I'm curious about other's experience with LDAP's supposed succesor: SCIM (http://scim.cloud). based on REST, it does sound simpler to implement & integrate compared to LDAP. but is it actually better compared to LDAP?
SCIM + Oath/SAML is pretty solid (SCIM doesn't handle authentication just provisioning, de-provisioning, and updates).
It flips the script on LDAP as well, instead of the application calling in to the directory, the directory/sync service calls into the application which has some positive security implications.
It flips the script on LDAP as well, instead of the application calling in to the directory, the directory/sync service calls into the application which has some positive security implications.