TL;DR: Have you built a SCIM server/API? If so, did you do so from scratch, or did you use a tool/library? Which would you recommend? Anything a new-ish dev should know while building a SCIM server?
I'm trying to build a SCIM (https://www.simplecloud.info/) server to handle user provisioning from various Identity Providers (IdPs; Azure AD, Okta, Workday, etc.) into our application.
I've familiarized myself with the SCIM spec (RFC 7642, 7643, and 7644). But, as a relatively new developer, I'm still on the fence about whether (1) to build our SCIM server/API from scratch (in Java) or (2) to use a third-party tool/library.
Right now, I've got my eye on Apache Directory SCIMple as a possible tool to use. But (1) it's not on Maven Central yet and (2) it requires Java 17+ to build (and also for its spring-boot module), which might be a problem for us.
Maybe I just need to dive-in and start putting something together without relying on a third-party SCIM tool to do so. But I'll admit that, again, as a new-ish dev, I still have the gut reaction that "surely the stuff that other people have built is going to be better than what I can put together"!
The SCIM spec is quite nice and (if you’re like me) fun to implement. My guess is that you’ll get further, faster, by just implementing SCIM.
I’m happy to work more directly with you, my contact information is in my HN profile.
In the meantime, I hope that you might find one or more of these things helpful:
1. The documentation I wrote when Okta first added support for SCIM in 2016: https://github.com/oktadev/okta-scim-beta 2. The Runscope unit tests that Okta uses to help validate SCIM integrations: https://developer.okta.com/docs/guides/scim-provisioning-int... - these tests won't FULLY test your SCIM service, but they'll get you well on your way 3. A talk I gave on SCIM for OKta's user conference last year: https://www.youtube.com/watch?v=JmA83cy0uVc
(Thanks to my friend and HN user gabrielsroka for putting this on my radar)