SCIM connectors require a particularly complex configuration template that supports three different authentication types, each of which has different credential parameters that are required to properly configure the collectors and fulfillers. The choice of authentication type and grant type will depend on the use case and what the authentication token endpoint supports.
When using the bearer token authentication method, you can select Password Flow (when user involvement is required) or Client Credential Flow (for machine-to-machine communication) as the authentication grant type. When using the Client Credential Flow, you will need to specify whether the credentials should be included in the request header or request body .
NOTE:When integrating with other OpenText products using OpenText Advanced Authentication and credential flow authentication method, use oauth2_aud_base value as your Resource to specify the audience for which the authentication token is being requested. It indicates the API or service that the token is intended to grant access to. The audience typically refers to the unique identifier (such as the URI) of the resource or API you are trying to access.
When using Cloud Bridge, you must also specify a unique ordinal for each authentication method. Use the following table to understand the ordinal number that you need to specify for SCIM authentication methods.
The following table lists the available authentication types and related credentials:
|
Ordinal (Credential Position) |
Authentication Type |
Credential Set |
|---|---|---|
|
3 |
Basic Auth |
|
|
4 |
Access Token NOTE:When the access token expires, replace it with a new access token. |
|
|
5 |
Bearer Token |
|
|
6 |
Bearer Token |
|
IMPORTANT:For the access token, the user provides the token to connect to the SCIM-compatible application, whereas, for the bearer token, the connector generates the token. When the access token expires, replace it with a new access token.