Documentation map
This hub links architecture, security, API, deployment, and operator workflow material through explicit paths. It is organized around what the application code actually exposes: SCIM v2 resources, SAML access, FreeIPA/LDAP-backed state, TeamDynamix ticket handoff, federation onboarding models, health checks, readiness checks, and redacted audit evidence.
Navigation path
Implementation-backed topics
| Topic | What to verify |
|---|---|
| SCIM discovery | /scim/v2/ServiceProviderConfig, /Schemas, and /ResourceTypes. |
| User lifecycle | Create, replace, patch, delete, active-state changes, ETag replacement checks, and supported user filters. |
| Group boundary | List, get, create, displayName eq filtering, and explicit unsupported replacement/deletion. |
| SAML access | /okta/saml/login, /okta/saml/acs, metadata, signature readiness, and role mapping. |
| ITSM handoff | TeamDynamix ticket creation, ticket links, webhook updates, dry-run execution, and evidence-safe escalation context. |
| Federation onboarding | Readiness models and templates for SAML/OIDC/API application integrations beyond one provider. |
| Operations | /health, /health/db, /health/ipa, /health/okta, /readyz, metrics, drift, and audit views. |
Discovery and reuse
Use related content links as your first step when starting a new identity integration: move from architecture to SCIM, SAML, federation, and ITSM handoff contracts, then align deployment and security controls before enabling writes.