Add UI Extension to SCIM Users
Xurrent’s UI extensions functionality now offers the ability to add custom fields to SCIM user records. The acronym SCIM stands for System for Cross-domain Identity Management. It is a standard protocol for automating user management. Xurrent has supported this protocol for a few years already. It is now used by most customers to automate the maintenance of the person records in their Xurrent directory accounts.
When Xurrent receives SCIM user data from an organization’s identity provider (such as Okta, OneLogin Azure AD, etc.) this data does not get stored in Xurrent person records right away. Instead, Xurrent stores the incoming SCIM data in SCIM user records. Automation rules are then used to map the field values of these SCIM user records to the fields of Xurrent person records.
Now that it is possible to define a UI extension for SCIM user records, an organization’s identity provider can populate the custom fields of this UI extension by including the necessary field ID and value pairs in the JSON it includes in its SCIM POST requests.
For example, an organization may define a UI extension for its SCIM users that adds the custom fields Payroll ID (which field ID is payroll_id) and Year of birth (which field ID is year_of_birth).
The organization’s identity provider can then pass the values for these custom fields to Xurrent using the following schema extension:
urn:ietf:params:scim:schemas:extension:Xurrent:1.0:custom_fields
Note that this Xurrent schema extension does not have to be added to the schemas definition. It will always be picked up in case the attribute mentioned above is present in the JSON hash.
In our example, this JSON hash can look as follows:
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User",
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User",
],
"externalId": "d5d1a4c5-84bb-4883-8c2d-a12bf3676638",
"userName": "[email protected]",
...
"urn:ietf:params:scim:schemas:extension:Xurrent:1.0:custom_fields": {
"payroll_id": "179e3587-8416-443b-94ff-b0e50a98b184",
"year_of_birth": 1991
}
}
This causes Xurrent to store the payroll_id and year_of_birth field values in the custom fields of the SCIM user records in Xurrent. The SCIM user automation rules can be extended to pass these field values to the corresponding person records. These rules can be maintained by administrators in the ‘Automation Rules’ section of the Settings console.
More information about the custom fields extension for SCIM users can be found in the Xurrent Developer Documentation.