This topic has 2 replies, 2 voices, and was last updated 8 months, 3 weeks ago by [email protected].
-
AuthorPosts
-
April 14, 2020 at 7:29 pm #27819
[email protected]
ParticipantHi all,
I’m trying to connect our local IDM to the zoom.us-SCIM-API.
I’ve never used SCIM before, so I might be mistaken, but the way I see it
– zoom offers Authentication via OAuth2 and the authorization code grant
– IDM could use OAuth2 and client credentials
– zoom would accept a JWT bearer token
– IDM could provide basic authenticationSCIM specification seems to be quite neutral on authentication, basically “use good authentication”, so I can’t blame either party.
Any workarouds I’m missing? I’m considering getting an API gateway to perform translation.
Anybody got some “scripted scim” samples?Best regards
PatrickApril 21, 2020 at 4:26 pm #27831Thomas Wolfram
ParticipantHi Patrick,
the SCIM connector by Forgerock IDM also supports static bearer token for authentication. Just use “TOKEN” for authenticationMethod and set authToken to the token. See chapter 18.4.1 in the connector reference guide 6.5. There is also a sample for Slack included in 6.5 which uses it.This is also what I had to use to provision Cisco Webex with the Forgerock SCIM connector. But I would recommend to ask Forgerock for version 1.5.0.2 of it because the older 1.4.x.x versions have some bugs. See https://backstage.forgerock.com/docs/idm/6.5/connector-release-notes/#scim-1.5.2.0
Greetings,
ThomasMay 5, 2020 at 1:57 pm #27886[email protected]
ParticipantHi Thomas,
thank you for your input. I already had installed an API gateway, receiving requests with basic authentication from IDM and passing them on with JWT-token to zoom, since I stopped reading the connector reference upon “the authenticationMethod can be either OAUTH or BASIC” in 18.0, the token-method is only mentioned in 18.4.1.Wasn’t a complete waste of time, though, since IDM sends “Accept: application/json”, while zoom requires Accept: ‘*/*’ and sends an html-error-page otherwise.
Now I just need to slow down IDM to meet the rate-limiting of zoom. Endless fun.
Best regards
Patrick -
AuthorPosts
You must be logged in to reply to this topic.