You are here:
Using the System for Cross-Domain Identity (SCIM) with Own Data Platform
SCIM (System for Cross-domain Identity Management) is an open standard designed to automate and simplify user identity management across systems. A standardized schema ensures smooth operations between different Identity Providers (IdPs) and Own app.
SCIM is available for accounts where single sign-on (SSO) is both configured and activated.
You can integrate SCIM if you use Okta, Azure, or SailPoint as your IdP.
Own SCIM complies with SCIM 2.0 and RESTful APIs using Header Authentication, allowing your IdP to communicate with Own app.
Key operations are:
- Provisioning: Automatically creates user accounts.
- Deprovisioning: The removal of user accounts when no longer needed.
For detailed SCIM specifications, see: RFC 7643 and RFC 7644.
Benefits of SCIM
- Compliance: Centralized management simplifies regulatory requirements adherence.
- Streamlined Identity Management:
- Improved security: This prevents orphaned accounts by automating deprovisioning, thus reducing security risks.
Default Parameters for New Users
SCIM adds users to the Own app with these parameters.
- Default Role: Read-Only.
- Business Unit: Default Business Unit.
Note
The business unit requires the name Default Business Unit.
Deleting or changing the business unit name causes the integration to fail.
Use the UI to change the role.
- Provisioning and Deprovisioning SCIM
Provisioning automatically creates user accounts. Deprovisioning removes user accounts when no longer needed. - Set Up Okta SCIM Provisioning
Integrate Okta with Own application using the SCIM token and SCIM URL. - Set Up Azure SCIM Provisioning
Integrate Azure with Own application using the SCIM token and SCIM URL. - Set Up SailPoint SCIM Provisioning
Integrate SailPoint with the Own Data Platform application using the SCIM token and SCIM URL.
