Re: [scim] [EXTERNAL] Extension Clarification Request
Danny Zollner <Danny.Zollner@microsoft.com> Fri, 21 October 2022 21:51 UTC
Return-Path: <Danny.Zollner@microsoft.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D443CC1522DC for <scim@ietfa.amsl.com>; Fri, 21 Oct 2022 14:51:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.578
X-Spam-Level:
X-Spam-Status: No, score=-2.578 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.571, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, HTTPS_HTTP_MISMATCH=0.1, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=microsoft.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IxjiD8IXHKu4 for <scim@ietfa.amsl.com>; Fri, 21 Oct 2022 14:51:06 -0700 (PDT)
Received: from DM5PR00CU002-vft-obe.outbound.protection.outlook.com (mail-cusazlp170110003.outbound.protection.outlook.com [IPv6:2a01:111:f403:c111::3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C5123C1522C3 for <scim@ietf.org>; Fri, 21 Oct 2022 14:51:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=W7sMLIG+pCdNPSJr0D7he1Wl92xy+aM7f3gXXC3wN8JmAJcdl2VMBN2d5QQVXih9/ole9f9AhDr66sMSLG7iVkioY9AwKbvcQ0cGGKdfa+bBHTaTE/wRcb6CfXggP9Nzr96lqsZjDzYgVW2/a8nkE/SFRFGBG/051pIDgRxfv50/Ci0nBOJJqenVB4W34R+2ZgE5sDvDQKv5rq9IZPUl22vhrmp6DlO75vdMLddpyuGvJWfmRrScbwJsJHytEA4wkb2Vu56iIPcYUe3lV+ApiEa6jkLh7zIj7ipRkovAPAZelu7Iu7NzePdVWy/AL1svBttZ6lp8nvGcF66vyn2hPQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=NTW57SYFFlu/dP8+L4fWBrEZJr1a/7J293U4BCjzTAY=; b=Fpx7iyeDAKz2Rhv98vVTyI58GeqQ0LK9jSrYXHcc4wDgUlmb175OPM3ug+0i9P/UlrozPGC7DxWhH7aqfMmFMXhENVAfVymOhXi6ctjYYHJ8VTmUIqEMkDco7DvXIGq5X3NnA0+bXWEqnUBJehwq9hKMqrJntU7TkfZkj/cvfipND7naR7+DV807oOCN2icHYfixdRygHVqDT6Wwn8pIYyjlHJZplzNz4Cny77iW06ZcWU1Un5HuF8ioUmNES2r3uGdcgB3hYA3ZmgUillBmCKb61bZRZOhfjr7cUF6/07dZ1cydCReMjiMWSLexDfPhLrXFXFeB/lfLCM9ZVCWaXA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NTW57SYFFlu/dP8+L4fWBrEZJr1a/7J293U4BCjzTAY=; b=IZk3ZvAIdZeF1B4rjj71mrJHGBjWozxscIucoD+NH5912Ee2BOF4PwJaSKpiiAGXBGpS7yh15NDJGxUQFcJhuFn2kKuWWHBh5fOLgHkg4iPca65x/xceqx417YtRRRaOyU8al7HWdqhJ5kHrurudBTWduvb0E4EHQPT1lY6xZZE=
Received: from BY5PR00MB0708.namprd00.prod.outlook.com (2603:10b6:a03:204::9) by PH0PR00MB1231.namprd00.prod.outlook.com (2603:10b6:510:9f::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5789.0; Fri, 21 Oct 2022 21:51:00 +0000
Received: from BY5PR00MB0708.namprd00.prod.outlook.com ([fe80::95cf:de7d:217c:5d21]) by BY5PR00MB0708.namprd00.prod.outlook.com ([fe80::95cf:de7d:217c:5d21%5]) with mapi id 15.20.5794.000; Fri, 21 Oct 2022 21:51:00 +0000
From: Danny Zollner <Danny.Zollner@microsoft.com>
To: Phillip Hunt <phil.hunt@independentid.com>
CC: Chad Vincent <chad.vincent@crashplan.com>, "scim@ietf.org" <scim@ietf.org>
Thread-Topic: [scim] [EXTERNAL] Extension Clarification Request
Thread-Index: AQHY5YTTZaG5Zb46NEm8+A0QSoR2wK4ZQuBg
Date: Fri, 21 Oct 2022 21:51:00 +0000
Message-ID: <BY5PR00MB0708090F3477EC9ED49FCD3FFF2D9@BY5PR00MB0708.namprd00.prod.outlook.com>
References: <CAKXu=h_4LR-VXiEozAA2OwSX-E==7NLcD4oVU1DKngyUfSGoGQ@mail.gmail.com> <AAB851CE-D019-49E2-8DA9-132B8EA03DD4@independentid.com> <BY5PR00MB070873165E22B5A4FF549BD0FF2D9@BY5PR00MB0708.namprd00.prod.outlook.com> <E5F26DF8-1665-4B6E-8B72-8E9B537F6740@independentid.com>
In-Reply-To: <E5F26DF8-1665-4B6E-8B72-8E9B537F6740@independentid.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=microsoft.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: BY5PR00MB0708:EE_|PH0PR00MB1231:EE_
x-ms-office365-filtering-correlation-id: 0efbcf6b-9be4-4051-96d9-08dab3ae57cd
