Blog post -

The SCIM standards just grew up to become RFC's

Integrity and simplicity for both users and IT-departments just took a huge step forward on the Internet. The SCIM specifications, System for Cross-Domain Identity Management, are now published as publications by the Internet Engineering Taskforce (IETF) as RFC7643 and RFC7644. At neXus we are super proud because we have been playing a key part of the specifications, all the way from version 1.0, 1.1 and now 2.0.

SCIM makes identity life cycle management much easier by specifying and standardising how identity information like users, groups and different types of things and devices are sent over the wire. Before RFC7643 and RFC7644 (Ooo if feels good to write that out loud!) identity information was scattered over the internet leaving traces of identities at all the different service providers that a company have used. Identity Federation have helped adopting new services, and it has given users a smooth user experience, but it leaves those identity traces after the service is not used any more. Sometimes because the company moved on to the next big thing at a new service provider, and sometimes just because an employee quits. Now with RFC7643 and RFC7644 in place it’s possible to automatically create, update and remove the identity information on the fly making it possible to finally take back control of the private and valuable information.

There two specifications are very simple. The first one defines how a User, Group and potentially things like Toaster looks like. They are all called Resources and they are then managed by the other specification that defines how the Resources are sent over the wire.

We, at neXus, uses SCIM internally to tie our platform together in a unified way, we also use it to handle the life cycle management of users to cloud systems like Salesforce, Cisco and others. Devices are also defined in our neXus Dynamic Identity Platform with the help of SCIM, making it easy to define new device in the system, and it’s also a good, compact and well defined, interface for constrained devices to communicate with.

During the development of the specifications we have had several interops to verify that SCIM really works in the wild. There are also a long list of implementations, and we actually just added two new once yesterday, on the public facing web site for SCIM called http://www.simplecloud.info/ that can be used as a starting point for developing SCIM support.

Read more about about SCIM and the SCIM support in neXus Hybrid Access Gateway here:

Read about the Valuable and interoperable identity

Read about Identity Orchestration

You can also watch a couple of videos that describes SCIM:

(Swedish only)

/ Erik Wahlström, Director of Products

Related links

Topics

  • Data, Telecom, IT

Categories

  • technology nexus
  • hybrid access gateway
  • hag
  • scim
  • identity management

Regions

  • England

Contacts

Related content

  • neXus appoints new CFO

    Magnus Karlsson joins neXus as CFO on February 22, 2016, becoming a new member of the group management. Magnus succeeds Björn Johansson, who has decided to seek new challenges outside the group after nine years with neXus.

  • Six themes drive identity management in 2016

    For neXus, the leading global provider of security solutions and services, identity management will be one of the central issues in the context of IT security in 2016. The trends such as continuous flexibilization in the working environment, new forms of customer communication and the growing number of cyber-attacks are responsible for this.

  • Carolen Ytander new CMO for neXus

    neXus is boosting its company management by recruiting Carolen Ytander to head up marketing, communications and strategic HR. Carolen most recently worked at Vattenfall, where she held a number of executive positions, including Head of Nordic Marketing.

  • neXus supplies service card solutions to municipality of Ale

    Municipality of Ale has negotiated a solution for the production and administration of service cards for all its employees. The management of the municipality wanted all personnel to have secure identification that could also be used for secure login, and for access, print-on-demand etc.

  • neXus' office on the world list of stylish offices

    The neXus office is located in Ericsson's old premises at Telefonplan south of Stockholm, since two years. The premises decorated by MER architectural firm, has now been named one of the world's 35 most exciting workplaces.

  • The Hacked Jeep is not alone

    A recent article in Wired shows how the threat is real and even though causing accidents might not be the prime target it points out that we need to take what we have learnt when opening up systems and API to the IoT world and not just care about remote access to IoT, its also about how different objects in the near perimeter act and are authorized to act.

  • The IETF #93 meeting is wrapping up and it was a great week

     An very intensive Internet Engineering Task Force (IETF) week in Prague is just winding down. It’s been a great week in warm and welcoming Prague. IETF works on the specifications that together form the Internet and IETF attendees meets three times a year to try to make the internet, slowly but consistently, a better place. The gathering consists of quick presentations and long discussions in

  • Mobile app authentication by using Hybrid Access Gateway

    Traditionally authentication in mobile apps is not much different from authentication in web applications. However there are some key differences in mobile apps
    The UI is not build up on the server side so any changes to the UI (e.g. new authentication methods) requires new version of the application to be deployed. These kinds of things take time and focus from the actual app development. For

  • Explosion in IoT reveals risk of massive black market

    In a recent report Gartner predicts that by 2020 over 50% of new major business process and system will incorporate some element of the Internet of Things. From a security perspective this growth will ...

  • Identity data capture and validation is key

    This week I had the pleasure of visiting NORSIS event IDentitet 2016 in Oslo. Very well structured the event started with presentations around the capturing and validation of identity data which is fundamental for the trust in eIDs (and of course other types of credentials).

  • Server Name Indication and Hybrid Access Gateway

    ​SNI is an extension to TLS that has been around for a while, since 2003, but is becoming more and more important as installations become multi tenant with customers from completely different organizations.

Enter your email address to follow Nexus Group

When you choose to create a user account and follow a newsroom your personal data will be used by us and the owner of the newsroom, for you to receive news and updates according to your subscription settings.

To learn more about this, please read our Privacy Policy, which applies to our use of your personal data, and our Privacy Policy for Contacts, which applies to the use of your personal data by the owner of the newsroom you follow.

Please note that our Terms of Use apply to all use of our services.

You can withdraw your consent at any time by unsubscribing or deleting your account.
Check your inbox

Email sent to __email__. Click the link there to follow Nexus Group.

Okay