Scim overview : slides presented at the Bay Area Identity Developers meetup in June 2014. Covers an overview of SCIM, its history, the schema, and protocol semantics.
The System for Cross-domain Identity Management (SCIM) specification is designed to make managing user identities in cloud-based applications and services easier. The specification suite seeks to build upon experience with existing schemas and deployments, placing specific emphasis on simplicity of development and integration, while applying existing authentication, authorization, and privacy models. Its intent is to reduce the cost and complexity of user management operations by providing a common user schema and extension model, as well as binding documents to provide patterns for exchanging this schema using standard protocols. In essence: make it fast, cheap, and easy to move users in to, out of, and around the cloud.
Information on this overview page is not normative.
SCIM is built on a object model where a Resource is the common denominator and all SCIM objects are derived from it. SCIM currently has three objects that directly inherit from the Resource object. The ServiceProviderConfiguration and Schema are used for discovery and contain no user information. The CoreResource object is where user and group data are contained, within its two child resources, User and Group.