable flows of [[User Private Information]] from one [[Web Site]] to another.
 +
 +
==Context==
 +
*HNS Digital GP Connect 1.2.0 on github  [https://nhsconnect.github.io/gpconnect/development_fhir_api_guidance.html FHIR standard for trial use (3) STU3]
 +
*Health Level Seven (HL7®) International standards body [http://hl7.org/fhir/ HL7 FHIR] and [http://wiki.hl7.org/index.php?title=Special:AllPages their wiki]
 +
*Integrating the Healthcare Enterprise [https://wiki.ihe.net/index.php/Category:Security (IHE) wiki on Security]
 +
*IHE [https://wiki.ihe.net/index.php/Audit_Trail_and_Node_Authentication Audit Trail and Node Authentication]
 +
*[http://wiki.hl7.org/index.php?title=Trust_Label Trust Label] is  a discoverable and computable set of metadata to convey asserted trust attributes of an exchange partner.
  
SCIM 2.0 User Management
 
 
SCIM is a specification designed to reduce the complexity of user management operations by providing a common user schema and the patterns for exchanging such schema using HTTP in a platform-neutral fashion. The aim of SCIM is achieving interoperability, security, and scalability in the context of identity management.
 
SCIM is a specification designed to reduce the complexity of user management operations by providing a common user schema and the patterns for exchanging such schema using HTTP in a platform-neutral fashion. The aim of SCIM is achieving interoperability, security, and scalability in the context of identity management.
  
Line 8: Line 16:
  
 
Clearly, this API must not be anonymously accessed. However, the basic SCIM standard does not define a specific mechanism to prevent unauthorized requests to endpoints. There are just a few guidelines in section 2 of RFC 7644 concerned with authentication and authorization.
 
Clearly, this API must not be anonymously accessed. However, the basic SCIM standard does not define a specific mechanism to prevent unauthorized requests to endpoints. There are just a few guidelines in section 2 of RFC 7644 concerned with authentication and authorization.
 +
 +
==Problems==
 +
Clearly, this API must not be anonymously accessed. However, the basic SCIM standard does not define a specific mechanism to prevent unauthorized requests to endpoints. There are just a few guidelines in section 2 of RFC 7644 concerned with authentication and authorization.
 +
 +
==Solutions==
 +
 +
 +
==References==
 +
 +
 +
[[Category:Standard]]
 +
[[Category:Identity]]
 +
[[Category:Privacy]]

Revision as of 20:33, 15 September 2018

Full Title or Meme

System for Cross-domain Identity Management is a means to enable flows of User Private Information from one Web Site to another.

Context

SCIM is a specification designed to reduce the complexity of user management operations by providing a common user schema and the patterns for exchanging such schema using HTTP in a platform-neutral fashion. The aim of SCIM is achieving interoperability, security, and scalability in the context of identity management.

Developers can think of SCIM merely as a REST API with endpoints exposing CRUD functionality (create, read, update and delete).

For your reference, the current version of the standard is governed by the following documents: RFC 7642, RFC 7643, and RFC 7644.

Clearly, this API must not be anonymously accessed. However, the basic SCIM standard does not define a specific mechanism to prevent unauthorized requests to endpoints. There are just a few guidelines in section 2 of RFC 7644 concerned with authentication and authorization.

Problems

Clearly, this API must not be anonymously accessed. However, the basic SCIM standard does not define a specific mechanism to prevent unauthorized requests to endpoints. There are just a few guidelines in section 2 of RFC 7644 concerned with authentication and authorization.

Solutions

References