SCIM 2.0 Compliance Test Suite

What is SCIM ?

The System for Cross-domain Identity Management (SCIM) specification is designed to make managing user identities in cloud-based applications and services easier. The specification suite seeks to build upon experience with existing schemas and deployments, placing specific emphasis on simplicity of development and integration, while applying existing authentication, authorization, and privacy models. Its intent is to reduce the cost and complexity of user management operations by providing a common user schema and extension model, as well as binding documents to provide patterns for exchanging this schema using standard protocols. In essence: make it fast, cheap, and easy to move users in to, out of, and around the cloud.

SCIM 2.0 Compliance Test Suite

This project is on implementing the SCIM 2.0 compliance test suite which can be run on both the cloud and on premise. In the test suite, it is intended to validate the supportability of a provided service provider, in terms of the SCIM 2.0 core specification and protocol specification.

The test suite generates a detailed analysis view and comprehensive report upon providing the server’s SCIM endpoint. The report includes the test results indicating the coverage percentage of each specification and a detailed view of the results of each test including requests sent by the test suite, expected response and the server response along with the indication whether a particular test is passed or not.

How to Run On Premise

1. Build the test suite

mvn clean install

2. Install java certificate as explained by here.

3. Deploy the scimproxycompliance.war and run it.

4. Navigate to SCIM 2.0 Compliance Test.

5. Enter your SCIM base URL (eg: https://localhost:8080/scim2/) and add the authentication with basic auth under settings menu.

6. Click Go.

Test Coverage

The current implememtation tests the following aspects of the SCIM 2.0 implementation of service provider.

/Users Endpoint

• Create
• Get
• Delete
• List
• Pagination
• Update with PUT
• Sorting
• Filtering
• Update with PATCH

/Groups Endpoint

• Create
• Get
• Delete
• List
• Filtering
• Pagination
• Sorting
• Update with PUT
• Update with PATCH

/Me Endpoint

• Create
• Get
• Delete
• Update with PUT
• Update with PATCH

EnterpriseUser

• Create
• Get
• Delete
• List
• Pagination
• Update with PUT
• Sorting
• Filtering
• Update with PATCH

/ServiceProviderConfig Endpoint

• Get

/ResourceType Endpoint

• Get

/Schemas Endpoint

• Get

/Bulk Endpoint

• Create

Value Adding Features

Test Report as PDF - A PDF test report will be generated by the end of test suite which includes the test results indicating the coverage percentage of each specification and a detailed view of the results of each test including requests sent by the test suite, expected response and the server response along with the indication whether a particular test is passed or not.

Add Custom Test Cases - The suite is developed with scalability in mind. Developers are welcome to add custom tests cases and improve the test suite.

How to Add Custom Tests Cases

1. Navigate to the class which you want to add the test case (eg: UserTest class for /Users endpoint related test cases).

2. Add your test case as a seperate method.

3. Add @TestCase annotation to your method.

@TestCase
public void customTestCase() {
  .....
}

4. Rebuild the project and run.

This project is an ongoing project and we value your contributions. We are open for PRs. For any clarifications, reach us through [email protected]