Myth #1 - The specification is not "open" – it’s been developed behind closed doors.
SCIM started at the Cloud ID Summit (an open conference), and the working group was kicked off publicly at IIW #12. SCIM is developed via a weekly public teleconference, and we utilize open mailing lists and pretty much every other open venue we can find. The proof is out there…take a look at the mailing list archive, IIW notes, demos at Cloud Identity Summit, etc. As with most specifications, there are fewer than a dozen active contributors, though at last count there were over 200 subscribers to the working group alias. Closed? Hardly. Be on the lookout for an IETF RFC soon.
Myth #1 - Busted
Myth #2 - The SCIM team is ignoring SPML.
Yes, we are, as are most SaaS providers and the vendors that feed them. After all, that's how SCIM came to be. SPML's enterprise-y protocol and lack of a concrete schema are its downfall. We’re choosing a different path.
Myth #2 - Confirmed
Myth #3 - The SCIM team is ignoring REST-PML.
True again. With that said, it’s due to the fact that REST-PML came into being after SCIM was well under way. Interestingly enough, I'm told the push for REST-PML is a result of SCIM. Perhaps they're ignoring us?
Myth #3 - Plausible
Myth #4 What the heck do "those guys" know about identity?
This one is just common sense. Can anyone really claim that Cisco, SalesForce, Google, Ping, UnboundID, SailPoint, TechnologyNexus and the rest of the working group don't know anything about identity management? It should be clear from the products and thought leadership developed by all of these companies that they have a strong background in identity management.
Myth #4 - Busted
Myth #5 - The SCIM working group is doing it wrong.
Well, I guess it depends on what the meaning of "it" is. The goal of SCIM is to ease the burden on Service Providers, Consumers, and integrators stuck with a myriad of proprietary protocols and data formats that, at the end of the day, simply push a user from point A to point B. Given that some of the largest SaaS providers on the planet are key spec contributors, implementers have already churned out working implementations, and people keep clamoring for the finished spec, I think we're on the right track.
Myth #5 – Busted