SCIM (System for Cross-domain Identity Management) is a widely-adopted standard protocol for automating the exchange of user identity information between identity domains, or IT systems.
The ballerinax/scim package offers APIs to connect with SCIM 2.0 compliant identity providers and services.
-
On the Asgardeo Console, click Applications.
-
Click New Application and select M2M Application.
-
In the Name field, enter a unique name to identify your application.
-
Click Register to complete the registration.
You can authorize your M2M application to access APIs and their scopes(permissions) from API Authorization tab of the application, as shown below.
When you register your M2M application, a client ID and client secret are generated. Your M2M application will identify itself to Asgardeo with these credentials.
You can get this client ID and client secret from the Protocol tab of the application, as shown below.
To use the scim connector in your Ballerina application, modify the .bal file as follows:
Import the scim module.
import ballerinax/scim;Create a scim:ConnectionConfig with the obtained OAuth2.0 credentials and initialize the connector with it.
configurable string orgName = ?;
configurable string clientId = ?;
configurable string clientSecret = ?;
scim:Client scim = check new (serviceUrl = string `https://api.asgardeo.io/t/${orgName}/scim2`,
config = {
auth: {
tokenUrl: string `https://api.asgardeo.io/t/${orgName}/oauth2/token`,
clientId: clientId,
clientSecret: clientSecret,
scopes: ["internal_user_mgt_list", "internal_group_mgt_view"]
}
}
);Now, utilize the available connector operations.
scim:UserObjectListResponseObject userList = check scim->/Users();The scim connector provides practical examples illustrating usage in various scenarios. Explore these examples, covering the following use cases:
- Asgardeo Integration – Demonstrates how to provision and manage users in Asgardeo using the SCIM connector. This example shows how to securely connect to Asgardeo SCIM API, create new users, and synchronize identity data between systems.
-
Download and install Java SE Development Kit (JDK) version 21. You can download it from either of the following sources:
Note: After installation, remember to set the
JAVA_HOMEenvironment variable to the directory where JDK was installed. -
Download and install Ballerina Swan Lake.
-
Download and install Docker.
Note: Ensure that the Docker daemon is running before executing any tests.
-
Export Github Personal access token with read package permissions as follows,
export packageUser=<Username> export packagePAT=<Personal access token>
Execute the commands below to build from the source.
-
To build the package:
./gradlew clean build
-
To run the tests:
./gradlew clean test -
To build the without the tests:
./gradlew clean build -x test -
To run tests against different environments:
./gradlew clean test -Pgroups=<Comma separated groups/test cases>
-
To debug the package with a remote debugger:
./gradlew clean build -Pdebug=<port>
-
To debug with the Ballerina language:
./gradlew clean build -PbalJavaDebug=<port>
-
Publish the generated artifacts to the local Ballerina Central repository:
./gradlew clean build -PpublishToLocalCentral=true
-
Publish the generated artifacts to the Ballerina Central repository:
./gradlew clean build -PpublishToCentral=true
As an open-source project, Ballerina welcomes contributions from the community.
For more information, go to the contribution guidelines.
All the contributors are encouraged to read the Ballerina Code of Conduct.
- For more information go to the
scimpackage. - For example demonstrations of the usage, go to Ballerina By Examples.
- Chat live with us via our Discord server.
- Post all technical questions on Stack Overflow with the #ballerina tag.