Description
The Feature
SCIM (System for Cross-domain Identity Management) is an open standard that simplifies identity management by automating the exchange of information between identity providers and service providers (i.e. applications like LiteLLM). It defines a RESTful API that allows the provisioning, de-provisioning, and management of user and group resources using JSON payloads. There is native support with Microsoft Entra and many other Enterprise IDPs, such as Okta.
This can be used by LiteLLM to both do enterprise provisioning of users and team management via the /Users and /Groups endpoints.
References:
SCIM Overview
Tutorial - Develop a SCIM endpoint for user provisioning to apps from Microsoft Entra ID
Python Library: https://github.com/yaal-coop/scim2-models
When Using SCIM it will likely be best to not allow changes to occur outside of the SCIM framework (e.g. prohibit, even an admin, from trying to modify data that is under SCIM management, such as group membership).
Motivation, pitch
While not everyone has adopted SCIM yet, this does appear to be the way the industry is going. ChatGPT Enterprise and Github Enterprise currently support SCIM, for example.
Twitter / LinkedIn details
No response