Important Update Effective February 1, 2024!
Due to recent changes in Jira and Confluence, we've made the tough decision to discontinue the OpenID Connect (OIDC)/OAuth app and no longer provide new versions for the newest Jira/Confluence releases as of January 31, 2024.
This is due to some necessary components no longer shipping with Jira/Confluence, which would require some extensive rewrites of the OIDC App.
Important Update! This app will be discontinued soon!
Due to recent changes in Jira, which no longer ships with some components required for our Read Receipts app to run, we've made the tough decision to discontinue the app, as of Februar 5, 2025.
Important Update! This app will be discontinued soon!
We've made the tough business decision to discontinue the app, as of January 11, 2025.
SCIM 2.0 Connector
What is SCIM?
SCIM stands for System-Cross Domain Identity Management and was developed to simplify user management in dynamic and rapidly changing infrastructures. The protocol, published under Internet Engineering Task Force (IETF), provides a standardized schema for users and groups, as well as RESTful APIs that enable CRUD (Create, Read, Update & Delete) operations on SCIM resources.
Our plugin (User Sync) supports the current standard, SCIM 2.0, which was released as IETF RFC in 2015.
How SCIM 2.0 works
SCIM is an HTTP-based protocol that works according to the client-server principle, in which JSON payloads are exchanged. The SCIM client is the identity provider (IDP), which assumes the role of the single point of truth (SPOT) for the identities in an organization. From the IDP, the information is further provisioned to the service providers (SP).
With IdP's (such as Oracle, Okta or Azure AD), a SCIM client connects to the user directory and checks it for changes. The changes are then forwarded to the target directories or to the SCIM endpoints of a service provider if users have been added, changed or removed.
On the service provider side, the IDP acts as a SCIM server that receives user management requests and then modifies the target directory as needed.
SCIM Endpoints
Several endpoints are defined in the SCIM RFC. Our SCIM Connectors supports natively the /User and /Groups endpoint.
| Endpoint | Description |
|---|---|
| /Users | Perform CRUD operations on a user object. |
| /Group | Perform CRUD operations on a group object. |
Authentication
Our SCIM 2.0 Connectors supports
- OAuth 2.0 bearer Token
- Basic Authentication (only recommend for test / develop instances)
Differences between our current User Sync Connectors & SCIM Connectors
- no 'Sync' button
SCIM 2.0 will automate the provisioning/de-provisioning process while also having a single system to manage permissions and groups. Since data is transferred automatically between a client (usually an identity provider (IDP)) and an SP server (service provider (SP)) there is no need to start a sync process.
Please note that:
- If you are also using our SAML Single Sign On app, the User Update Method needs to be set to
No User Update, since updating the user upon login would not be possible anymore with SCIM.