scimgateway 6.1.15 → 6.1.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +16 -2
- package/config/plugin-entra-id.json +1 -0
- package/lib/azure-license-mapping.json +18 -18
- package/lib/plugin-entra-id.ts +11 -3
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -1051,7 +1051,7 @@ For testing purposes we could get an Azure free account
|
|
|
1051
1051
|
Note: Entra ID has a role hierarchy, and running SCIM Gateway as a `User Administrator` has some limitations when administering users who have administrative roles. For full administrative access to all users, SCIM Gateway must have the `Global Administrator` role (`62e90394-69f5-4237-9190-012177145e10`).
|
|
1052
1052
|
|
|
1053
1053
|
Also note: The `plugin-entra-id.json` configuration file includes `map.user.signInActivity`. Using the `signInActivity` attribute requires an Entra ID Premium license and the API permission `AuditLog.Read.All`.
|
|
1054
|
-
**Remove this mapping configuration if these conditions are not met**, otherwise provisioning will fail and errors such as `Authentication_RequestFromNonPremiumTenantOrB2CTenant` may occur.
|
|
1054
|
+
**Remove this mapping configuration if these conditions are not met or override by configuring endpoint.entity.[baseEntity].skipSignInActivity = true**, otherwise provisioning will fail and errors such as `Authentication_RequestFromNonPremiumTenantOrB2CTenant` may occur.
|
|
1055
1055
|
|
|
1056
1056
|
### SCIM Gateway configuration
|
|
1057
1057
|
|
|
@@ -1301,9 +1301,23 @@ In code editor (e.g., Visual Studio Code), method details and documentation are
|
|
|
1301
1301
|
|
|
1302
1302
|
MIT © [Jarle Elshaug](https://www.elshaug.xyz)
|
|
1303
1303
|
|
|
1304
|
-
|
|
1305
1304
|
## Change log
|
|
1306
1305
|
|
|
1306
|
+
### v6.1.17
|
|
1307
|
+
|
|
1308
|
+
[Fixed]
|
|
1309
|
+
|
|
1310
|
+
- plugin-entra-id:
|
|
1311
|
+
|
|
1312
|
+
- Fixed an issue where `filter=userName eq "user_upn"` was broken in v6.1.11 when using the updated configuration file that includes `map.user.signInActivity`.
|
|
1313
|
+
- Added new configuration option `endpoint.entity.[baseEntity].skipSignInActivity = true` to exclude the `signInActivity` attribute. This attribute requires a Microsoft Entra ID Premium license and the `AuditLog.Read.All` API permission.
|
|
1314
|
+
|
|
1315
|
+
### v6.1.16
|
|
1316
|
+
|
|
1317
|
+
[Improved]
|
|
1318
|
+
|
|
1319
|
+
- plugin-entra-id: `GET /Entitlements` using derivedIncludes, fully flattened (recursive expansion of previous includes).
