scim-docs/content/overview/identity-management.md

---
title: Identity Management
description : "What we speak about and in **which environment**. We must agree on some **different problematics** that exists to better understand why we use SCIM."
color : yellow
weight : 1
---

<picture>
    <source srcset="media/small/illus-basics.svg" media="(max-width: 768px)">
    <img src="media/illus-basics.svg" alt="Illustation of the basics of identity magagment">
</picture>


{{< grid >}}
{{< card icon="user" >}}
#### Authentication
Who is this user ?
{{< /card >}}

{{< card icon="lock" >}}
#### Authorization
Is this user allowed to access this resource ?
{{< /card >}}

{{< card icon="cloud" >}}
#### Storage
Where are user’s identity & credentials stored?
{{< /card >}}

{{< card icon="prov" >}}
#### Provisioning
How to manage & transfer user’s identity ?
{{< /card >}}
{{< /grid >}}
<img alt="illustration of losing data" src="media/illus-loose-data.svg" class="float-right w-60">

### Our environment
Our digital work environment is composed of **many applications** and web services. We want a **seamless user experience** for our free software based collaboration platform. With a **Single Sign-on (SSO)** system users get a unified login and logout experience but there is a catch.

### Our problem
Traditional SSO protocols like OpenID Connect do **not support syncing user profiles across applications.** That's means :
* **users are not created by default in all apps** (only after they have logged in at least once)
* **no mechanisms to propagate the deletion of users**
* So its **not GDPR compliant** (by default)

#### In essence
<mark>Current existing protocols are **difficult to implement or/and to use** or are **custom for specific use case** then **non-standardized**.</mark>
-												Initial commit

											
										
										
											2024-08-29 10:10:19 +00:00
+								---
 								title: Identity Management
-												global review

											
										
										
											2024-08-29 21:46:48 +00:00
+								description : "What we speak about and in **which environment**. We must agree on some **different problematics** that exists to better understand why we use SCIM."
-												Initial commit

											
										
										
											2024-08-29 10:10:19 +00:00
+								color : yellow
 								weight : 1
 								---
-												mobile-version

											
										
										
											2024-10-03 19:43:59 +00:00
 								<picture>
 								    <source srcset="media/small/illus-basics.svg" media="(max-width: 768px)">
 								    <img src="media/illus-basics.svg" alt="Illustation of the basics of identity magagment">
 								</picture>
-												Initial commit

											
										
										
											2024-08-29 10:10:19 +00:00
+								{{< grid >}}
-												global review

											
										
										
											2024-08-29 21:46:48 +00:00
+								{{< card icon="user" >}}
-												Initial commit

											
										
										
											2024-08-29 10:10:19 +00:00
+								#### Authentication
 								Who is this user ?
 								{{< /card >}}
-												global review

											
										
										
											2024-08-29 21:46:48 +00:00
+								{{< card icon="lock" >}}
-												Initial commit

											
										
										
											2024-08-29 10:10:19 +00:00
+								#### Authorization
 								Is this user allowed to access this resource ?
 								{{< /card >}}
-												global review

											
										
										
											2024-08-29 21:46:48 +00:00
+								{{< card icon="cloud" >}}
-												Initial commit

											
										
										
											2024-08-29 10:10:19 +00:00
+								#### Storage
 								Where are user’s identity & credentials stored?
 								{{< /card >}}
-												global review

											
										
										
											2024-08-29 21:46:48 +00:00
+								{{< card icon="prov" >}}
-												Initial commit

											
										
										
											2024-08-29 10:10:19 +00:00
+								#### Provisioning
 								How to manage & transfer user’s identity ?
 								{{< /card >}}
 								{{< /grid >}}
-												mobile-version

											
										
										
											2024-10-03 19:43:59 +00:00
+								<img alt="illustration of losing data" src="media/illus-loose-data.svg" class="float-right w-60">
-												Initial commit

											
										
										
											2024-08-29 10:10:19 +00:00
 								### Our environment
 								Our digital work environment is composed of **many applications** and web services. We want a **seamless user experience** for our free software based collaboration platform. With a **Single Sign-on (SSO)** system users get a unified login and logout experience but there is a catch.
 								### Our problem
 								Traditional SSO protocols like OpenID Connect do **not support syncing user profiles across applications.** That's means :
 								* **users are not created by default in all apps** (only after they have logged in at least once)
 								* **no mechanisms to propagate the deletion of users**
 								* So its **not GDPR compliant** (by default)
 								#### In essence
-												global review

											
										
										
											2024-08-29 21:46:48 +00:00
+								<mark>Current existing protocols are **difficult to implement or/and to use** or are **custom for specific use case** then **non-standardized**.</mark>