The SCIM standards just grew up to become RFC's

Integrity and simplicity for both users and IT-departments just took a huge step forward on the Internet. The SCIM specifications, System for Cross-Domain Identity Management, are now published as publications by the Internet Engineering Taskforce (IETF) as RFC7643 and RFC7644. At neXus we are super proud because we have been playing a key part of the specifications, all the way from version 1.0, 1.1 and now 2.0.

SCIM makes identity life cycle management much easier by specifying and standardising how identity information like users, groups and different types of things and devices are sent over the wire. Before RFC7643 and RFC7644 (Ooo if feels good to write that out loud!) identity information was scattered over the internet leaving traces of identities at all the different service providers that a company have used. Identity Federation have helped adopting new services, and it has given users a smooth user experience, but it leaves those identity traces after the service is not used any more. Sometimes because the company moved on to the next big thing at a new service provider, and sometimes just because an employee quits. Now with RFC7643 and RFC7644 in place it’s possible to automatically create, update and remove the identity information on the fly making it possible to finally take back control of the private and valuable information.

There two specifications are very simple. The first one defines how a User, Group and potentially things like Toaster looks like. They are all called Resources and they are then managed by the other specification that defines how the Resources are sent over the wire.

We, at neXus, uses SCIM internally to tie our platform together in a unified way, we also use it to handle the life cycle management of users to cloud systems like Salesforce, Cisco and others. Devices are also defined in our neXus Dynamic Identity Platform with the help of SCIM, making it easy to define new device in the system, and it’s also a good, compact and well defined, interface for constrained devices to communicate with.

During the development of the specifications we have had several interops to verify that SCIM really works in the wild. There are also a long list of implementations, and we actually just added two new once yesterday, on the public facing web site for SCIM called http://www.simplecloud.info/ that can be used as a starting point for developing SCIM support.

Read more about about SCIM and the SCIM support in neXus Hybrid Access Gateway here:

Read about the Valuable and interoperable identity

Read about Identity Orchestration

You can also watch a couple of videos that describes SCIM:

 (Swedish only)