[scim] Charter Discussion: Triggers

Phil Hunt <phil.hunt@independentid.com> Wed, 07 July 2021 16:23 UTC

Return-Path: <phil.hunt@independentid.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id D49F53A1DD4 for <scim@ietfa.amsl.com>; Wed, 7 Jul 2021 09:23:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=independentid-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id cY2Cwbjs_KwN for <scim@ietfa.amsl.com>; Wed, 7 Jul 2021 09:23:09 -0700 (PDT)
Received: from mail-pf1-x435.google.com (mail-pf1-x435.google.com [IPv6:2607:f8b0:4864:20::435]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0FBB83A1DCD for <scim@ietf.org>; Wed, 7 Jul 2021 09:23:04 -0700 (PDT)
Received: by mail-pf1-x435.google.com with SMTP id f17so2643436pfj.8 for <scim@ietf.org>; Wed, 07 Jul 2021 09:23:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=independentid-com.20150623.gappssmtp.com; s=20150623; h=from:mime-version:subject:message-id:date:to; bh=MHuWAwoXWJuyWWeYpgfq7xrI8SaIauGw4pnej9FtIUg=; b=oRlAV6kCGDQ+N4SeXdzRD10NPXSx7yJJYcLiZpSl0L5kWgzEK1hbhVoYgRYuixN7Cs 4qz/ZosxzuTyBPeAgyRJp9OgXk3tLrwas1iRhmv7YmONudp7CGbJos0sVyYy6urMsbiP 3JSv3F+gPwVbWJ1m8qb9Hkk/L1cBIgGY8crmFSOra1dUaw3JHlkVoj4V9byAvwfOlhRQ wPpP3XilypwZwNnaoy15pm6YOACZE4eRpMHqAucbl50xXBzaG3eI7pDVN01N/mYk3wUa OXKFhpUuNUiaQvq860TSVifgY0G6vHqIhzryJcXVmzVapkpFy61F1ZtZxAGaOG5WxIIh 1JWQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:mime-version:subject:message-id:date:to; bh=MHuWAwoXWJuyWWeYpgfq7xrI8SaIauGw4pnej9FtIUg=; b=s+yMfbflGJCnDBA0fPvnqnBOmNbi9YnHZX7t6PQgNQmSxF5L6agXaDIUx0hLhbGsbR 8eNlgLPDXReGvRtOvm09LB2UXBJvTBsUWuUEynlPs7xg8L6TuX4vF8tDJYDZbdNnNALc hdJJ+hrZNgPRQ+wEgrtlTisv6XOnBhon67P78gnPPeJv+92K/rznVbrOC7xPqXqhyp8l 6Mp7oo/IzifXo3HPtHOViv7WFiss+4znp6bUDEso0NKXZpfJpBQFa9OuHSuWNtHlT3Vu owrWloEUs8jFPJZFhQ3lxPKfq2tGmVaB3o2P2Awk8we9udkFbaFloHfeWCXiDw97HbEj MSCA==
X-Gm-Message-State: AOAM530utFq4Bgzwx267y1ZF8Ob8RjTTClkeAikOWwvORBjuwihG+QvH qK+GP7aD1SPXzkBUXljg9AwkNvrVV53aZRSP
X-Google-Smtp-Source: ABdhPJyU9qODSUvh291K4PkYX+ZJQxe8lLXTkkXcSEA80AoVTuLFnUQ9rITpOAXVTs6AEvevX59Lfg==
X-Received: by 2002:aa7:941b:0:b029:301:ec00:eed9 with SMTP id x27-20020aa7941b0000b0290301ec00eed9mr26299298pfo.44.1625674983496; Wed, 07 Jul 2021 09:23:03 -0700 (PDT)
Received: from smtpclient.apple (node-1w7jr9qqo6k56s4jg3mm8e1y1.ipv6.telus.net. [2001:569:79bc:100:618a:7524:9623:4159]) by smtp.gmail.com with ESMTPSA id y4sm22832368pfc.15.2021. for <scim@ietf.org> (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 07 Jul 2021 09:23:03 -0700 (PDT)
From: Phil Hunt <phil.hunt@independentid.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_6B5A3CF4-B2DD-459B-BC8C-22DC053834E6"
Mime-Version: 1.0 (Mac OS X Mail 14.0 \(3654.\))
Message-Id: <DB7EF3D8-34D6-42E1-9D82-BF7B3C09F889@independentid.com>
Date: Wed, 7 Jul 2021 09:23:02 -0700
To: SCIM WG <scim@ietf.org>
X-Mailer: Apple Mail (2.3654.
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/ez7mWhYys0jVGIqOOkrPV4GCmB4>
Subject: [scim] Charter Discussion: Triggers
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jul 2021 16:23:14 -0000

In the discussion about cursors, it occured to me that some queries are happening as a form of polling by one or more client entities in order to co-ordinate state of user entries across many clients and domains.

Way back when, the original SCIM WG charter had an item called “triggers”. Triggers were events that could be distributed to registered clients to notify them of events. Some of the cursor use cases could be addressed with async triggers (events) rather than using “polling with cursors”t. 

The triggers concept wasn’t actually abandoned,  The work on events did actually go forward (in the SECEVENT WG) and was published as RFC8417  (aka Security Event Tokens).   OpenID Connect as an example uses SETs to notify parties of a logout in the back channel.  The OpenID Shared Signals group is also defining events, many of which, occur within SCIM servers.
—> Would defining SCIM Events go a long way to avoid the need for cursors in at least some cases (e.g. notifying receivers that a resource was deleted or a password updated)?  Should we put this on the table?

—> is this something the group would like to pick up and exploit now that the underlying message format is defined?

On the call today, it was also brought up that the interaction pattern of client initiating against the server may need to evolve/expand. Async SET events may be one possibility. To solve these cases.

Phil Hunt