scim B. Greevenbosch Internet-Draft R. Sun Intended status: Standards Track Huawei Technologies Expires: June 21, 2015 December 18, 2014 SCIM and vCard mapping draft-greevenbosch-scim-vcard-mapping-04 Abstract This document defines a mapping between SCIM and vCard. Greevenbosch & Sun Expires June 21, 2015 [Page 1] Internet-Draft SCIM/vCard mapping December 2014 Note Discussion and suggestions for improvement are requested, and should be sent to scim@ietf.org. Status of this Memo This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." This Internet-Draft will expire on June 21, 2015. Copyright Notice Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Greevenbosch & Sun Expires June 21, 2015 [Page 2] Internet-Draft SCIM/vCard mapping December 2014 Table of Contents 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 2. Requirements notation . . . . . . . . . . . . . . . . . . . . 5 3. Mapping from SCIM to vCard . . . . . . . . . . . . . . . . . . 6 3.1. Mapping of SCIM attributes to vCard properties . . . . . . 6 3.2. Mapping of SCIM attributes to vCard parameters . . . . . . 13 4. Mapping from vCard properties to SCIM attributes . . . . . . . 15 4.1. Mapping of vCard properties . . . . . . . . . . . . . . . 15 4.2. Mapping of vCard parameters . . . . . . . . . . . . . . . 20 5. Mapping between SCIM and vCard IDs . . . . . . . . . . . . . . 22 6. Differences between vCard and SCIM . . . . . . . . . . . . . . 23 7. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 7.1. Mapping from SCIM to vCard . . . . . . . . . . . . . . . . 24 7.2. Mapping from vCard to SCIM . . . . . . . . . . . . . . . . 28 8. Open issues . . . . . . . . . . . . . . . . . . . . . . . . . 31 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 10. Security Considerations . . . . . . . . . . . . . . . . . . . 33 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 34 12. References . . . . . . . . . . . . . . . . . . . . . . . . . . 35 12.1. Normative References . . . . . . . . . . . . . . . . . . . 35 12.2. Informative References . . . . . . . . . . . . . . . . . . 35 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 36 Greevenbosch & Sun Expires June 21, 2015 [Page 3] Internet-Draft SCIM/vCard mapping December 2014 1. Introduction The SCIM core schema [I-D.ietf-scim-core-schema] defines a platform neutral data and extension model for representing users of cloud services. SCIM core also defines XML and JSON serialisations of the abstract schema. This document defines a mapping between SCIM and vCard [RFC6350]. The mapping may serve several purposes: o To provide a unified conversion mechanism between SCIM and vCard. o To identify properties that are defined in vCard, but are missing in SCIM. o To identify SCIM attributes that may be useful in vCard too. Greevenbosch & Sun Expires June 21, 2015 [Page 4] Internet-Draft SCIM/vCard mapping December 2014 2. Requirements notation The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. Greevenbosch & Sun Expires June 21, 2015 [Page 5] Internet-Draft SCIM/vCard mapping December 2014 3. Mapping from SCIM to vCard When mapping SCIM attributes to vCard, they may either become mapped to vCard properties or to vCard attribues associated with vCard properties. Section 3.1 defines the mappings to the vCard properties, whereas Section 3.2 defines mappings to vCard attributes. In addition, in accordance to [RFC6350], the vCard representation MUST include the mandatory fields: o VERSION o FN 3.1. Mapping of SCIM attributes to vCard properties Table 1 describes a mapping from SCIM attributes to the vCard properties. In the table, the cardinality of the SCIM attribute is prefixed by an "S", whereas the cardinality of the vCard property is prefixed by a "v". The further notation has been adopted from [RFC6350] as follows: +-------------+----------------------------------------+ | 1 | Exactly one instance MUST be present. | | *1 | Exactly one instance MAY be present. | | 1* | One or more instances MUST be present. | | * | One or more instances MAY be present. | +-------------+----------------------------------------+ SCIM fields that have no vCard equivalent MUST be omitted in the vCard result. The reverse mapping from vCard to SCIM is defined in Section 4. The reason for having two tables is that some mappings are not invertible. +---------------------+-----------------+------------+--------------+ | SCIM attribute | vCard property | Cardinalit | Notes | | | | y | | +---------------------+-----------------+------------+--------------+ | active | | S*1 | | | | | | | Greevenbosch & Sun Expires June 21, 2015 [Page 6] Internet-Draft SCIM/vCard mapping December 2014 | addresses | ADR | S* v* | See | | | | | [RFC6350] | | | | | for the | | | | | internal | | | | | coding of | | | | | the ADR | | | | | property. | | | | | | | addresses/country | ADR (country) | S* v* | Combined | | | | | with other | | | | | address | | | | | attributes | | | | | into a | | | | | single ADR | | | | | element. | | | | | | | addresses/formatted | ADR (LABEL) | S* v* | | | | | | | | addresses/locality | ADR (locality) | S* v* | Combined | | | | | with other | | | | | address | | | | | attributes | | | | | into a | | | | | single ADR | | | | | element. | | | | | | | addresses/postalCod | ADR (postal | S* v* | Combined | | e | code) | | with other | | | | | address | | | | | attributes | | | | | into a | | | | | single ADR | | | | | element. | | | | | | | addresses/region | ADR (region) | S* v* | Combined | | | | | with other | | | | | address | | | | | attributes | | | | | into a | | | | | single ADR | | | | | element. | | | | | | Greevenbosch & Sun Expires June 21, 2015 [Page 7] Internet-Draft SCIM/vCard mapping December 2014 | addresses/streetAdd | ADR (street | S* v* | Combined | | ress | address) | | with other | | | | | address | | | | | attributes | | | | | into a | | | | | single ADR | | | | | element. | | | | | | | costCenter | | S*1 | | | | | | | | department | ORG | S*1 v* | Use the | | | | | hierarchical | | | | | order | | | | | defined in | | | | | vCard. | | | | | | | displayName | | S*1 | | | | | | | | division | ORG | S*1 v* | Use the | | | | | hierarchical | | | | | order | | | | | defined in | | | | | vCard. | | | | | | | emails | EMAIL | S* v* | See Table 2 | | | | | for the | | | | | conversion | | | | | of a | | | | | possible | | | | | "type" | | | | | attribute. | | | | | | | employeeNumber | | S*1 | | | | | | | | entitlements | | S* | Hard to map | | | | | as it is | | | | | proprietary | | | | | by nature. | | | | | | | externalId | | S*1 | | | | | | | | groups/value | | S* | ID of the | | | | | group | | | | | | | groups/$ref | | S* | URI of the | | | | | group | | | | | | Greevenbosch & Sun Expires June 21, 2015 [Page 8] Internet-Draft SCIM/vCard mapping December 2014 | id | UID | S1 v*1 | See | | | | | Section 5 | | | | | for | | | | | conversion | | | | | from SCIM id | | | | | space to | | | | | vCard UID | | | | | space. | | | | | | | ims | IMPP | S* v* | | | | | | | | locale | | S*1 | | | | | | | | manager/displayName | | S*1 | This field | | | | | is optional | | | | | in SCIM, | | | | | also when | | | | | "manager" is | | | | | included. | | | | | | | manager/id | | S*1 | SCIM | | | | | specific ID, | | | | | related to | | | | | "id" | | | | | attribute. | | | | | The vCard | | | | | RELATED | | | | | property | | | | | could be | | | | | used, but a | | | | | TYPE | | | | | "manager" | | | | | may need | | | | | definition. | | | | | In SCIM, | | | | | "managerID" | | | | | is mandatory | | | | | if "manager" | | | | | is included. | | | | | | | manager/$ref | | S*1 | The URI of | | | | | the SCIM | | | | | resource | | | | | representing | | | | | the User's | | | | | manager. | | | | | | Greevenbosch & Sun Expires June 21, 2015 [Page 9] Internet-Draft SCIM/vCard mapping December 2014 | members/value | MEMBER | S* v* | Contains the | | | | | IDs of the | | | | | SCIM | | | | | resources | | | | | associated | | | | | with the | | | | | members of | | | | | the group. | | | | | | | members/$ref | MEMBER | S* v* | Contains the | | | | | URIs of the | | | | | SCIM | | | | | resources | | | | | associated | | | | | with the | | | | | members of | | | | | the group. | | | | | | | meta/created | | S*1 | | | | | | | | meta/lastModified | REV | S*1 v*1 | | | | | | | | meta/location | | S*1 | No direct | | | | | vCard | | | | | equivalent. | | | | | Candidates | | | | | could be | | | | | SOURCE and | | | | | ORG-DIRECTOR | | | | | Y. | | | | | | | meta/resourceType | | S*1 | | | | | | | | meta/version | | S*1 | | | | | | | | name/familyName | N (family | S*1 v*1 | Combined | | | names) | | with other | | | | | name | | | | | attributes | | | | | in a single | | | | | N element. | | | | | | | name/formatted | FN | S*1 v1* | | | | | | | Greevenbosch & Sun Expires June 21, 2015 [Page 10] Internet-Draft SCIM/vCard mapping December 2014 | name/givenName | N (given names) | S*1 v*1 | Combined | | | | | with other | | | | | name | | | | | attributes | | | | | in a single | | | | | N