Documentation
¶
Overview ¶
Package scim defines the SCIM reference definition for integrations
Index ¶
- Constants
- Variables
- func BuildDirectoryAccountPayloadSet(attributes scim.ResourceAttributes, action string) (integrationtypes.IngestPayloadSet, error)
- func BuildDirectoryGroupPayloadSets(attributes scim.ResourceAttributes, action string) ([]integrationtypes.IngestPayloadSet, error)
- func BuildDirectoryPayloadSet(schema string, payload any, resource string, action string) (integrationtypes.IngestPayloadSet, error)
- func Builder() registry.Builder
- func CloneSCIMAttributes(attributes scim.ResourceAttributes) scim.ResourceAttributes
- func CloneSCIMValue(value any) any
- func DirectoryAccountExternalID(attributes scim.ResourceAttributes) string
- func DirectoryGroupExternalID(attributes scim.ResourceAttributes) string
- func EnsureSCIMMap(target map[string]any, key string) map[string]any
- func ExtractMemberIDsFromValue(value any) []string
- func MergeSCIMMap(target map[string]any, patch map[string]any)
- type DirectorySync
- type HealthCheck
- type UserInput
Constants ¶
const DeleteAction = "delete"
DeleteAction is the action string used to indicate a SCIM delete operation
Variables ¶
var ( // ErrResultEncode is returned when a SCIM result cannot be encoded ErrResultEncode = errors.New("scim: result encode failed") // ErrInvalidAttributes is returned when resource attributes are invalid ErrInvalidAttributes = errors.New("invalid resource attributes") // ErrDirectoryAccountNotFound is returned when a directory account cannot be found ErrDirectoryAccountNotFound = errors.New("directory account not found") // ErrDirectoryGroupNotFound is returned when a directory group cannot be found ErrDirectoryGroupNotFound = errors.New("directory group not found") )
var ( // DefinitionID is the stable reference for the SCIM integration definition DefinitionID = types.NewDefinitionRef("def_01K0SCIM000000000000000001") // SCIMAuthWebhook is the stable identity handle for the SCIM authentication webhook SCIMAuthWebhook = types.NewWebhookRef("scim.auth") )
Functions ¶
func BuildDirectoryAccountPayloadSet ¶
func BuildDirectoryAccountPayloadSet(attributes scim.ResourceAttributes, action string) (integrationtypes.IngestPayloadSet, error)
BuildDirectoryAccountPayloadSet constructs an ingest payload set for a directory account
func BuildDirectoryGroupPayloadSets ¶
func BuildDirectoryGroupPayloadSets(attributes scim.ResourceAttributes, action string) ([]integrationtypes.IngestPayloadSet, error)
BuildDirectoryGroupPayloadSets constructs ingest payload sets for a directory group and its memberships
func BuildDirectoryPayloadSet ¶
func BuildDirectoryPayloadSet(schema string, payload any, resource string, action string) (integrationtypes.IngestPayloadSet, error)
BuildDirectoryPayloadSet constructs an ingest payload set from a schema name, payload, resource ID, and action
func Builder ¶
Builder returns a registry builder that constructs the SCIM directory sync definition
func CloneSCIMAttributes ¶
func CloneSCIMAttributes(attributes scim.ResourceAttributes) scim.ResourceAttributes
CloneSCIMAttributes performs a deep copy of SCIM resource attributes
func CloneSCIMValue ¶
CloneSCIMValue performs a deep copy of a SCIM attribute value
func DirectoryAccountExternalID ¶
func DirectoryAccountExternalID(attributes scim.ResourceAttributes) string
DirectoryAccountExternalID resolves the external ID for a directory account by checking externalId, userName, and emails in fallback order
func DirectoryGroupExternalID ¶
func DirectoryGroupExternalID(attributes scim.ResourceAttributes) string
DirectoryGroupExternalID resolves the external ID for a directory group by checking externalId and displayName in fallback order
func EnsureSCIMMap ¶
EnsureSCIMMap returns the nested map at key, creating it if absent
func ExtractMemberIDsFromValue ¶
ExtractMemberIDsFromValue extracts and deduplicates member IDs from a SCIM members value
Types ¶
type DirectorySync ¶
type DirectorySync struct{}
DirectorySync is the SCIM directory sync operation configuration
func (DirectorySync) Run ¶
func (DirectorySync) Run() (json.RawMessage, error)
Run returns the SCIM push-based sync acknowledgement
type HealthCheck ¶
type HealthCheck struct {
// Message describes why the health check does not perform an outbound probe
Message string `json:"message"`
}
HealthCheck is a no-op success result for push-based SCIM installations
func (HealthCheck) Run ¶
func (HealthCheck) Run() (json.RawMessage, error)
Run returns the SCIM health check acknowledgement
type UserInput ¶
type UserInput struct {
// Name is the human-readable label for this SCIM directory (e.g. "Okta Production")
Name string `json:"name,omitempty" jsonschema:"required,title=Directory Name,description=Human-readable label for this SCIM directory."`
// FilterExpr limits imported records to envelopes matching the CEL expression
FilterExpr string `` /* 173-byte string literal not displayed */
// PrimaryDirectory marks this installation as the authoritative directory source for identity holder enrichment and lifecycle derivation
PrimaryDirectory bool `json:"primaryDirectory,omitempty" jsonschema:"title=Primary Directory"`
}
UserInput captures optional user-provided configuration for the SCIM integration
Source Files