[keycloak-dev] SCIM v2 support
Thomas Darimont
thomas.darimont at googlemail.com
Wed Aug 29 08:04:28 EDT 2018
Hello Sebastian,
having scim support built-in keycloak would be awesome!
I'd take a look at other implementations, e.g. the scim support in Cloud
Foundys UAA:
https://github.com/cloudfoundry/uaa/tree/develop/server/src/main/java/org/cloudfoundry/identity/uaa/scim
There you can see what's involved.
Cheers,
Thomas
Lösch, Sebastian <Sebastian.Loesch at governikus.de> schrieb am Mi., 29. Aug.
2018, 13:28:
> Hello,
>
>
>
> in a customer project we use keycloak and need a SCIM (System for
> Cross-domain Identity Management) API.
>
> Currently we write a wrapper API and a custom endpoint providing the SCIM
> functionality. We wrote a extension of the UserEntity, UserModel and an
> extension of the JpaUserProvider.
>
> This strategy seems not ideal and the nicest way is to add this extensions
> to Keycloak. This is already suggested in
> https://issues.jboss.org/browse/KEYCLOAK-2537
>
> Is anybody out there who can guide me, what coding would be necessary to
> contribute the SCIM functionality?
>
>
>
> Currently I think we have to:
>
> - extend the UserEntity with all SCIM attributes. This will result
> in additional tables/entities for complex attributes e.g. Address, Name,
> Email
>
> - extend the UserModel to povide the additional attributes
>
> - implement the new SCIM endpoint /Users
>
> - make the additional attributes available via Admin REST API
> /users
>
> - extend views to be able to edit SCIM user attributes using the
> web ui
>
> - …
>
> - All the above again for the Groups endpoint…
>
>
>
> This also seem to be major changes. To big for one Pull Request. How do you
> like to handle this?
>
>
>
> Best regards,
>
> Sebastian
>
>
>
>
>
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
More information about the keycloak-dev
mailing list