SCIM Support for Nubus

Here at the government agency I am working for, we are using UCS as our central IAM System. Since SCIM is being used more widely as a standard mechanism for data provisioning of user and group information and often LDAP is not being supported anymore, it would be great if Nubus would support SCIM.

I know that there are some older posts on that topic, but since then Keycloak was integrated into UCS / Nubus. Keykloak itself does not support SCIM, but there are some implementations out there like: https://scim-for-keycloak.de/ (not Open Source anymore, but the old implementation is here: GitHub - Captain-P-Goldfish/scim-for-keycloak: a third party module that extends keycloak by SCIM functionality)

Two options would help us a lot:

• Have some commercial or free solutions available, which have been officially tested by Univention for Nubus for production use (these solutions could be listed on the app center)
• Have an official open source implementation for SCIM maintained by Univention as part of Nubus

Hello Alexander,
welcome to the forum.

SCIM is definitively a desirable interface for UCS’ user database.
Unfortunately, it would have to replace, or at least wrap, the UDM REST API. Keycloak cannot be used as a shortcut, as it lacks many features of the UCS IAM implemented in UDM.
It would involve rewriting the core of UCS/Nubus. Something like that is feasible only in the mid- to long-term planning. There are no concrete plans yet. When we have them, I’ll post them here.

Greetings
Daniel