SCIM (System for Cross-domain Identity Management) resource types define a class of resources, such as users or devices. The PingAuthorize Server SCIM service provides a REST API for data stored in external datastores that are based on the SCIM 2.0 standard.
The SCIM service translates each SCIM request or response into one or more policy requests to the policy decision point (PDP).
These policy requests have an
action value that you can reference in the
policies you write to deny or permit the action.
For more background information, see About the SCIM service.
For more information about actions, see SCIM policy requests.
- Data control
- Information security
- Resource management
- A bank that wants to prevent delete operations of their client profiles
- A health care system that should only allow the creation of new patient records and should not allow the modification of existing patient records
- A university system that only allows the retrieval of student information from the student's defined department; the system can modify the information differently based on the department
- Getting the SCIM resource type and the action being executed
- Creating a policy to permit or deny the creation of resources
- Creating a policy to control the set of actions for a specific resource
- Creating a policy to restrict the ability to delete based on resource type
- Creating a policy to dynamically modify a resource based on the SCIM resource type