draft-ietf-scim-core-schema-07.txt   draft-ietf-scim-core-schema-08.txt 
Network Working Group K. Grizzle Network Working Group K. Grizzle
Internet-Draft SailPoint Internet-Draft SailPoint
Intended status: Standards Track P. Hunt, Ed. Intended status: Standards Track P. Hunt, Ed.
Expires: February 2, 2015 Oracle Expires: February 12, 2015 Oracle
E. Wahlstroem E. Wahlstroem
Technology Nexus Technology Nexus
C. Mortimore C. Mortimore
Salesforce Salesforce
August 1, 2014 August 11, 2014
System for Cross-Domain Identity Management: Core Schema System for Cross-Domain Identity Management: Core Schema
draft-ietf-scim-core-schema-07 draft-ietf-scim-core-schema-08
Abstract Abstract
The System for Cross-Domain Identity Management (SCIM) specification The System for Cross-Domain Identity Management (SCIM) specification
is designed to make managing user identity in cloud based is designed to make managing user identity in cloud based
applications and services easier. The specification suite builds applications and services easier. The specification suite builds
upon experience with existing schemas and deployments, placing upon experience with existing schemas and deployments, placing
specific emphasis on simplicity of development and integration, while specific emphasis on simplicity of development and integration, while
applying existing authentication, authorization, and privacy models. applying existing authentication, authorization, and privacy models.
Its intent is to reduce the cost and complexity of user management Its intent is to reduce the cost and complexity of user management
skipping to change at page 2, line 4 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on February 2, 2015. This Internet-Draft will expire on February 12, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 12 skipping to change at page 3, line 12
11. JSON Representation . . . . . . . . . . . . . . . . . . . . . 24 11. JSON Representation . . . . . . . . . . . . . . . . . . . . . 24
11.1. Minimal User Representation . . . . . . . . . . . . . . 24 11.1. Minimal User Representation . . . . . . . . . . . . . . 24
11.2. Full User Representation . . . . . . . . . . . . . . . . 24 11.2. Full User Representation . . . . . . . . . . . . . . . . 24
11.3. Enterprise User Extension Representation . . . . . . . . 27 11.3. Enterprise User Extension Representation . . . . . . . . 27
11.4. Group Representation . . . . . . . . . . . . . . . . . . 30 11.4. Group Representation . . . . . . . . . . . . . . . . . . 30
11.5. Service Provider Configuration Representation . . . . . 31 11.5. Service Provider Configuration Representation . . . . . 31
11.6. Resource Type Representation . . . . . . . . . . . . . . 32 11.6. Resource Type Representation . . . . . . . . . . . . . . 32
11.7. Schema Representation . . . . . . . . . . . . . . . . . 33 11.7. Schema Representation . . . . . . . . . . . . . . . . . 33
12. Security Considerations . . . . . . . . . . . . . . . . . . . 55 12. Security Considerations . . . . . . . . . . . . . . . . . . . 55
13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 55 13. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 55
13.1. URN Sub-Namespace for SCIM . . . . . . . . . . . . . . . 55 13.1. New Registration of SCIM URN Sub-namespace . . . . . . . 55
13.1.1. Specification Template . . . . . . . . . . . . . . . 55 13.2. URN Sub-Namespace for SCIM . . . . . . . . . . . . . . . 55
13.1.2. Pre-Registered SCIM Schema Identifiers . . . . . . . 58 13.2.1. Specification Template . . . . . . . . . . . . . . . 56
13.2. Registering SCIM Schemas . . . . . . . . . . . . . . . . 58 13.2.2. Pre-Registered SCIM Schema Identifiers . . . . . . . 58
13.2.1. Registration Procedure . . . . . . . . . . . . . . . 58 13.3. Registering SCIM Schemas . . . . . . . . . . . . . . . . 58
13.2.2. Schema Registration Template . . . . . . . . . . . . 59 13.3.1. Registration Procedure . . . . . . . . . . . . . . . 59
13.3. Initial SCIM Schema Registry . . . . . . . . . . . . . . 59 13.3.2. Schema Registration Template . . . . . . . . . . . . 59
14. References . . . . . . . . . . . . . . . . . . . . . . . . . 60 13.4. Initial SCIM Schema Registry . . . . . . . . . . . . . . 60
14.1. Normative References . . . . . . . . . . . . . . . . . . 60 14. References . . . . . . . . . . . . . . . . . . . . . . . . . 61
14.2. Informative References . . . . . . . . . . . . . . . . . 61 14.1. Normative References . . . . . . . . . . . . . . . . . . 61
14.2. Informative References . . . . . . . . . . . . . . . . . 62
Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 62 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 62
Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 62 Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 63
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 64 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 65
1. Introduction and Overview 1. Introduction and Overview
While there are existing standards for describing and exchanging user While there are existing standards for describing and exchanging user
information, many of these standards can be difficult to implement information, many of these standards can be difficult to implement
and/or use; e.g., their wire protocols do not easily traverse and/or use; e.g., their wire protocols do not easily traverse
firewalls and/or are not easily layered onto existing web protocols. firewalls and/or are not easily layered onto existing web protocols.
As a result, many cloud providers implement non-standardized As a result, many cloud providers implement non-standardized
protocols for managing users within their services. This increases protocols for managing users within their services. This increases
both the cost and complexity associated with organizations adopting both the cost and complexity associated with organizations adopting
skipping to change at page 4, line 37 skipping to change at page 4, line 40
Resource: The service provider managed artifact containing one or Resource: The service provider managed artifact containing one or
more attributes; e.g., "User" or "Group". more attributes; e.g., "User" or "Group".
Resource Type: A type of a resource that is managed by a service Resource Type: A type of a resource that is managed by a service
provider. The resource type defines the resource name, endpoint provider. The resource type defines the resource name, endpoint
URL, Schemas, and other meta-data which indicate where a resource URL, Schemas, and other meta-data which indicate where a resource
is managed and how it is composed; e.g., "User" or "Group". is managed and how it is composed; e.g., "User" or "Group".
Schema: A collection of Attribute Definitions that describe the Schema: A collection of Attribute Definitions that describe the
contents of an entire or partial resource; e.g., contents of an entire or partial resource; e.g.,
"urn:scim:schemas:core:2.0:User". "urn:ietf:params:scim:schemas:core:2.0:User".