element. | | | | | | | name/honorificPrefi | N (honorific | S*1 v*1 | Combined | | x | prefixes) | | with other | | | | | name | | | | | attributes | | | | | in a single | | | | | N element. | | | | | | | name/honorificSuffi | N (honorific | S*1 v*1 | Combined | | x | suffixes) | | with other | | | | | name | | | | | attributes | | | | | in a single | | | | | N element. | | | | | | | name/middleName | N (additional | S*1 v*1 | | | | names) | | | | | | | | | nickName | NICKNAME | S*1 v* | | | | | | | | organization | ORG | S*1 v* | Use the | | | | | hierarchical | | | | | order | | | | | defined in | | | | | vCard. | | | | | | | password | | S*1 | | | | | | | | phoneNumbers (no | TEL (no TYPE) | S* v* | | | type) | | | | | | | | | | phoneNumbers | TEL | S* v* | | | (type="fax") | (TYPE="fax") | | | | | | | | | phoneNumbers | TEL | S* v* | | | (type="home") | (TYPE="voice,ho | | | | | me") | | | | | | | | | phoneNumbers | TEL | S* v* | | | (type="mobile") | (TYPE="voice,ce | | | | | ll") | | | | | | | | Greevenbosch & Sun Expires June 21, 2015 [Page 11] Internet-Draft SCIM/vCard mapping December 2014 | phoneNumbers | TEL (no TYPE) | S* v* | | | (type="other") | | | | | | | | | | phoneNumbers | TEL | S* v* | | | (type="pager") | (TYPE="pager") | | | | | | | | | phoneNumbers | TEL | S* v* | | | (type="work") | (TYPE="voice,wo | | | | | rk") | | | | | | | | | photos | PHOTO | S* v* | URL of a web | | | | | location | | | | | where the | | | | | photo can be | | | | | retrieved. | | | | | | | preferredLanguage | LANG | S*1 v* | Language tag | | | | | according to | | | | | [RFC5646]. | | | | | | | profileUrl | URL | S*1 v* | Multiple | | | | | fields in | | | | | SCIM better? | | | | | | | roles | ROLE | S* v* | Consider | | | | | distinction | | | | | with the | | | | | "userType" | | | | | attribute. | | | | | | | timezone | TZ | S*1 v* | | | | | | | | title | TITLE | S*1 v* | | | | | | | | userName | | S1 | | | | | | | | userType | ROLE | S*1 v* | Consider | | | | | distinction | | | | | with the | | | | | "roles" | | | | | attribute. | | | | | | | x509Certificates | KEY | S* v* | Care is | | | | | required: | | | | | keys may not | | | | | have the | | | | | same usage. | +---------------------+-----------------+------------+--------------+ Greevenbosch & Sun Expires June 21, 2015 [Page 12] Internet-Draft SCIM/vCard mapping December 2014 Table 1: SCIM to vCard mapping 3.2. Mapping of SCIM attributes to vCard parameters In addition to SCIM properties, SCIM attributes may also need to be converted to vCard parameters. Table 2 contains the related mappings. +-----------+--------+-----------+-------------+--------------------+ | SCIM | SCIM | vCard | vCard value | Notes | | attribute | value | parameter | | | +-----------+--------+-----------+-------------+--------------------+ | primary | true | PREF | 1 | | | | | | | | | primary | false | | | Omitted in vCard. | | | | | | | | type | aim | TYPE | x-aim | Only for "ims" | | | | | | | | type | fax | TYPE | fax | May be combined | | | | | | with other types | | | | | | in vCard | | | | | | | | type | gtalk | TYPE | x-gtalk | Only for "ims" | | | | | | | | type | home | TYPE | home | May be combined | | | | | | with other types | | | | | | in vCard | | | | | | | | type | icq | TYPE | x-icq | Only for "ims" | | | | | | | | type | mobile | TYPE | cell | May be combined | | | | | | with other types | | | | | | in vCard | | | | | | | | type | msn | TYPE | x-msn | Only for "ims" | | | | | | | | type | other | | | Omitted in vCard | | | | | | | | type | pager | TYPE | pager | May be combined | | | | | | with other types | | | | | | in vCard | | | | | | | | type | photo | | | Only for "photo", | | | | | | vCard parameter | | | | | | can be omitted. | | | | | | | | type | qq | TYPE | x-qq | Only for "ims" | | | | | | | Greevenbosch & Sun Expires June 21, 2015 [Page 13] Internet-Draft SCIM/vCard mapping December 2014 | type | skype | TYPE | x-skype | Only for "ims" | | | | | | | | type | work | TYPE | work | May be combined | | | | | | with other types | | | | | | in vCard | | | | | | | | type | xmpp | TYPE | x-xmpp | Only for "ims" | | | | | | | | type | yahoo | TYPE | x-yahoo | Only for "ims" | | | | | | | | type | yahoo | TYPE | x-thumbnail | Only for | | | | | | "thumbnail" | +-----------+--------+-----------+-------------+--------------------+ Table 2: Mapping of SCIM attributes to vCard parameters Greevenbosch & Sun Expires June 21, 2015 [Page 14] Internet-Draft SCIM/vCard mapping December 2014 4. Mapping from vCard