Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Manage Salesforce User Identities with SCIM

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Manage Salesforce User Identities with SCIM

            You can provision and manage your Salesforce user identities across systems with the open standard System for Cross-Domain Identity Management (SCIM). The Salesforce implementation provides extensions to the SCIM 2.0 specification so that you can edit and manage Salesforce user properties using REST API operations.

            Required Editions

            Available in: Salesforce Classic and Lightning Experience
            Available in: All Editions

            For more information about SCIM and REST API, see the SCIM 2.0 Specification and the Salesforce REST API Developer’s Guide.

            Use the following topics to navigate the Salesforce implementation of SCIM.

            • SCIM and REST API Reference Sheet
              To manage Salesforce user objects with SCIM, you can send REST API create, read, update, and disable (CRUD) operations to SCIM endpoints. You must supply an OAuth 2.0 access token to perform these operations.
            • Understand the SCIM Implementation
              Before provisioning and managing users with SCIM, get familiar with the Salesforce SCIM implementation. For example, see the available services and schema and learn about supported resource types, entitlements, roles, and groups.
            • Example: Create Users with SCIM
              To create a user object with SCIM, send a POST request to the Users endpoint.
            • Examples: Update Users with SCIM
              After creating a user object, you can update its fields. To update a user object, send a PATCH request to the Users endpoint.
            • Examples: Deactivate and Reactivate Users with SCIM
              In Salesforce, you deactivate user objects rather than deleting them. By deactivating a user object, the user’s active status becomes false. Even though you can still query the user object, the user can’t log in to Salesforce with the deactivated account. To allow a user to log in, you can reactivate their account.
            • Examples: Manage Group Members with SCIM
              You can use SCIM to manage a group by adding or removing members.
             
            Loading
            Salesforce Help | Article