Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CF UAA support for SCIM2.0 as per https://simplecloud.info/#Implementations2 #2550

Open
Rohit04061992 opened this issue Oct 18, 2023 · 10 comments
Open

CF UAA support for SCIM2.0 as per https://simplecloud.info/#Implementations2 #2550

Rohit04061992 opened this issue Oct 18, 2023 · 10 comments
Labels
unscheduled

Comments

@Rohit04061992
Copy link

Rohit04061992 commented Oct 18, 2023
edited by swalchemist

[no description provided]
@cf-gitbot
Copy link

We have created an issue in Pivotal Tracker to manage this:

https://www.pivotaltracker.com/story/show/186280117

The labels on this github issue will be updated when the story is started.

@Rohit04061992
Copy link
Author

I am using latest uaa version 76.22.0

@strehle
Copy link
Member

strehle commented Oct 18, 2023

You created an isssue but this is a feature request and I doubt that we will provide full 2.0 support with one fix, so do have a concrete issue missing SCIM2.0 where a small or medium fix would help.
And if you would provide such a PR we could solve this in a shorter time frame

@Rohit04061992
Copy link
Author

We are trying to configure , ad sync with cf uaa , and when azure ad is invoking uaa apis for syncing the users and groups , uaa is giving error which says it only supports scim1.0 schema

@Rohit04061992
Copy link
Author

Rohit04061992 commented Oct 26, 2023
edited

In cf uaa for create user api schema is optional , but when someone passes the schema as scim2.0 system breaks , scim 2.0 is defacto standard now , cf uaa should enhance to support this .

@strehle We need basic scim2.0 support for adding users and groups .

@Rohit04061992
Copy link
Author

Hello @strehle ,
We would like CF UAA to get aligned with https://datatracker.ietf.org/doc/html/rfc7644, so that it can be used with modern IDPS which has capability to sync user in uaa using scim endpoints .

@strehle
Copy link
Member

strehle commented Oct 30, 2023

@emalm @Tallicia @torsten-sap FYI.

Agree that SCIM 2.0 is standard, therefore added PM to discuss the prio.

UAA uses currently https://github.com/pingidentity/scim
With https://github.com/pingidentity/scim2 an adoption to /v2/Users, /v2/Groups etc. could happen without that much effort, but I have not verified it.

@Rohit04061992 If you would be able to provide a PR it would increase the speed here.

@Rohit04061992
Copy link
Author

Rohit04061992 commented Oct 30, 2023
edited

Hi @strehle ,

Yes i have also landed up till https://github.com/pingidentity/scim2, was trying to integrate this as well, but if this comes rom the community it will be best .

@Rohit04061992
Copy link
Author

@strehle I have initiated a PR at this location #2583
But changes to scim sdk is breaking most of the scim based implementation, which makes sense , but this also means major changes in uaa .

@Rohit04061992
Copy link
Author

Hi @emalm ,
Can you take this , i feel that this enhancement would be of great value for uaa as a product as well.

@swalchemist swalchemist mentioned this issue Jan 11, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
unscheduled
Projects
Foundational Infrastructure Working Group
Status: Inbox
Milestone
No milestone
Development

No branches or pull requests
3 participants
@cf-gitbot @Rohit04061992 @strehle