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: H4ixnRElI17p5dSOdxCS8yyz7cTynvZc0pj8J8+IZDdlm9ybIVJnUixelTYCWHQ40UJaYq2APmb3s8itfHjI/DzqEQlpJfL66sF153U0WJ/eFb/lK2ZhCXhkMzsIWmJR5dXqzrVzOn5y0eNR58XhzMizHbgLOlwnHr5u/C3Inmb8ysjcnOlMn93hV9e8LUK33AGjq3Z7KXpiTApatMl//lKqr4eZ9RwEJX8BAhMA9uxROfExd/0YD7g/ghTfaSU5b5seZpaMfR529zwzgCdjA/E6/dNRbuzs5XLjPzzq4GwcV5KsrfmkJk45KO3lg9ysdkOcqbFCpaQGZGtv+X40CmWA6XF/ARCu/QjkK+3E1v9gLzRK232fjeR2ymA9E3TMojojOFehyuVbzoF0q1y9TCTyYPxfG+kd+jFdR+Vaw4KD3F6wAuJoq0/TmV4TFbugmHbq2BPf1DTbH0HSMmsmoekYcvGw9K8w95zjkbuGLFPaU3b6BPyyZGVX8S4PeA9Ms+01RYafWmMUwwMZt5Yww3l5boUFqhT44cuCWzWfjJbf4I6BWx56btjCzVl8MA4Ung3e+CWfwLfAbb463p0otUdrIggLAhBqjX51RfurxERUv1vzhLEvzfYOL67MkVxjDTp0oZncP1QjsvxQw8PYa2Iko8BrqmwypA64Vv+bE9GkkQmJF82tXpr7v27DZTSPsMtQMkdPRnc5usJFvJ0N/Yb2pXrJUcyjk27zUUy0y87k547Yq+EF3oF2bKPXlq7EXOopSxR48SadPVpYSDgDmimvDRUxBuv49fDhk6Fvv+RQD17F27Vzp/0NbQJtDQ7LZLKZwxNIt76jQNz1FJWBSw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:BY5PR00MB0708.namprd00.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230022)(4636009)(136003)(39860400002)(396003)(346002)(376002)(366004)(451199015)(7696005)(122000001)(66556008)(38100700002)(6506007)(53546011)(41300700001)(8676002)(54906003)(26005)(66946007)(66476007)(66446008)(64756008)(6916009)(76116006)(8990500004)(966005)(316002)(33656002)(2906002)(82960400001)(166002)(4326008)(82950400001)(478600001)(86362001)(55016003)(10290500003)(71200400001)(38070700005)(186003)(83380400001)(5660300002)(9326002)(9686003)(52536014)(8936002); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: /hc+iletB8AZi1u8SLyo3pGUBI2CVfgigG0ZHSxm9EGGoQGnwWowNk6WaorUxVN1XKlqxxQDKjIkUkpx/j91mkMxO8n5E8Y5RFD9HCV4YC7qzTD3ydRU1nut4l+kJJDug1ucCRY6/A6xEtMhMQYnkFIMuoL6H+uO2tKUvdrYNyW7FL/i75U/JPwcB27g4KO21Kmf3DzLeytS2vhRWhZ6y4VReORqy7QdTHHQPY301+jf1TNbWXKHYBJ5fynyjnV+3GMU3qMQf+XD5Qwt/8hvO9o0ULg9yTSLxGft/SXa/elipXndvqwX0FheV9lWcxHeTlFIgtcluMmY1BqIRecNvygfGE4kz0jerx2yw9J/kYF3bMQ/zl6kEZ0xqgHhFvai5/C6MgrfbYaLRwZT1ex5pWP9Ce+TESf2Dsmo5mxBPyFRJA9fSTQsDx93e0wnuQNlEf9eYTvFSuh5EOFWssMe48ZhIwcrCI+YQO+dEKMkmKpZA8P+d3QYR1pdLQNcBLEFCd9VDtOCU1aBvf8/MDTPS5BIpWCiNSnJZ124rbbT2Krr0O8nkT+bQK8AlfJHvrbt7HKyxKYXzwzcdtAAVMvpGdsG2VWW3W8b4GVDQ3yXT6Xa07s9bG3mtPSDd9qWR5lza9yVkHcYO5EYtCJ4y/DX0yF3MTWetq+4RCVa7J9xvg+XAg1ITGMWY6SdUuGGoqcudJ13+6mWW21NMHsP9lRIgRgSnNpDl+3d0of7QGC42vt8pbqDsdCG0Nn9CrEhpMHBMDkjsbe64zqrWd26WY8uKJ+avYQAHuAOT4y7IP2sXeuagHztZU17n0tzcPtgJ01ztUGcmIw7JyhrwbxS2xBWDRzUJmss0moweJH+VLlRgWX3jAhxo98ZN7s2PCMKD3+9IEhM3Dy+G5SQ62FNWCKLunWX3n5EXCG40lD+hElCcrx+bYZJIqXhpbe438jLSiPFZ7m7Kx++asK09/db50Hx0k8O9lmv2uF7gUJ5KazF/0DuBc63DjasnlGhEkd3Kvy1inVvLACqm6BHmshNn4+DuzrqGP+rGtwdBg06vK60U0Sj/FvCwyi9J+GQphiS/tmQ9toYKnEb+hLT/CCw+IQG1BluBpkJnq1BkJmZFiOWSDnnVHDbgFhexIOFCdyDmKyG8ua1pByP8nVYweKYCc5hKHf1m4J2ouVPY+TP1K9A8U3MzY6H7TtjUv34fpA2ecpZ5ow/L48FY9EXQFifxgM504AicvCLm/18EUbGmNBchC1kecrV+oMqzhtrwSArWYWNDE0yaW35QTaoRripNawHNQLmeDOKhDus+TH7EtIr3FKPyGZbGO+4msK4e9cFbkfKyidA5aKsvglj3NRTMkrDddxiZ26g4amHXqQM38HaJNXWyhPqcUF7KUI8h9w8uG/2kQIP9D6B7c4gzE7Uht7zmIz6FP1u+QkaZUofOAt+kaO1FVyERnwXjX7IgibMYUtOekLIjbVRIC5xD0qYse5fG7AD2LYIpg63XaoOncYXGQBrN3Btqt/rstHrj/G3e4lUZ7yso7jYRoLA249jAzKXRoVfaxQxB6wJquY2AUnBF/FEi7ubVZFGoTxZVBRt8ijd
Content-Type: multipart/alternative; boundary="_000_BY5PR00MB0708090F3477EC9ED49FCD3FFF2D9BY5PR00MB0708namp_"
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: BY5PR00MB0708.namprd00.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0efbcf6b-9be4-4051-96d9-08dab3ae57cd
X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Oct 2022 21:51:00.4800 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: mbj1+fTQzzRzP/1oqSmTai6jukLLInhC/JpQjdRbEx8vJIRiluMDl9Ax6RTyucS/zpxBsDcaujcMSXW+zohk0A==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR00MB1231
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/ey3x18mdNLxJQ6leu9VGUyEkofI>
