SCIM configuration

ISAM provides support for selected parts of the Cross-domain Identity Management (SCIM) protocol.

SCIM is an HTTP-based protocol that makes managing identities in multi-domain scenarios easier to support through a standardized service. ISAM provides SCIM-based web services to facilitate user self care capabilities such as social login association, account enablement, and password reset. We can use the SCIM Configuration page in the local management interface to configure the SCIM capabilities.

If a reverse proxy is used in front of the SCIM components, the IV credential headers (also known as iv-users/iv-groups/iv-creds), if provided, will be used to obtain the authenticated user identity for the request.

A demo application is provided for authenticated users to view and modify their own data. This application can be accessed at the following URL:

https://<runtime_server>/scim/demo.html

By default, the demo application is disabled on the appliance. To enable it, go to System > Advanced Tuning Parameters, add an advanced tuning parameter named runtime_profile.scim_demo_enabled, and set its value to true.

• General SCIM settings
  
• User profile
  
• Groups
  
• External authentication services
  
• Verify Access user
  

Parent topic: Advanced Access Control administration