While connecting a SCIM target system, SAP or non-SAP, you might face the situation that it might be easier or even necessary not to integrate using the SAP Cloud Identity Services Identity Provisioning Service (IPS) but rather aim for a direct connection.
This could happen due to several reasons. One for example could be, if there is no connector available in IPS for the desired target application. Another one could be, if the target system requires certain special headers, that IPS would not allow you to set.
Unfortunately the standard SCIM package of SAP Identity Management (IdM) is designed specifically for the IPS and does not allow you to connect any other SCIM target system easily.
SAP Professional Services has developed a Java SCIM connector, that is more generic and does not only allow you to connect SCIM target systems directly to IdM, but also supports the extensions of SAP Identity Management Business Extensions Service (former RDS, more information here).
Furthermore you can define additional headers and what information you want to retrieve from the return body of the SCIM API call. It also supports native basic and oAuth authentication flows including the support for X-CSRF tokens.
Utilising this connector allows you to connect any native SCIM application directly to SAP IdM.
I, for example, have used this connector package to connect a Service Now instance to an SAP IdM system.
If you want to know more about this service and how to deploy it, please get in contact with me directly or send an email to security.consulting@sap.com.
Be the first to comment