Subject: Re: [scim] [EXTERNAL] Extension Clarification Request
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Oct 2022 21:51:08 -0000
Hi Phil, Going to disagree on it being very clear - while the text supporting your answer on this thread is present in the spec, I think it could be clearer. I'm not disagreeing with your answer on this thread, just stating that reliance on implementers noticing the nuance held in each line of the spec rather than being provided with explicit examples is a problem. I don't believe there are any explicit examples of the sort of outcome that you described by omitting a value from schemas with a PUT or from any other scenarios tied to the inclusion or exclusion of values to the schemas attribute. I think that the lack of examples both on this topic and others is detrimental to folks who are trying to implement SCIM, and that the language explaining the various behaviors could be more explicit as well. I see a lot of interoperability problems while working with people who are implementing SCIM, and many of them come from language that isn't easily understood or from things are not explicitly stated or given examples. My comments were purely stating that in a future version of the standard I think it's worth seeing if the language can be improved to reduce confusion and make implementation easier. Thanks, Danny Zollner (He/Him) From: scim <scim-bounces@ietf.org> On Behalf Of Phillip Hunt Sent: Friday, October 21, 2022 2:39 PM To: Danny Zollner <Danny.Zollner@microsoft.com> Cc: Chad Vincent <chad.vincent@crashplan.com>; scim@ietf.org Subject: Re: [scim] [EXTERNAL] Extension Clarification Request Danny, The spec is very clear on this. I think you are trying to take a rule and say it applies everywhere ignoring all other rules. In this case there it is an additive condition. If A is present then B MUST be present. If one includes an extension schema in schemas, then there MUST be a correspoinding schema extension attribute for it. "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {}, So why list a schema extension that is not in use? It turns out there is an occasion where this is needed. For example in a PUT operation, specifying the extension object without attributes is expressing that those extension attributes are to be removed. E.g. if one used Chad's third example record in a PUT, that would allow the SCIM service provider to infer that the attributes are to be removed (See "readWrite" under 3.5.1 Replacing with PUT). Best, Phillip Hunt @independentid phil.hunt@independentid.com<mailto:phil.hunt@independentid.com> On Oct 21, 2022, at 12:01 PM, Danny Zollner <Danny.Zollner@microsoft.com<mailto:Danny.Zollner@microsoft.com>> wrote: Looking at RFC 7643, I can see how the language isn't crystal clear on the requirement for each in-use schema to be represented by a value in the schemas attribute. I think the line that states this is in 7643 3.3: All representations of SCIM schemas MUST include a non-empty array with value(s) of the URIs supported by that representation. The latter half of that sentence being key, I think. The MUST applies to both "include a non-empty array" and "with values of the URIs supported by that representation" - meaning every schema represented on the resource needs to be present in the array of values for the schemas attribute. I think if we end up revising the core schema RFC and publish a new version in the future, there may be a way to word this requirement more clearly. (As a side note, originally, I was going to say that based on a past reading I'd had of the spec that it wasn't clear if including each schema