SCIM (RFC7643 and RFC7644) was published back in September 2015. SCIM has over 65 published implementations including the new open source project i2scim.io. There are deployments from small IoT systems all the way to large scale deployments in the billions. SCIM's primary benefit has been to serve as an industry standard way to provision and manage identities at service providers using an industry standard RESTful API using JSON documents.
Recently members of the SCIM mailing list have been discussing next steps and the re-chartering of the SCIM Working Group.
As part of the IETF process, there will be a "SINS" (SCIM Industry Next Steps) meeting at IETF111 to discuss possible upcoming work and working group formation.
The goal of the meeting is simply to engage the broader IETF community in a birds of a feather style meeting and let people know about planned work. A partial list of items being discussed:
- Paging proposals
- Stateful paging
- Filtering and Paging of multi-value attributes (e.g. such as group members).
- New schema proposals
- HR Data
- Enterprise Groups
- Privileged Access Management
- Soft deletes - enabling accounts to be resurrected
- Profiling SCIM with SSO protocols such as OpenID Connect
- Asynchronous events including cross-domain signals co-ordination and synchronization
- Best practices including evolution of externalid usage