SCIM Simple Cloud Identity Management Interop

WSO2 Identity Server supports many leading identity management specifications, and work is underway to support interoperable Simple Cloud Identity Management.  The Simple Cloud Identity Management (SCIM) specification is designed to make managing user identity in cloud based applications and services easier.

It’s intent is to reduce the cost and complexity of user management operations and provide patterns for exchanging this schema using standard protocols. In essence, make it fast, cheap, and easy to move users in to, out of, and around the cloud. SCIM delivers more agile integration with Google Apps, Salesforce and other SaaS providers.

At a recent IETF meeting, WSO2, Sailpoint, Ping Identity, UnboundId, Cisco, Technology Nexus, SalesForce, Gluu, Curion, and BCPSoft performed interoperability testing.  The twenty-one SCIM interop use cases covered managing users and groups.  During the interop event, WSO2 Charon, WSO2’s SCIM implementation delivered under the Apache 2.0 license, performed well.  Interoperability testing uncovered a few areas where the specification requires clarification.

During the summer timeframe,  WSO2 will incorporate SCIM into the WSO2 Identity Server, a highly interoperable identity management platform.   WSO2 Identity Server delivers:

  • Single Sign-On (SSO) via OpenID, SAML2 and Kerberos KDC
  • Provisioning via SCIM instead of legacy SPML
  • Auditing via XDAS
  • Delegation via OAuth 1.0a, OAuth 2.0 and WS-Trust
  • Federation via OpenID, SAML2 and WS-Trust STS
  • Integration with Microsoft SharePoint with Passive STS support
  • Implement REST security with OAuth 2.0 and XACML
  • Attribute or Claim based access control via XACML, WS-Trust, OpenID and claim management
  • Fine-grained policy based access control via XACML

Let me know if you would like a demonstration of the only complete open identity management server based on:

  1. Open Architecture
  2. Open Standards
  3. Open License
  4. Open Source


Leave a Reply