RFC Errata
RFC 7643, "System for Cross-domain Identity Management: Core Schema", September 2015
Note: This RFC has been updated by RFC 9865
Source of RFC: scim (sec)See Also: RFC 7643 w/ inline errata
Errata ID: 8475
Status: Verified
Type: Technical
Publication Format(s) : TEXT
Reported By: Matthias Winter
Date Reported: 2025-06-20
Verifier Name: Deb Cooley
Date Verified: 2025-10-28
Section 6 says:
Section 6. ResourceType Schema
name
The resource type name. When applicable, service providers MUST
specify the name, e.g., "User" or "Group". This name is
referenced by the "meta.resourceType" attribute in all resources.
REQUIRED.
...
endpoint
The resource type's HTTP-addressable endpoint relative to the Base
URL of the service provider, e.g., "Users". REQUIRED.
---
Section 8.7.2. Service Provider Schema Representation
{
"id" : "urn:ietf:params:scim:schemas:core:2.0:ResourceType",
"name" : "ResourceType",
"description" : "Specifies the schema that describes a SCIM
resource type",
"attributes" : [
...
{
"name" : "name",
"type" : "string",
"multiValued" : false,
"description" : "The resource type name. When applicable,
service providers MUST specify the name, e.g., 'User'.",
"required" : true,
"caseExact" : false,
"mutability" : "readOnly",
"returned" : "default",
"uniqueness" : "none"
},
...
{
"name" : "endpoint",
"type" : "reference",
"referenceTypes" : ["uri"],
"multiValued" : false,
"description" : "The resource type's HTTP-addressable
endpoint relative to the Base URL, e.g., '/Users'.",
"required" : true,
"caseExact" : false,
"mutability" : "readOnly",
"returned" : "default",
"uniqueness" : "none"
},
It should say:
Section 6. ResourceType Schema
name
The resource type name. When applicable, service providers MUST
specify the name, e.g., "User" or "Group". This name is
referenced by the "meta.resourceType" attribute in all resources.
This attribute has a "uniqueness" of "server" and is case-exact.
REQUIRED
...
endpoint
The resource type's HTTP-addressable endpoint relative to the Base
URL of the service provider, e.g., "Users". This attribute has a
"uniqueness" of "server" and is case-exact. REQUIRED
---
Section 8.7.2. Service Provider Schema Representation
{
"id" : "urn:ietf:params:scim:schemas:core:2.0:ResourceType",
"name" : "ResourceType",
"description" : "Specifies the schema that describes a SCIM
resource type",
"attributes" : [
{
"name" : "name",
"type" : "string",
"multiValued" : false,
"description" : "The resource type name. Service providers MUST
specify the name, e.g., "User" or "Group".",
"required" : true,
"caseExact" : true,
"mutability" : "readOnly",
"returned" : "default",
"uniqueness" : "server"
},
...
{
"name" : "endpoint",
"type" : "reference",
"referenceTypes" : ["uri"],
"multiValued" : false,
"description" : "The resource type's HTTP-addressable
endpoint relative to the Base URL, e.g., '/Users'.",
"required" : true,
"caseExact" : true,
"mutability" : "readOnly",
"returned" : "default",
"uniqueness" : "server"
},
Notes:
The attributes "name" and "endpoint" in the ResourceType schema must have a "uniqueness" of "server" and be case-exact.
Case-exact:
The attributes "name" and "endpoint" are both used in references (e.g. "{base-url}/ResourceTypes/{name}" and "{base-url}/{endpoint}/{id}"). References are defined as case-exact in section 2.3.7. Therefore, both attributes must also be case-exact.
This should also be reflected in section 8.7.2
Uniqueness:
For the uniqueness of "name" see Errata ID: 8362.
For "endpoint" the change makes it explicit that each endpoint should provide exactly one type of resource. I do not see any point in RFC 7644 or RFC 7643 that currently forbids using the same endpoint for several resource types, but this would not work when creating resources. Clients cannot specify which resource type they want to create; they can only specify the endpoint and schema.
This should also be reflected in section 8.7.2 (see Errata ID: 8366)