PingDirectory

Authentication requirements for SCIM 2.0 requests

All System for Cross-domain Identity Management (SCIM) requests on a PingDirectoryProxy server must use OAuth 2.0 bearer token authentication.

Bearer tokens are evaluated using the SCIM 2 servlet extension’s configured access token validators. Basic authentication is not supported.

In addition to requiring bearer tokens, the server does not process any SCIM requests unless it has at least one encryption-settings definition in its encryption-settings database. You can create the necessary definitions with the encryption-settings command-line tool.

For more information, see Encrypting sensitive data.

You must define encryption settings and ensure they match on the proxy and all backend PingDirectory servers.