You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The SCIM 2.0 protocol supports multiple HTTP-based authentication schemes to enable API access by some SCIM clients. Currently, only httpbasic is supported and there is no Authorization defined. The aim of this ticket is to implement support for Oauth2 with bearer token.
The new auth scheme should be exposed in the “/ServiceProviderConfig” endpoint for the auto-discovery service.
OAuth2 Bearer Token allows the authentications to be delegated to a OIDC server outside of the SCIM API implementation apart from making the auth mech compatible with OIDC. The best security practices related to bearer tokens (like TLS transport, limited scoping, short lifetimes) must be enforced.
Ideally, we should also define authorization scopes such as scim read and scim write so that the client can request the minimum access to the API.
The text was updated successfully, but these errors were encountered:
The SCIM 2.0 protocol supports multiple HTTP-based authentication schemes to enable API access by some SCIM clients. Currently, only httpbasic is supported and there is no Authorization defined. The aim of this ticket is to implement support for Oauth2 with bearer token.
The new auth scheme should be exposed in the “/ServiceProviderConfig” endpoint for the auto-discovery service.
OAuth2 Bearer Token allows the authentications to be delegated to a OIDC server outside of the SCIM API implementation apart from making the auth mech compatible with OIDC. The best security practices related to bearer tokens (like TLS transport, limited scoping, short lifetimes) must be enforced.
Ideally, we should also define authorization scopes such as scim read and scim write so that the client can request the minimum access to the API.
The text was updated successfully, but these errors were encountered: