RFC 7643, "System for Cross-domain Identity Management: Core Schema", September 2015
Source of RFC: scim (sec)
Updated by: RFC9865, RFC9967
Errata-ID: 8471
- Status:
- Verified
- Type:
- Technical
- Reported By:
- Matthias Winter
- Date Reported:
- 2025-06-20
- Verified by:
- Deb Cooley
- Date Verified:
- 2025-10-28
Section 8.7.1 says:
{
"name" : "groups",
"type" : "complex",
"multiValued" : true,
"description" : "A list of groups to which the user belongs,
either through direct membership, through nested groups, or
dynamically calculated.",
"required" : false,
"subAttributes" : [
{
"name" : "value",
"type" : "string",
"multiValued" : false,
"description" : "The identifier of the User's group.",
"required" : false,
"caseExact" : false,
"mutability" : "readOnly",
"returned" : "default",
"uniqueness" : "none"
},
{
"name" : "$ref",
"type" : "reference",
"referenceTypes" : [
"User",
"Group"
],It should say:
{
"name" : "groups",
"type" : "complex",
"multiValued" : true,
"description" : "A list of groups to which the user belongs,
either through direct membership, through nested groups, or
dynamically calculated.",
"required" : false,
"subAttributes" : [
{
"name" : "value",
"type" : "string",
"multiValued" : false,
"description" : "The identifier of the User's group.",
"required" : false,
"caseExact" : false,
"mutability" : "readOnly",
"returned" : "default",
"uniqueness" : "none"
},
{
"name" : "$ref",
"type" : "reference",
"referenceTypes" : [
"Group"
],Notes:
The 'groups.$ref' sub-attribute of the core User schema should not contain "User" in its referenceTypes. According to section 4.1.2 it is "A list of groups to which the user belongs".