Singular Attribute: A resource attribute that contains 0..1 values; Singular Attribute: A resource attribute that contains 0..1 values;
e.g., "displayName". e.g., "displayName".
Multi-valued Attribute: A resource attribute that contains 0..n Multi-valued Attribute: A resource attribute that contains 0..n
values; e.g., "emails". values; e.g., "emails".
Simple Attribute: A singular or multi-valued attribute whose value Simple Attribute: A singular or multi-valued attribute whose value
is a primitive; e.g., "String". is a primitive; e.g., "String".
skipping to change at page 10, line 45 skipping to change at page 10, line 45
MUST include a non-zero value array with value(s) of the URIs MUST include a non-zero value array with value(s) of the URIs
supported by that representation. The schemas attribute for a supported by that representation. The schemas attribute for a
resource MUST only contain values defined as "schema" and resource MUST only contain values defined as "schema" and
"schemaExtensions" for the resource's resource type. Duplicate "schemaExtensions" for the resource's resource type. Duplicate
values MUST NOT be included. Value order is not specified and values MUST NOT be included. Value order is not specified and
MUST not impact behavior. REQUIRED. MUST not impact behavior. REQUIRED.
5. SCIM User Schema 5. SCIM User Schema
SCIM provides a schema for representing Users, identified using the SCIM provides a schema for representing Users, identified using the
following URI: "urn:scim:schemas:core:2.0:User". The following following URI: "urn:ietf:params:scim:schemas:core:2.0:User". The
attributes are defined in addition to those attributes defined in following attributes are defined in addition to those attributes
SCIM Core Schema: defined in SCIM Core Schema:
5.1. Singular Attributes 5.1. Singular Attributes
userName Unique identifier for the user, typically used by the user userName Unique identifier for the user, typically used by the user
to directly authenticate to the service provider. Often displayed to directly authenticate to the service provider. Often displayed
to the user as their unique identifier within the system (as to the user as their unique identifier within the system (as
opposed to id or externalId, which are generally opaque and not opposed to id or externalId, which are generally opaque and not
user-friendly identifiers). Each User MUST include a non-empty user-friendly identifiers). Each User MUST include a non-empty
userName value. This identifier MUST be unique across the userName value. This identifier MUST be unique across the
client's entire set of Users. RECOMMENDED. client's entire set of Users. RECOMMENDED.
skipping to change at page 15, line 36 skipping to change at page 15, line 36
x509Certificates A list of certificates issued to the User. Values x509Certificates A list of certificates issued to the User. Values
are Binary (Section 2.1.6) and DER encoded x509. This value has are Binary (Section 2.1.6) and DER encoded x509. This value has
NO canonical types. NO canonical types.
6. SCIM Enterprise User Schema Extension 6. SCIM Enterprise User Schema Extension
The following SCIM extension defines attributes commonly used in The following SCIM extension defines attributes commonly used in
representing users that belong to, or act on behalf of a business or representing users that belong to, or act on behalf of a business or
enterprise. The enterprise user extension is identified using the enterprise. The enterprise user extension is identified using the
following schema URI: following schema URI:
"urn:scim:schemas:extension:enterprise:2.0:User". "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User".
The following Singular Attributes are defined: The following Singular Attributes are defined:
employeeNumber Numeric or alphanumeric identifier assigned to a employeeNumber Numeric or alphanumeric identifier assigned to a
person, typically based on order of hire or association with an person, typically based on order of hire or association with an
organization. organization.
costCenter Identifies the name of a cost center. costCenter Identifies the name of a cost center.
organization Identifies the name of an organization. organization Identifies the name of an organization.
skipping to change at page 16, line 21 skipping to change at page 16, line 21
$ref The URI of the SCIM resource representing the User's $ref The URI of the SCIM resource representing the User's
manager. RECOMMENDED. manager. RECOMMENDED.
displayName The displayName of the user's manager. This displayName The displayName of the user's manager. This
attribute is OPTIONAL and mutability is "readOnly". attribute is OPTIONAL and mutability is "readOnly".
7. SCIM Group Schema 7. SCIM Group Schema
SCIM provides a schema for representing groups, identified using the SCIM provides a schema for representing groups, identified using the
following schema URI: "urn:scim:schemas:core:2.0:Group". following schema URI: "urn:ietf:params:scim:schemas:core:2.0:Group".
Group resources are meant to enable expression of common group or Group resources are meant to enable expression of common group or
role based access control models, although no explicit authorization role based access control models, although no explicit authorization
model is defined. It is intended that the semantics of group model is defined. It is intended that the semantics of group
membership and any behavior or authorization granted as a result of membership and any behavior or authorization granted as a result of
membership are defined by the service provider are considered out of membership are defined by the service provider are considered out of
scope for this specification. scope for this specification.
The following singular attribute is defined in addition to the common The following singular attribute is defined in addition to the common
attributes defined in SCIM core schema: attributes defined in SCIM core schema:
skipping to change at page 16, line 52 skipping to change at page 16, line 52
a "Group". The intention of the "Group" type is to allow the a "Group". The intention of the "Group" type is to allow the
service provider to support nested groups. Service providers MAY service provider to support nested groups. Service providers MAY
require clients to provide a non-empty members value based on the require clients to provide a non-empty members value based on the
"required" sub attribute of the "members" attribute in the "Group" "required" sub attribute of the "members" attribute in the "Group"
resource schema. resource schema.
8. Service Provider Configuration Schema 8. Service Provider Configuration Schema
SCIM provides a schema for representing the service provider's SCIM provides a schema for representing the service provider's
configuration identified using the following schema URI: configuration identified using the following schema URI:
"urn:scim:schemas:core:2.0:ServiceProviderConfig" "urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig"
The service provider configuration resource enables a service The service provider configuration resource enables a service
provider to discovery of SCIM specification features in a provider to discovery of SCIM specification features in a
standardized form as well as provide additional implementation standardized form as well as provide additional implementation
details to clients. All attributes are READ-ONLY (a mutability of details to clients. All attributes are READ-ONLY (a mutability of
"readOnly" ). Unlike other core resources, the "id" attribute is not "readOnly" ). Unlike other core resources, the "id" attribute is not
required for the service provider configuration resource. required for the service provider configuration resource.
