combine-scim-search-authorizations to optimize policy processing
for System for Cross-domain Identity Management
By default, SCIM search responses are authorized by generating multiple policy decision requests with the retrieve action, one for each member of the result set. The default mode enables policy reuse but might result in greater overall policy processing time.
When you use this advice
type, the current SCIM search result set is
processed using an alternative authorization mode in which all
search results are authorized by a single policy request that uses
the search-results action. The policy request
includes an object with a single
This advice type does not use a payload.
For more information about SCIM search handling, see About SCIM searches.