Hi,
I saw that SCIM is supported in the latest releases and was very excited, but then I found out that SCIM only supports user creation and not groups.
Is group sync something that will happen in the future or is it “by design” not done? We are close to releasing Passbolt Pro to all users in our company and I was wondering whether I should by into this new feature or stick with LDAP since we definitely need group sync.
regards,
Jörg
See official docs: https://www.passbolt.com/docs/admin/user-provisioning/scim/
G’day Joerg.
I don’t think groups will happen this year, however you can enable both LDAP/AD as well as SCIM if that helps.
I’m about to head off for the weekend but happy to give a better answer if you want to discuss.
Cheers
Gareth
“Not this year” means that it is somewhere/sometime planned? The Documentation (“Group Sync Group synchronisation is not supported. To add users to groups, group managers must manually share credentials to ensure end-to-end encryption.”) sounds a lot like this would be something that is not planned at all.
If group Sync via SCIM is something that will happen some time in the future we would probably buy into SCIM right now and find a workaround for the groups (maybe LDAP, mabe some script that creates the groups via API…).
@gyaresu So is a group sync technically something Passbolt is considering or is there a security concern that blocks this?
G’day Joerg.
Group sync is on the SPEC to be implemented it but I can’t give you an estimated timeline so it’s unlikely to be this year.
SCIM Specification - Part I - Azure SCIM - PUBLIC - Groups sync behavior
Cheers
Gareth