properties to SCIM attributes 4.1. Mapping of vCard properties Table 3 describes a mapping from vCard properties to SCIM attributes. For the cardinalities, the same notation from Section 3 is used. Notice that the attributes "uid" and "userName" are mandatory in a SCIM representation, whereas they may not be available in the vCard. It is left to the application to generate sensible values for these fields. +-----------------+---------------------+------------+--------------+ | vCard property | SCIM attribute | Cardinalit | Notes | | | | yin | | | | | vCard/SCI | | | | | M | | +-----------------+---------------------+------------+--------------+ | ANNIVERSARY | | v*1 | | | | | | | | ADR (country) | addresses/country | v* S* | | | | | | | | ADR (extended | | v* | | | address) | | | | | | | | | | ADR (LABEL) | addresses/formatted | v* S* | | | | | | | | ADR (locality) | addresses/locality | v* S* | | | | | | | | ADR (post | addresses/streetAdd | v* S* | | | office box) | ress | | | | | | | | | ADR (postal | addresses/postalCod | v* S* | | | code) | e | | | | | | | | | ADR (region) | addresses/region | v* S* | | | | | | | | ADR (street | addresses/streetAdd | v* S* | | | address) | ress | | | | | | | | | BDAY | | v*1 | | | | | | | | BIRTHPLACE | | v*1 | Defined in | | | | | [RFC6474]. | | | | | | Greevenbosch & Sun Expires June 21, 2015 [Page 15] Internet-Draft SCIM/vCard mapping December 2014 | CALADRURI | | v* | Purpose: to | | | | | specify the | | | | | calendar | | | | | user address | | | | | to which a | | | | | scheduling | | | | | request | | | | | should be | | | | | sent for the | | | | | object | | | | | represented | | | | | by the | | | | | vCard. | | | | | | | CALURI | | v* | Purpose: to | | | | | specify the | | | | | URI for a | | | | | calendar | | | | | associated | | | | | with the | | | | | object | | | | | represented | | | | | by the | | | | | vCard. | | | | | | | CATEGORIES | | v* | Contains not | | | | | necessarily | | | | | unified | | | | | tags. | | | | | | | CLIENTPIDMAP | | v* | Link between | | | | | local PID | | | | | and global | | | | | URI. | | | | | | | DEATHDATE | | v*1 | Defined in | | | | | [RFC6474]. | | | | | | | DEATHPLACE | | v*1 | Defined in | | | | | [RFC6474]. | | | | | | | EMAIL | emails | v* S* | Can have | | | | | TYPE="work", | | | | | TYPE="home". | | | | | | | EXPERTISE | | v* | Defined in | | | | | [RFC6715]. | | | | | | Greevenbosch & Sun Expires June 21, 2015 [Page 16] Internet-Draft SCIM/vCard mapping December 2014 | FBURL | | v* | Purpose: to | | | | | specify the | | | | | URI for the | | | | | busy time | | | | | associated | | | | | with the | | | | | object that | | | | | the vCard | | | | | represents. | | | | | | | FN | names/formatted | v1* S*1 | | | | | | | | GENDER | | v*1 | Can have the | | | | | values | | | | | "M"ale, | | | | | "F"emale, | | | | | "O"ther, | | | | | "N"one or | | | | | not | | | | | applicable | | | | | or | | | | | "U"nknown. | | | | | | | GEO | | v* | GPS | | | | | coordinates | | | | | | | HOBBY | | v* | Defined in | | | | | [RFC6715]. | | | | | | | IMPP | ims | v* S* | | | | | | | | INTEREST | | v* | Defined in | | | | | [RFC6715]. | | | | | | | KEY | x509Certificates? | v* S* | Care is | | | | | required: | | | | | keys may not | | | | | have the | | | | | same usage. | | | | | | Greevenbosch & Sun Expires June 21, 2015 [Page 17] Internet-Draft SCIM/vCard mapping December 2014 | KIND | | v*1 | In vCard can | | | | | have the | | | | | values | | | | | "individual" | | | | | ,"group", | | | | | "org" and | | | | | "location". | | | | | The value | | | | | "applicatio | | | | | n"was added | | | | | by[RFC6473]. | | | | | | | LANG | preferredLanguage | v* S*1 | | | | | | | | LOGO | | v* | | | | | | | | MEMBER | members/id | v* S* | Contains a | | | | | vCard ID of | | | | | a member of | | | | | this group. | | | | | The vCard | | | | | MUST have | | | | | KIND="group" | | | | | .ID must be | | | | | converted. | | | | | | | N (additional | names/middleName | v*1 S*1 | | | names) | | | | | | | | | | N (family | names/familyName | v*1 S*1 | | | names) | | | | | | | | | | N (given names) | names/givenName | v*1 S*1 | | | | | | | | N (honorific | names/honorificPref | v*1 S*1 | | | prefixes) | ix | | | | | | | | | N (honorific | names/honorificSuff | v*1 S*1 | | | suffixes) | ix | | | | | | | | | NICKNAME | nickName | v* S*1 | | | | | | | | NOTE | | v* | Any text. | | | | | | | ORG | organization | v* S*1 | | | | | | | | ORG-DIRECTORY | | v* | Defined in | | | | | [RFC6715]. | Greevenbosch & Sun Expires June 21, 2015 [Page 18] Internet-Draft SCIM/vCard mapping December 2014 | PHOTO | photos | v* S* | URL of a web | | | | | location | | | | | where the | | | | | photo can be | | | | | retrieved. | | | | | | | PRODID | | v*1 | ID for | | | | | producer of | | | | | vCard. | | | | | | | RELATED | | v* | Contains a | | | | | vCard ID of | | | | | another | | | | | related | | | | | vCard. Can | | | | | have many | | | | | TYPE values, | | | | | such as | | | | | "friend", | | | | | "neighbor" | | | | | and | | | | | "spouse". | | | | | | | REV | | v*1 | Purpose: to | | | | | specify | | | | | revision | | | | | information | | | | | about the | | | | | current | | | | | vCard. | | | | | | | ROLE | roles | v* S*1 | | | | | | | | SOUND | | v* | | | | | | | | SOURCE | | v* | Similar to | | | | | SCIM | | | | | meta/locatio | | | | | n. | | | | | | | TEL | phoneNumbers, | v* S* | See Table 4 | | (TYPE="textphon | type="other" | | for related | | e") | | | type | | | | | mapping. | | | | | | | TITLE | title | v* S*1 | | | | | | | | TZ | timezone | v* S*1 | | Greevenbosch & Sun Expires June 21, 2015 [Page 19] Internet-Draft SCIM/vCard mapping December 2014 | UID | externalId | v*1 S*1 | See | | | | | Section 5 | | | | | for | | | | | conversion | | | | | from vCard | | | | | UID space to | | | | | SCIM id | | | | | space. | | | | | | | URL | profileUrl | v* S*1 | | | | | | | | VERSION | | v1 | Version of | | | | | vCard | | | | | specificatio | | | | | n. | | | | | | | XML | | v* | Purpose: to | | | | | include | | | | | extended | | | | | XML-encoded | | | | | vCard data | | | | | in a plain | | | | | vCard. | +-----------------+---------------------+------------+--------------+ Table 3: vCard to SCIM mapping 4.2. Mapping of vCard parameters Table 4 describes how vCard parameters are mapped to SCIM. Greevenbosch & Sun Expires June 21, 2015 [Page 20] Internet-Draft SCIM/vCard mapping December 2014 +---------------+----------------+------------------+---------------+ | vCard | vCard | SCIM | Notes | | parameter | parameter | representation | | | | value | | | +---------------+----------------+------------------+---------------+ | TYPE | cell | "type": "mobile" | | | | | | | | TYPE | fax | "type": "fax" | | | | | | | | TYPE | pager | "type": "pager" | | | | | | | | TYPE | text | "type": "other" | | | | | | | | TYPE | textphone | "type": "other" | | | | | | | | TYPE | video | "type": "video" | | | | | | | | TYPE | voice | | Omitted in | | | | | SCIM | +---------------+----------------+------------------+---------------+ Table 4: Mapping of vCard parameters Greevenbosch & Sun Expires June 21, 2015 [Page 21] Internet-Draft SCIM/vCard mapping December 2014 5. Mapping between SCIM and vCard IDs A SCIM specific prefix could be used to indicate the conversion from SCIM IDs to vCard UIDs. A "Service Provider" specific part would need to be included in the vCard UID, as the SCIM ID is unique within the Service Provider's space only. The following format is proposed: UID:scim:[serviceProviderID]:123456789 Conversion from vCard to SCIM may be done similarly, i.e. by adding a prefix to the vCard UID. The SCIM schema document mentions for the SCIM ID: "This identifier MUST be unique across the Service Provider's entire set of Resources", so as long as the vCard UID indeed is globally unique, and the service provider uses the prefix for vCard acquired resources only, the rule should hold. Notice that the above mechanism allows looping. For example, converting SCIM -> vCard -> SCIM would lead to another SCIM ID in the second representation as in the first. This indeed reflects the possible loss of information in the conversion process. It is RECOMMENDED to avoid this kind of chained conversion. Because of the format of the vCard UID after conversion from SCIM, the SCIM service provider can detect above mentioned chained conversion, as well as the original vCard ID. The actions the service provider may take upon such detection may for example include using the original SCIM data instead, or using smarter mapping by analysing the original and the new import. This kind of mechanisms is left out of scope of this document. Greevenbosch & Sun Expires June 21, 2015 [Page 22] Internet-Draft SCIM/vCard mapping December 2014 6. Differences between vCard and SCIM This section contains a non-exhaustive list of differences between vCard and SCIM. o In vCard, a group property can be established. This property contains the IDs of its members. In SCIM however, the