Upload
cloudidsummit
View
263
Download
1
Tags:
Embed Size (px)
Citation preview
Speakers Vikas Jain Product Management Director, Salesforce
@vikasjaintweet
Pat Patterson Developer Evangelist Architect, Salesforce @metadaddy
Edward Sutter Director, Product Development Ping Identity
Benefits for Employee Use Cases
Security
Audit & Compliance
IT Productivity
User Termination
Who has access to what?
Automated account creation & update
Benefits for Customer and Partner Use Cases
User Onboarding
Keep User Info in Sync
Self Service
Provision user into multiple web properties
Update email change across all apps
Access request with Approvals
§ Simple Cloud Identity Management § http://www.simplecloud.info/§ SCIM 1.0 released in 2011
§ SCIM 1.1 released in 2012
§ IETF working on SCIM 2.0
§ System for Cross-domain Identity Management
SCIM Use Cases
§ Provision and de-provision user accounts § Update attributes on user accounts
§ Synchronize accounts across services
§ Manage group membership
SCIM Basics
§ Application-level, REST protocol § OAuth recommended for authentication/authorization
§ Create, modify, retrieve, discover users and groups
§ Common user schema
§ Extensible
SCIM Schema
§ Core schema – name, userName, emails etc
§ Enterprise extension – employeeNumber, department, manager etc
§ Custom extensions – e.g. urn:salesforce:schemas:extension:18CHARORGID
– Custom fields
SCIM Request – Retrieve a User
GET /services/scim/v1/Users/005E0000000HimUIAS HTTP/1.1Host: na1.salesforce.comAuthorization: Bearer ACCESS_TOKEN
SCIM Response - Core { "displayName": "Adam Seligman", "userName": "[email protected]", "id": "005E0000000HimUIAS", "emails": [ { "primary": true, "type": "work", "value": "[email protected]" } ], ...
SCIM Response - Enterprise
... "urn:scim:schemas:extension:enterprise:1.0": { "employeeNumber": "156189", "manager": { "displayName": "Pat Patterson", "managerId": "005E0000000HiFiIAK" }, "organization": "00DE0000000HegHMAS" }, ...
SCIM Response - Custom
... "urn:salesforce:schemas:extension:00DE0000000HegHMAS": { "Favorite_Color__c": "Green" }, ...
Use Case
§ We’ll hire a new employee – Vikas Jain – Create Salesforce account
§ Vikas gets a promotion, with more responsibility – Allow access to ERP system
§ After a long and successful career, Vikas retires – Deactivate all accounts
Q & A Vikas Jain Product Management Director, Salesforce
@vikasjaintweet
Pat Patterson Developer Evangelist Architect, Salesforce @metadaddy
Edward Sutter Director, Product Development Ping Identity