What if keeping your user stores in sync across domains was as simple as running "java -jar"? With Apache SCIMPle, it is!
Apache SCIMple is a SCIM 2.0-compliant server powered by Spring Boot 3. You can run it standalone or embedded in your existing app. It exposes user management REST endpoints and handles the hassle of user synchronization for you. If your identity provider supports SCIM, use the simple way!
GitHub example: https://github.com/mraible/okta-scim-spring-boot-example
Demo script: https://github.com/mraible/okta-scim-spring-boot-example/blob/main/demo.adoc
Microservices for the Masses with Spring Boot, JHipster, and OAuth - Switzerl...
Keep Identities in Sync the SCIMple Way - ApacheCon NA 2022
1. Keep Identities in Sync
The SCIMple Way
Brian Demers and Matt Raible
@briandemers / @mraible
October 3, 2022
2. @briandemers / @mraible
Who are we?
Brian Demers
Open Source Developer and Java
Champion
Fun facts: likes to snowboard; into 🐝
@bdemers
Matt Raible
Open Source Developer and Java
Champion
Fun facts: likes to ski; into classic VWs ✌
@mraible
3. @briandemers / @mraible
Today's Agenda What is SCIM?
01
Best Practices
02
Apache SCIMple
03
Demo
Apache SCIMple + Spring Boot
04
Action!
How to get involved!
05
@briandemers / @mraible
7. @briandemers / @mraible
REST Endpoints
https://example.com/api/v1/Parts
https://example.com/api/v1/Orders
https://example.com/api/v1/Users
https://example.com/api/v1/Groups
https://example.com/api/v1/Users
https://example.com/api/v1/Groups
Imagine you are building an API for an auto parts store:
17. @briandemers / @mraible
● Store the "source" of the user
● Store the "ID" of the user's source
● Emails are not good IDs
● The status of a user is a boolean.
● SCIM supports a SQL like expression language
User Model Best Practices
/Users?filter=emails.value EQ "bob@example.com"
/Users?filter=userName EQ "bob"
21. Apache SCIMple History
@briandemers / @mraible
2013: Started at
PennState
2018: Moved to
Apache Directory
2015: SCIM RFCs
2020:
Something
happened
2022:
Jakarta APIs