draft-ietf-scim-core-schema-21.txt   draft-ietf-scim-core-schema-22.txt 
Network Working Group P. Hunt, Ed. Network Working Group P. Hunt, Ed.
Internet-Draft Oracle Internet-Draft Oracle
Intended status: Standards Track K. Grizzle Intended status: Standards Track K. Grizzle
Expires: November 19, 2015 SailPoint Expires: December 10, 2015 SailPoint
E. Wahlstroem E. Wahlstroem
Nexus Technology Nexus Technology
C. Mortimore C. Mortimore
Salesforce Salesforce
May 18, 2015 June 8, 2015
System for Cross-Domain Identity Management: Core Schema System for Cross-Domain Identity Management: Core Schema
draft-ietf-scim-core-schema-21 draft-ietf-scim-core-schema-22
Abstract Abstract
The System for Cross-Domain Identity Management (SCIM) specifications The System for Cross-Domain Identity Management (SCIM) specifications
are designed to make identity management in cloud based applications are designed to make identity management in cloud based applications
and services easier. The specification suite builds upon experience and services easier. The specification suite builds upon experience
with existing schemas and deployments, placing specific emphasis on with existing schemas and deployments, placing specific emphasis on
simplicity of development and integration, while applying existing simplicity of development and integration, while applying existing
authentication, authorization, and privacy models. Its intent is to authentication, authorization, and privacy models. Its intent is to
reduce the cost and complexity of user management operations by reduce the cost and complexity of user management operations by
skipping to change at page 1, line 49 skipping to change at page 1, line 49
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on November 19, 2015. This Internet-Draft will expire on December 10, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 24, line 17 skipping to change at page 24, line 17
displayName displayName
A human readable name for the Group. REQUIRED. A human readable name for the Group. REQUIRED.
The following multi-valued attribute is defined in addition to the The following multi-valued attribute is defined in addition to the
common attributes defined in SCIM Core Schema: common attributes defined in SCIM Core Schema:
members members
A list of members of the Group. While values MAY be added or A list of members of the Group. While values MAY be added or
removed, sub-attributes of members are "immutable". The "value" removed, sub-attributes of members are "immutable". The "value"
sub-attribute must be the "id" and the "$ref" sub-attribute must sub-attribute contains the value of an "id" attribute of a SCIM
be the URI of a SCIM resource, either a "User", or a "Group". The resource, and the "$ref" sub-attribute must be the URI of a SCIM
intention of the "Group" type is to allow the service provider to resource such as a "User", or a "Group". The intention of the
support nested groups. Service providers MAY require clients to "Group" type is to allow the service provider to support nested
provide a non-empty members value based on the "required" sub groups. Service providers MAY require clients to provide a non-
attribute of the "members" attribute in the "Group" resource empty value by setting the "required" attribute characteristic of
a sub-attribute of the "members" attribute in the "Group" resource
schema. schema.
4.3. Enterprise User Schema Extension 4.3. Enterprise User Schema Extension
The following SCIM extension defines attributes commonly used in The following SCIM extension defines attributes commonly used in
representing users that belong to, or act on behalf of a business or representing users that belong to, or act on behalf of a business or
enterprise. The enterprise user extension is identified using the enterprise. The enterprise user extension is identified using the
following schema URI: following schema URI:
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User". "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User".
skipping to change at page 93, line 35 skipping to change at page 93, line 35
Dropped use of "real" in definition of name as no real name policy Dropped use of "real" in definition of name as no real name policy
was implied. was implied.
Re-worded/improved readability of password definition Re-worded/improved readability of password definition
At request of Stephen Farrell, clarified x509certificate values At request of Stephen Farrell, clarified x509certificate values
contain only one certificate. contain only one certificate.
Other typos and nits Other typos and nits
Draft 22 - PH - Clarified sub-attribute definition of Group "members"
attribute
Authors' Addresses Authors' Addresses
Phil Hunt (editor) Phil Hunt (editor)
Oracle Corporation Oracle Corporation
Email: phil.hunt@yahoo.com Email: phil.hunt@yahoo.com
Kelly Grizzle Kelly Grizzle
SailPoint SailPoint
 End of changes. 6 change blocks. 
10 lines changed or deleted 14 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/