SCIM, Inactivity Timeout and HIPAA

Josh_L_Davis · December 8, 2022, 6:18pm

Hi Developers,

I posted this on a Genesys care ticket, and I was directed to open a thread here. What solution, if any, has the greater Developer community done to account for this adverse interaction between the Inactivity timeout and Azure AD schedules on the SCIM integration?

After looking at the Developer forum, HIPAA and this session timeout has a direct impact on SCIM integrations.

In the announcement where this was introduced, it is clearly posted that this timeout impacts SCIM and there is an idea posted to exclude certain items from this timeout process.

I understand that the 15-minute timer is required for the HIPAA feature. I also understand that the Azure AD client cannot be scheduled faster than every 40 minutes. Why, then, has this not come up before?

We need a recommendation or statement from Genesys on if these features are compatible or not. Expecting the customer to implement a "3rd Party" process to keep a token alive doesn't feel like an "out of the box" solution. We should be able to advise on how to configure the SCIM integration to accomplish this token keep alive if it is possible.

In my mind, the reason this problem exists is that the SCIM integration does not request its own token when it starts the sync process. If that was built into the process, the token wouldn't need to have a long expiry, it wouldn't need to be updated annually, and would otherwise be a cleaner process overall.

Thanks!

Becky_Powell · December 8, 2022, 8:34pm

Hi Josh, thanks for your post! I'm happy to share that in the next 1-2 weeks we will start exempting client credential grants from being subject to the HIPAA timeout. I will update you here when that change takes effect.

Best,
Becky Powell

Chris_Mayo · December 8, 2022, 8:41pm

That's awesome, Becky! Will there be an announcement included in the Release Updates regarding this, official and all?

Chris_Mayo · December 13, 2022, 8:55pm

@Becky_Powell do you have a more precise date to offer on this update? We have a huge customer project that is struggling with this and has become very visible to the customer's ELT. And while we were all excited to hear of an update to resolve this issue, they're now pushing for something more precise regarding a release date. Thanks!

Chris_Mayo · December 14, 2022, 6:36pm

@Becky_Powell we tested again today and see there has been no change in behavior. I was hoping the update slipped in with the Release Updates today.

Will this update be included in a weekly, scheduled release update?
If not, any ballpark on a release date would be great.

Again, this is impacting our project team heavily, impacting project timelines and cut-over schedules.

Thanks!
Chris

Becky_Powell · December 19, 2022, 3:46pm

Hi Chris, we are ready to enable this feature for customers. Please share with me your orgID and region by email to becky.powell@genesys.com and zI'll get you set up. Thank you!

Chris_Mayo · December 19, 2022, 4:30pm

Thanks Becky, e-mailed requested details.

system · January 19, 2023, 6:43pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.