This quickstart will cover everything you need to know to use the default ASP Identity store. This uses a nuget package from Rock Solid Knowledge that allows you to receive CRUD requests as a SCIM Service Provider that operate against your ASP Identity store.
Nuget Installation
install-package Rsk.AspNetCore.Scim.Identity -pre
Configuration
The current implementation will allow you to accept SCIM CRUD requests for the User resource, with support for the Group resource coming in the future. To do this, call AddScimDefaultResourcesForIdentityStore on the returned IScimBuilder from the AddScim call within ConfigureServices.
public void ConfigureServices(IServiceCollection services)
{
...
services.AddScim("/SCIM")
.AddScimDefaultResourcesForIdentityStore();
...
}
Mapped properties
The SCIM Core Schema specification defines properties that can not be one-to-one mapped to IdentityUser. The Id property will map directly to the Id property on IdentityUser & the Email and PhoneNumberproperties will be populated with the first values in their respective arrays on the SCIM User. If the Active flag is set to false on the SCIM User, the resulting IdentityUser will have its LockoutEnabled set to true and a LockoutEnd value will also be supplied.
Custom Identity User
If your solution utilizes an identity user that isn't the standard ASP Identity IdentityUser, then you can register this against the SCIM library using the AddUserResourceWithDefaultIdentityEfStore method. To be able to use this method the only extra piece you need to implement is a mapper that maps between the SCIM User and your identity user. This mapper must implement the IIdentityUserMappingService interface.
If you need to map a custom SCIM resource to an IdentityUser then you will need to implemenet a custom store. See the custom stores and validation documentation for more information
public class ExtendedIdentityUser : IdentityUser
{
...
}
public class Mapper : IIdentityUserMappingService<Rsk.AspNetCore.Scim.Models.User, ExtendedIdentityUser>
{
public Task<Rsk.AspNetCore.Scim.Models.User> ToResource(ExtendedIdentityUser identityUser)
{
...
}
public UserMappingResult<MyIdentityUser> ToIdentityUser(ScimURsk.AspNetCore.Scim.Models.User userResource)
{
...
}
}