User-Managed Access 2.0 (UMA)
By default, CUE User Manager assumes the the SCIM web resources are UMA protected :
provider: umaProtectedSCIM: yes
When enabled, CUE User Manager will perform the UMA authorization flow before making the actual SCIM HTTP request.
It's up to the IAM provider to validate that the access token is valid.
If the SCIM endpoint is not UMA protected, you must
set this to false
. The SCIM endpoint will then
receive requests from with
CUE User Manager
with Authorization
headers like:
Authorization: Bearer <access-token>
Again, it's up to the IAM system to validate that the access token is valid before allowing the client to perform the requested SCIM operation.