Class: Scim
The System for Cross-domain Identity Management (SCIM) Configuration object
provides a structured set of attributes related to SCIM protocols used for
identity provisioning and management across cloud-based platforms. It
standardizes user and group provisioning details, enabling identity
synchronization and lifecycle management with compatible Identity Providers
(IdPs) and applications. SCIM is defined in <a target='_blank'
href='https://datatracker.ietf.org/doc/html/rfc7643'>RFC-7634
URI: ocsf:Scim
classDiagram
class Scim
click Scim href "../Scim/"
Object <|-- Scim
click Object href "../Object/"
Scim : auth_protocol
Scim : auth_protocol_id
Scim --> "0..1" AuthProtocolIdEnum : auth_protocol_id
click AuthProtocolIdEnum href "../AuthProtocolIdEnum/"
Scim : created_time
Scim : error_message
Scim : is_group_provisioning_enabled
Scim : is_user_provisioning_enabled
Scim : last_run_time
Scim : modified_time
Scim : name
Scim : protocol_name
Scim : rate_limit
Scim : scim_group_schema
Scim : scim_user_schema
Scim : state
Scim : state_id
Scim --> "0..1" ScimStateIdEnum : state_id
click ScimStateIdEnum href "../ScimStateIdEnum/"
Scim : uid
Scim : uid_alt
Scim : url_string
Scim : vendor_name
Scim : version
Inheritance
- OcsfObject
- Object
- Scim
- Object
Slots
| Name | Cardinality and Range | Description | Inheritance |
|---|---|---|---|
| auth_protocol | 0..1 String |
The authorization protocol as defined by the caption of | direct |
| auth_protocol_id | 0..1 AuthProtocolIdEnum |
The normalized identifier of the authorization protocol used by the SCIM | direct |
| created_time | 0..1 TimestampT |
When the SCIM resource was added to the service provider | direct |
| error_message | 0..1 String |
Message or code associated with the last encountered error | direct |
| is_group_provisioning_enabled | 0..1 Boolean |
Indicates whether the SCIM resource is configured to provision groups, | direct |
| is_user_provisioning_enabled | 0..1 Boolean |
Indicates whether the SCIM resource is configured to provision users, | direct |
| last_run_time | 0..1 TimestampT |
Timestamp of the most recent successful synchronization | direct |
| modified_time | 0..1 TimestampT |
The most recent time when the SCIM resource was updated at the service | direct |
| name | 0..1 recommended String |
The name of the SCIM resource | direct |
| protocol_name | 0..1 String |
The supported protocol for the SCIM resource | direct |
| rate_limit | 0..1 Integer |
Maximum number of requests allowed by the SCIM resource within a specified ti... | direct |
| scim_group_schema | 0..1 recommended String |
SCIM provides a schema for representing groups, identified using the followin... | direct |
| scim_user_schema | 0..1 recommended String |
SCIM provides a resource type for user resources | direct |
| state | 0..1 String |
The provisioning state of the SCIM resource, normalized to the caption of the | direct |
| state_id | 0..1 ScimStateIdEnum |
The normalized state ID of the SCIM resource to reflect its activation status | direct |
| uid | 0..1 recommended String |
A unique identifier for a SCIM resource as defined by the service provider | direct |
| uid_alt | 0..1 String |
A String that is an identifier for the resource as defined by the provisionin... | direct |
| url_string | 0..1 UrlT |
The primary URL for SCIM API requests | direct |
| vendor_name | 0..1 String |
Name of the vendor or service provider implementing SCIM | direct |
| version | 0..1 recommended String |
SCIM protocol version supported e | direct |
Usages
| used by | used in | type | used |
|---|---|---|---|
| Idp | scim | range | Scim |
In Subsets
Aliases
- SCIM
Identifier and Mapping Information
Schema Source
- from schema: https://w3id.org/lmodel/ocsf
Mappings
| Mapping Type | Mapped Value |
|---|---|
| self | ocsf:Scim |
| native | ocsf:Scim |
LinkML Source
Direct
name: Scim
description: 'The System for Cross-domain Identity Management (SCIM) Configuration
object
provides a structured set of attributes related to SCIM protocols used for
identity provisioning and management across cloud-based platforms. It
standardizes user and group provisioning details, enabling identity
synchronization and lifecycle management with compatible Identity Providers
(IdPs) and applications. SCIM is defined in <a target=''_blank''
href=''https://datatracker.ietf.org/doc/html/rfc7643''>RFC-7634</a>'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- SCIM
is_a: Object
slots:
- auth_protocol
- auth_protocol_id
- created_time
- error_message
- is_group_provisioning_enabled
- is_user_provisioning_enabled
- last_run_time
- modified_time
- name
- protocol_name
- rate_limit
- scim_group_schema
- scim_user_schema
- state
- state_id
- uid
- uid_alt
- url_string
- vendor_name
- version
slot_usage:
auth_protocol:
name: auth_protocol
description: 'The authorization protocol as defined by the caption of
<code>auth_protocol_id</code>. In the case of <code>Other</code>, it is defined
by the event source.'
