RFC Errata
RFC 7643, "System for Cross-domain Identity Management: Core Schema", September 2015
Note: This RFC has been updated by RFC 9865
Source of RFC: scim (sec)
Errata ID: 8366
Status: Held for Document Update
Type: Technical
Publication Format(s) : TEXT
Reported By: Matthias Winter
Date Reported: 2025-04-01
Held for Document Update by: Deb Cooley
Date Held: 2025-10-28
Section 8.7.2 says:
{
"name" : "endpoint",
"type" : "reference",
"referenceTypes" : ["uri"],
"multiValued" : false,
"description" : "The resource type's HTTP-addressable
endpoint relative to the Base URL, e.g., '/Users'.",
"required" : true,
"caseExact" : false,
"mutability" : "readOnly",
"returned" : "default",
"uniqueness" : "none"
},
It should say:
{
"name" : "endpoint",
"type" : "reference",
"referenceTypes" : ["uri"],
"multiValued" : false,
"description" : "The resource type's HTTP-addressable
endpoint relative to the Base URL, e.g., '/Users'.",
"required" : true,
"caseExact" : false,
"mutability" : "readOnly",
"returned" : "default",
"uniqueness" : "server"
},
Notes:
For "endpoint" the property "uniqueness" should be "server" instead of "none".
I believe endpoints are thought to be unique within a server, i.e. each endpoint should offer exactly one type of resources. Though I don't see any point in RFC7644 or RFC7643 that currently forbids using the same endpoint for several resource types, it would make processing much harder for clients. Also, clients cannot specify which resource type they want to create. They can only specify endpoint and schema.