We have it between One Identity Manager and our PAM product, Safeguard. We do not use the SCIM extension to achieve this because it is deficient in numerous ways.
I have zero problem having OIM work with another member or anyone else for PAG…if we knew the interface specs of those products… Or vice-versa. All of our products are API/CLI/PoSh enabled if anyone else wants to try something out.
My personal view is that we should define the use cases and then members can self-certify that they support those use cases. Stating that “SCIM” is the security control, imho, is simply the wrong way to approach this and if we were dealing in use cases that would show where SCIM lacks.