|
|
1320
|
+
|
|
1307
1321
|
### v6.1.15
|
|
1308
1322
|
|
|
1309
1323
|
[Fixed]
|
|
@@ -1,22 +1,24 @@
|
|
|
1
1
|
{
|
|
2
2
|
"AAD_BASIC":{"displayName":"Azure Active Directory Basic","category":"Entra","licenseCategory":"Free","isBillable":false,"priceUSD":0,"includes":[]},
|
|
3
3
|
"AAD_PREMIUM":{"displayName":"Microsoft Entra ID P1","category":"Entra","licenseCategory":"Paid","isBillable":true,"priceUSD":6,"includes":[]},
|
|
4
|
-
"AAD_PREMIUM_P2":{"displayName":"Microsoft Entra ID P2","category":"Entra","licenseCategory":"Paid","isBillable":true,"priceUSD":9,"includes":["AAD_PREMIUM"]},
|
|
5
|
-
"EMS":{"displayName":"Enterprise Mobility + Security E3","category":"Security","licenseCategory":"Paid","isBillable":true,"priceUSD":10,"includes":["AAD_PREMIUM","INTUNE_A","RMS_S_ENTERPRISE"]},
|
|
6
|
-
"EMSPREMIUM":{"displayName":"Enterprise Mobility + Security E5","category":"Security","licenseCategory":"Paid","isBillable":true,"priceUSD":16,"includes":["AAD_PREMIUM_P2","INTUNE_A","IDENTITY_THREAT_PROTECTION","DEFENDER_CLOUD_APPS"]},
|
|
7
|
-
"ENTERPRISEPACK":{"displayName":"Microsoft 365 E3","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":36,"includes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM"]},
|
|
8
|
-
"ENTERPRISEPREMIUM":{"displayName":"Microsoft 365 E5","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":57,"includes":["ENTERPRISEPACK","MDE_ADVANCED","DEFENDER_OFFICE_365","POWER_BI_PRO","IDENTITY_THREAT_PROTECTION","DEFENDER_CLOUD_APPS"]},
|
|
9
|
-
"SPE_E3":{"displayName":"Microsoft 365 E3 (SPE)","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":36,"includes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM"]},
|
|
10
|
-
"SPE_E5":{"displayName":"Microsoft 365 E5","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":57,"includes":["SPE_E3","MDE_ADVANCED","DEFENDER_OFFICE_365","POWER_BI_PRO","IDENTITY_THREAT_PROTECTION"]},
|
|
11
|
-
"M365_E3":{"displayName":"Microsoft 365 E3","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":36,"includes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM"]},
|
|
12
|
-
"M365_E5":{"displayName":"Microsoft 365 E5","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":57,"includes":["M365_E3","MDE_ADVANCED","DEFENDER_OFFICE_365","POWER_BI_PRO","IDENTITY_THREAT_PROTECTION","DEFENDER_CLOUD_APPS"]},
|
|
13
|
-
"STANDARDPACK":{"displayName":"Office 365 E1","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":8,"includes":["EXCHANGESTANDARD","SHAREPOINTSTANDARD","MCOSTANDARD","ONEDRIVESTANDARD"]},
|
|
14
|
-
"STANDARDWOFFPACK":{"displayName":"Office 365 E2","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":15,"includes":["EXCHANGESTANDARD","SHAREPOINTSTANDARD","MCOSTANDARD","ONEDRIVESTANDARD"]},
|
|
15
|
-
"ENTERPRISEPACKLRG":{"displayName":"Office 365 E3","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":23,"includes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD"]},
|
|
16
|
-
"ENTERPRISEWITHSCAL":{"displayName":"Office 365 E4 (retired)","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":30,"includes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD"]},
|
|
17
|
-
"DESKLESSPACK":{"displayName":"Microsoft 365 F3","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":8,"includes":["EXCHANGESTANDARD","SHAREPOINTSTANDARD","MCOSTANDARD","ONEDRIVESTANDARD"]},
|
|
18
|
-
"Microsoft_Entra_Suite":
|
|
19
|
-
"O365_w/o_Teams_Bundle_M5":
|
|
4
|
+
"AAD_PREMIUM_P2":{"displayName":"Microsoft Entra ID P2","category":"Entra","licenseCategory":"Paid","isBillable":true,"priceUSD":9,"includes":["AAD_PREMIUM"],"derivedIncludes":["AAD_PREMIUM"]},
