Scim oauth implementation

hi,
I would like to authenticate my scim with OAuth with SCIM 2.0 Test App (Header Auth) application. Do you have a guide on how to do that? from what I understand I need to pass the access token and somehow to veridy that at my application. Do you have a go implementation?

Hi @aviadh! We don’t have an official guide but I am happy to walk you through the process.

We have an OAuth authentication option with our SCIM 2.0 Template App; you may search for it under Applications > Browse App Integration Catalog > SCIM 2.0 Test App (OAuth Bearer Token).

Things to note:

  1. You may use Okta as an authorization server or another authz server of your choice.
  2. Okta supports OAuth 2.0 Authorization Code Flow Grant.
  3. You can manually test the access token within the template app like so:

but one caveat is that although you can configure for refresh tokens, there is currently no way to test this within the app - this feature is soon to come.

  1. Once you submit your SCIM integration (https://oinmanager.okta.com/) you will need to provide Okta with a client id and client secret as well as the necessary endpoints:

And once your app is integrated into our OIN, then refresh tokens will automatically work as intended.

  1. We include the Client ID/Client Secret provided in the body of the request we send to the provided Token endpoint, NOT the headers

Lastly, we don’t have a Go implementation specifically for OAuth-SCIM setup, but I recommend taking a look at our Go Resource Server Sample which uses the Okta JWT Verifier for Golang to validate access tokens.

Additional resources: