Minutes for SCIM at interim-2013-scim-2
minutes-interim-2013-scim-2-1
|
| Meeting Minutes |
|
System for Cross-domain Identity Management
(scim) WG
|
| Title |
|
Minutes for SCIM at interim-2013-scim-2 |
| State |
|
Active |
| Other versions |
|
plain text
|
| Last updated |
|
2013-09-09 |
Meeting Minutes
minutes-interim-2013-scim-2
SCIM Working Group Meeting: 13-09-04
Minutes: Mark Diodati
In attendance:
*
Anthony Nadalin
*
Barry Leiba
*
Bjorn Aannestad
*
Erik Wahlstršm
*
Kelly Grizzle
*
Leif Johansson (chair)
*
Mark Diodati
*
Mortezza Ansari (briefly)
*
Phil Hunt
*
Sal D'Agostino
Notes:
Issue #2
Add pagination capability for plural resource attributes. GET on group
resource could return many user references, which is resource intensive.
Phil Hunt--ostensibly provides performance enhancements.
Mark Diodati--Enforced pagination makes common provisioning queries more
challengin. Must have two loops. One inward loop for groups references,
then an outward loop for users.
Kelly/Phil--provide an ability to return the number of attributes so
that the client can be smarter?
Phil--return only the groups that the user belongs to?
Kelly--maybe modify schema to limit which attributes are returned in a
rest call?
Decision: issue will not be addressed, but Kelly will provide
documentation/guidance on expected behavior of consumer and service
provider.
Issue #9
Ability to mark attributes as unique in ServiceProviderConfig.
Kelly--not a strong use case for this issue.
Bjorn--not much of an advantage in implementing fix.
Leif--No real consensus fixing or not.
Decision: postpone discussion.
Issue 10
Ability to mark attributes as "sensitive" in ServiceProviderConfig.
Erik--questions reason to add feature.
Kelly--password attribute is write-only. Maybe requestor wants the
ability to set for other attributes?
Leif--worry that anything we do with respect to issue will be
under-specified.
Kelly--alternate proposal is to have write-only attributes.
Decision: Phil will create two separate issues. 1 - ability to specify
write-only attributes. 2 - Return specific attributes only upon request.
Issue 13
Add a "required" flag in configuration to support etags.
Erik--example: match with an etag. One server can support different clients.
Kelly--add subattribute to etags attribute in ServiceProviderConfig to
specify whether server requires etags?
Decision: Erik will provide additional information on how etags should
be addressed.
Issue 24
Add the negation operator to the Filtering Section.
Kelly--Perhaps look at the OpenSearch protocol for inspiration?
Decision: Bjorn to take a stab at proposed language for the spec.