value was a requirement, but while rereading to make that case the above quoted part of 7643 3.3 made sense to me as meaning the same thing that Phil said in his email) Thanks, Danny Zollner (He/Him) From: scim <scim-bounces@ietf.org<mailto:scim-bounces@ietf.org>> On Behalf Of Phillip Hunt Sent: Friday, October 21, 2022 12:12 PM To: Chad Vincent <chad.vincent@crashplan.com<mailto:chad.vincent@crashplan.com>> Cc: scim@ietf.org<mailto:scim@ietf.org> Subject: [EXTERNAL] Re: [scim] Extension Clarification Request Chad, The logic should be: The ResourceType for the ServiceProvider defines what schemas are possible in the User resource type. The schemas attribute indicates what attributes are present in the JSON object and how to parse them (by looking up the schema in the /Schemas endpoint). So if you add an enterprise user attribute to a User, you have to make sure the enterprise user schema URI value is in the schemas attribute. If no enterprise user attributes are present, then the schema value is not there either. The idea here is to help parsers know what to look for. Phillip Hunt @independentid phil.hunt@independentid.com<mailto:phil.hunt@independentid.com> On Oct 21, 2022, at 9:50 AM, Chad Vincent <chad.vincent@crashplan.com<mailto:chad.vincent@crashplan.com>> wrote: If I could get clarification on this from an official source, it would be most helpful. A Service Provider responding to a SCIM request has a User with none of the fields in the Enterprise Extension set. Based on RFC 7643 Section 3, the "schemas" attribute is "used to indicate the namespaces of the SCIM schemas that define the attributes present in the current JSON structure." As there are no Enterprise Extension attributes present, the extension schema urn would not be included. However, later in the same paragraph it says that it, "MUST include a non-empty array with value(s) of the URIs supported (emphasis mine) by that representation." Section 3.3 is likewise not helpful in clarifying, as I am reading "Each value in the "schemas" attribute indicates additive schema that MAY exist in a SCIM resource representation." as being indicative of the particular representation/response, not the service provider as a whole. And in Section 6 it says that including the extensions in the Resource Type schema is optional. This comes up because we've identified an Identity Provider that will not add the extension and its attributes if the extension isn't already in the user when performing a GET. It will, however, include the extension on net-new user creation or update it if already present. Okta and Azure have no issue with seeing a User object without the Enterprise Extension and then adding one if they want to set one of those fields. The library we're using likewise doesn't include the schema if it's not present in the User. This has us reviewing our interpretation of the specification. So for a SCIM response where all the fields in an extension do not exist, is it correct to send just the root schema, include the extension schema in the "schemas" attribute, or include the extension schema in the "schemas" attribute and an empty extension attribute/object? Sample objects: -- No values -- { "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"], "id": "2819c223-7f76-453a-919d-413861904646", "externalId": "701984", "userName": "bjensen@example.com<mailto:bjensen@example.com>", "emails": [ { "value": "bjensen@example.com<mailto:bjensen@example.com>", "type": "work", "primary": true } ], "userType": "Employee", "title": "Tour