Add custom user attribute in User Schema question

[sw-kosaki]

Hello, I have a task to add a custom user attribute in User's Schema in .Net Core provisioning project which we already have, and now we want to extend the User's schema with a custom (not existing in User's list) attribute.
Is that possible at all?

I've read somewhere in the docs, that its possible with adding of additional user's sub schema with this custom attribute in the project (which implements SimpleIdServer), and include this new schema in the main User's Core schema, is that correct?

Now I have to create a simple POC project where I have to prove that this works, so will appreciate if you can you give me some advices how to do that or point me to the proper samples or poc project?
Thanks in advance for your time!

[simpleidserver]

Hello, and sorry for my late reply :)

It is possible to add custom user attributes in the SCIM project. Below are the steps to add a custom attribute nbConnections to the User representation:

1. Follow this tutorial to create your SCIM project with EF support and open the CSPROJ file: https://simpleidserver.com/docs/installation/dotnettemplate#create-scim-project-with-ef-support
2. Create a new schema with the following content and add it to the Schemas directory.

{
  "id": "urn:ietf:params:scim:schemas:extension:security:2.0:User",
  "name": "EidUser",
  "description": "EID User",
  "attributes": [
    {
      "name": "nbConnections",
      "type": "decimal",
      "multiValued": false,
      "description": "Number of conections.",
      "required": false,
      "caseExact": false,
      "mutability": "readWrite",
      "returned": "default",
      "uniqueness": "none"
    }
  ],
  "meta": {
    "resourceType": "Schema",
    "location": "/v2/Schemas/urn:ietf:params:scim:schemas:extension:security:2.0:User"
  }
}

3. Edit the Program.cs file and register your new schema by making the following modifications:

var securityUser = SimpleIdServer.Scim.SCIMSchemaExtractor.Extract(Path.Combine(basePath, "Security.json"), SCIMResourceTypes.User);
userSchema.SchemaExtensions.Add(new SCIMSchemaExtension
{
    Id = Guid.NewGuid().ToString(),
    Schema = "urn:ietf:params:scim:schemas:extension:security:2.0:User"
});
context.SCIMSchemaLst.Add(securityUser);

4. Run the application and execute the following HTTP POST request to create a user and specify your custom property nbConnections (the security is disabled) :

HTTP POST : https://localhost:5003/Users

{
    "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User","urn:ietf:params:scim:schemas:extension:security:2.0:User"],
    "externalId": "external",
    "userName": "{{$guid}}",
    "nbConnections": 2,
    "displayName":"coucou",
    "name": {
        "formatted": "formatted",
        "givenName": "givenName",
        "middleName": "middleName",
        "familyName": "familyName"
    }
}

The response will contain the nbConnections attribute!

You can download a working version here :)

SCIMEF.zip

KR,

SID

[sw-kosaki]

Bog thanks for this tutorial, the project and explanations!
Do you have some idea what causes this error when I try to run your ScimEF project?
Do I need to run a separate SQLSERVER instance to avoid it?

[simpleidserver]

Indeed, open the appsettings.json file and edit the connection string. :)

[sw-kosaki]

@simpleidserver Thanks again, everything works as you explained in the scimEF project.

If you allow me, I have another important question for me -

How to add this new extension user schema (with new custom attribute) without using of any database?

Ask that because our service just acts as a proxy and has no its on database and maybe we will have serious misconceptions with the POC project in that.

Also, how I can clean the " context.SCIMSchemaLst" and add another one new user schema there?
Now the context is fulfilled with existing schemas in this line:
context.Database.Migrate();

and in this case does not enter in the if (!context.SCIMSchemaLst.Any())

where I have to add my new schema.

Thanks for your time again!

[simpleidserver]

@sw-kosaki

Hello!

After working on the deployment of release 5.0.1, I just noticed your message! Sorry for my late reply 😔.

Add a New User Schema

To add your own custom user schema, you can use the same code provided in my previous post:

var securityUser = SimpleIdServer.Scim.SCIMSchemaExtractor.Extract(Path.Combine(basePath, "Security.json"), SCIMResourceTypes.User);
userSchema.SchemaExtensions.Add(new SCIMSchemaExtension
{
    Id = Guid.NewGuid().ToString(),
    Schema = "urn:ietf:params:scim:schemas:extension:security:2.0:User"
});
context.SCIMSchemaLst.Add(securityUser);

This code execute the following actions :

• Retrieves the user schema and adds the new extension schema 'urn:ietf:params:scim:schemas:extension:security:2.0:User'.
• Add the new schema into the "SCIMSchemaLst" table.

This code can be located outside the if (!context.SCIMSchemaLst.Any()) block.

Add Extension Schema Without Using Database

I don't really understand your question. Can you provide more details about your problem?

Kind regards,

SID.