[scim] Is ServiceProviderConfig Required?

Danny Mayer <mayer@pdmconsulting.net> Wed, 13 October 2021 15:24 UTC

Return-Path: <mayer@pdmconsulting.net>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 990A23A0B5B for <scim@ietfa.amsl.com>; Wed, 13 Oct 2021 08:24:50 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.89
X-Spam-Status: No, score=-1.89 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, T_SPF_TEMPERROR=0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id R9-Qppb016nE for <scim@ietfa.amsl.com>; Wed, 13 Oct 2021 08:24:41 -0700 (PDT)
Received: from chessie.everett.org (chessie.everett.org [IPv6:2001:470:1:205::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6E0233A0B56 for <scim@ietf.org>; Wed, 13 Oct 2021 08:24:40 -0700 (PDT)
Received: from newusers-MBP.fios-router.home (pool-108-26-179-179.bstnma.fios.verizon.net []) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by chessie.everett.org (Postfix) with ESMTPSA id 4HTxCp74jxzMNQs for <scim@ietf.org>; Wed, 13 Oct 2021 15:24:38 +0000 (UTC)
To: SCIM WG <scim@ietf.org>
From: Danny Mayer <mayer@pdmconsulting.net>
Message-ID: <9f90574b-aa33-4f06-209b-6281a3ab6600@pdmconsulting.net>
Date: Wed, 13 Oct 2021 11:24:38 -0400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.14.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/XSHgYUW4nW_KQueElsdatJXivZo>
Subject: [scim] Is ServiceProviderConfig Required?
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Oct 2021 15:24:51 -0000

I've been looking at some SCIM servers and it seems that some do not 
provide the ServiceProviderConfig endpoint and at least one Commercial 
SCIM Client didn't request the endpoint when I was testing it last year. 
Is it a requirement to provide this endpoint and is the client required 
to read it and obey the rules laid out in the returned information? Are 
clients using it?

I'm also not sure about the /Me endpoint. That requires that the SCIM 
server retain state. That should be the SCIM client's responsibility.