Authentication | SCIM for ASP.NET

This quickstart will cover what you need to know to add authentication to your SCIM Client. Authentication is configured on a service provider by service provider basis, although options are provided so you can reuse configurations.

Configuration

To add authorization to your SCIM client, you need to add authentication options to your calls to AddServiceProvider. There are 3 different options you can provide:

ScimOAuthOptions - Options for the configuration of a machine to machine authentication
ScimApiKeyOptions - Options for authentication through an API key contained in the header
ScimBasicAuthOptions - Options authentication using the Basic authentication header

The following example uses Basic Authentication:


public class Startup
{
    public void ConfigureServices(IServiceCollection services)
    {
        ScimBasicAuthOptions basicAuthOptions = new ScimBasicAuthOptions("UserName", "Password!321");

        services.AddScimClient()
                .AddServiceProvider("BasicAuth", "https://localhost:5000/SCIM/", basicAuthOptions);
    }

    ...
}

If you would like to use your own authentication mechanism, you can call the AddScimServiceProvider<TAuthenticator> method, where TAuthenticator is a class that implements IAuthenticate. Example:

Authenticator


public class Authenticator : IAuthenticate
{
    public Task<IScimResult> Authenticate(HttpClient httpClient, string serviceProviderName)
    {
        if (serviceProviderName == "basic")
        {
            Encoding encoding = Encoding.UTF8;
            string credential = "userName:password";

            string encodedString = Convert.ToBase64String(encoding.GetBytes(credential));

            httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", encodedString);

            var success = new ScimResult(ScimResultStatus.Success);

            return Task.FromResult((IScimResult)success);
        }

        var failure = new ScimResult(ScimResultStatus.Failure);

        return Task.FromResult((IScimResult)failure);
    }
}

Registration

services.AddScimClient()
        .AddScimServiceProvider<Authenticator>("Name", options =>
        {
            options.BaseAddress = new Uri("https://localhost:5000/SCIM/");
        })

If you don't provide any options, then no authentication will be setup. For example:

services.AddScimClient()
        .AddServiceProvider("NoAuthentication", "https://localhost:5000/SCIM/");

Previous Next