Required level: Superuser
This article explains how to proceed in order to apply the SCIM protocol.
Once the SCIM integration is activated, your IT department will be able to control directly from your identity management system:
- The creation, modification and deactivation of users;
- The access level of these users by assigning them projects and profiles (both are groups in the SCIM protocol).
Follow these steps:
1. From the Main menu, go to Users > Authentication settings:
2. Choose SCIM on the left. In the box, click on the pencil to edit:
3. Check the box, to enable the SCIM provisioning and click Save:
4. These two pieces of information will appear at the bottom of the page:
- The confirmation that the SCIM provisioning is enabled;
- The provisioning URL in the banner with an authentication token. This token must be copied immediately, as it will not be available afterwards for security reasons.
Note: If the token is lost, you need to disable SCIM provisioning and enable it again. A new token will then be provided. This also means the previous one will be disabled, so any integration set up previously using the previous token will stop working.
5. Go to your Identity Management service and follow the instructions there to complete the setup.
LIST OF SUPPORTED OPERATIONS
Endpoint
|
Operation
|
Details
|
---|---|---|
/Users | GET |
GET /Users : Retrieve the complete list of users GET /Users/{id} : Retrieve the user with the corresponding ID GET /Users?filter=userName eq “XXXXXXX” :Retrieve the user with the corresponding userName |
/Users | POST | Create a new user |
/Users | DELETE | DELETE /Users/{id} : Delete the user with the corresponding ID |
/Users | PUT/PATCH | PATCH or PUT /Users/{id} : Update the user with the corresponding ID |
/Groups |
GET |
GET /Groups : Retrieve the complete list of groups GET /Groups/{id} : Retrieve the group with the corresponding ID.
|
/ServiceProviderConfig | GET | Retrieve the configuration |
/ResourceTypes | GET | Retrieve the list of supported resource types |
/Schemas | GET | Retrieve the list of schemas |
- SE - Data Entry
- Transmission line (Read-only)
- Transmission line (Full access)
Want to know more? Check out the articles about Profiles and projects and how to create custom profiles.