The following Singular Attributes are defined in addition to the The following Singular Attributes are defined in addition to the
common attributes defined in Core Schema: common attributes defined in Core Schema:
skipping to change at page 18, line 42 skipping to change at page 18, line 42
specUrl A HTTP addressable URL pointing to the Authentication specUrl A HTTP addressable URL pointing to the Authentication
Scheme's specification. OPTIONAL. Scheme's specification. OPTIONAL.
documentationUrl A HTTP addressable URL pointing to the documentationUrl A HTTP addressable URL pointing to the
Authentication Scheme's usage documentation. OPTIONAL. Authentication Scheme's usage documentation. OPTIONAL.
9. ResourceType Schema 9. ResourceType Schema
The "ResourceType" schema specifies the meta-data about a resource The "ResourceType" schema specifies the meta-data about a resource
type. Resource type resources are READ-ONLY and identified using the type. Resource type resources are READ-ONLY and identified using the
following schema URI: "urn:scim:schemas:core:2.0:ResourceType". following schema URI:
Unlike other core resources, all attributes are REQUIRED unless "urn:ietf:params:scim:schemas:core:2.0:ResourceType". Unlike other
otherwise specified. The "id" attribute is not required for the core resources, all attributes are REQUIRED unless otherwise
resource type resource. specified. The "id" attribute is not required for the resource type
resource.
The following Singular Attributes are defined: The following Singular Attributes are defined:
id The resource type's server unique id. Often this is the same id The resource type's server unique id. Often this is the same
value as the "name" attribute. OPTIONAL value as the "name" attribute. OPTIONAL
name The resource type name. When applicable service providers MUST name The resource type name. When applicable service providers MUST
specify the name specified in the core schema specification; e.g., specify the name specified in the core schema specification; e.g.,
"User" or "Group". This name is referenced by the "User" or "Group". This name is referenced by the
"meta.resourceType" attribute in all resources. "meta.resourceType" attribute in all resources.
description The resource type's human readable description. When description The resource type's human readable description. When
applicable service providers MUST specify the description applicable service providers MUST specify the description
specified in the core schema specification. specified in the core schema specification.
endpoint The resource type's HTTP addressable endpoint relative to endpoint The resource type's HTTP addressable endpoint relative to
the Base URL; e.g., "/Users". the Base URL; e.g., "/Users".
schema The resource type's primary schema URI; e.g., schema The resource type's primary schema URI; e.g.,
"urn:scim:schemas:core:2.0:User". This MUST be equal to the "id" "urn:ietf:params:scim:schemas:core:2.0:User". This MUST be equal
attribute of the associated "Schema" resource. to the "id" attribute of the associated "Schema" resource.
schemaExtensions A list of URIs of the resource type's schema schemaExtensions A list of URIs of the resource type's schema
extensions. OPTIONAL. extensions. OPTIONAL.
schema The URI of an extended schema; e.g., "urn:edu:2.0:Staff". schema The URI of an extended schema; e.g., "urn:edu:2.0:Staff".
This MUST be equal to the "id" attribute of a "Schema" This MUST be equal to the "id" attribute of a "Schema"
resource. REQUIRED. resource. REQUIRED.
required A Boolean value that specifies whether the schema required A Boolean value that specifies whether the schema
extension is required for the resource type. If true, a extension is required for the resource type. If true, a
resource of this type MUST include this schema extension and resource of this type MUST include this schema extension and
include any attributes declared as required in this schema include any attributes declared as required in this schema
extension. If false, a resource of this type MAY omit this extension. If false, a resource of this type MAY omit this
schema extension. REQUIRED. schema extension. REQUIRED.
10. Schema Schema 10. Schema Schema
The "Schema" schema specifies the attribute(s) and meta-data that The "Schema" schema specifies the attribute(s) and meta-data that
constitute a "Schema" resource. Schema resources have mutability of constitute a "Schema" resource. Schema resources have mutability of
"readOnly" and identified using the following URI: "readOnly" and identified using the following URI:
"urn:scim:schemas:core:2.0:Schema". Unlike other core resources the "urn:ietf:params:scim:schemas:core:2.0:Schema". Unlike other core
"Schema" resource MAY contain a complex object within a sub-attribute resources the "Schema" resource MAY contain a complex object within a
and all attributes are REQUIRED unless otherwise specified. sub-attribute and all attributes are REQUIRED unless otherwise
specified.
The following Singular Attributes are defined: The following Singular Attributes are defined:
id The unique URI of the schema. When applicable service providers id The unique URI of the schema. When applicable service providers
MUST specify the URI specified in the core schema specification; MUST specify the URI specified in the core schema specification;
e.g., "urn:scim:schemas:core:2.0:User". Unlike most other e.g., "urn:ietf:params:scim:schemas:core:2.0:User". Unlike most
schemas, which use some sort of a GUID for the "id", the schema other schemas, which use some sort of a GUID for the "id", the
"id" is a URI so that it can be registered and is portable between schema "id" is a URI so that it can be registered and is portable
different service providers and clients. between different service providers and clients.
name The schema's human readable name. When applicable service name The schema's human readable name. When applicable service
providers MUST specify the name specified in the core schema providers MUST specify the name specified in the core schema
specification; e.g., "User" or "Group". OPTIONAL. specification; e.g., "User" or "Group". OPTIONAL.
description The schema's human readable description. When description The schema's human readable description. When
applicable service providers MUST specify the description applicable service providers MUST specify the description
specified in the core schema specification. OPTIONAL. specified in the core schema specification. OPTIONAL.
The following multi-valued attribute is defined: The following multi-valued attribute is defined:
skipping to change at page 24, line 19 skipping to change at page 24, line 19
any server SHOULD possess the same value. any server SHOULD possess the same value.
11. JSON Representation 11. JSON Representation
11.1. Minimal User Representation 11.1. Minimal User Representation
The following is a non-normative example of the minimal required SCIM The following is a non-normative example of the minimal required SCIM
representation in JSON format. representation in JSON format.
