First stable release of the SCIM 2.0 Proxy Server — a standalone SCIM 2.0 server (RFC 7643/7644) that fronts platforms without their own SCIM interface, via pluggable backend connectors. Zero runtime dependencies beyond the JDK (JDBC driver aside); JDK 21+.
Backends
- memory — in-memory reference backend.
- okta — Okta Management API (OAuth2 private-key JWT or client secret).
- ldap — one configurable connector with flavors for eDirectory, Active Directory, OpenLDAP, and 389 Directory Server; LDAPS, per-directory membership models and active/disable strategies.
- jdbc — config-driven table/column mapping with SQL filter pushdown (PostgreSQL driver bundled; other databases by adding their driver).
- file — CSV or JSON files, for reading an existing export or materializing provisioning as a file drop.
Inbound authentication
Pluggable chain of static bearer tokens, OAuth 2.0 bearer-JWT validation (generic JWKS: signature + issuer/audience/expiry/scope), and HTTP Basic.
Protocol
Full RFC 7644 filter grammar and PATCH engine, Users/Groups CRUD, .search, discovery endpoints, config-driven schema extensions.
Validated live
Okta (Preview org), eDirectory 9.3, Active Directory, 389 Directory Server, PostgreSQL 17. See TESTING.md. 113 automated tests.
Run
java -jar scim-server-1.0.0.jar config/scim-proxy.jsonMIT licensed. © 2026 PointBlue Technology LLC.