PingAuthorize

SCIM API request and response flow

The System for Cross-domain Identity Management (SCIM) REST API provides an HTTP API for data contained in a user store.

Although user stores typically consist of a single datastore, such as PingDirectory Server, they can also consist of multiple datastores.

When a SCIM request is received, it is translated into one or more requests to the user store, and the resulting user store response is translated into a SCIM response. The SCIM response is authorized by sending a policy request to the policy decision point (PDP). Depending on the policy result, including the statements that are returned in the result, the SCIM response might be filtered or rejected.

Sequence diagram of the PingAuthorize SCIM API inbound and outbound data flow involving the client, PingAuthorize, the PDP, and the directory server