Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

OneWelcome Identity Platform
- Explore Thales Docs

IDAAS core
User journey orchestration
Consent and preference management
Delegated user management
- Getting started
- Roles
- Rules
- User management
- Self service page
- Data
- APIs
- Apps
- Jobs
- Reports
Externalized authorization
Identity broker
Mobile identity
Mobile SDK
API references
Release notes and FAQ
Integrations

All

All

SCIM API

SCIM schemas

IDAAS core
Tenants and brands
Identity store and data model
SCIM API
- SCIM schemas
- SCIM user management
- SCIM user attributes
- SCIM API versions
Credential store
- Email address management
- Password management
- Password migration
Tokens
- Access tokens
- ID tokens
- Refresh tokens
- Access token API
- Token introspection API
Authentication
- Client authentication methods
- Step-up authentication
- Custom authenticators
- Authentication FAQ
Custom registration
- Custom registration examples
- QR registration example
- Stateless custom registration
- Custom registration API v1
- Custom registration v2
- Back-channel communication API
OAuth 2.0 and OpenID Connect
- OAuth 2.0 and OpenID Connect API
- Proof Key for Code Exchange
- Dynamic client registration API
- OAuth client authentication methods
- Device flow
- OAuth OIDC error handling
- OAuth 2.0 and OpenID Connect setup
- OpenID Connect
- OpenID Connect authentication
- OpenID Connect scopes and claims
- User claims and attributes
- OpenID provider configuration
- ID token encryption
- iFrame session monitoring
  - Relying party iFrame
  - End session API
  - Session management APIs
- Relying party examples
- OAuth endpoints
- Discovery API
- JSON Web Key Set API
- User information API
- OAuth configuration
- OAuth consent API
Web clients
- Web clients API
- Migration of web clients with hashed secrets
- Resource owner password credentials
Web hooks
- Web hooks configuration API
API rules
Notification API
Event store
- Audit events
- Audit log
- Events API
- Excluded events
- Security events
Securing resources
User session API
User management
Uniquely identify guests
Email overview

Was this document helpful? Yes No

Feedback Sent!

If you like, you can provide additional feedback.

OneWelcome Identity Platform
IDAAS core
SCIM API
SCIM schemas

SCIM schemas

The OneWelcome Identity Platform includes SCIM schemas that define the attributes for your user resources:

The SCIM core schema defines the attributes for representing user resources.
The OneWelcome Identity Platform schema extensions extend the SCIM core schema and define additional attributes for user resources.

Custom schema extension

In addition to the SCIM core schema and the OneWelcome schema extension, you can create a custom schema extension that defines additional attributes for your user resources. The OneWelcome Identity Platform attribute metadata applies to any custom attributes that you add.

You can use your custom attributes as identifiers for users. For example, you might add attributes like customerNumber, subscriptionNumber, or licensePlate.

Your custom schema extension applies to all users in all tenants. The user operations (POST, PUT, PATCH, and GET) support the schema extension in compliance with the SCIM schema extension model. Validations are applied on the attribute or sub-attribute type.

When you create a custom schema, name the extension using your organization name, such as MyCompanyUserExtension.

You must create the custom schema extension before your instance of the OneWelcome Identity Platform goes into production. Changes to the schema that occur after users are created can cause user data to exist in the database that doesn't comply with the updated custom schema.

For details about the SCIM schema extension model, see SCIM: Core Schema 1.1 - Schema Extension Model section.

Schema structure

When creating a custom extension schema, follow the SCIM schema structure.

Both XML and JSON formats are defined. Resource and attribute names must conform to XML naming rules, which means that SCIM names must be valid XML names and should be camel-cased. When marshalling or extending SCIM resources in XML, use the normative SCIM XML schema (.xsd). SCIM resources represented in a schema-less format, such as JSON, must specify the schema with the schemas attribute.

Custom attributes

Follow these guidelines when defining custom attributes:

Attribute names cannot contain colons (:).
Sub-attributes can only be singular. Multi-valued sub-attributes are not supported.
Custom attributes can be simple or complex (having sub-attributes).
Custom attributes can be singular or multi-valued.
Custom attributes and sub-attributes can have any of the attribute types.

On this page

OneWelcome Identity Platform

© Copyright 2019-2024, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Customer Release Notes
- Support Contacts
Legal
- End User License Agreement
- Terms of Service

© Copyright 2019-2024, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com