SCIM authentication scheme

Oak uses the standard RFC6750 for OAuth 2.0 Bearer Token usage for SCIM authentication. Most SCIM providers allow this method of authentication and may refer to it as an Authorization Header token.

This means that the SCIM client will send an Authorization header in each of the HTTP requests to Oak. Typically, the header will look something like this:

Authorization: Bearer 5aff7b9a4d664dbe86bdf2519f107d70

When you set up a new SCIM connection, Oak will generate a new token to be shared with the SCIM service. The above format is what Oak expects, so you must configure the SCIM client in this way to achieve a successful authentication.

It is possible to manually revoke a token that was generated within Oak in case you believe a token has become compromised.