EmpowerID SCIM Connector
- Phillip Hanegan
What is SCIM?
SCIM (System for Cross-domain Identity Management) is a widely-adopted, RESTful, JSON-based specification designed to facilitate smoother management, synchronization, and exchange of identity data across various domain boundaries and cloud-based applications. The primary objective of the SCIM initiative is to standardize schemas and REST APIs for representing user and group identities, along with their associated metadata, while supporting extensibility and flexible customization to meet specific business needs.
How does SCIM work?
SCIM allows users, groups, and other objects to be accessed, created, updated and deleted using a set of RESTful APIs with associated endpoints. By leveraging standardized schemas and APIs, SCIM simplifies and automates identity-related tasks, such as provisioning and deprovisioning user accounts, across diverse systems and applications.
EmpowerID's SCIM Connector
EmpowerID's SCIM Connector is a comprehensive solution that enables organizations to implement connectivity and automate user identity tasks across various applications using the SCIM specification. The SCIM Connector comprises an internal SCIM account store and a deployable SCIM microservice, which can be customized to connect with both SCIM-compatible and incompatible applications.
By extending the microservice, organizations can communicate with incompatible applications and deploy them on Azure or IIS platforms. Once deployed, EmpowerID handles the remaining processes, ensuring seamless integration and management of identity data across multiple systems.
With EmpowerID's SCIM Connector, organizations can:
Streamline the management and synchronization of identity data across different domains and cloud-based applications.
Automate user provisioning and deprovisioning tasks.
Customize the SCIM microservice to meet specific business needs.
Integrate both SCIM-compatible and incompatible applications.
Â
Inventory Objects and their corresponding components in EmpowerID
Object in SCIM | Component in EmpowerID |
|---|---|
User | Account |
Group | Group |
Â
Attribute Mapping
User Attribute Mapping
SCIM User Attribute | Corresponding EmpowerID Person Attribute |
|---|---|
active | Status |
addresses[?(@.type=='work')].country | Country |
addresses[?(@.type=='work')].Locality | City |
addresses[?(@.type=='work')].postalCode | ZipCode |
addresses[?(@.type=='work')].region | State |
addresses[?(@.type=='work')].streetAddress | StreetAddress |
emails[?(@.type=='work')].value | |
externalId | EmailAlias |
name.familyName | LastName |
name.givenName | FirstName |
name.honorificSuffix | GenerationalSuffix |
name.middleName | MiddleName |
password | Password |
phoneNumbers[?(@.type=='fax')].value | Fax |
phoneNumbers[?(@.type=='home')].value | HomePhone |
phoneNumbers[?(@.type=='mobile')].value | MobileNumber |
phoneNumbers[?(@.type=='other')].value | Telephone |
phoneNumbers[?(@.type=='work')].value | BusinessPhone |
photos[?(@.type=='work')].value | PhotoUrl |
preferredLanguage | PreferredLanguage |
profileUrl | AboutMe |
title | Title |
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department | Department |
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.EmployeeNumber | EmployeeID |
userName | Login |
userType | EmployeType |
Group Attribute Mapping
SCIM Group Attribute | Corresponding EmpowerID Group Attribute |
|---|---|
Description | Description |
externalId | Alias |
members | Members |
Role Attribute Mapping
SCIM Role Attribute | Corresponding EmpowerID Role Attribute |
|---|---|
Description | Description |
externalId | Alias |
FreindlyName | FriendlyName |
Name | Name |
ParentID | ParentPath |
Location Attribute Mapping
SCIM Location Attribute | Corresponding EmpowerID Location Attribute |
|---|---|
Description | Description |
externalId | Alias |
FreindlyName | FriendlyName |
Name | Name |
ParentID | ParentPath |
Â
Â