A SCIM client Python library built upon scim2-models and httpx, that pythonically build requests and parse responses, following the RFC7643 and RFC7644 specifications.
It aims to be used in SCIM client applications, or in unit tests for SCIM server applications.
SCIM stands for System for Cross-domain Identity Management, and it is a provisioning protocol. Provisioning is the action of managing a set of resources across different services, usually users and groups. SCIM is often used between Identity Providers and applications in completion of standards like OAuth2 and OpenID Connect. It allows users and groups creations, modifications and deletions to be synchronized between applications.
pip install scim2-client
Check the tutorial and the reference for more details.
Here is an example of usage:
import datetime
from httpx import Client
from scim2_models import User, EnterpriseUser, Group, Error
from scim2_client import SCIMClient
client = Client(base_url=f"https://auth.example/scim/v2", headers={"Authorization": "Bearer foobar"})
scim = SCIMClient(client, resource_types=(User[EnterpriseUser], Group))
# Query resources
user = scim.query(User[EnterpriseUser], "2819c223-7f76-453a-919d-413861904646")
assert user.user_name == "[email protected]"
assert user.meta.last_updated == datetime.datetime(
2024, 4, 13, 12, 0, 0, tzinfo=datetime.timezone.utc
)
# Update resources
user.display_name = "Babs Jensen"
user = scim.replace(user)
assert user.display_name == "Babs Jensen"
assert user.meta.last_updated == datetime.datetime(
2024, 4, 13, 12, 0, 30, tzinfo=datetime.timezone.utc
)
# Create resources
payload = User(user_name="[email protected]")
response = scim.create(user)
assert isinstance(response, Error)
assert response.detail == "One or more of the attribute values are already in use or are reserved."
scim2-client belongs in a collection of SCIM tools developed by Yaal Coop, with scim2-models, scim2-tester and scim2-cli