[scim] User extension for not valid before / after ?
Yoann Gini <y@bravas.io> Wed, 07 September 2022 13:56 UTC
Return-Path: <y@bravas.io>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 87C81C15271E for <scim@ietfa.amsl.com>; Wed, 7 Sep 2022 06:56:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.905
X-Spam-Level:
X-Spam-Status: No, score=-1.905 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=bravas-io.20210112.gappssmtp.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ezapd0DpIRIA for <scim@ietfa.amsl.com>; Wed, 7 Sep 2022 06:56:51 -0700 (PDT)
Received: from mail-yb1-xb29.google.com (mail-yb1-xb29.google.com [IPv6:2607:f8b0:4864:20::b29]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A51C7C152584 for <scim@ietf.org>; Wed, 7 Sep 2022 06:56:51 -0700 (PDT)
Received: by mail-yb1-xb29.google.com with SMTP id c9so21712917ybf.5 for <scim@ietf.org>; Wed, 07 Sep 2022 06:56:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bravas-io.20210112.gappssmtp.com; s=20210112; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date; bh=BYhthmQJdOGtucMYqnY4P7Yx4YlXJJ5aHZ0VmQVjB+4=; b=Yh0NNqm3aoIxUURpSYsY6kKp/X9n0RvVRqKkR2Xz7+g4v2adwFYbLCiILsaBZmT2bq Lp9EyZruX3bXkTDqM1znptLkZQHGvSDfG0AI6liZNZ6+jscwWxwRy5Ue+53tMUEaKBIX XJrXFvfFkbzzWk43PyKA2TFR8gU9wfQIa3ie3PLP9rObFJEA9ljrFDpQzj6d/TATVffS mL1w811B0d1aOjkXkJZyTeaIQ1xt7fRu1tZYEQJpiwos3g9NJES9S3iCf9jc1nQmf1DX UZm4i+vli82kfKNvrFCG51190qa7gNm3Kn3HIJtumqcVe7K78h78IXy0u4R4srbUJmXW 3S7w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date; bh=BYhthmQJdOGtucMYqnY4P7Yx4YlXJJ5aHZ0VmQVjB+4=; b=pOG6XiV0BLFrkIwFwdYEtFPC7EQJxR/qpsfYvWlrQ/rwz6OiMrIIrFNYKRzIdaXPGD J6aCWhtYwN2VoiIr/BgouJqVeFK6wURjmUjrlscZtH9Aw1Iy/Amw1V/WvImfpdGvo1x8 EARKF5Hpb+xGfkN8yh58aOpDlOSRkgSROjIfQ58opAZJkgWnpyAoLVwwa4Ij/Trb84Qq PJFE4xdu/lg1d3EwfN7J38cWSGySUkU4p3iqDNvnjkzW3cg88PinqcmBI1RCX4SKmruH lHr674c7GkTYnd044DaT1+6isvy4k97ZBAAXnhEYIIJ4xnzX70ncsmBY07GWOHfI8gyi 3gNQ==
X-Gm-Message-State: ACgBeo1VqLOqSB3NKy6hQ9xQGqyHJ+Y9nipBvvA4YN2lWaMgSxncNcIH s5F6uNs3J51H/mFW5b+zwKvz2zGjfXvjAHsoOuzBAccEdP1DPaVj
X-Google-Smtp-Source: AA6agR4o+SiFuURUSAqSfW9wMHkA3V7Aso1S9HM3NVx0vP9MJhDpg1pniLKhcrmegPIten41v18T5EjYdctpxCs9VvA=
X-Received: by 2002:a25:bcc:0:b0:6a8:d72a:ce67 with SMTP id 195-20020a250bcc000000b006a8d72ace67mr2949528ybl.391.1662559010026; Wed, 07 Sep 2022 06:56:50 -0700 (PDT)
MIME-Version: 1.0
From: Yoann Gini <y@bravas.io>
Date: Wed, 07 Sep 2022 15:56:39 +0200
Message-ID: <CAKzrJhZ=soh18bXSn7sR=q66mqG=vK0q5ebj4Efx_a2H26V1jQ@mail.gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary="000000000000362f0905e816afef"
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/OMra5LnUS1Z7SDXskcmnerAy0_c>
Subject: [scim] User extension for not valid before / after ?
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Sep 2022 13:57:58 -0000
Hello, I'm new to this mailing list so I will quickly introduce myself. I'm Yoann Gini, CTO of a french startup called Bravas who just raised money to build an MDM+IDP all in once, with a big focus on passwordless and modern management for SMBs. One of our main work will be to work with SCIM as server to get identities from HRIS and as client to push them in cascade to all federated services. One of the issues we have right now is the need for us to know the validity window of an EnterpriseUser. For audit purposes and identity lifecycle we consider that all EnterpriseUser in our solution need to have a some attributes defining the contract start date and end date. Some kind of "not valid before" and "not valid after". Which can also be extended in depth with hold window, for example with birth vacations, when someone is not supposed to work for a long period of time but still employed, the not valid before/after dates does not change, but we may want to add an "on hold" overlay for that vacation time. This is not covered by User or EnterpriseUser scheme, and I do not see other scheme at all here https://www.iana.org/assignments/scim/scim.xhtml Is this kind of need already covered by a Draft? If yes, where to find it/them? If not, do some people here want to collaborate on something? And since I'm new to this list, if this is not the correct way to question existing work in progress on specific topics like that, let me know how and where I should ask. Best regards Yoann Gini
- [scim] User extension for not valid before / afte… Yoann Gini
- Re: [scim] User extension for not valid before / … Phillip Hunt
- Re: [scim] User extension for not valid before / … Danny Mayer
- Re: [scim] User extension for not valid before / … Radovan Semancik
- Re: [scim] User extension for not valid before / … Yoann Gini
- Re: [scim] User extension for not valid before / … Phillip Hunt