scim-server 0.5.3

A comprehensive SCIM 2.0 server library for Rust with multi-tenant support and type-safe operations
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243

//! Group tool schema definitions for MCP integration
//!
//! This module contains JSON schema definitions that enable AI agents to discover
//! and understand available group operations. The schemas define parameter validation
//! and provide structured metadata for tool execution.
//!
//! # Architecture
//!
//! Each group tool schema includes:
//! - **Tool name and description** for AI agent discovery
//! - **Input parameter validation** using JSON Schema format
//! - **Required vs optional parameters** clearly defined
//! - **Multi-tenant support** through optional tenant_id parameter
//! - **SCIM compliance** ensuring all operations follow SCIM 2.0 standards
//!
//! # Tool Categories
//!
//! **CRUD Operations**:
//! - [`create_group_tool`] - Group creation with schema validation
//! - [`get_group_tool`] - Group retrieval by ID
//! - [`update_group_tool`] - Group modification with version support
//! - [`delete_group_tool`] - Group deletion with conditional operation
//!
//! **Query Operations**:
//! - [`list_groups_tool`] - Paginated group listing
//! - [`search_groups_tool`] - Attribute-based group search
//! - [`group_exists_tool`] - Group existence checking
//!
//! # Usage
//!
//! These schemas are consumed by the MCP protocol layer to provide tool discovery
//! to AI agents. They are not intended for direct use by application developers.
//! The schemas are automatically registered and exposed when the MCP server starts.
//!
//! # Version Support
//!
//! Many operations support version-based optimistic concurrency control through
//! the optional `expected_version` parameter, helping prevent lost updates in
//! concurrent scenarios.

use serde_json::{Value, json};

/// Schema definition for group creation tool
pub fn create_group_tool() -> Value {
    json!({
        "name": "scim_create_group",
        "description": "Create a new group in the SCIM server",
        "inputSchema": {
            "type": "object",
            "properties": {
                "group_data": {
                    "type": "object",
                    "description": "Group data conforming to SCIM Group schema",
                    "properties": {
                        "schemas": {
                            "type": "array",
                            "items": {"type": "string"},
                            "description": "SCIM schemas for the group"
                        },
                        "displayName": {
                            "type": "string",
                            "description": "Human-readable name for the group"
                        },
                        "members": {
                            "type": "array",
                            "description": "Group members with user references",
                            "items": {
                                "type": "object",
                                "properties": {
                                    "value": {"type": "string"},
                                    "$ref": {"type": "string"},
                                    "type": {"type": "string"}
                                }
                            }
                        },
                        "externalId": {
                            "type": "string",
                            "description": "External identifier for the group"
                        }
                    },
                    "required": ["schemas", "displayName"]
                },
                "tenant_id": {
                    "type": "string",
                    "description": "Optional tenant identifier"
                }
            },
            "required": ["group_data"]
        }
    })
}

/// Schema definition for group retrieval tool
pub fn get_group_tool() -> Value {
    json!({
        "name": "scim_get_group",
        "description": "Retrieve a group by ID from the SCIM server",
        "inputSchema": {
            "type": "object",
            "properties": {
                "group_id": {
                    "type": "string",
                    "description": "The unique identifier of the group to retrieve"
                },
                "tenant_id": {
                    "type": "string",
                    "description": "Optional tenant identifier"
                }
            },
            "required": ["group_id"]
        }
    })
}

/// Schema definition for group update tool
pub fn update_group_tool() -> Value {
    json!({
        "name": "scim_update_group",
        "description": "Update an existing group in the SCIM server with optional versioning for optimistic locking",
        "inputSchema": {
            "type": "object",
            "properties": {
                "group_id": {
                    "type": "string",
                    "description": "The unique identifier of the group to update"
                },
                "group_data": {
                    "type": "object",
                    "description": "Updated group data conforming to SCIM Group schema"
                },
                "expected_version": {
                    "type": "string",
                    "description": "Optional version for conditional update (e.g., 'abc123def' or 'W/\"abc123def\"'). Raw format preferred for simplicity. If provided, update only succeeds if current version matches. Prevents lost updates in concurrent scenarios."
                },
                "tenant_id": {
                    "type": "string",
                    "description": "Optional tenant identifier"
                }
            },
            "required": ["group_id", "group_data"]
        }
    })
}

/// Schema definition for group deletion tool
pub fn delete_group_tool() -> Value {
    json!({
        "name": "scim_delete_group",
        "description": "Delete a group from the SCIM server with optional versioning for safe deletion",
        "inputSchema": {
            "type": "object",
            "properties": {
                "group_id": {
                    "type": "string",
                    "description": "The unique identifier of the group to delete"
                },
                "expected_version": {
                    "type": "string",
                    "description": "Optional version for conditional delete (e.g., 'abc123def' or 'W/\"abc123def\"'). Raw format preferred for simplicity. If provided, delete only succeeds if current version matches. Prevents accidental deletion of modified resources."
                },
                "tenant_id": {
                    "type": "string",
                    "description": "Optional tenant identifier"
                }
            },
            "required": ["group_id"]
        }
    })
}

/// Schema definition for group listing tool
pub fn list_groups_tool() -> Value {
    json!({
        "name": "scim_list_groups",
        "description": "List groups with optional pagination and sorting",
        "inputSchema": {
            "type": "object",
            "properties": {
                "start_index": {
                    "type": "integer",
                    "minimum": 1,
                    "description": "1-based index of the first result to return"
                },
                "count": {
                    "type": "integer",
                    "minimum": 0,
                    "description": "Maximum number of results to return"
                },
                "tenant_id": {
                    "type": "string",
                    "description": "Optional tenant identifier"
                }
            }
        }
    })
}

/// Schema definition for group search tool
pub fn search_groups_tool() -> Value {
    json!({
        "name": "scim_search_groups",
        "description": "Search for groups by attribute value",
        "inputSchema": {
            "type": "object",
            "properties": {
                "attribute": {
                    "type": "string",
                    "description": "The attribute name to search by (e.g., 'displayName', 'externalId')"
                },
                "value": {
                    "description": "The value to search for"
                },
                "tenant_id": {
                    "type": "string",
                    "description": "Optional tenant identifier"
                }
            },
            "required": ["attribute", "value"]
        }
    })
}

/// Schema definition for group existence check tool
pub fn group_exists_tool() -> Value {
    json!({
        "name": "scim_group_exists",
        "description": "Check if a group exists in the SCIM server",
        "inputSchema": {
            "type": "object",
            "properties": {
                "group_id": {
                    "type": "string",
                    "description": "The unique identifier of the group to check"
                },
                "tenant_id": {
                    "type": "string",
                    "description": "Optional tenant identifier"
                }
            },
            "required": ["group_id"]
        }
    })
}