Why SCIM Matters over Admin Services
The System for Cross-domain Identity Management (SCIM) is an open standard that developed from the need for a way to synchronize user information between multiple applications.
SCIM is very useful as it mainly addreses two problems where admin services are incapable to handle.
- Interoperability
Lets look at an example what does this means. Assume you have a certain application called Application1 which is developed using language1. This application needs to communicate with Facebook. Therefore application 1 should have some code written which should be compatible with Facebooks rest APIs. Likewise there comes a future need where application 1 needs to communicate with Twitter. But the technology used by Twitter is different from the technogy used by Facebook. Therefore application 1 needs to rewrite some more code investing more time n human resources to implement a way to communicate with Twitter. Assume in this manner if application 1 needs to communicate with 10 3 rd party applications we need to rewrite the code 10 times using different technologies to make them compatible with each 3rd party applications. This will be very time and cost consuming. This is where SCIM comes into picture. If all the applications agree on common standard like SCIM we do not need to rewrite the codes when we communicate with different applications. Each and every 3rd party applications can use a SCIM client and can communicate with application1 where application 1 also will be using a SCIM client. This concept is called as interoperability
2. Facilitate a common standard for Content Type.
Lets look at this as well through a simple example. Assume Facebook uses the term firstName to recognize a persons first name. Twitter uses the term f_name to recognize a persons first name. and Application 1 uses the term FIRSTNAME. In such situations rhis will be a problem to communicate between different applications. SCIM has addressed this problem by introducing a common standard to declare variables. So if all the applications uses SCIM there wont be any schema violations between applications when we try to intergrate them with application 1
With all these SCIM reduces the mistakes and data inconsistencies between identity ecosystems.
Further while onboarding a new employee, it’s common for a new user profile to be created in a central directory. It’s likely the user needs access to other services like Salesforce, G Suite, or Slack. It’s inefficient for administrators to enter user information in those environments when users can be automatically provisioned to them using a standards-based SCIM connector this can be done automatically.
Therefore WSO2 also supports SCIM when there are already developed admin services by WSO2 are available. With SCIM it facilitate the same functionalites that can be done through admin services with SCIM as well to overcome the issues explained above.
