Seonglae ChoSystem for Cross-domain Identity Management
IdP ↔ Service User Account Creation/Deletion/Update Automation Standard
User and Group Provisioning (creation, modification, deletion) automation standard that synchronizes user account information (name, email, affiliation, active status, etc.) between IdP and applications via JSON/REST API (provisioning/deprovisioning)
Uses HTTP methods to perform CRUD operations on Users and Groups resources, typically authenticated using bearer tokens
However, many exception handlers are needed to address PATCH specification details and vendor-specific (especially Microsoft) non-standard implementation issues
Use cases
IT administrators manage users across all SaaS apps from a single IdP like Azure AD or Okta. This enables blocking access to all apps with a single click when an employee leaves. Using SCIM is advantageous for enterprise client contracts.
What a developer needs to know about SCIM | Tesseral Blog
If you're selling business software, you'll likely run into a customer that wants something called "SCIM." Here's what you need to know.
https://tesseral.com/blog/what-a-developer-needs-to-know-about-scim