This quickstart will cover what you need to know to add authentication to your SCIM Client. Authentication is configured on a service provider by service provider basis, although options are provided so you can reuse configurations.
Configuration
To add authorization to your SCIM client, you need to add authentication options to your calls to AddServiceProvider
. There are 3 different options you can provide:
- ScimOAuthOptions - Options for the configuration of a machine to machine authentication
- ScimApiKeyOptions - Options for authentication through an API key contained in the header
- ScimBasicAuthOptions - Options authentication using the Basic authentication header
The following example uses Basic Authentication:
public class Startup
{
public void ConfigureServices(IServiceCollection services)
{
ScimBasicAuthOptions basicAuthOptions = new ScimBasicAuthOptions("UserName", "Password!321");
services.AddScimClient()
.AddServiceProvider("BasicAuth", "https://localhost:5000/SCIM/", basicAuthOptions);
}
...
}
If you would like to use your own authentication mechanism, you can call the AddScimServiceProvider<TAuthenticator>
method, where TAuthenticator
is a class that implements IAuthenticate
. Example:
public class Authenticator : IAuthenticate
{
public Task<IScimResult> Authenticate(HttpClient httpClient, string serviceProviderName)
{
if (serviceProviderName == "basic")
{
Encoding encoding = Encoding.UTF8;
string credential = "userName:password";
string encodedString = Convert.ToBase64String(encoding.GetBytes(credential));
httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", encodedString);
var success = new ScimResult(ScimResultStatus.Success);
return Task.FromResult((IScimResult)success);
}
var failure = new ScimResult(ScimResultStatus.Failure);
return Task.FromResult((IScimResult)failure);
}
}
services.AddScimClient()
.AddScimServiceProvider<Authenticator>("Name", options =>
{
options.BaseAddress = new Uri("https://localhost:5000/SCIM/");
})
If you don't provide any options, then no authentication will be setup. For example:
services.AddScimClient()
.AddServiceProvider("NoAuthentication", "https://localhost:5000/SCIM/");