Skip to content

Scim Interface and resource in OM #21512

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 14 commits into from
Jun 13, 2025
Merged

Scim Interface and resource in OM #21512

merged 14 commits into from
Jun 13, 2025

Conversation

aji-aju
Copy link
Contributor

@aji-aju aji-aju commented Jun 2, 2025

Describe your changes:

Fixes

I worked on ... because ...

Type of change:

  • Bug fix
  • Improvement
  • New feature
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation

Checklist:

  • I have read the CONTRIBUTING document.
  • My PR title is Fixes <issue-number>: <short explanation>
  • I have commented on my code, particularly in hard-to-understand areas.
  • For JSON Schema changes: I updated the migration scripts or explained why it is not needed.

@aji-aju aji-aju requested a review from a team June 2, 2025 05:57
@aji-aju aji-aju self-assigned this Jun 2, 2025
@aji-aju aji-aju requested a review from a team as a code owner June 2, 2025 05:57
@aji-aju aji-aju added safe to test Add this label to run secure Github workflows on PRs backend labels Jun 2, 2025
@harshach harshach requested a review from Copilot June 2, 2025 05:59
Copilot
Copilot AI reviewed Jun 2, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR integrates SCIM provisioning into OpenMetadata by adding new configuration settings, API schemas, and resource endpoints while extending existing entity schemas to support SCIM-related attributes.

  • Adds a new SCIM configuration schema and integrates it into the settings JSON.
  • Extends user and team JSON schemas with an externalId field for identity provider integration.
  • Introduces new SCIM API schemas, endpoints, and a default provisioning service with unimplemented stub functions.

Reviewed Changes

Copilot reviewed 27 out of 27 changed files in this pull request and generated no comments.

Show a summary per file
File Description
openmetadata-spec/src/main/resources/json/schema/settings/settings.json Added "scimConfiguration" to the settings array.
openmetadata-spec/src/main/resources/json/schema/scim/scimConfiguration.json New schema for SCIM configuration.
openmetadata-spec/src/main/resources/json/schema/entity/teams/user.json Added externalId field to user schema.
openmetadata-spec/src/main/resources/json/schema/entity/teams/team.json Added externalId field to team schema.
openmetadata-spec/src/main/resources/json/schema/api/teams/createUser.json Extended schema to include externalId for users.
openmetadata-spec/src/main/resources/json/schema/api/teams/createTeam.json Extended schema to include externalId for teams.
openmetadata-spec/src/main/resources/json/schema/api/scim/scimUser.json New SCIM User schema.
openmetadata-spec/src/main/resources/json/schema/api/scim/scimPatchOp.json New SCIM PatchOp schema.
openmetadata-spec/src/main/resources/json/schema/api/scim/scimGroup.json New SCIM Group schema.
openmetadata-service/src/main/java/org/openmetadata/service/security/SecurityUtil.java Integrated SCIM configuration check in user name extraction and added isBotW helper.
openmetadata-service/src/main/java/org/openmetadata/service/scim/impl/DefaultScimProvisioningService.java Introduced a default SCIM provisioning service returning not-implemented responses.
openmetadata-service/src/main/java/org/openmetadata/service/scim/ScimProvisioningService.java New interface for SCIM provisioning.
openmetadata-service/src/main/java/org/openmetadata/service/resources/scim/ScimResource.java Added new SCIM endpoints supporting user and group provisioning.
Other integration files (SettingsCache, SystemRepository, CollectionDAO, OpenMetadataApplicationConfig, OpenMetadataApplication) Updated to include SCIM configuration and register the new SCIM resource.
Comments suppressed due to low confidence (1)

openmetadata-spec/src/main/resources/json/schema/api/scim/scimPatchOp.json:16

  • The property name 'Operations' is capitalized while other SCIM schema properties use lower-case. Consider renaming it to 'operations' for consistency.
"Operations": {

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Jun 2, 2025
edited
Loading

Jest test Coverage

UI tests summary

Lines Statements Branches Functions
Coverage: 63%
 63.6% (45418/71417) 38.94% (18523/47566) 43.13% (5410/12544)

@aji-aju aji-aju changed the title Scim Interface and resource in OM WIP: Scim Interface and resource in OM Jun 4, 2025
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'open-metadata-ui'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'open-metadata-ingestion'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

harshach
harshach previously approved these changes Jun 10, 2025
View reviewed changes
@mohityadav766
Copy link
Contributor

Scim Resource Test @aji-aju will handle in a different PR

@mohityadav766 mohityadav766 reopened this Jun 13, 2025
@mohityadav766 mohityadav766 merged commit 023abfd into main Jun 13, 2025
24 of 48 checks passed
@mohityadav766 mohityadav766 deleted the feature/scim3 branch June 13, 2025 07:42
@Ashish8689 Ashish8689 mentioned this pull request Jun 13, 2025
Merged
9 tasks
@mohityadav766 mohityadav766 mentioned this pull request Jun 18, 2025
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@mohityadav766 mohityadav766 mohityadav766 approved these changes

@harshach harshach harshach left review comments

Assignees

@aji-aju aji-aju

Labels
backend safe to test Add this label to run secure Github workflows on PRs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aji-aju @mohityadav766 @harshach