| draft-ietf-scim-core-schema-21.txt | draft-ietf-scim-core-schema-22.txt | |||
|---|---|---|---|---|
| Network Working Group P. Hunt, Ed. | Network Working Group P. Hunt, Ed. | |||
| Internet-Draft Oracle | Internet-Draft Oracle | |||
| Intended status: Standards Track K. Grizzle | Intended status: Standards Track K. Grizzle | |||
| Expires: November 19, 2015 SailPoint | Expires: December 10, 2015 SailPoint | |||
| E. Wahlstroem | E. Wahlstroem | |||
| Nexus Technology | Nexus Technology | |||
| C. Mortimore | C. Mortimore | |||
| Salesforce | Salesforce | |||
| May 18, 2015 | June 8, 2015 | |||
| System for Cross-Domain Identity Management: Core Schema | System for Cross-Domain Identity Management: Core Schema | |||
| draft-ietf-scim-core-schema-21 | draft-ietf-scim-core-schema-22 | |||
| Abstract | Abstract | |||
| The System for Cross-Domain Identity Management (SCIM) specifications | The System for Cross-Domain Identity Management (SCIM) specifications | |||
| are designed to make identity management in cloud based applications | are designed to make identity management in cloud based applications | |||
| and services easier. The specification suite builds upon experience | and services easier. The specification suite builds upon experience | |||
| with existing schemas and deployments, placing specific emphasis on | with existing schemas and deployments, placing specific emphasis on | |||
| simplicity of development and integration, while applying existing | simplicity of development and integration, while applying existing | |||
| authentication, authorization, and privacy models. Its intent is to | authentication, authorization, and privacy models. Its intent is to | |||
| reduce the cost and complexity of user management operations by | reduce the cost and complexity of user management operations by | |||
| skipping to change at page 1, line 49 | skipping to change at page 1, line 49 | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on November 19, 2015. | This Internet-Draft will expire on December 10, 2015. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2015 IETF Trust and the persons identified as the | Copyright (c) 2015 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 24, line 17 | skipping to change at page 24, line 17 | |||
| displayName | displayName | |||
| A human readable name for the Group. REQUIRED. | A human readable name for the Group. REQUIRED. | |||
| The following multi-valued attribute is defined in addition to the | The following multi-valued attribute is defined in addition to the | |||
| common attributes defined in SCIM Core Schema: | common attributes defined in SCIM Core Schema: | |||
| members | members | |||
| A list of members of the Group. While values MAY be added or | A list of members of the Group. While values MAY be added or | |||
| removed, sub-attributes of members are "immutable". The "value" | removed, sub-attributes of members are "immutable". The "value" | |||
| sub-attribute must be the "id" and the "$ref" sub-attribute must | sub-attribute contains the value of an "id" attribute of a SCIM | |||
| be the URI of a SCIM resource, either a "User", or a "Group". The | resource, and the "$ref" sub-attribute must be the URI of a SCIM | |||
| intention of the "Group" type is to allow the service provider to | resource such as a "User", or a "Group". The intention of the | |||
| support nested groups. Service providers MAY require clients to | "Group" type is to allow the service provider to support nested | |||
| provide a non-empty members value based on the "required" sub | groups. Service providers MAY require clients to provide a non- | |||
| attribute of the "members" attribute in the "Group" resource | empty value by setting the "required" attribute characteristic of | |||
| a sub-attribute of the "members" attribute in the "Group" resource | ||||
| schema. | schema. | |||
| 4.3. Enterprise User Schema Extension | 4.3. Enterprise User Schema Extension | |||
| The following SCIM extension defines attributes commonly used in | The following SCIM extension defines attributes commonly used in | |||
| representing users that belong to, or act on behalf of a business or | representing users that belong to, or act on behalf of a business or | |||
| enterprise. The enterprise user extension is identified using the | enterprise. The enterprise user extension is identified using the | |||
| following schema URI: | following schema URI: | |||
| "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User". | "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User". | |||
| skipping to change at page 93, line 35 | skipping to change at page 93, line 35 | |||
| Dropped use of "real" in definition of name as no real name policy | Dropped use of "real" in definition of name as no real name policy | |||
| was implied. | was implied. | |||
| Re-worded/improved readability of password definition | Re-worded/improved readability of password definition | |||
| At request of Stephen Farrell, clarified x509certificate values | At request of Stephen Farrell, clarified x509certificate values | |||
| contain only one certificate. | contain only one certificate. | |||
| Other typos and nits | Other typos and nits | |||
| Draft 22 - PH - Clarified sub-attribute definition of Group "members" | ||||
| attribute | ||||
| Authors' Addresses | Authors' Addresses | |||
| Phil Hunt (editor) | Phil Hunt (editor) | |||
| Oracle Corporation | Oracle Corporation | |||
| Email: phil.hunt@yahoo.com | Email: phil.hunt@yahoo.com | |||
| Kelly Grizzle | Kelly Grizzle | |||
| SailPoint | SailPoint | |||
| End of changes. 6 change blocks. | ||||
| 10 lines changed or deleted | 14 lines changed or added | |||
This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||