auth_protocol_id:
name: auth_protocol_id
description: 'The normalized identifier of the authorization protocol used by
the SCIM
resource.'
created_time:
name: created_time
description: When the SCIM resource was added to the service provider.
error_message:
name: error_message
description: Message or code associated with the last encountered error.
is_group_provisioning_enabled:
name: is_group_provisioning_enabled
description: 'Indicates whether the SCIM resource is configured to provision groups,
automatically or otherwise.'
is_user_provisioning_enabled:
name: is_user_provisioning_enabled
description: 'Indicates whether the SCIM resource is configured to provision users,
automatically or otherwise.'
last_run_time:
name: last_run_time
description: Timestamp of the most recent successful synchronization.
modified_time:
name: modified_time
description: 'The most recent time when the SCIM resource was updated at the service
provider.'
name:
name: name
description: The name of the SCIM resource.
recommended: true
protocol_name:
name: protocol_name
description: 'The supported protocol for the SCIM resource. E.g., <code>SAML</code>,
<code>OIDC</code>, or <code>OAuth2</code>.'
rate_limit:
name: rate_limit
description: 'Maximum number of requests allowed by the SCIM resource within a
specified time
frame to avoid throttling.'
scim_group_schema:
name: scim_group_schema
recommended: true
scim_user_schema:
name: scim_user_schema
recommended: true
state:
name: state
description: 'The provisioning state of the SCIM resource, normalized to the caption
of the
<code>state_id</code> value. In the case of <code>Other</code>, it is defined
by the event source.'
state_id:
name: state_id
description: The normalized state ID of the SCIM resource to reflect its activation
status.
range: ScimStateIdEnum
uid:
name: uid
description: A unique identifier for a SCIM resource as defined by the service
provider.
recommended: true
uid_alt:
name: uid_alt
description: 'A String that is an identifier for the resource as defined by the
provisioning
client. The <code>externalId</code> may simplify identification of a resource
between the provisioning client and the service provider by allowing the client
to use a filter to locate the resource with an identifier from the provisioning
domain, obviating the need to store a local mapping between the provisioning
domain''s identifier of the resource and the identifier used by the service
provider.'
url_string:
name: url_string
description: The primary URL for SCIM API requests.
vendor_name:
name: vendor_name
description: 'Name of the vendor or service provider implementing SCIM. E.g.,
<code>Okta</code>, <code>Auth0</code>, <code>Microsoft</code>.'
version:
name: version
description: SCIM protocol version supported e.g., <code>SCIM 2.0</code>.
recommended: true
Induced
name: Scim
description: 'The System for Cross-domain Identity Management (SCIM) Configuration
object
provides a structured set of attributes related to SCIM protocols used for
identity provisioning and management across cloud-based platforms. It
standardizes user and group provisioning details, enabling identity
synchronization and lifecycle management with compatible Identity Providers
(IdPs) and applications. SCIM is defined in <a target=''_blank''
href=''https://datatracker.ietf.org/doc/html/rfc7643''>RFC-7634</a>'
in_subset:
- objects_subset
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- SCIM
is_a: Object
slot_usage:
auth_protocol:
name: auth_protocol
description: 'The authorization protocol as defined by the caption of
<code>auth_protocol_id</code>. In the case of <code>Other</code>, it is defined
by the event source.'
auth_protocol_id:
name: auth_protocol_id
description: 'The normalized identifier of the authorization protocol used by
the SCIM
resource.'
created_time:
name: created_time
description: When the SCIM resource was added to the service provider.
error_message:
name: error_message
description: Message or code associated with the last encountered error.
is_group_provisioning_enabled:
name: is_group_provisioning_enabled
description: 'Indicates whether the SCIM resource is configured to provision groups,
automatically or otherwise.'
