The SCIM protocol is designed to make managing user identity in cloud-based applications and services easier. SCIM enables provisioning identities, groups, and passwords to, from, and between clouds. PingDataSync Server can be configured to synchronize with SCIM service providers.
Both he Ping Identity PingDirectory Server and PingDirectoryProxy Server can be configured to be SCIM servers using the SCIM HTTP Servlet Extension.
PingDataSync Server is LDAP-centric and operates on LDAP attributes. The SCIM sync destination server component acts as a translation layer between a SCIM service provider’s schema and an LDAP representation of the entries. While PingDataSync Server is LDAP-centric and typically at least one endpoint is an LDAP Directory Server, this is not a strict requirement. For example, a JDBC to SCIM sync pipe can be configured.
PingDataSync Server contains sync classes that define how source and destination entries are correlated. The SCIM sync destination contains its own mapping layer, based on scimresources.xml that maps LDAP schema to and from SCIM.
PingDataSync Server can use SCIM only as a sync destination. There is no mechanism in the SCIM protocol for detecting changes, so it cannot be used as a Sync Source.