generator-jhipster
generator-jhipster copied to clipboard
Investigate using SCIM to sync users with identity provider when using OAuth
Overview of the feature request
SCIM (System for Cross-domain Identity Management) is a standard automating user provisioning (aka syncing users). SCIM communicates user identity data between identity providers (such as companies with multiple individual users) and service providers requiring user identity information (such as enterprise SaaS apps).
Here's a presentation from @jpf that explains how it works: https://twitter.com/oktadev/status/1391422797516320771
Motivation for or Use Case
Our current mechanism for syncing users only happens when the user logs in. This means you can't select users in a relationship if they haven't logged in yet. Implementing SCIM would allow us to have the syncing of users happen automatically.
Related issues or PR
There's a Stack Overflow question about SCIM support in Keycloak. It currently doesn't exist, but there is a library that someone created. SCIM should work with Okta.