Minutes for SCIM at interim-2013-scim-2

Meeting Minutes System for Cross-domain Identity Management (scim) WG
Title Minutes for SCIM at interim-2013-scim-2
State Active
Other versions plain text
Last updated 2013-09-09

Meeting Minutes

   SCIM Working Group Meeting: 13-09-04

Minutes: Mark Diodati

In attendance:


Anthony Nadalin


Barry Leiba


Bjorn Aannestad


Erik Wahlstršm


Kelly Grizzle


Leif Johansson (chair)


Mark Diodati


Mortezza Ansari (briefly)


Phil Hunt


Sal D'Agostino


Issue #2

Add pagination capability for plural resource attributes. GET on group
resource could return many user references, which is resource intensive.

Phil Hunt--ostensibly provides performance enhancements.

Mark Diodati--Enforced pagination makes common provisioning queries more
challengin. Must have two loops. One inward loop for groups references,
then an outward loop for users.

Kelly/Phil--provide an ability to return the number of attributes so
that the client can be smarter?

Phil--return only the groups that the user belongs to?

Kelly--maybe modify schema to limit which attributes are returned in a
rest call?

Decision: issue will not be addressed, but Kelly will provide
documentation/guidance on expected behavior of consumer and service

Issue #9

Ability to mark attributes as unique in ServiceProviderConfig.

Kelly--not a strong use case for this issue.

Bjorn--not much of an advantage in implementing fix.

Leif--No real consensus fixing or not.

Decision: postpone discussion.

Issue 10

Ability to mark attributes as "sensitive" in ServiceProviderConfig.

Erik--questions reason to add feature.

Kelly--password attribute is write-only. Maybe requestor wants the
ability to set for other attributes?

Leif--worry that anything we do with respect to issue will be

Kelly--alternate proposal is to have write-only attributes.

Decision: Phil will create two separate issues. 1 - ability to specify
write-only attributes. 2 - Return specific attributes only upon request.

Issue 13

Add a "required" flag in configuration to support etags.

Erik--example: match with an etag. One server can support different clients.

Kelly--add subattribute to etags attribute in ServiceProviderConfig to
specify whether server requires etags?

Decision: Erik will provide additional information on how etags should
be addressed.

Issue 24

Add the negation operator to the Filtering Section.

Kelly--Perhaps look at the OpenSearch protocol for inspiration?

Decision: Bjorn to take a stab at proposed language for the spec.