 |
Summary | Add SCIM service provider endpoints |
 |
Repository Link | https://forge.libre.sh/libre.sh/discourse-scim |
 |
Install Guide | How to install plugins in Discourse |
Features
A plugin that adds SCIM endpoints to Discourse. SCIM is a standard proposed by the IETF through RFC7644 and RFC7643 which aims to provide solution for user/group management through a simple Rest API.
In addition to any existing SSO and centralized account creation SCIM has the following advantages:
- assign users to groups;
- change user information immediately in several apps;
- delete the user when they are removed from the SSO;
- get the list of users or groups in a standard way;
- …
We tested this plugin with the keycloak SCIM plugin and the authentik SCIM provider as clients. The idea is that you can add/edit users in keycloak or authentik and the changes are automatically reflected in Discourse.
Configuration
To query the SCIM endpoints you have to create an API key first. You can have a global API key for all users or a granular (scoped) API key for all users as described here: Create and configure an API key
Please use the scope scim. Currently you have to allow access to all endpoints together.
Then to query all users with curl for example:
$ curl -H 'Authorization: Bearer <your_api_key>' -H 'Content-Type: application/scim+json' -v http://localhost:4200/scim_v2/Users