We are writing a SCIM provider for an application and it works fine with Azure AD. The code has been implemented using Microsoft.SystemForCrossDomainIdentityManagement.
We are trying to support oneLogin and the create works fine, but when tested the update functionality it failed because the Id is only on the request and not in the body.
public class MyProvider : ProviderBase, IProvider
{
public override Task<Resource> ReplaceAsync(Resource resource, string correlationIdentifier)
{
switch (resource)
{
case Core2User user:
var existingUser = GetUser(applicationId, user.Identifier);
}
}
}
Therefore, the method doesn't have any idea about the ID and it fails because user.Identifier is null.
I tried to add the id in the schima following the documentation in their website but the id is actually their id and not the one that we are passing them.
{"schemas":["urn:ietf:params:scim:schemas:core:2.0:User"],
"active": "{$user.status}",
"emails": {
"value": "{$user.email}",
"type": "work",
"primary": true
},
"userName":"{$parameters.scimusername}",
"id": "{$user.id}",
"name": {
"givenName": "{$user.firstname}",
"familyName": "{$user.lastname}",
"formatted": "{$user.display_name}"
}
}
How to solve this?
Apparently the only way is to check the request if the body was empty.
string id = resource.Identifier ?? HttpContext.Current.Request.Path.Substring(HttpContext.Current.Request.Path.LastIndexOf("/", StringComparison.InvariantCulture) + 1);