Unlike the System for Cross-domain Identity Management (SCIM) 1.1 servlet extension, the SCIM 2.0 system is configured through the administrative console or with the dsconfig command-line tool.
The SCIM 2.0 system consists of the following components:
- SCIM resource type
- A SCIM resource type defines a class of resources, such as users or devices. Every SCIM resource type features at least one SCIM schema, which defines the attributes available to each resource. If you enable a SCIM resource type, it must have a designated LDAP structural objectclass and an associated base distinguished name (DN).
- SCIM schemas
- Defines a collection of SCIM attributes, grouped under an identifier called a schema URN. Each SCIM resource type possesses a single core schema and can feature schema extensions, which act as secondary attribute groupings that the schema URN namespaces. SCIM Schemas are defined independently of SCIM resource types, and multiple SCIM resource types can use a single SCIM schema as a core schema or schema extension.
- SCIM attributes
- Defines an attribute that is available under a SCIM schema. The configuration for a SCIM attribute defines its data type, regardless of whether it's required, single-valued, or multi-valued. When a SCIM attribute consists of SCIM sub-attributes, it's defined as a complex attribute.
- SCIM sub-attributes
- When a SCIM attribute consists of SCIM sub-attributes, it's defined as a complex attribute.
- SCIM attribute mappings (mapping resource types only)
- Defines the manner in which a SCIM resource type maps the attributes in its SCIM schemas to native LDAP attributes of the PingDirectoryProxy server.
- Correlated LDAP Data Views
- Allows a single SCIM resource that consists of attributes that are retrieved from multiple LDAP entries. For more information, see Correlated LDAP data views.