{ {
"schemas": ["urn:scim:schemas:core:2.0:User"], "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
"id": "2819c223-7f76-453a-919d-413861904646", "id": "2819c223-7f76-453a-919d-413861904646",
"userName": "bjensen@example.com", "userName": "bjensen@example.com",
"meta": { "meta": {
"resourceType": "User", "resourceType": "User",
"created": "2010-01-23T04:56:22Z", "created": "2010-01-23T04:56:22Z",
"lastModified": "2011-05-13T04:42:34Z", "lastModified": "2011-05-13T04:42:34Z",
"version": "W\/\"3694e05e9dff590\"", "version": "W\/\"3694e05e9dff590\"",
"location": "https://example.com/v2/Users/2819c223-7f76-453a-919d-413861904646" "location": "https://example.com/v2/Users/2819c223-7f76-453a-919d-413861904646"
} }
} }
Figure 2: Example Minimal User JSON Representation Figure 2: Example Minimal User JSON Representation
11.2. Full User Representation 11.2. Full User Representation
The following is a non-normative example of the fully populated SCIM The following is a non-normative example of the fully populated SCIM
representation in JSON format. representation in JSON format.
{ {
"schemas": ["urn:scim:schemas:core:2.0:User"], "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
"id": "2819c223-7f76-453a-919d-413861904646", "id": "2819c223-7f76-453a-919d-413861904646",
"externalId": "701984", "externalId": "701984",
"userName": "bjensen@example.com", "userName": "bjensen@example.com",
"name": { "name": {
"formatted": "Ms. Barbara J Jensen III", "formatted": "Ms. Barbara J Jensen III",
"familyName": "Jensen", "familyName": "Jensen",
"givenName": "Barbara", "givenName": "Barbara",
"middleName": "Jane", "middleName": "Jane",
"honorificPrefix": "Ms.", "honorificPrefix": "Ms.",
"honorificSuffix": "III" "honorificSuffix": "III"
skipping to change at page 27, line 32 skipping to change at page 27, line 32
Figure 3: Example Full User JSON Representation Figure 3: Example Full User JSON Representation
11.3. Enterprise User Extension Representation 11.3. Enterprise User Extension Representation
The following is a non-normative example of the fully populated User The following is a non-normative example of the fully populated User
using the enterprise User extension in JSON format. using the enterprise User extension in JSON format.
{ {
"schemas": "schemas":
[ "urn:scim:schemas:core:2.0:User", [ "urn:ietf:params:scim:schemas:core:2.0:User",
"urn:scim:schemas:extension:enterprise:2.0:User"], "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"],
"id": "2819c223-7f76-453a-919d-413861904646", "id": "2819c223-7f76-453a-919d-413861904646",
"externalId": "701984", "externalId": "701984",
"userName": "bjensen@example.com", "userName": "bjensen@example.com",
"name": { "name": {
"formatted": "Ms. Barbara J Jensen III", "formatted": "Ms. Barbara J Jensen III",
"familyName": "Jensen", "familyName": "Jensen",
"givenName": "Barbara", "givenName": "Barbara",
"middleName": "Jane", "middleName": "Jane",
"honorificPrefix": "Ms.", "honorificPrefix": "Ms.",
"honorificSuffix": "III" "honorificSuffix": "III"
skipping to change at page 30, line 8 skipping to change at page 30, line 8
DYrl+ft781UQRIqxgwqCfXEuDiinPh0kkvIi5jivVu1Z9QiwlYEdRbLJ4zJQBmDr DYrl+ft781UQRIqxgwqCfXEuDiinPh0kkvIi5jivVu1Z9QiwlYEdRbLJ4zJQBmDr
SGTMYn4lRc2HgHO4DqB/bnMVorHB0CC6AV1QoFK4GPe1LwIDAQABo3sweTAJBgNV SGTMYn4lRc2HgHO4DqB/bnMVorHB0CC6AV1QoFK4GPe1LwIDAQABo3sweTAJBgNV
HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp
Y2F0ZTAdBgNVHQ4EFgQU8pD0U0vsZIsaA16lL8En8bx0F/gwHwYDVR0jBBgwFoAU Y2F0ZTAdBgNVHQ4EFgQU8pD0U0vsZIsaA16lL8En8bx0F/gwHwYDVR0jBBgwFoAU
dGeKitcaF7gnzsNwDx708kqaVt0wDQYJKoZIhvcNAQEFBQADgYEAA81SsFnOdYJt dGeKitcaF7gnzsNwDx708kqaVt0wDQYJKoZIhvcNAQEFBQADgYEAA81SsFnOdYJt
Ng5Tcq+/ByEDrBgnusx0jloUhByPMEVkoMZ3J7j1ZgI8rAbOkNngX8+pKfTiDz1R Ng5Tcq+/ByEDrBgnusx0jloUhByPMEVkoMZ3J7j1ZgI8rAbOkNngX8+pKfTiDz1R
C4+dx8oU6Za+4NJXUjlL5CvV6BEYb1+QAEJwitTVvxB/A67g42/vzgAtoRUeDov1 C4+dx8oU6Za+4NJXUjlL5CvV6BEYb1+QAEJwitTVvxB/A67g42/vzgAtoRUeDov1
+GFiBZ+GNF/cAYKcMtGcrs2i97ZkJMo=" +GFiBZ+GNF/cAYKcMtGcrs2i97ZkJMo="
} }
], ],
"urn:scim:schemas:extension:enterprise:2.0:User": { "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
"employeeNumber": "701984", "employeeNumber": "701984",
"costCenter": "4130", "costCenter": "4130",
"organization": "Universal Studios", "organization": "Universal Studios",
"division": "Theme Park", "division": "Theme Park",
"department": "Tour Operations", "department": "Tour Operations",
"manager": { "manager": {
"managerId": "26118915-6090-4610-87e4-49d8ca9f808d", "managerId": "26118915-6090-4610-87e4-49d8ca9f808d",
"$ref": "/Users/26118915-6090-4610-87e4-49d8ca9f808d", "$ref": "/Users/26118915-6090-4610-87e4-49d8ca9f808d",
"displayName": "John Smith" "displayName": "John Smith"
} }
skipping to change at page 31, line 6 skipping to change at page 31, line 6
} }
Figure 4: Example Enterprise User JSON Representation Figure 4: Example Enterprise User JSON Representation
11.4. Group Representation 11.4. Group Representation
The following is a non-normative example of SCIM Group representation The following is a non-normative example of SCIM Group representation
in JSON format. in JSON format.