Guide", "active":true, "meta": { "resourceType": "User", "created": "2010-01-23T04:56:22Z", "lastModified": "2011-05-13T04:42:34Z", "version": "W\/\"3694e05e9dff591\"", "location": "https://example.com/v2/Users/2819c223-7f76-453a-919d-413861904646<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fexample.com%2Fv2%2FUsers%2F2819c223-7f76-453a-919d-413861904646&data=05%7C01%7Cdanny.zollner%40microsoft.com%7Cda2cae0affa543087e1308dab39bf2c0%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638019779656133991%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5pb%2FGeqhJZtkACHw3bamZ4Rj%2BVHnfiloHBjT8M1UHZI%3D&reserved=0>" } } -- Schema but no Object -- { "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"], "id": "2819c223-7f76-453a-919d-413861904646", "externalId": "701984", "userName": "bjensen@example.com<mailto:bjensen@example.com>", "emails": [ { "value": "bjensen@example.com<mailto:bjensen@example.com>", "type": "work", "primary": true } ], "userType": "Employee", "title": "Tour Guide", "active":true, "meta": { "resourceType": "User", "created": "2010-01-23T04:56:22Z", "lastModified": "2011-05-13T04:42:34Z", "version": "W\/\"3694e05e9dff591\"", "location": "https://example.com/v2/Users/2819c223-7f76-453a-919d-413861904646<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fexample.com%2Fv2%2FUsers%2F2819c223-7f76-453a-919d-413861904646&data=05%7C01%7Cdanny.zollner%40microsoft.com%7Cda2cae0affa543087e1308dab39bf2c0%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638019779656133991%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=5pb%2FGeqhJZtkACHw3bamZ4Rj%2BVHnfiloHBjT8M1UHZI%3D&reserved=0>" } } -- Empty object present -- { "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User", "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"], "id": "2819c223-7f76-453a-919d-413861904646", "externalId": "701984", "userName": "bjensen@example.com<mailto:bjensen@example.com>", "emails": [ { "value": "bjensen@example.com<mailto:bjensen@example.com>", "type": "work", "primary": true } ], "userType": "Employee", "title": "Tour Guide", "active":true, "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {}, "meta": { "resourceType": "User", "created": "2010-01-23T04:56:22Z", "lastModified": "2011-05-13T04:42:34Z", "version": "W\/\"3694e05e9dff591\"", "location": "https://example.com/v2/Users/2819c223-7f76-453a-919d-413861904646<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fexample.com%2Fv2%2FUsers%2F2819c223-7f76-453a-919d-413861904646&data=05%7C01%7Cdanny.zollner%40microsoft.com%7Cda2cae0affa543087e1308dab39bf2c0%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638019779656290203%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=Ya9HFhr6%2FcHHA4JgIKoG%2BNjtGdAlrG7sZuPwNRnmNxg%3D&reserved=0>" } } -- Chad Vincent (he/him) | Software Engineer, Senior - CrashPlan chad.vincent@crashplan.com<mailto:chad.vincent@crashplan.com> 400 S 4th St Suite 410 PMB 31083 Minneapolis, MN 55415-1419 _______________________________________________ scim mailing list scim@ietf.org<mailto:scim@ietf.org> https://www.ietf.org/mailman/listinfo/scim<https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.ietf.org%2Fmailman%2Flistinfo%2Fscim&data=05%7C01%7Cdanny.zollner%40microsoft.com%7Cda2cae0affa543087e1308dab39bf2c0%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C638019779656290203%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=hs1dz7MflFNy0a5rTbv3YUPf3Nk0GRPq3WByAK7CY%2Fo%3D&reserved=0>
- [scim] Extension Clarification Request Chad Vincent
- Re: [scim] Extension Clarification Request Phillip Hunt
- Re: [scim] [EXTERNAL] Re: Extension Clarification… Danny Zollner
- Re: [scim] [EXTERNAL] Extension Clarification Req… Phillip Hunt
- Re: [scim] [EXTERNAL] Extension Clarification Req… Danny Zollner