|
|
5
|
+
"EMS":{"displayName":"Enterprise Mobility + Security E3","category":"Security","licenseCategory":"Paid","isBillable":true,"priceUSD":10,"includes":["AAD_PREMIUM","INTUNE_A","RMS_S_ENTERPRISE"],"derivedIncludes":["AAD_PREMIUM","INTUNE_A","RMS_S_ENTERPRISE"]},
|
|
6
|
+
"EMSPREMIUM":{"displayName":"Enterprise Mobility + Security E5","category":"Security","licenseCategory":"Paid","isBillable":true,"priceUSD":16,"includes":["AAD_PREMIUM_P2","INTUNE_A","IDENTITY_THREAT_PROTECTION","DEFENDER_CLOUD_APPS"],"derivedIncludes":["AAD_PREMIUM_P2","AAD_PREMIUM","INTUNE_A","IDENTITY_THREAT_PROTECTION","DEFENDER_CLOUD_APPS"]},
|
|
7
|
+
"ENTERPRISEPACK":{"displayName":"Microsoft 365 E3","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":36,"includes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM"],"derivedIncludes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM"]},
|
|
8
|
+
"ENTERPRISEPREMIUM":{"displayName":"Microsoft 365 E5","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":57,"includes":["ENTERPRISEPACK","MDE_ADVANCED","DEFENDER_OFFICE_365","POWER_BI_PRO","IDENTITY_THREAT_PROTECTION","DEFENDER_CLOUD_APPS","AAD_PREMIUM_P2"],"derivedIncludes":["ENTERPRISEPACK","EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM","AAD_PREMIUM_P2","MDE_ADVANCED","DEFENDER_OFFICE_365","POWER_BI_PRO","IDENTITY_THREAT_PROTECTION","DEFENDER_CLOUD_APPS"]},
|
|
9
|
+
"SPE_E3":{"displayName":"Microsoft 365 E3 (SPE)","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":36,"includes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM"],"derivedIncludes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM"]},
|
|
10
|
+
"SPE_E5":{"displayName":"Microsoft 365 E5","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":57,"includes":["SPE_E3","MDE_ADVANCED","DEFENDER_OFFICE_365","POWER_BI_PRO","IDENTITY_THREAT_PROTECTION"],"derivedIncludes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM","MDE_ADVANCED","DEFENDER_OFFICE_365","POWER_BI_PRO","IDENTITY_THREAT_PROTECTION"]},
|
|
11
|
+
"M365_E3":{"displayName":"Microsoft 365 E3","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":36,"includes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM"],"derivedIncludes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM"]},
|
|
12
|
+
"M365_E5":{"displayName":"Microsoft 365 E5","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":57,"includes":["M365_E3","MDE_ADVANCED","DEFENDER_OFFICE_365","POWER_BI_PRO","IDENTITY_THREAT_PROTECTION","DEFENDER_CLOUD_APPS"],"derivedIncludes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM","MDE_ADVANCED","DEFENDER_OFFICE_365","POWER_BI_PRO","IDENTITY_THREAT_PROTECTION","DEFENDER_CLOUD_APPS"]},
|
|
13
|
+
"STANDARDPACK":{"displayName":"Office 365 E1","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":8,"includes":["EXCHANGESTANDARD","SHAREPOINTSTANDARD","MCOSTANDARD","ONEDRIVESTANDARD"],"derivedIncludes":["EXCHANGESTANDARD","SHAREPOINTSTANDARD","MCOSTANDARD","ONEDRIVESTANDARD"]},
|
|
14
|
+
"STANDARDWOFFPACK":{"displayName":"Office 365 E2","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":15,"includes":["EXCHANGESTANDARD","SHAREPOINTSTANDARD","MCOSTANDARD","ONEDRIVESTANDARD"],"derivedIncludes":["EXCHANGESTANDARD","SHAREPOINTSTANDARD","MCOSTANDARD","ONEDRIVESTANDARD"]},
|
|
15
|
+
"ENTERPRISEPACKLRG":{"displayName":"Office 365 E3","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":23,"includes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD"],"derivedIncludes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD"]},
