Tuebora SCIM Creang the Foundaon to Unify IAM Tuebora SCIM Data Sheet 01 Overview A single overarching view of an organizaon’s IAM posture is oſten the dream of IAM professionals. This allows for the applicaon of metrics across the organizaon for identy and access, making audits easier and providing a clear view of the identy and access lifecycle. As they grow, most organizaons add identy and access controls slowly and in a piecemeal manner. Usually, the first addion is either password management or single sign-on. Over me, the organizaon will add IAM governance and cerficaon. Later, the company will add IT service management (ITSM) soſtware to support the organizaon’s access policies, processes, and procedures. These acons are taken to design, deliver, operate, and control informaon technology (IT) services offered to its customers. The challenge is that many of these applicaons don’t have adequate API libraries and are not compliant with the SCIM standard. SCIM is an open standard for automang the exchange of user identy informaon between identy domains or IT systems. Tuebora supports companies that have a heterogeneous environment of best-of-breed products with its SCIM Connector Design tool. Meet Tuebora SCIM Tuebora’s System for Cross-Domain Identy Management (SCIM) is a GUI-based stand-alone connector design tool that generates SCIM compliant connectors for non-SCIM applicaons. As a company hires and fires employees, they are added and removed from the company's employee directory. SCIM could be used to automacally add/delete, (or provision/de-provision), accounts for those users in external systems such as Google Apps for Work, Office 365, or Salesforce.com. SCIM can be used to share informaon about user aributes, aribute schema, and group membership. Aributes can range from user contact informaon to Acve Directory group membership. Group membership or other aribute values are generally used to manage user permissions. Aribute values and group assignments can change, adding to the challenge of maintaining the relevant data across mulple identy domains. 1 2 4 3 SCIM Ready Applicaon Connecon Method Selecon Data Type Selecon Verify Connector Design Specify Data Collector Operaons 4 Steps to a “SCIM Ready” Applicaon SCIM Server SCIM or Nave Calls to SCIM Compliant & Non-Compliant Applicaons Legacy IAM Applicaons Business Applicaons Identy Applicaons (AD, HR etc,) Script /Java and Method Calls SCIM Requests Rest API Calls Figure 2 - Tuebora's SCIM Applicaon and Server Figure 1 - Using Tuebora SCIM to Create a SCIM-Ready Applicaon