scim

Why is there no actual schema for the SCIM core user?


Simple question here... According to the SCIM specification (https://datatracker.ietf.org/doc/html/rfc7643) and the seriously limited documentation I could find, there is a "core user schema" provided by SCIM. It is described in section 4 of the RFC but this is just a vague description. Where is the actual schema? It would be significantly easier to design my own schema if I could see how things are defined in the core user schema. My system only requires/accepts one email address for example, whereas the core schema talks about multiple addresses with different types.


Solution

  • It's located here: https://datatracker.ietf.org/doc/html/rfc7643#section-8.7.1

    For the emails scenario you described, the easiest approach would be to only allow one type(work, other..) and reject any request without a type or with a disallowed type.