SCIM connectors require a particularly complex configuration template that supports three different authentication types, each of which has different credential parameters that are required to properly configure the collectors and fulfillers. The choice of authentication type and grant type will depend on the use case and what the authentication token endpoint supports.
When using the bearer token authentication method, you can select Password Flow (when user involvement is required) or Client Credential Flow (for machine-to-machine communication) as the authentication grant type. When using the Client Credential Flow, you will need to specify whether the credentials should be included in the request header or request body .
When using Cloud Bridge, you must also specify a unique ordinal for each authentication method. Use the following table to understand the ordinal number that you need to specify for SCIM authentication methods.
The following table lists the available authentication types and related credentials:
|
Ordinal (Credential Position) |
Authentication Type |
Credential Set |
|---|---|---|
|
3 |
Basic Auth |
|
|
4 |
Access Token NOTE:When the access token expires, replace it with a new access token. |
|
|
5 |
Bearer Token |
|
|
6 |
Bearer Token |
|
IMPORTANT:For the access token, the user provides the token to connect to the SCIM-compatible application, whereas, for the bearer token, the connector generates the token. When the access token expires, replace it with a new access token.