is_user_provisioning_enabled:
name: is_user_provisioning_enabled
description: 'Indicates whether the SCIM resource is configured to provision users,
automatically or otherwise.'
last_run_time:
name: last_run_time
description: Timestamp of the most recent successful synchronization.
modified_time:
name: modified_time
description: 'The most recent time when the SCIM resource was updated at the service
provider.'
name:
name: name
description: The name of the SCIM resource.
recommended: true
protocol_name:
name: protocol_name
description: 'The supported protocol for the SCIM resource. E.g., <code>SAML</code>,
<code>OIDC</code>, or <code>OAuth2</code>.'
rate_limit:
name: rate_limit
description: 'Maximum number of requests allowed by the SCIM resource within a
specified time
frame to avoid throttling.'
scim_group_schema:
name: scim_group_schema
recommended: true
scim_user_schema:
name: scim_user_schema
recommended: true
state:
name: state
description: 'The provisioning state of the SCIM resource, normalized to the caption
of the
<code>state_id</code> value. In the case of <code>Other</code>, it is defined
by the event source.'
state_id:
name: state_id
description: The normalized state ID of the SCIM resource to reflect its activation
status.
range: ScimStateIdEnum
uid:
name: uid
description: A unique identifier for a SCIM resource as defined by the service
provider.
recommended: true
uid_alt:
name: uid_alt
description: 'A String that is an identifier for the resource as defined by the
provisioning
client. The <code>externalId</code> may simplify identification of a resource
between the provisioning client and the service provider by allowing the client
to use a filter to locate the resource with an identifier from the provisioning
domain, obviating the need to store a local mapping between the provisioning
domain''s identifier of the resource and the identifier used by the service
provider.'
url_string:
name: url_string
description: The primary URL for SCIM API requests.
vendor_name:
name: vendor_name
description: 'Name of the vendor or service provider implementing SCIM. E.g.,
<code>Okta</code>, <code>Auth0</code>, <code>Microsoft</code>.'
version:
name: version
description: SCIM protocol version supported e.g., <code>SCIM 2.0</code>.
recommended: true
attributes:
auth_protocol:
name: auth_protocol
description: 'The authorization protocol as defined by the caption of
<code>auth_protocol_id</code>. In the case of <code>Other</code>, it is defined
by the event source.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Auth Protocol
rank: 1000
alias: auth_protocol
owner: Scim
domain_of:
- Scim
- Sso
- Authentication
- DroneFlightsActivity
range: string
auth_protocol_id:
name: auth_protocol_id
annotations:
sibling:
tag: sibling
value: auth_protocol
description: 'The normalized identifier of the authorization protocol used by
the SCIM
resource.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Auth Protocol ID
rank: 1000
alias: auth_protocol_id
owner: Scim
domain_of:
- Scim
- Sso
- Authentication
- DroneFlightsActivity
range: AuthProtocolIdEnum
created_time:
name: created_time
description: When the SCIM resource was added to the service provider.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Created Time
rank: 1000
alias: created_time
owner: Scim
domain_of:
- Osint
- RelatedEvent
- Sbom
- Scim
- Session
- Sso
- Token
- Whois
- Resource
- Advisory
- AuthenticationToken
- Certificate
- Cve
- Database
- Databucket
- DigitalSignature
- Enrichment
- Epss
- File
- FindingObject
- FindingInfo
- Job
- KbArticle
- LdapPerson
- ProcessEntity
- Table
- Device
range: TimestampT
error_message:
name: error_message
description: Message or code associated with the last encountered error.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Error Message
rank: 1000
alias: error_message
owner: Scim
domain_of:
- Response
- Scim
- LoadBalancer
range: string
is_group_provisioning_enabled:
name: is_group_provisioning_enabled
description: 'Indicates whether the SCIM resource is configured to provision groups,
automatically or otherwise.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Group Provisioning Enabled
rank: 1000
alias: is_group_provisioning_enabled
