IETF Logo Mail Archive

Re: [scim] Is it possible to use primitive types with SCIM addresses claim?

Kelly Grizzle <kelly.grizzle@sailpoint.com> Wed, 18 April 2018 13:47 UTC

Return-Path: <kelly.grizzle@sailpoint.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B04C612D86E for <scim@ietfa.amsl.com>; Wed, 18 Apr 2018 06:47:42 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=sailpoint.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B9g8UMQJVal3 for <scim@ietfa.amsl.com>; Wed, 18 Apr 2018 06:47:40 -0700 (PDT)
Received: from NAM01-BY2-obe.outbound.protection.outlook.com (mail-by2nam01on0092.outbound.protection.outlook.com [104.47.34.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3D42312D80E for <scim@ietf.org>; Wed, 18 Apr 2018 06:47:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sailpoint.onmicrosoft.com; s=selector1-sailpoint-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=8q/AFDa3FGOeKXYoMAyNe02otjy2pxe1Zt1GE1YK58c=; b=jU85nngwXrit8pcuNa1rpieehxAN7eTXbQQAP9k7r9ekH/EXOWdQL/wy4Mg4sWSbWBrjjX9lxgmih7hYu1gnjncuvwCItAtURKsPJL+ctycYJQaFstEA+3WSIa/GMH7e8Tc2TgYqftXSxauNVSxUolsnRZN4xTVgdswXaV9GtPM=
Received: from BN7PR04MB3889.namprd04.prod.outlook.com (20.176.17.13) by BN7PR04MB3873.namprd04.prod.outlook.com (20.176.16.159) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.675.14; Wed, 18 Apr 2018 13:47:38 +0000
Received: from BN7PR04MB3889.namprd04.prod.outlook.com ([fe80::c427:64d3:746c:ba32]) by BN7PR04MB3889.namprd04.prod.outlook.com ([fe80::c427:64d3:746c:ba32%13]) with mapi id 15.20.0675.015; Wed, 18 Apr 2018 13:47:38 +0000
From: Kelly Grizzle <kelly.grizzle@sailpoint.com>
To: Sathya Bandara <sathya@wso2.com>, "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] Is it possible to use primitive types with SCIM addresses claim?
Thread-Index: AQHT1xZrjuG7NaULDkqo/Kb9yw6AqaQGiOAA
Date: Wed, 18 Apr 2018 13:47:38 +0000
Message-ID: <BN7PR04MB38899330C8CE63EDF2EA5DF5E2B60@BN7PR04MB3889.namprd04.prod.outlook.com>
References: <CAAdTB9Ey5xGfb=xcn19=NTdtJg_Td_z3qXjUfg=F28F93BY7BQ@mail.gmail.com>
In-Reply-To: <CAAdTB9Ey5xGfb=xcn19=NTdtJg_Td_z3qXjUfg=F28F93BY7BQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: wso2.com; dkim=none (message not signed) header.d=none;wso2.com; dmarc=none action=none header.from=sailpoint.com;
x-originating-ip: [70.114.154.180]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; BN7PR04MB3873; 7:BrnM6sDusgXEsOstzJrGGeHjSdAvR8I4i+aqHpCw5YmyNIy8zEG459/htza+YVNZXot4DiAdr6gOsTagRvpSE3gB0Gluye5p3m7GVe1+Ic4MXqml4kXGtmXNAO95F7fwSQRSlhEPzrR1AnbosGOfp1+imuQk6Z1X5JKZSle7s5dABlw9eFz8KropQZm22z/44f/KOsXT5AOIuAZmeYfUZs3C5Lxi3rfnmpZ1I7EGFla3HtnFsefW/UtBHPZnND6U
x-ms-exchange-antispam-srfa-diagnostics: SOS;
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(5600026)(4534165)(4627221)(201703031133081)(201702281549075)(2017052603328)(7153060)(7193020); SRVR:BN7PR04MB3873;
x-ms-traffictypediagnostic: BN7PR04MB3873:
x-microsoft-antispam-prvs: <BN7PR04MB387380AFDE6BDDD5294039BCE2B60@BN7PR04MB3873.namprd04.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(139090996175007)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(8211001083)(6040522)(2401047)(8121501046)(5005006)(3231232)(944501368)(52105095)(10201501046)(3002001)(93006095)(93001095)(6041310)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(20161123558120)(6072148)(201708071742011); SRVR:BN7PR04MB3873; BCL:0; PCL:0; RULEID:; SRVR:BN7PR04MB3873;
x-forefront-prvs: 06469BCC91
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(376002)(366004)(39850400004)(39380400002)(346002)(14454004)(25786009)(6506007)(8936002)(7696005)(76176011)(5660300001)(8676002)(81166006)(7736002)(53936002)(53546011)(186003)(6246003)(66066001)(53386004)(33656002)(26005)(236005)(9686003)(110136005)(478600001)(86362001)(99286004)(966005)(6306002)(2906002)(54896002)(19609705001)(6116002)(102836004)(55016002)(6436002)(446003)(606006)(790700001)(2501003)(5250100002)(476003)(44832011)(733005)(11346002); DIR:OUT; SFP:1102; SCL:1; SRVR:BN7PR04MB3873; H:BN7PR04MB3889.namprd04.prod.outlook.com; FPR:; SPF:None; LANG:en; MLV:sfv;
x-microsoft-antispam-message-info: 1hLftkxvFD7riXT3yg0nKPsLPrFkYyCsiXnz5PJTZ6yZbtW8lSurtMxyNlcJLQvR1WyoztM3t4h/L9yAhILGjJxus1V03EJs4/TOaW0Wutoy4MXOtmBtDPzI3hh3qdXPVSJDKxNdcwFqy8Rbg3RCiVz9IGhsECoPQRU+Axqd/J3Gn2YG3mlFsxHQ9jMlmSR0
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_BN7PR04MB38899330C8CE63EDF2EA5DF5E2B60BN7PR04MB3889namp_"
MIME-Version: 1.0
X-MS-Office365-Filtering-Correlation-Id: c8a53df2-bd83-48f5-30c9-08d5a532f2f1
X-OriginatorOrg: sailpoint.com
X-MS-Exchange-CrossTenant-Network-Message-Id: c8a53df2-bd83-48f5-30c9-08d5a532f2f1
X-MS-Exchange-CrossTenant-originalarrivaltime: 18 Apr 2018 13:47:38.4696 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 9c848b2a-49ba-4c39-9749-118d06717a84
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR04MB3873
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/03A7q_Ounf_qDvDZkYUbYHad5Xc>
Subject: Re: [scim] Is it possible to use primitive types with SCIM addresses claim?
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Apr 2018 13:47:43 -0000

