IETF Logo Mail Archive

Re: [scim] Clarification on body request for DELETE

Phil Hunt <phil.hunt@oracle.com> Wed, 27 March 2013 21:49 UTC

Return-Path: <phil.hunt@oracle.com>
X-Original-To: scim@ietfa.amsl.com
Delivered-To: scim@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7936F21F89A5 for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 14:49:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.598
X-Spam-Level:
X-Spam-Status: No, score=-6.598 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XW5zU7QZUGKw for <scim@ietfa.amsl.com>; Wed, 27 Mar 2013 14:48:59 -0700 (PDT)
Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) by ietfa.amsl.com (Postfix) with ESMTP id 49CD121F8994 for <scim@ietf.org>; Wed, 27 Mar 2013 14:48:59 -0700 (PDT)
Received: from ucsinet21.oracle.com (ucsinet21.oracle.com [156.151.31.93]) by aserp1040.oracle.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.1) with ESMTP id r2RLmvJ6013148 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 27 Mar 2013 21:48:58 GMT
Received: from acsmt356.oracle.com (acsmt356.oracle.com [141.146.40.156]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id r2RLmtqH016495 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 27 Mar 2013 21:48:57 GMT
Received: from abhmt102.oracle.com (abhmt102.oracle.com [141.146.116.54]) by acsmt356.oracle.com (8.12.11.20060308/8.12.11) with ESMTP id r2RLmtjN021747; Wed, 27 Mar 2013 16:48:55 -0500
Received: from [192.168.1.14] (/174.7.250.104) by default (Oracle Beehive Gateway v4.0) with ESMTP ; Wed, 27 Mar 2013 14:48:55 -0700
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: multipart/alternative; boundary="Apple-Mail=_3B3ED4DE-A92A-4DC4-8BD4-63672DB80BB1"
From: Phil Hunt <phil.hunt@oracle.com>
In-Reply-To: <56C3C758F9D6534CA3778EAA1E0C34375C3AD5F3@BLUPRD0412MB643.namprd04.prod.outlook.com>
Date: Wed, 27 Mar 2013 14:48:51 -0700
Message-Id: <FAFB4AAB-09FA-41BB-9824-F59851C5B0FE@oracle.com>
References: <CAPx6tN7x1MS+W=rbXF1c9p2qepJN3pco+h6MQYXmGHJakF+3Vw@mail.gmail.com> <56C3C758F9D6534CA3778EAA1E0C34375C3AD5F3@BLUPRD0412MB643.namprd04.prod.outlook.com>
To: Kelly Grizzle <kelly.grizzle@sailpoint.com>
X-Mailer: Apple Mail (2.1283)
X-Source-IP: ucsinet21.oracle.com [156.151.31.93]
Cc: "scim@ietf.org" <scim@ietf.org>, Alexandre Santos <asantos@pingidentity.com>
Subject: Re: [scim] Clarification on body request for DELETE
X-BeenThere: scim@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Simple Cloud Identity Management BOF <scim.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/scim>, <mailto:scim-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/scim>
List-Post: <mailto:scim@ietf.org>
List-Help: <mailto:scim-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/scim>, <mailto:scim-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Mar 2013 21:49:00 -0000

We've been discussing that 202 should generally be interpreted as, transaction is syntactically valid but pending completion (e.g. an approval workflow). It seems there is a need to do this with all SCIM operations.

Successful immediate completion would be status 200 or potentially 204.  Is there any reason for a SP to indicate for example that an entity wasn't actually deleted, but rather suspended (e.g. because the SP has a tombstone feature to preserve UUIDs)?

Phil

@independentid
www.independentid.com
phil.hunt@oracle.com





On 2013-03-27, at 11:10 AM, Kelly Grizzle wrote:

> The SCIM API spec is not entirely clear here.  According to RFC 2616, the DELETE operation should work like this:
>  
>    A successful response SHOULD be 200 (OK) if the response includes an
>    entity describing the status, 202 (Accepted) if the action has not
>    yet been enacted, or 204 (No Content) if the action has been enacted
>    but the response does not include an entity.
>  
> I can’t think of anything interesting for SCIM to return in a response body, so my vote would either be a 200 with an empty response (or just a message) or a 204 with no response body.  Perhaps we should open an issue to clarify this.  Thoughts?
>  
> --Kelly
>  
> From: scim-bounces@ietf.org [mailto:scim-bounces@ietf.org] On Behalf Of Alexandre Santos
> Sent: Wednesday, March 27, 2013 11:04 AM
> To: scim@ietf.org
> Subject: [scim] Clarification on body request for DELETE
>  
> The spec for PUT says "3.3.1...  Unless otherwise specified a successful PUT operation returns a 200 OK response code and the entire Resource within the response body"
> For POST: "3.1...  the response body MUST contain the newly created Resource."
> For DELETES it says "
> 3.4.  Deleting Resources
> 
> Consumers request Resource removal via DELETE. Service Providers MAY choose not to permanently delete the Resource, but MUST return a 404 error code for all operations associated with the previously deleted Id. Service Providers MUST also omit the Resource from future query results. In addition the Service Provider MUST not consider the deleted resource in conflict calculation. For example if a User resource is deleted, a CREATE request for a User resource with the same userName as the previously deleted resource should not fail with a 409 error due to userName conflict.
> "
>  
> My question is, what (if anything at all) should be returned in the response body as a result of a successful DELETE operation.
>  
> Thanks,
> Alex Santos
>  
> _______________________________________________
> scim mailing list
> scim@ietf.org
> https://www.ietf.org/mailman/listinfo/scim

v2.23.0 | Report a Bug | By Email