Internet-Draft SCIM Agent Resource June 2026
Wahl, et al. Expires 7 December 2026 [Page]
Workgroup:
System for Cross-domain Identity Management
Internet-Draft:
draft-wzdk-scim-agent-resource-00
Published:
Intended Status:
Informational
Expires:
Authors:
M. Wahl
Microsoft
D. Zollner
Okta
P. Dingle
Microsoft
I. Kazzouzi
Nextident

AI Agent Resource Extension for the System for Cross-domain Identity Management (SCIM)

Abstract

The System for Cross-domain Identity Management (SCIM) specifications are designed to make identity management in cloud-based applications and services easier.

This document provides a platform-neutral schema for representing AI agents' identities in SCIM JSON format, enabling them to be transferred using the SCIM protocol between a client and service provider. This establishes an agentic identity so that an agent can subsequently be authenticated and authorized to interact with the service.

About This Document

This note is to be removed before publishing as an RFC.

Status information for this document may be found at https://datatracker.ietf.org/doc/draft-wzdk-scim-agent-resource/.

Discussion of this document takes place on the System for Cross-domain Identity Management Working Group mailing list (mailto:scim@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/scim/. Subscribe at https://www.ietf.org/mailman/listinfo/scim/.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 7 December 2026.

Table of Contents

1. Introduction

The SCIM protocol [RFC7644] and core schema [RFC7643] are widely implemented for provisioning records for users into services. The default schema for those user records includes attributes such as a person's name, job title, and email address. This enables a SCIM client to inform a SCIM service provider of a new user, so that user can be identified in and subsequently authenticated to the service. SCIM also enables lifecycle controls for the SCIM client to update and remove that user record in that service, and associate that user with groups, roles and entitlements.

With the growth of agentic AI, agents will also need to be able to interact with services. Some services will require an agent to have an identity represented within them in order to interact with resources. The attributes of an agent identity in a SCIM service can be different from the attributes of a human user identity. Similar to users, however, an agent's identity can have access rights in the service, represented through relationships of the agent's identity with groups, roles and entitlements in a service.

As SCIM is familiar within the enterprise and agents often need the same lifecycle signals and group, role or entitlement memberships as users, defining a schema to transport agentic identities using the SCIM protocol simplifies deployment and enables subsequent authentication interactions and consistent controls for those agents' identities and access rights.

2. Conventions and Definitions

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

3. Agent Resource Type

This specification defines a new SCIM resource type and an accompanying core schema, following the resource type and schema conventions of [RFC7643]:

Agent

A resource of this type represents an agent's identity to the service. It includes attributes of an agent's identity needed to be known by a service.

Resources of this type are conveyed via the SCIM protocol [RFC7644] using JSON [RFC8259]. Extension schemas can be defined to extend this resource type, allowing additional attributes.

The core schema for the Agent resource type is identified by the URI "urn:ietf:params:scim:schemas:core:2.0:Agent". The schema defines the attributes described in the following sections. In addition, Agent resources include the common attributes "externalId", "id", "meta", and "schemas" as described in Sections 3 and 3.1 of [RFC7643].

4. Core Schema

4.1. Single-valued Attributes

The Agent core schema defines the following single-valued attributes. A SCIM service provider that implements this specification MUST implement all attributes defined in the core Agent schema unless otherwise specified.

active

A boolean value indicating the agentic identity's administrative status. A SCIM client can indicate that an agentic identity is to be treated as inactive by the service by setting it to false. The definitive meaning of this attribute is determined by the SCIM service. REQUIRED.

description

The value of this attribute is a string with the agentic identity's human-readable description.

displayName

The value of this attribute is a string with the human-readable name of the agentic identity, suitable for display to end-users. REQUIRED.

agentUserName

A string containing a unique identifier for the agent, similar to a user's userName or email address. This value SHOULD be human-readable and MUST be unique across all Agent resources in the provisioning domain. REQUIRED.

4.2. Multi-valued Attributes

The Agent core schema defines the following multi-valued attributes.

owners

A list of the responsible parties for an agentic identity. Each value is a complex type that allows referencing the "id" attribute of a user, a group, or other resource already known to the SCIM service provider. Each value has the following sub-attributes.

value

The "id" of the SCIM resource representing an owner of an agentic identity. This sub-attribute MUST be included for each "owners" value; mutability is "immutable".

$ref

The URI of the SCIM resource representing an owner of an agentic identity. RECOMMENDED; mutability is "readOnly".

displayName

The displayName of the agentic identity's owner. OPTIONAL; mutability is "readOnly".

4.3. Agent Resource Schema

The following is a non-normative example of the Agent resource type as returned from the "/ResourceTypes" endpoint, in JSON format.

{
  "schemas": [
    "urn:ietf:params:scim:schemas:core:2.0:ResourceType"
  ],
  "id": "Agent",
  "name": "Agent",
  "description": "An agent's identity as represented in a SCIM service.",
  "endpoint": "/Agents",
  "schema": "urn:ietf:params:scim:schemas:core:2.0:Agent",
  "meta": {
    "resourceType": "ResourceType",
    "location": "https://example.com/v2/ResourceTypes/Agent"
  }
}

The following is a non-normative example of the Agent schema as returned from the "/Schemas" endpoint, in SCIM JSON schema format.

