What's the purpose of the scimdef-v2.js file?

[inchandru]

Hi @jelhub

This is not an issue.

I'm raising this issue only for informational purpose. Not sure where to raise this request. Please ignore if this is not relevant for you

I have a few questions to understand how scimgateway works. Can you help me out?

1. What is the purpose of the https://github.com/jelhub/scimgateway/blob/master/lib/scimdef-v2.js file and why is it defined? If this is the standard definition for SCIM 2.0 for defining ResourceType, how does the otherMails attribute worked even though it's not defined in scimdef-v2.js file?

2. If I have some custom Attributes like subject, Can I define custom attributes in scimdef-v2.js file? 🤔

3. What is a bulk object (https://github.com/jelhub/scimgateway/blob/master/lib/scimdef-v2.js:12)? Is there any use case for it?

I'm having trouble understanding on how and where the scimdef-v2.js file is being used.

Thank you in Advance 🙂

[jelhub]

1) Some IdP's will according to SCIM standard request endpoint discovery information. This information is located in scimdef-v2.js and scimdef-v1.js.

Ref:

GET http://localhost:8880/ServiceProviderConfigs
Specification compliance, authentication schemes, data models.

GET http://localhost:8880/Schemas
Introspect resources and attribute extensions.

SCIM Gateway only cares about mandatory attributes like userName, id and displayName (groups). Rest of attributes will be passed "as is" to plugin. So, your plugin have to acceept, reject or ignore attributes used by IdP.

If your IdP reads /Schemas and refuse communication because of missing schema attributes e.g. otherMails, you have to copy scimdef-file to your local package like mentioned in the doc and add your custom schema definitions to this file.

2) Not needed unless your IdP reads /Schemas and complains about missing attribute definitions. Entra ID do not use this logic.

3) For bulk see: https://datatracker.ietf.org/doc/html/rfc7644#section-3.7 Not supported by SCIM Gateway