{ {
"schemas": ["urn:scim:schemas:core:2.0:Group"], "schemas": ["urn:ietf:params:scim:schemas:core:2.0:Group"],
"id": "e9e30dba-f08f-4109-8486-d5c6a331660a", "id": "e9e30dba-f08f-4109-8486-d5c6a331660a",
"displayName": "Tour Guides", "displayName": "Tour Guides",
"members": [ "members": [
{ {
"value": "2819c223-7f76-453a-919d-413861904646", "value": "2819c223-7f76-453a-919d-413861904646",
"$ref": "https://example.com/v2/Users/2819c223-7f76-453a-919d-413861904646", "$ref": "https://example.com/v2/Users/2819c223-7f76-453a-919d-413861904646",
"display": "Babs Jensen" "display": "Babs Jensen"
}, },
{ {
"value": "902c246b-6245-4190-8e05-00816be7344a", "value": "902c246b-6245-4190-8e05-00816be7344a",
skipping to change at page 31, line 38 skipping to change at page 31, line 38
} }
Figure 5: Example Group JSON Representation Figure 5: Example Group JSON Representation
11.5. Service Provider Configuration Representation 11.5. Service Provider Configuration Representation
The following is a non-normative example of the SCIM service provider The following is a non-normative example of the SCIM service provider
configuration representation in JSON format. configuration representation in JSON format.
{ {
"schemas": ["urn:scim:schemas:core:2.0:ServiceProviderConfig"], "schemas": ["urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig"],
"documentationUrl":"http://example.com/help/scim.html", "documentationUrl":"http://example.com/help/scim.html",
"patch": { "patch": {
"supported":true "supported":true
}, },
"bulk": { "bulk": {
"supported":true, "supported":true,
"maxOperations":1000, "maxOperations":1000,
"maxPayloadSize":1048576 "maxPayloadSize":1048576
}, },
"filter": { "filter": {
skipping to change at page 33, line 5 skipping to change at page 33, line 5
} }
} }
Figure 6: Example Service Provider Config JSON Representation Figure 6: Example Service Provider Config JSON Representation
11.6. Resource Type Representation 11.6. Resource Type Representation
The following is a non-normative example of the SCIM resource type The following is a non-normative example of the SCIM resource type
representation in JSON format. representation in JSON format.
{ {
"schemas": ["urn:scim:schemas:core:2.0:ResourceType"], "schemas": ["urn:ietf:params:scim:schemas:core:2.0:ResourceType"],
"id":"User", "id":"User",
"name":"User", "name":"User",
"endpoint": "/Users", "endpoint": "/Users",
"description": "Core User", "description": "Core User",
"schema": "urn:scim:schemas:core:2.0:User", "schema": "urn:ietf:params:scim:schemas:core:2.0:User",
"schemaExtensions": [ "schemaExtensions": [
{ {
"schema": "urn:scim:schemas:extension:enterprise:2.0:User", "schema": "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
"required": true "required": true
} }
], ],
"meta": { "meta": {
"location":"https://example.com/v2/ResourceTypes/User", "location":"https://example.com/v2/ResourceTypes/User",
"resourceType": "ResourceType", "resourceType": "ResourceType",
"created": "2010-01-23T04:56:22Z", "created": "2010-01-23T04:56:22Z",
"lastModified": "2011-05-13T04:42:34Z", "lastModified": "2011-05-13T04:42:34Z",
"version": "W\/\"3694e05e9dff595\"" "version": "W\/\"3694e05e9dff595\""
} }
} }
Figure 7: Example Resource Type JSON Representation Figure 7: Example Resource Type JSON Representation
11.7. Schema Representation 11.7. Schema Representation
The following is intended as normative example of the SCIM Schema The following is intended as normative example of the SCIM Schema
representation in JSON format. Where permitted individual values and representation in JSON format. Where permitted individual values and
schema MAY change. Included but not limited to, are schemas for schema MAY change. Included but not limited to, are schemas for
User, Group, and enterprise user. User, Group, and enterprise user.
{[ {[
{ {
"id" : "urn:scim:schemas:core:2.0:User", "id" : "urn:ietf:params:scim:schemas:core:2.0:User",
"name" : "User", "name" : "User",
"description" : "Core User", "description" : "Core User",
"attributes" : [ "attributes" : [
{ {
"name" : "id", "name" : "id",
"type" : "string", "type" : "string",
"multiValued" : false, "multiValued" : false,
"description" : "Unique identifier for the SCIM resource as defined by the Service Provider. Each representation of the resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of resources. It MUST be a stable, non-reassignable identifier that does not change when the same resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. REQUIRED.", "description" : "Unique identifier for the SCIM resource as defined by the Service Provider. Each representation of the resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of resources. It MUST be a stable, non-reassignable identifier that does not change when the same resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. REQUIRED.",
"required" : true, "required" : true,
"caseExact" : false, "caseExact" : false,
skipping to change at page 50, line 42 skipping to change at page 50, line 42
"mutability" : "readWrite", "mutability" : "readWrite",
"returned" : "default", "returned" : "default",
"uniqueness" : "none" "uniqueness" : "none"
} }
], ],
"meta" : { "meta" : {
"resourceType" : "Schema", "resourceType" : "Schema",
"created" : "2010-01-23T04:56:22Z", "created" : "2010-01-23T04:56:22Z",
"lastModified" : "2014-02-04T00:00:00Z", "lastModified" : "2014-02-04T00:00:00Z",
"version" : "W/\"3694e05e9dff596\"", "version" : "W/\"3694e05e9dff596\"",
"location" : "https://example.com/v2/Schemas/urn:scim:schemas:core:2.0:User" "location" : "https://example.com/v2/Schemas/urn:ietf:params:scim:schemas:core:2.0:User"
} }
}, },
{ {
"id" : "urn:scim:schemas:core:2.0:Group", "id" : "urn:ietf:params:scim:schemas:core:2.0:Group",
"name" : "Group", "name" : "Group",
"description" : "Core Group", "description" : "Core Group",
"attributes" : [ "attributes" : [
{ {
"name" : "id", "name" : "id",
"type" : "string", "type" : "string",
"multiValued" : false, "multiValued" : false,
