RFC Errata
RFC 7643, "System for Cross-domain Identity Management: Core Schema", September 2015
Source of RFC: scim (sec)
Errata ID: 6011
Status: Reported
Type: Technical
Publication Format(s) : TEXT
Reported By: Shelley Baker
Date Reported: 2020-03-09
Section 8.7.1 says:
{
"name" : "members",
"type" : "complex",
"multiValued" : true,
"description" : "A list of members of the Group.",
"required" : false,
"subAttributes" : [
{
"name" : "value",
"type" : "string",
"multiValued" : false,
"description" : "Identifier of the member of this Group.",
"required" : false,
"caseExact" : false,
"mutability" : "immutable",
"returned" : "default",
"uniqueness" : "none"
},
{
"name" : "$ref",
"type" : "reference",
"referenceTypes" : [
"User",
"Group"
],
"multiValued" : false,
"description" : "The URI corresponding to a SCIM resource
that is a member of this Group.",
"required" : false,
"caseExact" : false,
"mutability" : "immutable",
"returned" : "default",
"uniqueness" : "none"
},
{
"name" : "type",
"type" : "string",
"multiValued" : false,
"description" : "A label indicating the type of resource,
e.g., 'User' or 'Group'.",
"required" : false,
"caseExact" : false,
"canonicalValues" : [
"User",
"Group"
],
"mutability" : "immutable",
"returned" : "default",
"uniqueness" : "none"
}
],
"mutability" : "readWrite",
"returned" : "default"
}
It should say:
{
"name" : "members",
"type" : "complex",
"multiValued" : true,
"description" : "A list of members of the Group.",
"required" : false,
"subAttributes" : [
{
"name" : "value",
"type" : "string",
"multiValued" : false,
"description" : "Identifier of the member of this Group.",
"required" : false,
"caseExact" : false,
"mutability" : "immutable",
"returned" : "default",
"uniqueness" : "none"
},
{
"name" : "$ref",
"type" : "reference",
"referenceTypes" : [
"User",
"Group"
],
"multiValued" : false,
"description" : "The URI corresponding to a SCIM resource
that is a member of this Group.",
"required" : false,
"caseExact" : false,
"mutability" : "immutable",
"returned" : "default",
"uniqueness" : "none"
},
{
"name" : "type",
"type" : "string",
"multiValued" : false,
"description" : "A label indicating the type of resource,
e.g., 'User' or 'Group'.",
"required" : false,
"caseExact" : false,
"canonicalValues" : [
"User",
"Group"
],
"mutability" : "immutable",
"returned" : "default",
"uniqueness" : "none"
},
{
"name": "display",
"type": "string",
"multiValued": false,
"description": "A human-readable name for the group member, primarily used for display purposes.",
"required": false,
"caseExact": false,
"mutability": "readOnly",
"returned": "default",
"uniqueness": "none"
}
],
"mutability" : "readWrite",
"returned" : "default"
}
Notes:
The group "members" attribute should define a "display" sub-attribute.
* Section 2.4 defines a standard multi-valued read-only attribute of "display".
* The Group Representation example in Section 8.4 also includes the "members.display" sub-attribute.
* This discussion in the SCIM mailing list [1] also indicates that this should be fixed.
[1] https://mailarchive.ietf.org/arch/msg/scim/EH99Gxn-hDluihMNtWLIekuFCs8/