arietimmerman / laravel-scim-server
Laravel Package for creating a SCIM server
Installs: 337 939
Dependents: 1
Suggesters: 0
Security: 0
Stars: 70
Watchers: 9
Forks: 38
Open Issues: 0
Requires
- php: ^8.0
- illuminate/console: ^10.0|^11.0|^12.0
- illuminate/database: ^10.0|^11.0|^12.0
- illuminate/support: ^10.0|^11.0|^12.0
Requires (Dev)
- friendsofphp/php-cs-fixer: ^3.66
- laravel/legacy-factories: *
- orchestra/testbench: ^6.0|^7.0|^8.0|^9.0|^10.0
- dev-master
- v1.3.6
- v1.3.5
- v1.3.4
- v1.3.3
- v1.3.2
- v1.3.1
- v1.3.0
- v1.2.9
- v1.2.8
- v1.2.7
- v1.2.6
- v1.2.5
- v1.2.4
- v1.2.3
- v1.2.2
- v1.2.1
- v1.2.0
- v1.1.9
- v1.1.8
- v1.1.7
- v1.1.6
- v1.1.5
- v1.1.4
- v1.1.3
- v1.1.2
- v1.1.1
- v1.1
- v1.0.9
- v1.0.8
- v1.0.7
- v1.0.6
- v1.0.5
- v1.0.4
- v1.0.3
- v1.0.2
- v1.0.1
- v1.0.0
- v0.7.1
- v0.7.0
- v0.6.9
- v0.6.8
- v0.6.7
- v0.6.6
- v0.6.5
- v0.6.4
- v0.6.3
- v0.6.2
- v0.6.1
- v0.6.0
- v0.5.9
- v0.5.8
- v0.5.7
- v0.5.6
- v0.5.5
- v0.5.4
- v0.5.3
- v0.5.2
- v0.5.1
- v0.5.0
- dev-fix-no-content-header
- dev-optional-cursor-pagination
- dev-feature/cross-resource-meta-filter
- dev-filter-multi-conditions
- dev-email-value-add
- dev-valuepath-filter-for-complex-attributes
- dev-bulk-support-for-all-resourcetypes
- dev-negation-filters
- dev-feature/internal-filter-parser
- dev-scim-attribute-fixes
- dev-readme-update
- dev-docker-updates
- dev-logo-update
- dev-workflow-fix
- dev-docker-fixes
- dev-codex/rename-seperator-to-separator
- dev-fix-replace-for-extensions
- dev-development-flow-improvements
- dev-fix-resourcetypes-endpoint
- dev-active-is-of-type-boolean
- dev-feature/remove-with-path
- dev-fix-schemaExtensions
- dev-feature/respect-cursor-count-limitations
- dev-feature/added-invalidCursor-error
- dev-fix-type-of-name-attribute
- dev-feature/new-version-for-schema
- dev-feature/better-error-code
- dev-feature/support-for-search
- dev-feature/handling-of-attributes
- dev-feature/allow-not-returning-passwords
- dev-feature/listresponse-resourcetypes
- dev-feature/roles-attribute
- dev-feature/allow-add-for-multiple
- dev-hotfix/null-filter-fix
- dev-feature/allow-defaults
- dev-hotfix/better-null-check
- dev-hotfix/fix-no-schema-attributes-in-return
- dev-feature/improved-get-default-schema
- dev-feature/omit-null-values
- dev-feature/cursor-pagination
- dev-feature/displayName-for-groups
- dev-feature/etag-by-default
- dev-feature/new-schema
- dev-feature/use-escaped-dots-for-validation
- dev-feature/improved-events
- dev-hotfix/fixes-bulkid-support
- dev-feature/bulk-operation-support
- dev-feature/custom-schema-test
- dev-feature/definition-of-schema-in-mapping-optional
- dev-feature/option-to-omit-main-schema
- dev-feature/support-for-php-9
- dev-bugfix/fix-for-php8
- dev-feature/publish-routes-optionally
- dev-feature/fixing-pipeline
- dev-feature/updated-packages
- dev-feature/updated-testbench
- dev-feature/enable-schema-routes-by-defaults
- dev-feature/dep-updates
- dev-feature/ci-fixes
This package is auto-updated.
Last update: 2025-09-19 18:42:28 UTC
README
SCIM 2.0 Server implementation for Laravel
Add SCIM 2.0 Server capabilities to your Laravel application with ease. This package requires minimal configuration to get started with the core SCIM flows and is powering The SCIM Playground, one of the most widely tested SCIM servers available.