"description" : "Unique identifier for the SCIM resource as defined by the Service Provider. Each representation of the resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of resources. It MUST be a stable, non-reassignable identifier that does not change when the same resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. REQUIRED.", "description" : "Unique identifier for the SCIM resource as defined by the Service Provider. Each representation of the resource MUST include a non-empty id value. This identifier MUST be unique across the Service Provider's entire set of resources. It MUST be a stable, non-reassignable identifier that does not change when the same resource is returned in subsequent requests. The value of the id attribute is always issued by the Service Provider and MUST never be specified by the Service Consumer. REQUIRED.",
"required" : true, "required" : true,
"caseExact" : false, "caseExact" : false,
skipping to change at page 52, line 43 skipping to change at page 52, line 43
"mutability" : "readWrite", "mutability" : "readWrite",
"returned" : "default", "returned" : "default",
"uniqueness" : "none" "uniqueness" : "none"
} }
], ],
"meta" : { "meta" : {
"resourceType" : "Schema", "resourceType" : "Schema",
"created" : "2010-01-23T04:56:22Z", "created" : "2010-01-23T04:56:22Z",
"lastModified" : "2014-02-04T00:00:00Z", "lastModified" : "2014-02-04T00:00:00Z",
"version" : "W/\"3694e05e9dff596\"", "version" : "W/\"3694e05e9dff596\"",
"location" : "https://example.com/v2/Schemas/urn:scim:schemas:core:2.0:Group" "location" : "https://example.com/v2/Schemas/urn:ietf:params:scim:schemas:core:2.0:Group"
} }
}, },
{ {
"id" : "urn:scim:schemas:extension:enterprise:2.0:User", "id" : "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
"name" : "EnterpriseUser", "name" : "EnterpriseUser",
"description" : "Enterprise User", "description" : "Enterprise User",
"attributes" : [ "attributes" : [
{ {
"name" : "employeeNumber", "name" : "employeeNumber",
"type" : "string", "type" : "string",
"multiValued" : false, "multiValued" : false,
"description" : "Numeric or alphanumeric identifier assigned to a person, typically based on order of hire or association with an organization.", "description" : "Numeric or alphanumeric identifier assigned to a person, typically based on order of hire or association with an organization.",
"required" : false, "required" : false,
"caseExact" : false, "caseExact" : false,
skipping to change at page 55, line 14 skipping to change at page 55, line 14
"mutability" : "readWrite", "mutability" : "readWrite",
"returned" : "default", "returned" : "default",
"uniqueness" : "none" "uniqueness" : "none"
} }
], ],
"meta" : { "meta" : {
"resourceType" : "Schema", "resourceType" : "Schema",
"created" : "2010-01-23T04:56:22Z", "created" : "2010-01-23T04:56:22Z",
"lastModified" : "2014-02-04T00:00:00Z", "lastModified" : "2014-02-04T00:00:00Z",
"version" : "W/\"3694e05e9dff596\"", "version" : "W/\"3694e05e9dff596\"",
"location" : "https://example.com/v2/Schemas/urn:scim:schemas:extension:enterprise:2.0:User" "location" : "https://example.com/v2/Schemas/urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
} }
} }
]} ]}
Figure 8: Eample Schema JSON Representation Figure 8: Eample Schema JSON Representation
12. Security Considerations 12. Security Considerations
The SCIM Core schema contains personally identifiable information as The SCIM Core schema contains personally identifiable information as
well as other sensitive data. Aside from prohibiting password values well as other sensitive data. Aside from prohibiting password values
in a SCIM response this specification does not provide any means or in a SCIM response this specification does not provide any means or
guarantee of confidentiality. guarantee of confidentiality.
13. IANA Considerations 13. IANA Considerations
13.1. URN Sub-Namespace for SCIM 13.1. New Registration of SCIM URN Sub-namespace
IANA has created a registry for new IETF URN sub-namespaces,
"urn:ietf:params:scim:", per [RFC3553]. The registration request is
as follows:
Per [RFC3553], IANA has registered a new URN sub-namespace,
"urn:ietf:params:scim".
o Registry name: scim
o Specification: [this document]
o Repository: [see Section 13.2]
o Index value: values [see Section 13.2]
13.2. URN Sub-Namespace for SCIM
SCIM schemas and SCIM messages utilize URIs to identify the schema in SCIM schemas and SCIM messages utilize URIs to identify the schema in
use or other relevant context. This section creates and registers an use or other relevant context. This section creates and registers an
IETF URN Sub-namespace for use in the SCIM specifications and future IETF URN Sub-namespace for use in the SCIM specifications and future
extensions. extensions.
13.1.1. Specification Template 13.2.1. Specification Template
Namespace ID: Namespace ID:
The Namespace ID "scim" is requested. The Namespace ID "scim" is requested.
Registration Information: Registration Information:
Version: 1 Version: 1
Date: [[insert final submission date]] Date: [[insert final submission date]]
skipping to change at page 56, line 15 skipping to change at page 56, line 33
Designated contact Designated contact
A designated expert will monitor the SCIM public mailing list, A designated expert will monitor the SCIM public mailing list,
"scim@ietf.org". "scim@ietf.org".
Declaration of Syntactic Structure: Declaration of Syntactic Structure:
The Namespace Specific String (NSS) of all URNs that use the The Namespace Specific String (NSS) of all URNs that use the
"scim" NID shall have the following structure: "scim" NID shall have the following structure:
urn:scim:{type}:{name}{:subName}:{version}{:className}{:resourceType} urn:ietf:params:scim:{type}:{name}{:sName}:{vers}{:class}{:resType}
The keywords have the following meaning: The keywords have the following meaning:
type type
An entity type (e.g. "schemas", "api", or "param" ). The entity type which is either "schemas" or "api".
name name
A required US-ASCII string that conforms to the URN syntax A required US-ASCII string that conforms to the URN syntax
requirements (see [RFC2141] ) and defines a major namespace of requirements (see [RFC2141] ) and defines a major namespace of
object used within SCIM (e.g. "core", "extension" ). The name object used within SCIM (e.g. "core", "extension" ). The name
"extension" MUST be used when the registered schema it refers "extension" MAY be used when the registered schema it refers to
to is intended to be used as an extension to another schema. is intended to be used as an extension to another schema.