|
|
16
|
+
"ENTERPRISEWITHSCAL":{"displayName":"Office 365 E4 (retired)","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":30,"includes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD"],"derivedIncludes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD"]},
|
|
17
|
+
"DESKLESSPACK":{"displayName":"Microsoft 365 F3","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":8,"includes":["EXCHANGESTANDARD","SHAREPOINTSTANDARD","MCOSTANDARD","ONEDRIVESTANDARD"],"derivedIncludes":["EXCHANGESTANDARD","SHAREPOINTSTANDARD","MCOSTANDARD","ONEDRIVESTANDARD"]},
|
|
18
|
+
"Microsoft_Entra_Suite":{"displayName":"Microsoft Entra Suite","category":"Entra","licenseCategory":"Paid","isBillable":true,"priceUSD":9,"includes":["AAD_PREMIUM_P2"],"derivedIncludes":["AAD_PREMIUM_P2","AAD_PREMIUM"]},
|
|
19
|
+
"O365_w/o_Teams_Bundle_M5":{"displayName":"Office 365 without Teams Bundle M5","category":"Microsoft 365","licenseCategory":"Paid","isBillable":true,"priceUSD":28,"includes":["ENTERPRISEPACK","EXCHANGESTANDARD","SHAREPOINTSTANDARD"],"derivedIncludes":["EXCHANGEENTERPRISE","SHAREPOINTENTERPRISE","MCOSTANDARD","ONEDRIVESTANDARD","INTUNE_A","AAD_PREMIUM","EXCHANGESTANDARD","SHAREPOINTSTANDARD"]},
|
|
20
|
+
"POWER_BI_PREMIUM_PER_USER":{"displayName":"Power BI Premium Per User","category":"Power Platform","licenseCategory":"Paid","isBillable":true,"priceUSD":20,"includes":["POWER_BI_PRO"],"derivedIncludes":["POWER_BI_PRO"]},
|
|
21
|
+
"RMS_S_PREMIUM":{"displayName":"Azure Information Protection Premium P2","category":"Security","licenseCategory":"Paid","isBillable":true,"priceUSD":9,"includes":["RMS_S_ENTERPRISE"],"derivedIncludes":["RMS_S_ENTERPRISE"]},
|
|
20
22
|
"Microsoft_Teams_EEA_New": { "displayName": "Microsoft Teams EEA New", "category": "Collaboration", "licenseCategory": "Paid", "isBillable": true, "priceUSD": 4.00, "includes": [] },
|
|
21
23
|
"POWERAPPS_DEV": { "displayName": "Power Apps Developer Plan", "category": "Power Platform", "licenseCategory": "Free", "isBillable": false, "priceUSD": 0.00, "includes": [] },
|
|
22
24
|
"EXCHANGESTANDARD":{"displayName":"Exchange Online Plan 1","category":"Exchange","licenseCategory":"Paid","isBillable":true,"priceUSD":4,"includes":[]},
|
|
@@ -31,7 +33,6 @@
|
|
|
31
33
|
"MCOPSTN2":{"displayName":"Microsoft Teams International Calling Plan","category":"Collaboration","licenseCategory":"Paid","isBillable":true,"priceUSD":12,"includes":[]},
|
|
32
34
|
"POWER_BI_STANDARD":{"displayName":"Microsoft Fabric (Free)","category":"Power Platform","licenseCategory":"Free","isBillable":false,"priceUSD":0,"includes":[]},
|
|
33
35
|
"POWER_BI_PRO":{"displayName":"Power BI Pro","category":"Power Platform","licenseCategory":"Paid","isBillable":true,"priceUSD":13,"includes":[]},
|
|
34
|
-
"POWER_BI_PREMIUM_PER_USER":{"displayName":"Power BI Premium Per User","category":"Power Platform","licenseCategory":"Paid","isBillable":true,"priceUSD":20,"includes":["POWER_BI_PRO"]},
|
|
35
36
|
"POWERAPPS_PER_USER":{"displayName":"Power Apps Per User","category":"Power Platform","licenseCategory":"Paid","isBillable":true,"priceUSD":10,"includes":[]},
|
|
36
37
|
"POWERAPPS_PER_APP":{"displayName":"Power Apps Per App","category":"Power Platform","licenseCategory":"Paid","isBillable":true,"priceUSD":7,"includes":[]},
|
|
37
38
|
"POWERAPPS_VIRAL":{"displayName":"Power Apps Trial","category":"Power Platform","licenseCategory":"Trial","isBillable":false,"priceUSD":0,"includes":[]},