{
  "schemas": [
    "urn:ietf:params:scim:schemas:core:2.0:Schema"
  ],
  "id": "urn:ietf:params:scim:schemas:core:2.0:Agent",
  "name": "Agent",
  "description": "An agent's identity as represented in a SCIM service.",
  "attributes": [
    {
      "name": "active",
      "type": "boolean",
      "multiValued": false,
      "description": "A boolean value indicating the agent's administrative status.",
      "required": true,
      "mutability": "readWrite",
      "returned": "default",
      "uniqueness": "none"
    },
    {
      "name": "description",
      "type": "string",
      "multiValued": false,
      "description": "The agent's human-readable description.",
      "required": false,
      "caseExact": false,
      "mutability": "readWrite",
      "returned": "default",
      "uniqueness": "none"
    },
    {
      "name": "displayName",
      "type": "string",
      "multiValued": false,
      "description": "The human-readable name of the agent, suitable for display to end-users.",
      "required": true,
      "caseExact": false,
      "mutability": "readWrite",
      "returned": "default",
      "uniqueness": "none"
    },
    {
      "name": "agentUserName",
      "type": "string",
      "multiValued": false,
      "description": "A unique identifier for the agent, similar to a userName or email address.",
      "required": true,
      "caseExact": false,
      "mutability": "readWrite",
      "returned": "default",
      "uniqueness": "server"
    },
    {
      "name": "owners",
      "type": "complex",
      "multiValued": true,
      "description": "A list of the responsible parties for this agent.",
      "required": false,
      "mutability": "readWrite",
      "returned": "default",
      "uniqueness": "none",
      "subAttributes": [
        {
          "name": "value",
          "type": "string",
          "multiValued": false,
          "description": "The \"id\" of the SCIM resource representing an owner of this agent.",
          "required": true,
          "caseExact": false,
          "mutability": "immutable",
          "returned": "default",
          "uniqueness": "none"
        },
        {
          "name": "$ref",
          "type": "reference",
          "referenceTypes": ["User", "Group", "Agent"],
          "multiValued": false,
          "description": "The URI of the SCIM resource representing an owner of this agent.",
          "required": false,
          "caseExact": true,
          "mutability": "readOnly",
          "returned": "default",
          "uniqueness": "none"
        },
        {
          "name": "displayName",
          "type": "string",
          "multiValued": false,
          "description": "The displayName of the agent's owner.",
          "required": false,
          "caseExact": false,
          "mutability": "readOnly",
          "returned": "default",
          "uniqueness": "none"
        }
      ]
    }
  ],
  "meta": {
    "resourceType": "Schema",
    "location":
      "https://example.com/v2/Schemas/urn:ietf:params:scim:schemas:core:2.0:Agent"
  }
}

The following is a non-normative example of an Agent resource instance in JSON format.

{
  "schemas": [
    "urn:ietf:params:scim:schemas:core:2.0:Agent"
  ],
  "id": "95cfaafb-0827-4c60-8236-523ad04b3cba",
  "displayName": "Agent for tour guides",
  "agentUserName": "tour-guide-agent",
  "active": true,
  "externalId": "67890",
  "meta": {
    "resourceType": "Agent"
  }
}

4.4. Updates to Existing Schema

To allow an agentic identity to be a member of a group, this memo augments the definition of the "members" attribute of [RFC7643] as follows:

  • allow the referenceTypes of the members "$ref" sub-attribute to also refer to an Agent resource

  • allow the canonicalValues of the members "type" sub-attribute to also allow for "Agent"

5. Security Considerations

SCIM data is intended to be exchanged using the SCIM protocol. It is important when handling data to implement the security considerations outlined in Section 7 of [RFC7644].

5.1. Privacy

The text of this privacy section is derived from the corresponding privacy section of [RFC7643].

Information should be shared on an as-needed basis. A SCIM client should limit information to what it believes a SCIM service requires, and a SCIM service should only accept information it needs. Clients and servers should take into consideration that sensitive information is being conveyed across technical (e.g., protocol and applications), administrative (e.g., organizational, corporate), and jurisdictional boundaries. In particular, information security and privacy must be considered.

Security service level agreements for the handling of these attributes are beyond the scope of this document but are to be carefully considered by implementers and deploying organizations.

Please see the Privacy Considerations section of [RFC7644] for more protocol-specific considerations regarding the handling of SCIM information.

6. IANA Considerations

6.1. New Schema

When published as an RFC, the IANA is requested to add the following addition to the "SCIM Schema URIs for Data Resources" established in [RFC7643]:

Table 1
URN Name Reference
urn:ietf:params:scim:schemas:core:2.0:Agent Agent This memo, Section 3

7. Normative References

[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/rfc/rfc2119>.
[RFC7643]
Hunt, P., Ed., Grizzle, K., Wahlstroem, E., and C. Mortimore, "System for Cross-domain Identity Management: Core Schema", RFC 7643, DOI 10.17487/RFC7643, , <https://www.rfc-editor.org/rfc/rfc7643>.
[RFC7644]
Hunt, P., Ed., Grizzle, K., Ansari, M., Wahlstroem, E., and C. Mortimore, "System for Cross-domain Identity Management: Protocol", RFC 7644, DOI 10.17487/RFC7644, , <https://www.rfc-editor.org/rfc/rfc7644>.
[RFC8174]
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/rfc/rfc8174>.
[RFC8259]
Bray, T., Ed., "The JavaScript Object Notation (JSON) Data Interchange Format", STD 90, RFC 8259, DOI 10.17487/RFC8259, , <https://www.rfc-editor.org/rfc/rfc8259>.

Appendix A. Changes From Earlier Versions

This is the initial version of this draft.

Acknowledgments

The editor would like to acknowledge the contribution and work of the authors of the SCIM RFCs [RFC7643] and [RFC7644] and of other SCIM Internet-Drafts, the participants of the IETF SCIM WG, and the SCIM Community.

Authors' Addresses

Mark Wahl
Microsoft
Danny Zollner
Okta
Pamela Dingle
Microsoft
Ismael Kazzouzi
Nextident