Seonglae ChoSystem for Cross-domain Identity Management
IdP ↔ Service User Account Creation/Deletion/Update Automation Standard
User and Group Provisioning (creation, modification, deletion) automation standard that synchronizes user account information (name, email, affiliation, active status, etc.) between IdP and applications via JSON/REST API (provisioning/deprovisioning)
Uses HTTP methods to perform CRUD operations on Users and Groups resources, typically authenticated using bearer tokens
However, many exception handlers are needed to address PATCH specification details and vendor-specific (especially Microsoft) non-standard implementation issues
Use cases
IT administrators manage users across all SaaS apps from a single IdP like Azure AD or Okta. This enables blocking access to all apps with a single click when an employee leaves. Using SCIM is advantageous for enterprise client contracts.