group/ membership relation can be signalled in two directions: just like vCard the group object can signal its members through the "members" attribute, but the member objects can also point to the groups they are part of, through the "groups" attribute. o In SCIM, relations between objects can be established either through their IDs or through their URIs. vCard only uses IDs to signal relationships between entities. Greevenbosch & Sun Expires June 21, 2015 [Page 23] Internet-Draft SCIM/vCard mapping December 2014 7. Examples 7.1. Mapping from SCIM to vCard Figure 2 contains the result after converting the SCIM data from Figure 1 to vCard. Notice that the following fields have been omitted during conversion: o userName o locale o active o password o groups o meta fields except for "lastModified" { "schemas": ["urn:scim:schemas:core:2.0:User"], "id": "2819c223-7f76-453a-919d-413861904646", "externalId": "701984", "userName": "bjensen@example.com", "name": { "formatted": "Ms. Barbara J Jensen III", "familyName": "Jensen", "givenName": "Barbara", "middleName": "Jane", "honorificPrefix": "Ms.", "honorificSuffix": "III" }, "displayName": "Babs Jensen", "nickName": "Babs", "profileUrl": "https://login.example.com/bjensen", "emails": [ { "value": "bjensen@example.com", "type": "work", "primary": true }, { "value": "babs@jensen.org", "type": "home" } Greevenbosch & Sun Expires June 21, 2015 [Page 24] Internet-Draft SCIM/vCard mapping December 2014 ], "addresses": [ { "type": "work", "streetAddress": "100 Universal City Plaza", "locality": "Hollywood", "region": "CA", "postalCode": "91608", "country": "USA", "formatted": "100 Universal City Plaza\nHollywood, CA 91608 USA", "primary": true }, { "type": "home", "streetAddress": "456 Hollywood Blvd", "locality": "Hollywood", "region": "CA", "postalCode": "91608", "country": "USA", "formatted": "456 Hollywood Blvd\nHollywood, CA 91608 USA" } ], "phoneNumbers": [ { "value": "555-555-5555", "type": "work" }, { "value": "555-555-4444", "type": "mobile" } ], "ims": [ { "value": "someaimhandle", "type": "aim" } ], "photos": [ { "value": "https://photos.example.com/profilephoto/72930000000Ccne/F", "type": "photo" }, { "value": "https://photos.example.com/profilephoto/72930000000Ccne/T", "type": "thumbnail" } ], Greevenbosch & Sun Expires June 21, 2015 [Page 25] Internet-Draft SCIM/vCard mapping December 2014 "userType": "Employee", "title": "Tour Guide", "preferredLanguage":"en_US", "locale": "en_US", "timezone": "America/Los_Angeles", "active":true, "password":"t1meMa$heen", "groups": [ { "value": "e9e30dba-f08f-4109-8486-d5c6a331660a", "$ref": "https://example.com/v1/Groups/e9e30dba-f08f-4109-8486-d5c6a331660a", "display": "Tour Guides" }, { "value": "fc348aa8-3835-40eb-a20b-c726e15c55b5", "$ref": "https://example.com/v1/Groups/fc348aa8-3835-40eb-a20b-c726e15c55b5", "display": "Employees" }, { "value": "71ddacd2-a8e7-49b8-a5db-ae50d0a5bfd7", "$ref": "https://example.com/v1/Groups/71ddacd2-a8e7-49b8-a5db-ae50d0a5bfd7", "display": "US Employees" } ], "x509Certificates": [ { "value": "MIIDQzCCAqygAwIBAgICEAAwDQYJKoZIhvcNAQEFBQAwTjELMAkGA1UEBhMCVVMx EzARBgNVBAgMCkNhbGlmb3JuaWExFDASBgNVBAoMC2V4YW1wbGUuY29tMRQwEgYD VQQDDAtleGFtcGxlLmNvbTAeFw0xMTEwMjIwNjI0MzFaFw0xMjEwMDQwNjI0MzFa MH8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQKDAtl eGFtcGxlLmNvbTEhMB8GA1UEAwwYTXMuIEJhcmJhcmEgSiBKZW5zZW4gSUlJMSIw IAYJKoZIhvcNAQkBFhNiamVuc2VuQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEA7Kr+Dcds/JQ5GwejJFcBIP682X3xpjis56AK02bc 1FLgzdLI8auoR+cC9/Vrh5t66HkQIOdA4unHh0AaZ4xL5PhVbXIPMB5vAPKpzz5i PSi8xO8SL7I7SDhcBVJhqVqr3HgllEG6UClDdHO7nkLuwXq8HcISKkbT5WFTVfFZ zidPl8HZ7DhXkZIRtJwBweq4bvm3hM1Os7UQH05ZS6cVDgweKNwdLLrT51ikSQG3 DYrl+ft781UQRIqxgwqCfXEuDiinPh0kkvIi5jivVu1Z9QiwlYEdRbLJ4zJQBmDr SGTMYn4lRc2HgHO4DqB/bnMVorHB0CC6AV1QoFK4GPe1LwIDAQABo3sweTAJBgNV HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp Y2F0ZTAdBgNVHQ4EFgQU8pD0U0vsZIsaA16lL8En8bx0F/gwHwYDVR0jBBgwFoAU dGeKitcaF7gnzsNwDx708kqaVt0wDQYJKoZIhvcNAQEFBQADgYEAA81SsFnOdYJt Ng5Tcq+/ByEDrBgnusx0jloUhByPMEVkoMZ3J7j1ZgI8rAbOkNngX8+pKfTiDz1R C4+dx8oU6Za+4NJXUjlL5CvV6BEYb1+QAEJwitTVvxB/A67g42/vzgAtoRUeDov1 +GFiBZ+GNF/cAYKcMtGcrs2i97ZkJMo=" } ], "meta": { Greevenbosch & Sun Expires June 21, 2015 [Page 26] Internet-Draft SCIM/vCard mapping December 2014 "resourceType": "User", "created": "2010-01-23T04:56:22Z", "lastModified": "2011-05-13T04:42:34Z", "version": "W\/\"a330bc54f0671c9\"", "location": "https://example.com/v1/Users/2819c223-7f76-453a-919d-413861904646" } } Figure 