Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Does Keycloak Support SCIM?

Tags:

keycloak

scim

Has anyone used SCIM with Keycloak? If so, can you point me at documentation? I've google searched and it doesn't appear to be a supported configuration.

like image 534
Mike Maxey Avatar asked Oct 25 '19 22:10

Mike Maxey

People also ask

Is SCIM a SAML?

SCIM, on the other hand, does not use SAML. Admins can create, update and deactivate accounts from a central place using an API call.

Is Okta a SCIM?

Okta currently supports both Version 2.0 and Version 1.1 of the SCIM protocol specifications. If you haven't yet implemented SCIM, Okta recommends that you implement SCIM 2.0. To work with Okta, your SCIM application must use RESTful endpoints constructed according to either the V2.

How do you integrate SCIM?

The SCIM connection settings appear under Settings > Integration. Click Edit. Specify the SCIM connector base URL and the field name of the unique identifier for your users on your SCIM server. Under Supported provisioning actions, choose the provisioning actions supported by your SCIM server.

What is SCIM support?

SCIM, or the System for Cross-domain Identity Management specification, is an open standard designed to manage user identity information. SCIM provides a defined schema for representing users and groups, and a RESTful API to run CRUD operations on those user and group resources.

2 Answers

Unfortunately SCIM isn't supported by Keycloak yet. There's an open issue (feature request) on their Jira: https://issues.jboss.org/browse/KEYCLOAK-2537

I just noticed that someone has started to create an open source implementation for SCIM on Keycloak. Haven't tested it yet, but sure will do that soon.

like image 141
Theos Avatar answered Nov 15 '22 07:11

Theos

I provided a library that integrates with keycloak. Its currently tested with keycloak 8.0.1 and 10.0.1. I provided a simple sample project that shows how to integrate it here:

https://github.com/Captain-P-Goldfish/SCIM-SDK/tree/master/scim-for-keycloak

filtering and sorting does also already work on this example but is done by api-internal features. It is pretty fast up to 5000 users but I haven't done any distress tests. So I do not know when it will become inperformant. If you provide more users you should implement filtering on database level

like image 30
Goldfish Avatar answered Nov 15 '22 07:11

Goldfish
Sign in to Comment

Related questions

Keycloak: Failed to load URLs in Spring Boot Application
How to get Keycloak username in AuditorAware
ABAC with keycloak - Using Resource attributes in policy
Unable to set user credential using Keycloak admin api
Scripting theme configuration for a realm
KeyCloak restricting user management to certain groups while enabling 'manage-users'
How can I add SSL in keycloak in docker
Spring Boot - KeyCloak directed to 403 forbidden
Keycloak | Cannot await on updateToken() in async function
Keycloak Java adapter - Retrieving roles list
Why won't the Keycloak with Spring Boot tutorial work?
Multiple authentication methods for a user in Keycloak
MountVolume.SetUp failed for volume "realm-secret" : secrets "realm-secret" not found
Keycloak Identity Broker API
How to use keycloak with NestJS properly
Keycloak - Add/Remove Realm role from a user using APIcalls
Docker (Spring Boot or Thorntail) and Keycloak
Keycloak: Get authorization code in JSON?
Does AddJwtBearer() Do what I think it does?
keycloak initial login does not work with admin username and password

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!