owner: Scim
domain_of:
- Scim
range: boolean
is_user_provisioning_enabled:
name: is_user_provisioning_enabled
description: 'Indicates whether the SCIM resource is configured to provision users,
automatically or otherwise.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- User Provisioning Enabled
rank: 1000
alias: is_user_provisioning_enabled
owner: Scim
domain_of:
- Scim
range: boolean
last_run_time:
name: last_run_time
description: Timestamp of the most recent successful synchronization.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Last Run
rank: 1000
alias: last_run_time
owner: Scim
domain_of:
- Scim
- Job
- PrefetchQuery
range: TimestampT
modified_time:
name: modified_time
description: 'The most recent time when the SCIM resource was updated at the service
provider.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Modified Time
rank: 1000
alias: modified_time
owner: Scim
domain_of:
- Osint
- RelatedEvent
- Scim
- Sso
- Token
- Resource
- Advisory
- Cve
- Database
- Databucket
- File
- FindingObject
- FindingInfo
- LdapPerson
- Metadata
- Table
- Device
- RegKey
- RegValue
range: TimestampT
name:
name: name
description: The name of the SCIM resource.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Name
rank: 1000
alias: name
owner: Scim
domain_of:
- AnalysisTarget
- Observable
- Os
- Osint
- Package
- Parameter
- PrivilegeInfo
- San
- Scim
- Script
- ServicePrivilegeAnalysis
- SoftwareComponent
- Sso
- StartupItem
- ThreatActor
- Token
- Entity
- Resource
- Account
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- AutonomousSystem
- Campaign
- Check
- CisBenchmark
- CisBenchmarkResult
- CisControl
- ClassifierDetails
- Container
- D3fTactic
- D3fTechnique
- Database
- Databucket
- DomainContact
- Edge
- Endpoint
- Enrichment
- EnvironmentVariable
- Evidences
- Extension
- Feature
- File
- Graph
- Group
- HttpCookie
- HttpHeader
- Idp
- Image
- Job
- Kernel
- KeyValueObject
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metric
- Mitigation
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- ResourceDetails
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- FtpActivity
- RegValue
- WinResource
- WinService
- PrefetchQuery
range: string
recommended: true
protocol_name:
name: protocol_name
description: 'The supported protocol for the SCIM resource. E.g., <code>SAML</code>,
<code>OIDC</code>, or <code>OAuth2</code>.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Protocol Name
rank: 1000
alias: protocol_name
owner: Scim
domain_of:
- PortInfo
- Scim
- Sso
- Idp
- NetworkConnectionInfo
- EmailActivity
- TunnelActivity
- AirborneBroadcastActivity
- DroneFlightsActivity
range: string
rate_limit:
name: rate_limit
description: 'Maximum number of requests allowed by the SCIM resource within a
specified time
frame to avoid throttling.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Rate Limit
rank: 1000
alias: rate_limit
owner: Scim
domain_of:
- Scim
- FirewallRule
range: integer
scim_group_schema:
name: scim_group_schema
description: 'SCIM provides a schema for representing groups, identified using
the following
schema URI: <code>urn:ietf:params:scim:schemas:core:2.0:Group</code> as defined
in <a target=''_blank''
href=''https://datatracker.ietf.org/doc/html/rfc7643''>RFC-7634</a>. This
attribute will capture key-value pairs for the scheme implemented in a SCIM
resource.'
notes:
- 'System for Cross-domain Identity Management (SCIM) RFC spec. —
https://datatracker.ietf.org/doc/html/rfc7643'
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://datatracker.ietf.org/doc/html/rfc7643
aliases:
- SCIM Group Schema
rank: 1000
alias: scim_group_schema
owner: Scim
domain_of:
- Scim
range: string
recommended: true
scim_user_schema:
name: scim_user_schema
description: 'SCIM provides a resource type for user resources. The core schema
for user is
identified using the following schema URI:
<code>urn:ietf:params:scim:schemas:core:2.0:User</code> as defined in <a
target=''_blank''
href=''https://datatracker.ietf.org/doc/html/rfc7643''>RFC-7634</a>. his
attribute will capture key-value pairs for the scheme implemented in a SCIM
resource. This object is inclusive of both the basic and Enterprise User Schema
Extension.'
