Skip to content

02. Configuring ScimServerConfiguration

Jump to bottom Edit New page
Alejandro Mora edited this page May 18, 2018 · 6 revisions

When invoking UseScimServer within your IAppBuilder pipeline, you may specify an Action<ScimServerConfiguration> to configure an Owin.Scim.Configuration.ScimServerConfiguration instance. The instance will be created by Owin.Scim and passed into your delegate. It is here where you'll want to configure your SCIM server instance. The following provides documentation on what is available to you as a SCIM-compliant server. See: Service Provider Configuration Schema - https://tools.ietf.org/html/rfc7643#page-27

RequireSsl

By default, Owin.Scim requires SSL and will prevent any requests not using transport-layer security. For development purposes, you may turn off this restriction.

DependencyResolver

Owin.Scim uses DryIoC for internal dependency injection. Chances are, if you are integrating Owin.Scim with an existing application, you may have already written code which operates on users & group management. There is typically substantial business logic around these operations (e.g. does the authenticated user have the rights to create or modify a resource).

In your Owin.Scim IUserRepository implementation, you may wish to inject your own domain services or repositories. By specifying an IDependencyResolver with ScimServerConfiguration.DependencyResolver, Owin.Scim will use this to resolve any dependencies which it doesn't have registered with DryIoc. Therefore, no need to re-register all your core business logic and/or persistence-related services.

SCIM v2 Features

All SCIM features are enabled by default and initialized with default settings as per the SCIM spec. You may use the following methods to configure SCIM features:

ConfigurePatch(bool supported = true)  
ConfigureBulk(bool supported = true, int maxOperations = ScimConstants.Defaults.BulkMaxOperations, int maxPayloadSizeInBytes = ScimConstants.Defaults.BulkMaxPayload)  
ConfigureFilter(bool supported = true, int maxResults = ScimConstants.Defaults.FilterMaxResults)  
ConfigureChangePassword(bool supported = true)  
ConfigureSort(bool supported = true)
ConfigureETag(bool supported = true, bool isWeak = true)

Authentication Schemes

Owin.Scim does not provide any authentication mechanism. All authentication is considered outside of the SCIM specification and should be handled by the hosting application. However, you may provide metadata which describes the available authentication protocols available to the consumer. See: authenticationSchemes attribute description at Service Provider Configuration Schema - https://tools.ietf.org/html/rfc7643#page-27

Add a custom footer
Add a custom sidebar
Clone this wiki locally