RFC Errata
RFC 7644, "System for Cross-domain Identity Management: Protocol", September 2015
Source of RFC: scim (sec)
Errata ID: 7122
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Egil Hansen
Date Reported: 2022-09-08
Held for Document Update by: Murray Kucherawy
Date Held: 2022-09-12
Section 3.5.2 says:
The "path" attribute is described by the following ABNF syntax rule: PATH = attrPath / valuePath [subAttr] Figure 7: SCIM PATCH PATH Rule The ABNF rules "attrPath", "valuePath", and "subAttr" are defined in Section 3.4.2.2. The "valuePath" rule allows specific values of a complex multi-valued attribute to be selected.
It should say:
The "path" attribute is described by the following ABNF syntax rule: PATH = attrPath / valuePath [subAttr] / attrExp Figure 7: SCIM PATCH PATH Rule The ABNF rules "attrPath", "valuePath", "subAttr", and "attrExp" are defined in Section 3.4.2.2. The "valuePath" rule allows specific values of a complex multi-valued attribute to be selected.
Notes:
In section 3.5.2.2. (Remove Operation), states:
"If the target location is a multi-valued attribute and a complex
filter is specified comparing a "value", the values matched by the
filter are removed. If no other values remain after removal of
the selected values, the multi-valued attribute SHALL be
considered unassigned."
This means it should be possible to create a filter that selects a value from a multi-valued attribute that is not complex. Writing such a filter seems impossible without having "attrExp" as a possible legal PATH.
In section 3.4.2.2. (Filtering) there is an example that shows how such a filter could look for a multi-valued attribute, i.e.:
filter=
schemas eq "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
This would also work for a path filter, e.g.:
{
"schemas": ["urn:ietf:params:scim:api:messages:2.0:PatchOp"],
"Operations":[{
"op":"remove",
"path":"schemas eq \"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User\""
}]
}
[AD Note: The document reflects consensus of the working group at the time of publication, but on review it is believed that any future update work in this space should consider this erratum.]