You are viewing an earlier version of the admin guide. For the latest version, please visit EmpowerID Admin Guide v7.211.0.0.
Skip to end of banner
Go to start of banner

EmpowerID SCIM Connector

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

About SCIM

The System for Cross-domain Identity Management (SCIM) specification is designed to help organizations more easily manage and exchange identity information across cloud-based applications and domain boundaries using REST API and JSON. The SCIM specification provides standard schemas representing users and groups with built-in extensibility for additional attributes and other identity-related objects. Identity objects in SCIM are accessed via REST API with endpoints and operations for getting, creating, updating, and deleting those objects. SCIM’s underlying principles are to make user data more secure and to simplify and automate the user identity lifecycle management process.

About the EmpowerID SCIM Connector

The EmpowerID SCIM Connector is an out-of-the-box solution that can be used to connect EmpowerID to any application that supports SCIM 2.0. Providing EmpowerID with the application endpoint and authentication information is all that is needed for EmpowerID to connect. Once connected, all the standard features of EmpowerID’s connector technology operate under the hood to ensure the identities and associations between inventoried objects are accurately reflected in EmpowerID and any relevant back-end systems. As with any managed directory, the SCIM connector can take advantage of the full capabilities of EmpowerID, including the RBAC engine, the SSO framework, as well as password synchronization, attribute flow, group membership management, provisioning, updating and termination of accounts and groups, all with full auditing and reporting built-in.

Inventory Objects and their corresponding components in EmpowerID

Object in SCIM

Component in EmpowerID

User

Account

Group

Group

Attribute Mapping

User Attribute Mapping

SCIM User Attribute

Corresponding EmpowerID Person Attribute

active

Status

addresses[?(@.type=='work')].country

Country

addresses[?(@.type=='work')].Locality

City

addresses[?(@.type=='work')].postalCode

ZipCode

addresses[?(@.type=='work')].region

State

addresses[?(@.type=='work')].streetAddress

StreetAddress

emails[?(@.type=='work')].value

Email

externalId

EmailAlias

name.familyName

LastName

name.givenName

FirstName

name.honorificSuffix

GenerationalSuffix

name.middleName

MiddleName

password

Password

phoneNumbers[?(@.type=='fax')].value

Fax

phoneNumbers[?(@.type=='home')].value

HomePhone

phoneNumbers[?(@.type=='mobile')].value

MobileNumber

phoneNumbers[?(@.type=='other')].value

Telephone

phoneNumbers[?(@.type=='work')].value

BusinessPhone

photos[?(@.type=='work')].value

PhotoUrl

preferredLanguage

PreferredLanguage

profileUrl

AboutMe

title

Title

urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department

Department

urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.EmployeeNumber

EmployeeID

userName

Login

userType

EmployeType

Group Attribute Mapping

SCIM Group Attribute

Corresponding EmpowerID Group Attribute

Description

Description

externalId

Alias

members

Members

Role Attribute Mapping

SCIM Role Attribute

Corresponding EmpowerID Role Attribute

Description

Description

externalId

Alias

FreindlyName

FriendlyName

Name

Name

ParentID

ParentPath

Location Attribute Mapping

SCIM Location Attribute

Corresponding EmpowerID Location Attribute

Description

Description

externalId

Alias

FreindlyName

FriendlyName

Name

Name

ParentID

ParentPath

Connect to a SCIM Application

  • No labels