System for Cross-domain Identity Management
Enterprise customers expect SCIM for automatic user lifecycle management from their IdP (Okta, Entra ID). Required for enterprise SaaS SSO packages.
What It Defines
SCIM defines a standard REST+JSON API for user provisioning/deprovisioning across SaaS applications. Supports User and Group resources with CRUD and filtering.
Canonical (Normative)
Convenient (Practical)
The canonical publication point for finalized RFCs. If a protocol is standardized as an RFC, the RFC Editor text is the normative final reference. Published by the IETF, IRTF, IAB, and independent stream.
Related Specs
Sign-in with Google/Apple/GitHub all use OIDC. If your app authenticates users via a third party, you're using OIDC whether you know it or not.
The foundation of modern app auth: third-party login, API authorization, SSO, and machine-to-machine access all use OAuth 2.0.