|
|
@@ -64,7 +65,6 @@
|
|
|
64
65
|
"WINDOWS_STORE":{"displayName":"Microsoft Store for Business","category":"Windows","licenseCategory":"Free","isBillable":false,"priceUSD":0,"includes":[]},
|
|
65
66
|
"WIN_DEF_ATP":{"displayName":"Windows Defender ATP","category":"Security","licenseCategory":"Paid","isBillable":true,"priceUSD":5,"includes":[]},
|
|
66
67
|
"RMS_S_ENTERPRISE":{"displayName":"Azure Information Protection Premium P1","category":"Security","licenseCategory":"Paid","isBillable":true,"priceUSD":6,"includes":[]},
|
|
67
|
-
"RMS_S_PREMIUM":{"displayName":"Azure Information Protection Premium P2","category":"Security","licenseCategory":"Paid","isBillable":true,"priceUSD":9,"includes":["RMS_S_ENTERPRISE"]},
|
|
68
68
|
"INTUNE_A":{"displayName":"Microsoft Intune","category":"Device Management","licenseCategory":"Paid","isBillable":true,"priceUSD":8,"includes":[]},
|
|
69
69
|
"INTUNE_SMB":{"displayName":"Microsoft Intune for SMB","category":"Device Management","licenseCategory":"Paid","isBillable":true,"priceUSD":5,"includes":[]},
|
|
70
70
|
"STREAM":{"displayName":"Microsoft Stream","category":"Collaboration","licenseCategory":"Paid","isBillable":true,"priceUSD":0,"includes":[]},
|
package/lib/plugin-entra-id.ts
CHANGED
|
@@ -158,6 +158,13 @@ scimgateway.getUsers = async (baseEntity, getObj, attributes, ctx) => {
|
|
|
158
158
|
}
|
|
159
159
|
} else selectAttributes = userSelectAttributes
|
|
160
160
|
|
|
161
|
+
if (config.entity[baseEntity]?.skipSignInActivity === true) { // remove signInActivity that requires Entra ID Premium license
|
|
162
|
+
const index = selectAttributes.indexOf('signInActivity')
|
|
163
|
+
if (index > -1) {
|
|
164
|
+
selectAttributes.splice(index, 1)
|
|
165
|
+
}
|
|
166
|
+
}
|
|
167
|
+
|
|
161
168
|
const method = 'GET'
|
|
162
169
|
const body = null
|
|
163
170
|
let path
|
|
@@ -170,7 +177,7 @@ scimgateway.getUsers = async (baseEntity, getObj, attributes, ctx) => {
|
|
|
170
177
|
|
|
171
178
|
// mandatory if-else logic - start
|
|
172
179
|
if (getObj.operator) {
|
|
173
|
-
if (getObj.operator === 'eq' && ['id'
|
|
180
|
+
if (getObj.operator === 'eq' && ['id'].includes(getObj.attribute)) { // userName/externalId using simpel filtering because direct lookup by upn do not allow select attribute signInActivity
|
|
174
181
|
// mandatory - unique filtering - single unique user to be returned - correspond to getUser() in versions < 4.x.x
|
|
175
182
|
path = `/users/${getObj.value}?$select=${selectAttributes.join(',')}`
|
|
176
183
|
} else if (getObj.operator === 'eq' && getObj.attribute === 'group.value') {
|
|
@@ -845,10 +852,11 @@ scimgateway.getEntitlements = async (baseEntity, getObj, attributes, ctx) => {
|
|
|
845
852
|
licenseInfo.licenseCategory = licenseMapping[skuPartNumber].licenseCategory
|
|
846
853
|
licenseInfo.isBillable = licenseMapping[skuPartNumber].isBillable
|
|
847
854
|
licenseInfo.priceUSD = licenseMapping[skuPartNumber].priceUSD
|
|
848
|
-
licenseInfo.
|
|
855
|
+
licenseInfo.derivedIncludes = licenseMapping[skuPartNumber].derivedIncludes
|
|
849
856
|
}
|
|
850
857
|
ret.Resources.push({
|
|
851
|
-
type: skuPartNumber, value: response.body.value[i].skuId, display: displayName, licenseInfo
|
|
858
|
+
type: skuPartNumber, value: response.body.value[i].skuId, display: displayName, licenseInfo,
|
|
859
|
+
})
|
|
852
860
|
}
|
|
853
861
|
|
|
854
862
|
if (searchAttr && ret.Resources.length > 0) {
|
package/package.json
CHANGED