Speakers: Janelle Allen, Engineering Product Manager, Webex Identity, Cisco;
Qingwen Cheng, Principal Engineer, Cisco
Date: Wednesday, June 22, 2022
Location: Denver, CO

Description: When you run a SCIM server and you receive requests from multiple and diverse SCIM clients, events can get very curious indeed. Is that “delete” request really a delete? One might expect the answer to be yes, but sometimes it isn’t so clear cut and depends on which SCIM client is making the request. How about that happy little boolean attribute called active?

Defined in RFC 7643 as: “active – A Boolean value indicating the user’s administrative status. The definitive meaning of this attribute is determined by the service provider. As a typical example, a value of true implies that the user is able to log in, while a value of false implies that the user’s account has been suspended.” So, why was the user marked inactive by the client? Are they locked? Are they on PTO? What happens when we support many SCIM clients?

We will explore these and other identity lifecycle events with the SCIM spec. We will look at ways the spec can be augmented for clearer handling of the Identity lifecycle and how the active status can be elevated beyond the simple boolean it is today, thus supercharged with shared signals and context.