Why Laravel SCIM Server?
- Battle-tested with real-world providers through the SCIM Playground
- Familiar Laravel tooling and middleware integration
- Fully extensible configuration for resources, attributes, and filtering
- Ships with dockerized demo and an expressive test suite
Table of contents
- Quick start
- Installation
- SCIM routes
- Configuration
- Security & app integration
- Test server
- Contributing & support
Quick start
Spin up a SCIM test server in seconds:
docker run -d -p 8000:8000 --name laravel-scim-server ghcr.io/limosa-io/laravel-scim-server:latest
Visit http://localhost:8000/scim/v2/Users (or /Groups, /Schemas, /ResourceTypes, etc.) to exercise the API.
Installation
Add the package to your Laravel app:
composer require arietimmerman/laravel-scim-server
Optionally publish the config for fine-grained control:
php artisan vendor:publish --tag=laravel-scim
SCIM routes
| Method | Path | Description |
|---|---|---|
| GET | /scim/v1 | SCIM 1.x compatibility message (returns error with upgrade guidance) |
| GET | /scim/v2 | Cross-resource index (alias of /scim/v2/) |
| GET | /scim/v2/ | Cross-resource index |
| POST | /scim/v2/.search | Cross-resource search across all types |
| POST | /scim/v2/Bulk | SCIM bulk operations |
| GET | /scim/v2/ResourceTypes | List available resource types |
| GET | /scim/v2/ResourceTypes/{id} | Retrieve a specific resource type |
| GET | /scim/v2/Schemas | List SCIM schemas |
| GET | /scim/v2/Schemas/{id} | Retrieve a specific schema |
| GET | /scim/v2/ServiceProviderConfig | Discover server capabilities |
| GET | /scim/v2/{resourceType} | List resources of a given type |
| POST | /scim/v2/{resourceType} | Create a new resource |
| POST | /scim/v2/{resourceType}/.search | Filter resources of a given type |
| GET | /scim/v2/{resourceType}/{resourceObject} | Retrieve a single resource |
| PUT | /scim/v2/{resourceType}/{resourceObject} | Replace a resource |
| PATCH | /scim/v2/{resourceType}/{resourceObject} | Update a resource |
| DELETE | /scim/v2/{resourceType}/{resourceObject} | Delete a resource |
Optional "Me" routes can be enabled separately:
| Method | Path | Description |
|---|---|---|
| GET | /scim/v2/Me | Retrieve the SCIM resource for the authenticated subject |
| PUT | /scim/v2/Me | Replace the SCIM resource for the authenticated subject |
| POST | /scim/v2/Me | Create the authenticated subject (requires RouteProvider::meRoutePost()) |
Configuration
The package resolves configuration via SCIMConfig::class. Extend it to tweak resource definitions, attribute mappings, filters, or pagination defaults.
Register your custom config in app/Providers/AppServiceProvider.php:
$this->app->singleton( \ArieTimmerman\Laravel\SCIMServer\SCIMConfig::class, YourCustomSCIMConfig::class );
Minimal override example:
<?php class YourCustomSCIMConfig extends \ArieTimmerman\Laravel\SCIMServer\SCIMConfig { public function getUserConfig() { $config = parent::getUserConfig(); // Customize $config as needed. return $config; } }
Pagination settings
Cursor-based pagination is enabled by default via the SCIM cursor pagination draft. Publish the config file and update config/scim.php to adjust defaults:
'pagination' => [ 'defaultPageSize' => 10, 'maxPageSize' => 100, 'cursorPaginationEnabled' => false, ]
Security & app integration
SCIM grants the ability to view, add, update, and delete users or groups. Make sure you secure the routes before shipping to production.
-
Disable automatic route publishing if you plan to wrap routes in your own middleware:
// config/scim.php return [ 'publish_routes' => false, ];
-
Re-register the routes with your preferred middleware stack:
use ArieTimmerman\Laravel\SCIMServer\RouteProvider as SCIMServerRouteProvider; SCIMServerRouteProvider::publicRoutes(); Route::middleware('auth:api')->group(function () { SCIMServerRouteProvider::routes([ 'public_routes' => false, ]); SCIMServerRouteProvider::meRoutes(); });
Test server
Bring up the full demo stack with Docker Compose:
docker-compose up
Browse to http://localhost:18123/scim/v2/Users to explore the API and run the test suite.
Contributing & support
- Issues and pull requests are welcome on GitHub
- Found this package helpful? Give it a star on GitHub so others can discover it faster