Overview
System for Cross-Domain Identity Management (SCIM) is an open standard protocol for automating the exchange of user identity information between identity domains and IT systems. SCIM ensures that employees added to the Human Capital Management (HCM) system automatically have accounts created in Azure Active Directory (Azure AD) or Windows Server Active Directory. User attributes and profiles are synchronised between the two systems, updating and removing users based on the user status or role change.
SCIM is a standardised definition of two endpoints: a /Users’ endpoint and a /Groups endpoint. It uses common REST verbs to create, update, and delete objects. It also uses a predefined schema for common attributes like group name, username, first name, last name, and email. Applications that offer a SCIM 2.0 REST API can reduce or eliminate the pain of working with proprietary user management APIs or products. For example, any SCIM-compliant client can make an HTTP POST of a JSON object to the /Users endpoint to create a new user entry. Instead of needing a slightly different API for the same basic actions, apps that conform to the SCIM standard can instantly take advantage of pre-existing clients, tools, and code.
Key Features & Functionality
Appian does not natively support SCIM, hence the custom application that this documentation refers to. The downloaded content contains two distinct Appian applications:
Hi Stewart Burchell,
Is it possible to get in touch with you ? we have the following error while trying to integrate Quest One Identity Manager 9.2
Expression evaluation error in rule 'scim_er_searchusers' at function a!forEach [line 27]: Error in a!forEach() expression during iteration 1: Expression evaluation error at function 'stripwith' parameter 1 [line 30]: Invalid index (2) for list: valid range is 1..1 (APNX-1-4198-000)
com.appiancorp.core.expr.exceptions.ExpressionRuntimeException$AppianExceptionProvider: Expression evaluation error in rule 'scim_er_searchgroups' at function a!forEach [line 34]: Error in a!forEach() expression during iteration 1: Expression evaluation error at function 'stripwith' parameter 1 [line 37]: Invalid index (2) for list: valid range is 1..1 (APNX-1-4198-000)
Thanks in advance
David L.
Hi, the downloaded package contains the installation guide and 2 applications, no plugin to be deployed.
I suggest to download the packages and follow the installation guide
Good morning,
I just tried to install the plugin in my Appian environment, which is version 24.3, and I get the error ‘Error deploying the plugin. scim-user-management-1.0.0.zip is not an Appian validated plug-in. Contact Appian Support to authorize the plug-in.’ Has anyone else had this problem?
Thanks
I encountered the same issue and think that there are some bugs in this application and some tricky bits with Okta itself.
First, I used Runscope/Blazemeter to run Okta's SCIM 2.0 test package, tweaking Appian until the first test passed - https://developer.okta.com/docs/guides/scim-provisioning-integration-test/main/
Then, set up Okta like this:
Okta then validated correctly. Still more work to go but the major issue I hit is the Appian app seems to be expecting query params purely as a string, but Appian WebAPIs send that information around as a dictionary so the parser needs work for any searching cases
How can we set this up from Okta. When our Okta team tries to validate the credentials, Okta throws error that "No results for users returned". Can someone share the steps on how to set this up in Okta?