1: Original SCIM data BEGIN:VCARD VERSION:4.0 UID:"scim:provider.example:org:2819c223-7f76-453a-919d-413861904646" FN:Ms. Barbara J Jensen III N:Jensen;Barbera;Jane;Ms.;III NICKNAME:Babs URL:"https://login.example.com/bjensen" EMAIL;TYPE=work;PREF=1:bjensen@example.com EMAIL;TYPE=home:babs@jensen.org ADR;LABEL="100 Universal City Plaza\nHollywood, CA 91608 USA";TYPE=work :;;100 Universal City Plaza;Hollywood;CA;91608;USA ADR;LABEL="456 Hollywood Blvd\nHollywood, CA 91608 USA";type=home:;;456 Hollywood Blvd;Hollywood;CA;91608;USA TEL;TYPE=voice,work:555-555-5555 TEL;TYPE=cell:555-555-4444 IMPP;TYPE=x-aim:someaimhandle PHOTO:"https://photos.example.com/profilephoto/72930000000Ccne/F" PHOTO;TYPE=x-thumbnail:"https://photos.example.com/profilephoto/7293000 0000Ccne/T" ROLE:Employee TITLE:Tour Guide LANG:en-US TZ:America/Los_Angeles KEY:...MIIDQzCCAqygAwIBAgICEAAwDQYJKoZIhvcNAQEFBQAwTjELMAkGA1UEBhMCVVMx EzARBgNVBAgMCkNhbGlmb3JuaWExFDASBgNVBAoMC2V4YW1wbGUuY29tMRQwEgYD VQQDDAtleGFtcGxlLmNvbTAeFw0xMTEwMjIwNjI0MzFaFw0xMjEwMDQwNjI0MzFa MH8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQKDAtl eGFtcGxlLmNvbTEhMB8GA1UEAwwYTXMuIEJhcmJhcmEgSiBKZW5zZW4gSUlJMSIw IAYJKoZIhvcNAQkBFhNiamVuc2VuQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEA7Kr+Dcds/JQ5GwejJFcBIP682X3xpjis56AK02bc 1FLgzdLI8auoR+cC9/Vrh5t66HkQIOdA4unHh0AaZ4xL5PhVbXIPMB5vAPKpzz5i PSi8xO8SL7I7SDhcBVJhqVqr3HgllEG6UClDdHO7nkLuwXq8HcISKkbT5WFTVfFZ zidPl8HZ7DhXkZIRtJwBweq4bvm3hM1Os7UQH05ZS6cVDgweKNwdLLrT51ikSQG3 DYrl+ft781UQRIqxgwqCfXEuDiinPh0kkvIi5jivVu1Z9QiwlYEdRbLJ4zJQBmDr SGTMYn4lRc2HgHO4DqB/bnMVorHB0CC6AV1QoFK4GPe1LwIDAQABo3sweTAJBgNV MIIDQzCCAqygAwIBAgICEAAwDQYJKoZIhvcNAQEFBQAwTjELMAkGA1UEBhMCVVMx EzARBgNVBAgMCkNhbGlmb3JuaWExFDASBgNVBAoMC2V4YW1wbGUuY29tMRQwEgYD Greevenbosch & Sun Expires June 21, 2015 [Page 27] Internet-Draft SCIM/vCard mapping December 2014 VQQDDAtleGFtcGxlLmNvbTAeFw0xMTEwMjIwNjI0MzFaFw0xMjEwMDQwNjI0MzFa MH8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRQwEgYDVQQKDAtl eGFtcGxlLmNvbTEhMB8GA1UEAwwYTXMuIEJhcmJhcmEgSiBKZW5zZW4gSUlJMSIw IAYJKoZIhvcNAQkBFhNiamVuc2VuQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0B AQEFAAOCAQ8AMIIBCgKCAQEA7Kr+Dcds/JQ5GwejJFcBIP682X3xpjis56AK02bc 1FLgzdLI8auoR+cC9/Vrh5t66HkQIOdA4unHh0AaZ4xL5PhVbXIPMB5vAPKpzz5i PSi8xO8SL7I7SDhcBVJhqVqr3HgllEG6UClDdHO7nkLuwXq8HcISKkbT5WFTVfFZ zidPl8HZ7DhXkZIRtJwBweq4bvm3hM1Os7UQH05ZS6cVDgweKNwdLLrT51ikSQG3 DYrl+ft781UQRIqxgwqCfXEuDiinPh0kkvIi5jivVu1Z9QiwlYEdRbLJ4zJQBmDr SGTMYn4lRc2HgHO4DqB/bnMVorHB0CC6AV1QoFK4GPe1LwIDAQABo3sweTAJBgNV HRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp Y2F0ZTAdBgNVHQ4EFgQU8pD0U0vsZIsaA16lL8En8bx0F/gwHwYDVR0jBBgwFoAU dGeKitcaF7gnzsNwDx708kqaVt0wDQYJKoZIhvcNAQEFBQADgYEAA81SsFnOdYJt Ng5Tcq+/ByEDrBgnusx0jloUhByPMEVkoMZ3J7j1ZgI8rAbOkNngX8+pKfTiDz1R C4+dx8oU6Za+4NJXUjlL5CvV6BEYb1+QAEJwitTVvxB/A67g42/vzgAtoRUeDov1 +GFiBZ+GNF/cAYKcMtGcrs2i97ZkJMo= REF:"2011-05-13T04:42:34Z" END:VCARD Figure 2: After conversion to vCard 7.2. Mapping from vCard to SCIM Figure 4 contains the result after converting the vCard data from Figure 3 to SCIM. The following vCard attributes have been omitted in the SCIM representation: o GENDER o BDAY The mandatory "uid" and "userName" attributes have been added to the SCIM representation, although they have not been defined in the vCard. Greevenbosch & Sun Expires June 21, 2015 [Page 28] Internet-Draft SCIM/vCard mapping December 2014 BEGIN:VCARD VERSION:4.0 FN:Vincent van Gogh N:van Gogh;Vincent;;; GENDER:M BDAY:18530330 ROLE;LANGUAGE="en":painter LANG;PREF=1:nl LANG;PREF=2:fr ADR;LABEL="Vincent van Gogh\n54 Rue Lepic\n75018 Paris\nFrance";LANGUAG E="fr";TYPE=home:;3th floor;54 Rue Lepic;Paris;;75018;France TEL;TYPE="work,voice";PREF=1:+33-1-123456 TEL;TYPE="home,voice";PREF=2:+33-1-654321 EMAIL;TYPE=home:vangogh@example.com URL;TYPE=work:"http://www.vangogh.example.com" TZ:+0100 END:VCARD Figure 3: Original SCIM data Greevenbosch & Sun Expires June 21, 2015 [Page 29] Internet-Draft SCIM/vCard mapping December 2014 { "schemas": ["urn:scim:schemas:core:2.0:User"], "id": "xyz", "userName": "vangogh@example.com", "name": { "formatted": "Vincent van Gogh", "familyName": "van Gogh", "givenName": "Vincent", }, "roles": [ { "value": "painter" } ], "preferredLanguage": "nl", "adresses": [ { "type": "home", "streetAddress": "54 Rue Lepic", "locality": "Paris", "postalCode": "75018", "country": "France", "formatted": "Vincent van Gogh\n54 Rue Lepic\n75018 Paris\nFrance" } ], "phoneNumbers": [ { "value": "+33-1-123456", "type": "work" }, { "value": "+33-1-654321", "type": "home" } ], "emails": [ { "value": "vangogh@example.com", "type": "home" } ], "timezone": "+0100" } Figure 4: Original SCIM data Greevenbosch & Sun Expires June 21, 2015 [Page 30] Internet-Draft SCIM/vCard mapping December 2014 8. Open issues The following issues require further consideration: o It may be feasible to leave out the conversion between SCIM ids and vCard UIDs, as they may be dependent on the particular application that is importing the information. o It is unclear on whether the SCIM ID can include alphanumeric characters or is restricted to numeric characters only. The examples in [I-D.ietf-scim-core-schema] seem to indicate that they consist of hexadecimal numbers, with dashes at appropriate places. If this is the case, then during the conversion from vCard UIDs to SCIM IDs would include conversion of alphanumeric characters to hexadecimal values. o For SCIM fields that have no equivalent vCard attributes, vCard attributes of the form "x-..." could be defined. Alternatively, vCard attributes could be defined, and registered with IANA. o The "id" and "userName" fields are mandatory in SCIM. However, a vCard does not have to contain similar information. Creating a sensible value of these fields may be left to the SCIM application that is importing the vCard, or guidelines could be defined. Greevenbosch & Sun Expires June 21, 2015 [Page 31] Internet-Draft SCIM/vCard mapping December 2014 9. IANA Considerations A "manager" TYPE for the RELATED vCard property may need registration. Greevenbosch & Sun Expires June 21, 2015 [Page 32] Internet-Draft SCIM/vCard mapping December 2014 10. Security Considerations The mapping between vCard and SCIM may be useful for easily transferring data for one system towards another. However, it also has privacy implications. Therefore, it is important that user consensus is acquired where applicable. For this document, some decisions were made concerning mapping between attributes and properties with similar, but not equal, semantics. This was done in a best effort manner. However one should realise that during the mapping process some accuracy from the original data may be lost. Conversion from SCIM to vCard and subsequently back to SCIM, as well as conversion from vCard to SCIM and subsequently back to vCard SHOULD be avoided. Greevenbosch & Sun Expires June 21, 2015 [Page 33] Internet-Draft SCIM/vCard mapping December 2014 11. Acknowledgements Thanks to Kepeng Li for providing feedback and suggestions. Thanks to Paul Madsen and Phil Hunt for providing similar mapping drafts [draft-scim-saml2-binding] and [I-D.hunt-scim-directory], which have served as inspiration for this document. Michael Angstadt and Dany Cauchie provided valuable review comments. Greevenbosch & Sun Expires June 21, 2015 [Page 34] Internet-Draft SCIM/vCard mapping December 2014 12. References 12.1. Normative References [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [RFC5646] Phillips, A. and M. Davis, "Tags for Identifying Languages", BCP 47, RFC 5646, September 2009. [RFC6350] Perreault, S., "vCard Format Specification", RFC 6350, August 2011. [RFC6473] Saint-Andre, P., "vCard KIND:application", RFC 6473, December 2011. [RFC6474] Li, K. and B. Leiba, "vCard Format Extensions: Place of Birth, Place and Date of Death", RFC 6474, December 2011. [RFC6715] Cauchie, D., Leiba, B., and K. Li, "vCard Format Extensions: Representing vCard Extensions Defined by the Open Mobile Alliance (OMA) Converged Address Book (CAB) Group", RFC 6715, August 2012. [I-D.ietf-scim-core-schema] Hunt, P., Grizzle, K., Wahlstroem, E., and C. Mortimore, "System for Cross-Domain Identity Management: Core Schema", draft-ietf-scim-core-schema-14 (work in progress), December 2014. 12.2. Informative References [I-D.hunt-scim-directory] Hunt, P., "SCIM Directory Services", draft-hunt-scim-directory-00 (work in progress), September 2012. [draft-scim-saml2-binding] Madsen, P., "SAML 2.0 Binding for SCIM", draft-scim-saml2-binding-02 (work in progress), April 2011. Greevenbosch & Sun Expires June 21, 2015 [Page 35] Internet-Draft SCIM/vCard mapping December 2014 Authors' Addresses Bert Greevenbosch Huawei Technologies Co., Ltd. Huawei Industrial Base F1-8 Bantian, Longgang District Shenzhen 518129 P.R. China Phone: +86-755-28979133 Email: bert.greevenbosch@huawei.com Ruinan Sun Huawei Technologies Co., Ltd. Huawei Industrial Base Bantian, Longgang District Shenzhen 518129 P.R. China Email: sunruinan@huawei.com Greevenbosch & Sun Expires June 21, 2015 [Page 36]