The System for Cross-domain Identity Management (SCIM) 2.0 sync destination associates a SCIM 2.0 external server with a set of one or more endpoint mappings and can also specify additional configuration properties.
Available properties include:
- The SCIM 2.0 external server to which changes will be synchronized. This is required.
- A set of one or more SCIM 2.0 endpoint mappings to use when synchronizing changes to the SCIM 2.0 server. This is required.
- The HTTP request method that should be used when querying the SCIM 2.0 server to fetch existing entries. The value can be one of the following:
get– Use the HTTP GET method to submit the query. This is the default value that will be used if the property is not specified.
post– Use the HTTP POST method to submit the query.
- The HTTP request method that should be used when applying changes to existing SCIM 2.0 entries. The value can be one of the following:
put– Use the HTTP PUT method to replace the entire entry. SCIM 2.0 servers must support this method, but it is less efficient and more risky than using the PATCH method because it has greater potential of losing changes to the entry made by other SCIM 2.0 clients.
patch– Use the HTTP PATCH method to specify which specific changes should be applied to the entry. This method is an optional part of the SCIM 2.0 specification, so it might not be available in all servers, but it is more efficient and safer than the PUT method, so this is the default that will be used if the property is not specified.
You can use the following example configuration change to create a SCIM 2.0 sync destination:
dsconfig create-sync-destination \ --destination-name "SCIMv2 Destination" \ --type scim2 \ --set "server:SCIMv2 Server" \ --set "endpoint-mapping:Users Endpoint"