Cursor-based Pagination of SCIM Resources

The two common patterns for result pagination in HTTP-based protocols are index-based pagination and cursor-based pagination. Rather than attempt to compare and contrast the advantages and disadvantages of competing pagination patterns, this document simply recognizes that SCIM service providers are commonly implemented as an interoperability layer on top of already existing application codebases, databases, and/or APIs that already have a well-established pagination pattern. Translating from an underlying cursor-based pagination pattern to the index-based pagination defined in ultimately requires the SCIM service provider to fully iterate the underlying cursor, store the results, and then serve indexed pages from the stored results. This task of "pagination translation" dramatically increases complexity and memory requirements for implementing a SCIM Service Provider, and may be an impediment to SCIM adoption for some applications and identity systems. This document defines a simple addition to the SCIM protocol that allows SCIM service providers to reuse underlying cursors without expensive translation. Support for cursor-based pagination in SCIM encourages broader cross-application identity management interoperability by encouraging SCIM service provider implementations for applications and identity systems where cursor-based pagination is already well-established.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in .

The following table describes the URL pagination parameters requests for using cursor-based pagination:

Parameter	Description
cursor	The string value of the nextCursor attribute from a previous result page. The cursor value MUST be empty or omitted for the first request of a cursor-paginated query.
count	A positive integer. Specifies the desired maximum number of query results per page, e.g., count=10. When specified, the service provider MUST NOT return more results than specified, although it MAY return fewer results. If count is not specified in the query, the maximum number of results is set by the service provider.

The following table describes cursor-based pagination attributes returned in a paged query response:

Element	Description
nextCursor	A cursor value string that MAY be used in a subsequent request to obtain the next page of results. Service providers supporting cursor-based pagination MUST include nextCursor in all paged query responses except when returning the last page. nextCursor is omitted from a response only to indicate that there are no more result pages.
previousCursor	A cursor value string that MAY be used in a subsequent request to obtain the previous page of results. Use of previousCursor is OPTIONAL. Service Providers that are unable to support a previousCursor MAY omit previousCursor when sending paged query responses.

For example, to retrieve the first 10 Users, use an empty cursor and set the count to 10: The response to the query above returns metadata regarding pagination similar to the following example (actual resources removed for brevity): Given the example above, to continue pagination, set the cursor to the value of nextCursor ("VZUTiyhEQJ94IR") and re-fetch: If a Service Provider encounters an invalid cursor or count value (or other error condition), the Service Provider SHOULD return appropriate HTTP response status code and JSON detail error response as defined in .

A SCIM Service Provider MAY require cursor-based pagination to retrieve all results for a query by including a "nextCursor" value in the response even when the original query does not include the "cursor" parameter. For example: The SCIM Service Provider may responded to the above query with a single page of results and a "nextCursor" value as shown in the below example (Resources omitted for brevity):

defines how clients MAY execute the HTTP POST verb combined with the "/.search" path extension to issue execute queries without passing parameters on the URL. When using "./search", the client would pass the parameters defined in Which would return a result containing a "nextCursor" value which may be used by the client in a subsequent call to return the next page of resources

The /ServiceProviderConfig resource defined in facilitates discovery of SCIM service provider features. A SCIM Service provider implementing cursor-based pagination SHOULD include the following additional attribute in JSON document returned by the /ServiceProviderConfig endpoint:

pagination

A complex type that indicates pagination configuration options. OPTIONAL.

cursor: A Boolean value specifying support of cursor-based paginations. REQUIRED.

index: A Boolean value specifying support of index-based pagination. REQUIRED.

Before using cursor-based pagination, a SCIM client MAY fetch the Service Provider Configuration document from the SCIM service provider and verify that cursor-based pagination is supported. For example: A service provider supporting both cursor-based pagination and index-based pagination would return a document similar to the following (full ServiceProviderConfig schema defined in has been omitted for brevity):