An optional US-ASCII string that conforms to the URN syntax An optional US-ASCII string that conforms to the URN syntax
requirements (see [RFC2141] ) and defines a sub-class of object requirements (see [RFC2141] ) and defines a sub-class of object
used within SCIM (e.g. "enterprise", "extension" ). used within SCIM (e.g. "enterprise").
version vers
The first SCIM protocol version number where the URN is valid The first SCIM protocol version number where the URN is valid
(e.g. "2.0" ). (e.g. "2.0" ).
className class
An optional US-ASCII string that conforms to the URN syntax An optional US-ASCII string that conforms to the URN syntax
requirements (see [RFC2141] ) and defines a major class of requirements (see [RFC2141] ) and defines a major class of
object used within SCIM. object used within SCIM.
resourceType resType
An optional US-ASCII string that conforms to the URN syntax An optional US-ASCII string that conforms to the URN syntax
requirements (see [RFC2141] ) and typically is used when requirements (see [RFC2141] ) and typically is used when
referring to a resource type within SCIM (e.g. User). referring to a resource type within SCIM (e.g. User).
Relevant Ancillary Documentation: Relevant Ancillary Documentation:
None None
Identifier Uniqueness Considerations: Identifier Uniqueness Considerations:
skipping to change at page 57, line 21 skipping to change at page 57, line 39
Once a name has been allocated it MUST NOT be re-allocated for a Once a name has been allocated it MUST NOT be re-allocated for a
different purpose. The rules provided for assignments of values different purpose. The rules provided for assignments of values
within a sub-namespace MUST be constructed so that the meaning of within a sub-namespace MUST be constructed so that the meaning of
values cannot change. This registration mechanism is not values cannot change. This registration mechanism is not
appropriate for naming values whose meaning may change over time. appropriate for naming values whose meaning may change over time.
As the SCIM specifications are updated and the SCIM protocol As the SCIM specifications are updated and the SCIM protocol
version is adjusted, a new registration will be made when version is adjusted, a new registration will be made when
significant changes are made. Example, significant changes are made. Example,
"urn:scim:schemas:core:1.0" and "urn:scim:schemas:core:2.0". "urn:ietf:params:scim:schemas:core:1.0 (externally defined, not
previously registered)" and
"urn:ietf:params:scim:schemas:core:2.0".
Process of Identifier Assignment: Process of Identifier Assignment:
Identifiers with namespace type "schema" (e.g. "urn:scim:schemas" Identifiers with namespace type "schema" (e.g.
) are assigned after the review of the assigned contact via the "urn:ietf:params:scim:schemas" ) are assigned after the review of
SCIM public mailing list, "scim@ietf.org" as documented in the assigned contact via the SCIM public mailing list,
Section 13.2. "scim@ietf.org" as documented in Section 13.3.
Namespaces with type "api" (e.g. "urn:scim:api" ) are reserved for Namespaces with type "api" (e.g. "urn:ietf:params:scim:api" ) are
IETF approved SCIM specifications. Namespaces with type "param" reserved for IETF approved SCIM specifications. Namespaces with
are reserved for future use. type "param" are reserved for future use.
Process of Identifier Resolution: Process of Identifier Resolution:
The namespace is not currently listed with a Resolution Discovery The namespace is not currently listed with a Resolution Discovery
System (RDS), but nothing about the namespace prohibits the future System (RDS), but nothing about the namespace prohibits the future
definition of appropriate resolution methods or listing with an definition of appropriate resolution methods or listing with an
RDS. RDS.
Rules for Lexical Equivalence: Rules for Lexical Equivalence:
skipping to change at page 58, line 9 skipping to change at page 58, line 29
No special considerations. No special considerations.
Validation Mechanism: Validation Mechanism:
None specified. None specified.
Scope: Scope:
Global. Global.
13.1.2. Pre-Registered SCIM Schema Identifiers 13.2.2. Pre-Registered SCIM Schema Identifiers
The following SCIM Identifiers are defined: The following SCIM Identifiers are defined:
urn:scim:schemas:core:2.0 urn:ietf:params:scim:schemas:core:2.0
SCIM Core Schema as specified in Section 4 and Section 13.3. SCIM Core Schema as specified in Section 4 and Section 13.4.
urn:scim:schemas:extension:enterprise:2.0 urn:ietf:params:scim:schemas:extension:enterprise:2.0
Enterprise schema extensions as defined in Section 6 and Enterprise schema extensions as defined in Section 6 and
Section 13.3. Section 13.4.
13.2. Registering SCIM Schemas 13.3. Registering SCIM Schemas
This section defines the process for registering new SCIM schemas This section defines the process for registering new SCIM schemas
with IANA. A schema URI is used as a value in the schemas attribute with IANA. A schema URI is used as a value in the schemas attribute
( Section 4.2 ) for the purpose of distinguishing extensions used in ( Section 4.2 ) for the purpose of distinguishing extensions used in
a SCIM resource. a SCIM resource.
13.2.1. Registration Procedure 13.3.1. Registration Procedure
The IETF has created a mailing list, scim@ietf.org, which can be used The IETF has created a mailing list, scim@ietf.org, which can be used
for public discussion of SCIM schema proposals prior to registration. for public discussion of SCIM schema proposals prior to registration.
Use of the mailing list is strongly encouraged. The IESG has Use of the mailing list is strongly encouraged. The IESG has
appointed a designated expert who will monitor the scim@ietf.org appointed a designated expert who will monitor the scim@ietf.org
mailing list and review registrations. mailing list and review registrations.
Registration of new schemas MUST be reviewed by the designated expert Registration of new schemas MUST be reviewed by the designated expert
and published in an RFC. A Standards Track RFC is REQUIRED for the and published in an RFC. A Standards Track RFC is REQUIRED for the
registration of new value data types that modify existing properties. registration of new value data types that modify existing properties.
skipping to change at page 59, line 17 skipping to change at page 59, line 41
Once the registration procedure concludes successfully, IANA creates Once the registration procedure concludes successfully, IANA creates
or modifies the corresponding record in the SCIM schema registry. or modifies the corresponding record in the SCIM schema registry.
