Open source SCIM 2.0 client and server library.
SCIMono provides drop-in support for serving a SCIM v2 API. Supported features:
- Fully SCIM v2 compliant
- Support for the following resources: Users, Groups, Schemas
- Resource paging (index-based as required by SCIM spec. & id-based for custom scenarios)
- Filtering (full support for SCIM filtering syntax spec.)
- Any auth method (OAuth, by default)
- Patch support (complex single-/multi-resource updated)
- ETags
- Java 8 or higher
- Apache Maven 3.0 or higher
- JAX-RS Reference Implementation (Jersey, Apache CXF)
- ANTLR 4.x (filter syntax grammar)
- SLF4J 1.7.x
Clone the repository to your local machine.
git clone https://github.com/SAP/scimono.git
cd scimono
mvn clean install
To use it, you need the following Maven dependency:
<dependency>
<groupId>com.sap.scimono</groupId>
<artifactId>scimono-server</artifactId>
<version>${project.version}</version>
</dependency>
Exposing an API endpoint is then as easy as:
import com.sap.scimono.SCIMApplication;
import javax.ws.rs.ApplicationPath;
@ApplicationPath("scim")
public class MySCIMApi extends SCIMApplication {}
Out of the box, you get a default configuration (exposed via the standard /ServiceProvider):
- 100 resources per page
- OAuth auth
The default implementation will return 501 Not Implemented for resource operations.
The library provides 5 standard callbacks that plug into the default resources:
- UsersCallback
- GroupsCallback
- SchemasCallback (for exposing custom schemas)
- ConfigurationCallback
- ResourceTypesCallback (for exposing custom resource types)
They are instantiated on a per-request basis (multi-tenancy support is straightforward to achieve) and are cached for the lifetime of the request. To use them, override the corresponding methods exposed by SCIMApplication:
import com.sap.scimono.SCIMApplication;
import com.sap.scimono.callback.config.SCIMConfigurationCallback;
import com.sap.scimono.callback.groups.GroupsCallback;
import com.sap.scimono.callback.schemas.SchemasCallback;
import com.sap.scimono.callback.users.UsersCallback;
import com.sap.scimono.callback.users.ResourceTypesCallback;
import javax.ws.rs.ApplicationPath;
@ApplicationPath("scim")
public class MySCIMApi extends SCIMApplication {
@Override
public UsersCallback getUsersCallback() {
return new MongoUserStorage(currentTenant);
}
@Override
public GroupsCallback getGroupsCallback() {
return new MongoGroupStorage(currentTenant);
}
@Override
public SchemasCallback getSchemasCallback() {
return new MongoSchemaStorage(currentTenant);
}
@Override
public SCIMConfigurationCallback getConfigurationCallback() {
return new MySCIMConfiguration();
}
@Override
public ResourceTypesCallback getResourceTypesCallback() {
return new new MongoResourceTypeStorage(currentTenant);
}
}
The library also provides an extension point for custom resources. Example snippet:
import com.sap.scimono.SCIMApplication;
import javax.ws.rs.ApplicationPath;
import java.util.Set;
@ApplicationPath("scim")
public class TestApplication extends SCIMApplication {
@Override
public Set<Class<?>> getAdditionalResourceProviders() {
return super.getAdditionalResourceProviders();
}
}
The current features are not currently supported but might be in the future:
- Passwords
- Sorting
- Bulk operations
A list of known issues is available on the GitHub issues page of this project.
For any question please open an issue in GitHub and make use of the labels in order to refer to the sample and to categorize the kind of the issue.
Our aim is to build a lively community, hence, we welcome any exchange and collaboration with individuals and organizations interested in the use, support and extension of the open-source SAP SCIMono Library.
Please follow this document for more information on the process.
- We are currently working on client-side support for the SAP SCIMono Library. This will allow easy SCIM 2.0 client implementations.
Copyright 2019-2021 SAP SE or an SAP affiliate company and scimono contributors. Please see our LICENSE for copyright and license information. Detailed information including third-party components and their licensing/copyright information is available via the REUSE tool.