Difference between revisions of "SCIM 2.0"

From MgmtWiki
Jump to: navigation, search
(Context)
(Solutions)
 
(4 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
==Full Title or Meme==
 
==Full Title or Meme==
System for Cross-domain Identity Management is a means to enable flows of [[User Private Information]] from one [[Web Site]] to another.
+
System for Cross-domain [[Identity Management]] is a means to enable flows of [[User Private Information]] from one [[Web Site]] to another.
  
 
==Context==
 
==Context==
Line 8: Line 8:
 
Developers can think of SCIM merely as a REST API with endpoints exposing CRUD functionality (create, read, update and delete).
 
Developers can think of SCIM merely as a REST API with endpoints exposing CRUD functionality (create, read, update and delete).
  
For your reference, the current version of the standard is governed by the following documents: RFC 7642, RFC 7643, and RFC 7644.
+
The standard is governed by the following IETF documents: RFC 7642, RFC 7643, and RFC 7644.
 
 
Clearly, this API must not be anonymously accessed. However, the basic SCIM standard does not define a specific mechanism to prevent unauthorized requests to endpoints. There are just a few guidelines in section 2 of RFC 7644 concerned with authentication and authorization.
 
  
 
==Problems==
 
==Problems==
Line 16: Line 14:
  
 
==Solutions==
 
==Solutions==
 
+
This is old style [[Identity Management]] where flows of data like that envisioned in the [[GDPR]] regulations apply. There appear to be better models for users to control access to their private data today.
  
 
==References==
 
==References==

Latest revision as of 20:37, 15 September 2018

Full Title or Meme

System for Cross-domain Identity Management is a means to enable flows of User Private Information from one Web Site to another.

Context

SCIM is a specification designed to reduce the complexity of user management operations by providing a common user schema and the patterns for exchanging such schema using HTTP in a platform-neutral fashion. The aim of SCIM is achieving interoperability, security, and scalability in the context of identity management.

Developers can think of SCIM merely as a REST API with endpoints exposing CRUD functionality (create, read, update and delete).

The standard is governed by the following IETF documents: RFC 7642, RFC 7643, and RFC 7644.

Problems

Clearly, this API must not be anonymously accessed. However, the basic SCIM standard does not define a specific mechanism to prevent unauthorized requests to endpoints. There are just a few guidelines in section 2 of RFC 7644 concerned with authentication and authorization.

Solutions

This is old style Identity Management where flows of data like that envisioned in the GDPR regulations apply. There appear to be better models for users to control access to their private data today.

References