Coder supports SCIM as a premium feature:https://coder.com/docs/admin/users/oidc-auth#scim-enterprise-premium

The goal of SCIM is to push user updates from an IdP into Coder. This allows Coder to stay in sync with the IdP without requiring the user to log in with claims.

The current implementation was implemented to a MVP state, specifically to work with Okta cloud. Over time, as more customers try and use SCIM, it is clear the MVP implementation is insufficient, and fragile.

Fragility concerns:

• We do not parse the schema types from requests, so we accept 1.0, 1.1, and 2.0 requests, all which look different. Because of how Golang JSON unmarshals, these errors could be silent, and cause unexpected behavior.
• OurPATCH endpoint is not2.0 compliant. Given this works with Okta cloud, either Okta cloud is sending 1.0 request payloads, or using the PUT endpoint request in the PATCH payload?!
• Our user updates only support changing the user status. Not groups, orgs, or roles.

This refactor should implement SCIM as a library if possible, and implement the protocol specification as defined here:https://datatracker.ietf.org/doc/html/rfc7644