Markdown Version | Transcript | Session Recording | Session Materials

Session Date/Time: 19 Mar 2026 01:00

SCIM

Summary

The SCIM Working Group met at IETF 125 to discuss progress on existing drafts and introduce new proposals aimed at addressing scale and interoperability. Key topics included the status of the use cases draft, a proposal for a new GroupMember resource to handle large-scale group pagination, an interoperability profile to simplify protocol implementation, and an exploratory discussion on representing "agentic" identities (AI agents and workloads) within SCIM.

Key Discussion Points

Chairs Introduction

Aaron Parecki and Nancy Cam-Winget opened the session with the Note Well and administrative reminders. Chairs Intro.

SCIM Use Cases

Paulo Casillo provided an update on draft-ietf-scim-use-cases-reloaded.

• Recent updates incorporated feedback from Eliot Lear and Dean (no last name provided).
• The chairs called for more reviewers to ensure the document accurately reflects current industry needs.
• Volunteers for review: Umesh, Maisie, Danny Zollner, and Paul.

SCIM GroupMember Resource

Danny Zollner presented the SCIM GroupMember Resource Draft.

• Problem: Currently, SCIM represents group members as a multi-valued array, which prevents effective pagination for very large groups (e.g., millions of members).
• Solution: The draft proposes a /GroupMembers resource type, treating each membership as an individual resource. This allows standard SCIM pagination, filtering, and CRUD operations (POST to add, DELETE to remove).
• Discussion:
  • Madokiu asked why a root resource was chosen over a sub-resource model (e.g., /Groups/{id}/Members). Danny explained that a root resource allows for cross-group queries (e.g., "all members added in the last hour").
  • Maisie suggested omitting member counts as they are computationally expensive.
  • Pamela Dingle and Paulo Casillo volunteered to review.

SCIM Interoperability Profile

Danny Zollner presented the SCIM Interoperability Profile Draft.

• Goal: To reduce the "SCIM tax" on implementers by standardizing optional features and narrowing the hundreds of ways to use PATCH.
• Technical Proposals:
  • Simplify PATCH syntax requirements.
  • Deprecate the password attribute in B2B SaaS contexts in favor of federation.
  • Prohibit PUT in favor of PATCH.
  • Define a minimum set of required attributes for interoperability.
• Discussion:
  • Paul supported "trimming the tree" to focus on adopted features.
  • Nancy Cam-Winget and Deb (AD) discussed whether this should eventually become SCIM 2.1 or 3.0. The consensus was to focus on the technical content first and decide on the versioning/naming later.
  • Chris (AD) noted the importance of identifying specific pain points to guide re-chartering.
  • Volunteers for review: Pamela Dingle and a representative from Cisco (via Nancy Cam-Winget).

SCIM Agentic Draft Progress

Pamela Dingle and Ishmael presented the SCIM Agentic Draft Progress.

• Concept: Combining previous proposals from Mark Wall and Maisie Abby to represent AI agents and workloads in SCIM.
• Key Goals: Standardize CRUD for agents, handle agent lifecycles (e.g., disabling an agent), and integrate with workload identity systems like SPIFFE.
• Discussion:
  • Justin Richer raised the issue of relationships between agents and people (e.g., owners, managers, or agents acting on behalf of humans).
  • Ishmael noted the gap in provisioning SPIFFE identity metadata between domains, which SCIM could fill.
  • Yaroslav and Peter discussed the nature of agents: whether they are ephemeral workloads or durable assets. Yaroslav suggested that for short-lived agents, SCIM might be more about "discovery" than lifecycle management.
  • Grace highlighted different architectural models: centralized (telco-managed agents) vs. decentralized (individuals owning "armies of AIs").
  • Justin Richer warned that the industry lacks a stable definition of "agent" (software vs. people-like entities), suggesting a "fail spectacularly" approach to experimentation.

Decisions and Action Items

• Action Item: Reviewers for draft-ietf-scim-use-cases-reloaded to provide feedback on the mailing list by the next IETF.
• Action Item: Danny Zollner to refine the Interoperability Profile to focus more on protocol-level interoperability rather than data models, to avoid overlap with IPS Working Group efforts.
• Decision: The "Agentic" group will focus on gathering and documenting use cases before formalizing the draft further.

Next Steps

• Further discussion of the GroupMember and Interoperability drafts on the mailing list.
• Preparation for potential SCIM Working Group re-chartering, incorporating the new work on protocol updates and agentic identities.
• Call for volunteers to contribute use cases for AI agents/workloads in the SCIM context.

Related Documents

draft-00, draft-02, draft-ietf-scim-use-cases-reloaded, draft-progress-00