Re: [scim] Feedback and adoption readiness for draft-zollner-scim-roles-entitlements-extension

Anuradha Karunarathna <anuradha199528@gmail.com> Fri, 18 November 2022 14:44 UTC

Return-Path: <anuradha199528@gmail.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 16F07C14CE35 for <scim@ietfa.amsl.com>; Fri, 18 Nov 2022 06:44:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.847
X-Spam-Level:
X-Spam-Status: No, score=-1.847 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ik7cf8uovamH for <scim@ietfa.amsl.com>; Fri, 18 Nov 2022 06:44:28 -0800 (PST)
Received: from mail-oi1-x22f.google.com (mail-oi1-x22f.google.com [IPv6:2607:f8b0:4864:20::22f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6B9AAC1524B5 for <scim@ietf.org>; Fri, 18 Nov 2022 06:44:23 -0800 (PST)
Received: by mail-oi1-x22f.google.com with SMTP id q83so5521003oib.10 for <scim@ietf.org>; Fri, 18 Nov 2022 06:44:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=8lwiEE75UDLDYWjJAQC1Aq+JkkYmvQYERflJrJ7BQ58=; b=q5YJO/W53mqQkfAi1WT4DT8r+s2djQDHaVkx4zTYLI44jGRZbAkhp5mavbRjcALri2 EJN+psnTb23wwFEANLHQgEZHQI1wrwPlXo+FaQVO2rqYfag+S+HUESTxV21XN22iuMCz BHD90kG1HXEYhsHflI1ANILTLkAVGjoejw/arAky7sySBNWYTsREgk6hDjEOCB7InNPu cwtMl1FFi7Og/W9Sjg0zNVU874vZuYpKy/p65bNMBW6Cn0fJ5LW5Zl+hvOOjCBqIlUJm 8qnULXZ7iSAd8ZQ8eXEUd2h+Hvt22T/IePzlz0RchA7XfxItNT9p5u/Es2Qw78GNMPe5 P1Sg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=8lwiEE75UDLDYWjJAQC1Aq+JkkYmvQYERflJrJ7BQ58=; b=ASWxYnb1gwxKdyZ5dCrwh2zcVJws8/99M2pNNd9Eok1NBnBdqj987M0ApnQJs6awQl AphYTO/7/9vMyP0lcQxGR41rjSmzzy8P6/lbLDY8FtiEk6kVLAXxKropczdvwzal6jMB +DS2upmv92Z6OO4DOaHamZK/rq1toGsM3UFHmFkTyMyOULfm7X2AYv7AD7MaitL/bs8X P8myu6/IMEnM97rGrW1TJeY7Isf+BMDGAbjlB1QJvh1k3Y1MCfbLb376tdFDFr5Qs1Gq sc0yX/EdZjopLqU3jjzLuEVShkzMKlJLikp1knrYxsFxBx3GBiMM9HLorUz7f5AKfeCr Wflw==
X-Gm-Message-State: ANoB5ploXTe+cAVKHOiXHvBnKAhAkd6FKcWkNTtynNlLsbXJkIDHQF50 RqwbBqQo8bRwiTgEYBn/S6KzxEZWqQThl4NAWB+nq11LL/I=
X-Google-Smtp-Source: AA0mqf5ZWB6NYXETYIFO5RuRe863BqBMcZOLJduwTbQ0KvBCtAYLIyL5tDrDrbCWCHXsfN+haBnekqU68O03BNczZ4c=
X-Received: by 2002:a05:6808:8f9:b0:35a:1078:5f90 with SMTP id d25-20020a05680808f900b0035a10785f90mr6540908oic.117.1668782662128; Fri, 18 Nov 2022 06:44:22 -0800 (PST)
MIME-Version: 1.0
From: Anuradha Karunarathna <anuradha199528@gmail.com>
Date: Fri, 18 Nov 2022 20:14:11 +0530
Message-ID: <CA+OkT=9KHBgkGa8RoGu4qj3WK5B6XRrdZN5hV80_faKTHbr2Jg@mail.gmail.com>
To: scim@ietf.org
Content-Type: multipart/alternative; boundary="000000000000c8988005edbfbd87"
Archived-At: <https://mailarchive.ietf.org/arch/msg/scim/sFgByxF9A7J4puQ7Va08eUgyq7o>
Subject: Re: [scim] Feedback and adoption readiness for draft-zollner-scim-roles-entitlements-extension
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/scim/>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 18 Nov 2022 14:44:30 -0000

#5 for me.  I identified the following things while reading the draft,

1. The sample response of the GET /Roles request (section 4.4.1.2) has a
mismatch with        "totalResults" and the Resource details.
"totalResults":3" means the server has only 3 roles. There are 3 roles in
the  "Resources" list, but some role values given under contains attributes
(eg: "contains":["teamlead"], and  "contains":["regional_lead"]) are not
listed in the "Resources" list.

2. The descriptions of "type" and "enabled" under section 6.  Entitlements
Schema BNF has the word "role" instead of "entitlement".

               {
                   "name" : "type",
                   "type" : "string",
                   "multiValued" : false,
                   "description" : "A label indicating the *role's*
                   function.",
                   "required" : false,
                   "caseExact" : false,
                   "mutability" : "readOnly",
                   "returned" : "default",
                   "uniqueness" : "server"
               },
               {
                   "name" : "enabled",
                   "type" : "boolean",
                   "multiValued" : false,
                   "description" : "A boolean type that indicates if the
                   *role* is enabled and usable in the SCIM service
                   provider's system.",
                   "required" : true,
                   "caseExact" : false,
                   "mutability" : "readOnly",
                   "returned" : "default"
               }


3. The descriptions of  "contains" and "containedBy" says "*A complex type*
that shows what other....", but their type is defined as a string in the
schema. In the examples also, the role/entitlement value is given
for "contains" and "containedBy". So the descriptions need to be modified.

Thanks,
Anuradha Karunarathna
SSE - WSO2