The completed registration template is discarded. The completed registration template is discarded.
An RFC specifying new schema URI MUST include the completed An RFC specifying new schema URI MUST include the completed
registration templates, which MAY be expanded with additional registration templates, which MAY be expanded with additional
information. These completed templates are intended to go in the information. These completed templates are intended to go in the
body of the document, not in the IANA Considerations section. The body of the document, not in the IANA Considerations section. The
RFC SHOULD include any attributes defined. RFC SHOULD include any attributes defined.
13.2.2. Schema Registration Template 13.3.2. Schema Registration Template
A SCIM schema URI is defined by completing the following template: A SCIM schema URI is defined by completing the following template:
Schema URI: Schema URI: A unique URI for the SCIM schema extension. Schema URI: Schema URI: A unique URI for the SCIM schema extension.
Schema Name: A descriptive name of the schema extension (e.g. Schema Name: A descriptive name of the schema extension (e.g.
Generic Device) Generic Device)
Intended or Associated Resource Type: A value defining the resource Intended or Associated Resource Type: A value defining the resource
type (e.g. "Device"). type (e.g. "Device").
Purpose: A description of the purpose of the extension and/or its Purpose: A description of the purpose of the extension and/or its
intended use. intended use.
Single-value Attributes: A list and description of single-valued Single-value Attributes: A list and description of single-valued
attributes defined including complex attributes. attributes defined including complex attributes.
Multi-valued Attributes: A list and description of multi-valued Multi-valued Attributes: A list and description of multi-valued
attributes defined including complex attributes. attributes defined including complex attributes.
13.3. Initial SCIM Schema Registry 13.4. Initial SCIM Schema Registry
The IANA has created and will maintain the following registries for The IANA has created and will maintain the following registries for
SCIM schema URIs with pointers to appropriate reference documents. SCIM schema URIs with pointers to appropriate reference documents.
+-------------------------------------------+-----------+-----------+ +----------------------------------------------+---------+----------+
| Schema URI | Name | Reference | | Schema URI | Name | Referenc |
+-------------------------------------------+-----------+-----------+ | | | e |
| urn:scim:schemas:core:2.0:User | User | See | +----------------------------------------------+---------+----------+
| | Resource | Section 5 | | urn:ietf:params:scim:schemas:core:2.0:User | User Re | See |
| urn:scim:schemas:extension:enterprise:2.0 | Enterpris | See | | | source | Section |
| :User | e User | Section 6 | | | | 5 |
| | Extension | | | urn:ietf:params:scim:schemas:extension:enter | Enterpr | See |
| urn:scim:schemas:core:2.0:Group | Group | See | | prise:2.0:User | ise | Section |
| | Resource | Section 7 | | | User Ex | 6 |
+-------------------------------------------+-----------+-----------+ | | tension | |
| urn:ietf:params:scim:schemas:core:2.0:Group | Group R | See |
| | esource | Section |
| | | 7 |
+----------------------------------------------+---------+----------+
SCIM Schema URIs for Data Resources SCIM Schema URIs for Data Resources
+-----------------------------------------+-------------+-----------+ +--------------------------------------------+-----------+----------+
| Schema URI | Name | Reference | | Schema URI | Name | Referenc |
+-----------------------------------------+-------------+-----------+ | | | e |
| urn:scim:schemas:core:2.0:ServiceProvid | Service | See | +--------------------------------------------+-----------+----------+
| erConfig | Provider Co | Section 8 | | urn:ietf:params:scim:schemas:core:2.0:Serv | Service | See |
| | nfiguration | | | iceProviderConfig | Provider | Section |
| | Schema | | | | Configura | 8 |
| urn:scim:schemas:core:2.0:ResourceType | Resource | See | | | tion | |
| | Type Config | Section 9 | | | Schema | |
| urn:scim:schemas:core:2.0:Schema | Schema | See | | urn:ietf:params:scim:schemas:core:2.0:Reso | Resource | See |
| | Definitions | Section | | urceType | Type | Section |
| | Schema | 10 | | | Config | 9 |
+-----------------------------------------+-------------+-----------+ | urn:ietf:params:scim:schemas:core:2.0:Sche | Schema De | See |
| ma | finitions | Section |
| | Schema | 10 |
+--------------------------------------------+-----------+----------+
SCIM Server Related Schema URIs SCIM Server Related Schema URIs
14. References 14. References
14.1. Normative References 14.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2141] Moats, R., "URN Syntax", RFC 2141, May 1997. [RFC2141] Moats, R., "URN Syntax", RFC 2141, May 1997.
[RFC3553] Mealling, M., Masinter, L., Hardie, T., and G. Klyne, "An
IETF URN Sub-namespace for Registered Protocol
Parameters", BCP 73, RFC 3553, June 2003.
[RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO [RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO
10646", STD 63, RFC 3629, November 2003. 10646", STD 63, RFC 3629, November 2003.
[RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers", RFC [RFC3966] Schulzrinne, H., "The tel URI for Telephone Numbers", RFC
3966, December 2004. 3966, December 2004.
[RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform [RFC3986] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform
Resource Identifier (URI): Generic Syntax", STD 66, RFC Resource Identifier (URI): Generic Syntax", STD 66, RFC
3986, January 2005. 3986, January 2005.
skipping to change at page 64, line 20 skipping to change at page 65, line 17
- meta.attributes removed due to new PURGE command in draft 04 (no - meta.attributes removed due to new PURGE command in draft 04 (no
longer used) longer used)
Draft 07 - PH - Edits and revisions Draft 07 - PH - Edits and revisions
- Dropped use of the term API in favour of HTTP protocol or just - Dropped use of the term API in favour of HTTP protocol or just
protocol. protocol.
- Clarified meaning of null and unassigned - Clarified meaning of null and unassigned
Draft 08 - PH - Revised IANA namespace to urn:ietf:params:scim per
RFC3553
Authors' Addresses Authors' Addresses
Kelly Grizzle Kelly Grizzle
SailPoint SailPoint
Email: kelly.grizzle@sailpoint.com Email: kelly.grizzle@sailpoint.com
Phil Hunt (editor) Phil Hunt (editor)
Oracle Corporation Oracle Corporation
 End of changes. 54 change blocks. 
122 lines changed or deleted 158 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/