**Session Date/Time:** 19 Mar 2026 01:00

# [SCIM](../wg/scim.html)

## Summary

The SCIM Working Group met at IETF 125 to discuss progress on existing drafts and introduce new proposals aimed at addressing scale and interoperability. Key topics included the status of the use cases draft, a proposal for a new `GroupMember` resource to handle large-scale group pagination, an interoperability profile to simplify protocol implementation, and an exploratory discussion on representing "agentic" identities (AI agents and workloads) within SCIM.

## Key Discussion Points

### Chairs Introduction
**Aaron Parecki** and **Nancy Cam-Winget** opened the session with the Note Well and administrative reminders. [Chairs Intro](https://datatracker.ietf.org/meeting/125/materials/slides-125-scim-chairs-intro-00).

### SCIM Use Cases
**Paulo Casillo** provided an update on [draft-ietf-scim-use-cases-reloaded](https://datatracker.ietf.org/meeting/125/materials/slides-125-scim-use-cases-reloaded).
*   Recent updates incorporated feedback from Eliot Lear and Dean (no last name provided).
*   The chairs called for more reviewers to ensure the document accurately reflects current industry needs.
*   **Volunteers for review:** Umesh, Maisie, Danny Zollner, and Paul.

### SCIM GroupMember Resource
**Danny Zollner** presented the [SCIM GroupMember Resource Draft](https://datatracker.ietf.org/meeting/125/materials/slides-125-scim-scim-groupmember-resource-draft-02).
*   **Problem:** Currently, SCIM represents group members as a multi-valued array, which prevents effective pagination for very large groups (e.g., millions of members).
*   **Solution:** The draft proposes a `/GroupMembers` resource type, treating each membership as an individual resource. This allows standard SCIM pagination, filtering, and CRUD operations (POST to add, DELETE to remove).
*   **Discussion:** 
    *   **Madokiu** asked why a root resource was chosen over a sub-resource model (e.g., `/Groups/{id}/Members`). Danny explained that a root resource allows for cross-group queries (e.g., "all members added in the last hour").
    *   **Maisie** suggested omitting member counts as they are computationally expensive.
    *   **Pamela Dingle** and **Paulo Casillo** volunteered to review.

### SCIM Interoperability Profile
**Danny Zollner** presented the [SCIM Interoperability Profile Draft](https://datatracker.ietf.org/meeting/125/materials/slides-125-scim-scim-interoperability-profile-draft-00).
*   **Goal:** To reduce the "SCIM tax" on implementers by standardizing optional features and narrowing the hundreds of ways to use `PATCH`.
*   **Technical Proposals:**
    *   Simplify `PATCH` syntax requirements.
    *   Deprecate the `password` attribute in B2B SaaS contexts in favor of federation.
    *   Prohibit `PUT` in favor of `PATCH`.
    *   Define a minimum set of required attributes for interoperability.
*   **Discussion:**
    *   **Paul** supported "trimming the tree" to focus on adopted features.
    *   **Nancy Cam-Winget** and **Deb** (AD) discussed whether this should eventually become SCIM 2.1 or 3.0. The consensus was to focus on the technical content first and decide on the versioning/naming later.
    *   **Chris** (AD) noted the importance of identifying specific pain points to guide re-chartering.
    *   **Volunteers for review:** Pamela Dingle and a representative from Cisco (via Nancy Cam-Winget).

### SCIM Agentic Draft Progress
**Pamela Dingle** and **Ishmael** presented the [SCIM Agentic Draft Progress](https://datatracker.ietf.org/meeting/125/materials/slides-125-scim-scim-agentic-draft-progress-00).
*   **Concept:** Combining previous proposals from Mark Wall and Maisie Abby to represent AI agents and workloads in SCIM.
*   **Key Goals:** Standardize CRUD for agents, handle agent lifecycles (e.g., disabling an agent), and integrate with workload identity systems like SPIFFE.
*   **Discussion:**
    *   **Justin Richer** raised the issue of relationships between agents and people (e.g., owners, managers, or agents acting on behalf of humans).
    *   **Ishmael** noted the gap in provisioning SPIFFE identity metadata between domains, which SCIM could fill.
    *   **Yaroslav** and **Peter** discussed the nature of agents: whether they are ephemeral workloads or durable assets. **Yaroslav** suggested that for short-lived agents, SCIM might be more about "discovery" than lifecycle management.
    *   **Grace** highlighted different architectural models: centralized (telco-managed agents) vs. decentralized (individuals owning "armies of AIs").
    *   **Justin Richer** warned that the industry lacks a stable definition of "agent" (software vs. people-like entities), suggesting a "fail spectacularly" approach to experimentation.

## Decisions and Action Items
*   **Action Item:** Reviewers for `draft-ietf-scim-use-cases-reloaded` to provide feedback on the mailing list by the next IETF.
*   **Action Item:** Danny Zollner to refine the Interoperability Profile to focus more on protocol-level interoperability rather than data models, to avoid overlap with IPS Working Group efforts.
*   **Decision:** The "Agentic" group will focus on gathering and documenting use cases before formalizing the draft further.

## Next Steps
*   Further discussion of the `GroupMember` and `Interoperability` drafts on the mailing list.
*   Preparation for potential SCIM Working Group re-chartering, incorporating the new work on protocol updates and agentic identities.
*   Call for volunteers to contribute use cases for AI agents/workloads in the SCIM context.