notes:
- 'System for Cross-domain Identity Management (SCIM) RFC spec. —
https://datatracker.ietf.org/doc/html/rfc7643'
from_schema: https://w3id.org/lmodel/ocsf
see_also:
- https://datatracker.ietf.org/doc/html/rfc7643
aliases:
- SCIM User Schema
rank: 1000
alias: scim_user_schema
owner: Scim
domain_of:
- Scim
range: string
recommended: true
state:
name: state
description: 'The provisioning state of the SCIM resource, normalized to the caption
of the
<code>state_id</code> value. In the case of <code>Other</code>, it is defined
by the event source.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- State
rank: 1000
alias: state
owner: Scim
domain_of:
- QueryEvidence
- Scim
- SecurityState
- Analytic
- DigitalSignature
- Idp
- DeviceConfigStateChange
- NetworkConnectionQuery
- SecurityFinding
range: string
state_id:
name: state_id
annotations:
sibling:
tag: sibling
value: state
description: The normalized state ID of the SCIM resource to reflect its activation
status.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- State ID
rank: 1000
alias: state_id
owner: Scim
domain_of:
- Scim
- SecurityState
- Analytic
- DigitalSignature
- Idp
- DeviceConfigStateChange
- NetworkConnectionQuery
- SecurityFinding
range: ScimStateIdEnum
uid:
name: uid
description: A unique identifier for a SCIM resource as defined by the service
provider.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Unique ID
rank: 1000
alias: uid
owner: Scim
domain_of:
- Osint
- Package
- ProgrammaticCredential
- RelatedEvent
- Request
- Sbom
- Scim
- Script
- Session
- Span
- Sso
- Ticket
- Token
- Trace
- Entity
- Resource
- Account
- Advisory
- Agent
- AiModel
- Aircraft
- Analytic
- ApplicationObject
- Assessment
- Certificate
- Check
- ClassifierDetails
- Container
- Cve
- Cwe
- D3fTactic
- D3fTechnique
- DataClassification
- Database
- Databucket
- DomainContact
- Edge
- Email
- Endpoint
- Evidences
- Extension
- Feature
- File
- FindingObject
- FindingInfo
- Graph
- Group
- HttpRequest
- Idp
- Image
- KbArticle
- LoadBalancer
- Logger
- Malware
- ManagedEntity
- MessageContext
- Metadata
- Mitigation
- NetworkConnectionInfo
- NetworkEndpoint
- NetworkInterface
- Node
- Organization
- PeripheralDevice
- Policy
- ProcessEntity
- Product
- QueryInfo
- Reporter
- Rule
- Scan
- Service
- SubTechnique
- Table
- Tactic
- Technique
- Trait
- TransformationInfo
- UnmannedAerialSystem
- User
- WebResource
- Device
- WinResource
range: string
recommended: true
uid_alt:
name: uid_alt
description: 'A String that is an identifier for the resource as defined by the
provisioning
client. The <code>externalId</code> may simplify identification of a resource
between the provisioning client and the service provider by allowing the client
to use a filter to locate the resource with an identifier from the provisioning
domain, obviating the need to store a local mapping between the provisioning
domain''s identifier of the resource and the identifier used by the service
provider.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Alternate ID
rank: 1000
alias: uid_alt
owner: Scim
domain_of:
- Scim
- Session
- Resource
- Agent
- Aircraft
- ApplicationObject
- FindingInfo
- Group
- UnmannedAerialSystem
- User
- Device
range: string
url_string:
name: url_string
description: The primary URL for SCIM API requests.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- URL String
rank: 1000
alias: url_string
owner: Scim
domain_of:
- Scim
- Url
- Idp
- Product
- TransformationInfo
- WebResource
range: UrlT
vendor_name:
name: vendor_name
description: 'Name of the vendor or service provider implementing SCIM. E.g.,
<code>Okta</code>, <code>Auth0</code>, <code>Microsoft</code>.'
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Vendor Name
rank: 1000
alias: vendor_name
owner: Scim
domain_of:
- Osint
- Package
- Scim
- Sso
- Vulnerability
- Agent
- Cvss
- DeviceHwInfo
- GpuInfo
- PeripheralDevice
- Product
- Device
range: string
version:
name: version
description: SCIM protocol version supported e.g., <code>SCIM 2.0</code>.
from_schema: https://w3id.org/lmodel/ocsf
aliases:
- Version
rank: 1000
alias: version
owner: Scim
domain_of:
- Os
- Package
- RpcInterface
- Sbom
- Scim
- SoftwareComponent
- Tls
- Agent
- AiModel
- Analytic
- Api
- ApplicationObject
- Attack
- Certificate
- Check
- CisControl
- CisCsc
- Cvss
- D3fend
- Databucket
- Epss
- Extension
- Feature
- File
- HttpRequest
- Logger
- ManagedEntity
- Metadata
- Policy
- Product
- ResourceDetails
- Rule
- Service
- NtpActivity
range: string
recommended: true