Login/Register
Does Keycloak Support SCIM?
Asked Answered
keycloakscim
M

2

11

Has anyone used SCIM with Keycloak? If so, can you point me at documentation? I've google searched and it doesn't appear to be a supported configuration.

Magnetics answered 25/10, 2019 at 22:45 Comment(0)
E
11

I provided a library that integrates with keycloak. Its currently tested with keycloak 8.0.1 and 10.0.1. I provided a simple sample project that shows how to integrate it here:

https://github.com/Captain-P-Goldfish/scim-for-keycloak

EDIT:

For Keycloak 20 and above there is a new SCIM for Keycloak implementation available at https://scim-for-keycloak.de

filtering and sorting does also already work on this example but is done by api-internal features. It is pretty fast up to 5000 users but I haven't done any distress tests. So I do not know when it will become inperformant. If you provide more users you should implement filtering on database level

Excel answered 19/5, 2020 at 6:12 Comment(4)
since SCIM is an open standard API, and there is an implementation for it as you mentioned (github.com/Captain-P-Goldfish/scim-for-keycloak), can I use OKTA SCIM clients in our applications and configure KeyCloak SCIM instead? if they both are using something standard?Dereliction
If I understand you correctly you want to use OKTA to provision users and groups to keycloak? This should work using the scim-for-keycloak APIExcel
I need SCIM client to be used by KeyCloak to support user provisioning\ de-provisioning process, whenever I create user in KeyCloak, it can be synced with all third party appsDereliction
Keycloak does not reliably support such events. Events are only fired on removed resources but not reliably on created resources. And since keycloak is using JPA there is no reliable way in listening to update events on resources. So a client side implementation would be rather difficult based on the current keycloak implementationExcel
N
6

Unfortunately SCIM isn't supported by Keycloak yet. There's an open issue (feature request) on their Jira: https://issues.jboss.org/browse/KEYCLOAK-2537

I just noticed that someone has started to create an open source implementation for SCIM on Keycloak. Haven't tested it yet, but sure will do that soon.

Niobous answered 20/11, 2019 at 6:9 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.