This is likely to break other clients/servers that expect a multi-valued complex object.  I would suggest using a schema extension that has a list of primitives.  Another option would be to use the standard addresses field, but only include the “formatted” sub-attribute.


From: scim <scim-bounces@ietf.org> On Behalf Of Sathya Bandara
Sent: Wednesday, April 18, 2018 8:09 AM
To: scim@ietf.org
Subject: [scim] Is it possible to use primitive types with SCIM addresses claim?

Hi,
As per the SCIM core schema specification [1], addresses claim definition is as follows.

addresses

      A physical mailing address for this user.  Canonical type values

      of "work", "home", and "other".  This attribute is a complex type

      with the following sub-attributes.  All sub-attributes are

      OPTIONAL.
In a scenario where all the sub-attributes can be empty as per above definition, can we use primitive attribute types (string values) as the claim-values for this claim. E.g. -  addresses: ["address1", "address2"]
Would be grateful if you could clarify whether this is possible.

[1] https://tools.ietf.org/html/rfc7643#section-4.1.2
Best regards,
Sathya

--
Sathya Bandara
Software Engineer
WSO2 Inc. http://wso2.com
Mobile: (+94) 715 360 421<tel:+94%2071%20411%205032>
[http://c.content.wso2.com/signatures/wso2-signature-general.png]

v2.23.0 | Report a Bug | By Email