PingFederate supports the SCIM 1.1 protocol for outbound and inbound provisioning.
At an identity provider (IdP) outbound site, you have the option to automatically provision and maintain user accounts at service provider (SP) sites that have implemented SCIM. When you have PingFederate configured as an SP inbound site, you can automatically provision and manage user accounts and groups for your own organization using the standard SCIM protocol. For a brief summary of supported features, see the following table.
|User and group create, read, update, and delete (CRUD) operations
|Custom schema support
|List/query and filtering support
|HTTP Basic and OAuth Resource Owner Password Credentials grant type
|HTTP Basic and client certificate (mutual TLS)
|Source data stores
|PingDirectory, Microsoft Active Directory, and Oracle Unified Directory
|Target data stores
|Active Directory and other data stores via the Identity Store Provisioner Java SDK interface
For detailed information about SCIM, see www.simplecloud.info.