Documentation
¶
Overview ¶
Package scim implements a minimal SCIM 2.0 (RFC 7643 / 7644) server for v1.12 phase 4. Operators point Okta / Azure AD / OneLogin / Google Workspace's SCIM provisioning connector at /scim/v2/ and users + groups synchronize bidirectionally with the daemon's directory.
Surface (bearer-auth gated):
GET /scim/v2/ServiceProviderConfig
GET /scim/v2/ResourceTypes
GET /scim/v2/Schemas
GET /scim/v2/Users filter + paginate
POST /scim/v2/Users
GET /scim/v2/Users/{id}
PUT /scim/v2/Users/{id} full replace
PATCH /scim/v2/Users/{id} add/remove/replace ops
DELETE /scim/v2/Users/{id}
GET /scim/v2/Groups filter + paginate (maps to RBAC roles)
POST /scim/v2/Groups
GET /scim/v2/Groups/{id}
PUT /scim/v2/Groups/{id}
PATCH /scim/v2/Groups/{id}
DELETE /scim/v2/Groups/{id}
SCIM Groups map to RBAC roles 1:1 — adding a user to a Group assigns the role; removing revokes it. The role's permission grid stays operator-curated through the phase 1 matrix UI.
Index ¶
Constants ¶
const ( SchemaUser = "urn:ietf:params:scim:schemas:core:2.0:User" SchemaGroup = "urn:ietf:params:scim:schemas:core:2.0:Group" SchemaListResponse = "urn:ietf:params:scim:api:messages:2.0:ListResponse" SchemaPatchOp = "urn:ietf:params:scim:api:messages:2.0:PatchOp" SchemaError = "urn:ietf:params:scim:api:messages:2.0:Error" SchemaServiceConfig = "urn:ietf:params:scim:schemas:core:2.0:ServiceProviderConfig" )
SCIM core schemas exposed via /scim/v2/Schemas.
const ContentType = "application/scim+json"
ContentType is the canonical SCIM media type. RFC 7644 §3.1.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
Server bundles the persistence dependencies + the bearer token the IdP authenticates with. Construct via New; Mount under chi's root.
Source Files