[Feature] SCIM support - Githubissues

voidmain commented 5 years ago

Add support for the SCIM protocol for user provisioning

Problem

FusionAuth currently supports user provisioning via its own APIs. This works for integrating with other backends when those backends are able to be updated to call FusionAuth. It would be good to support a more standard provisioning API that would allow FusionAuth to be integrated with third-party tools that support SCIM.

Solution

SCIM provides a standard provisioning API that third-party applications are starting to implement. FusionAuth can implement SCIM in order to make it easier to integrate with these other tools.

SCIM Server This feature assumes FusionAuth is the IdP and SCIM Clients may send SCIM requests to FusionAuth for User and Group provisioning.

SCIM Client This feature allows FusionAuth to act as the SCIM Client and send provisioning SCIM messages to a SCIM Server. This is very similar to a web hook event but will utilize a SCIM formatted JSON request.

The SCIM Client will be a feature delivered at a later date, and will come after https://github.com/FusionAuth/fusionauth-issues/issues/1543 is delivered.

Alternatives/workarounds

Ask third-party applications to integrate directly with FusionAuth's API. This is likely an uphill battle, but is possible.

Additional information

Once we reveal FusionAuth as a SCIM client, we should ensure we listed in the SCIM 2.0 implementations here http://www.simplecloud.info.

How to vote

Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.

wassemgtk commented 3 years ago

Any timeline on this feature?

robotdan commented 2 years ago

Initial support will likely only include FusionAuth acting as the SCIM Server, and then the SCIM Client coming shortly afterwards.

mooreds commented 2 years ago

FusionAuth / fusionauth-issues

[Feature] SCIM support #106