SCIM Provisioning Integration

Choose a SCIM provider recipe and validate AuthOS provisioning

AuthOS release 0.8.2 TypeScript SDK 0.8.0 Latest-only documentation

This guide walks through the implemented SCIM provisioning paths. The examples are not evidence of certification or interoperability with every version of Okta, Microsoft Entra ID, or OneLogin. Test create, update, deprovision, pagination, filtering, group membership, and failure behavior for your client before deployment.

Choose your path

Read the shared concepts once, then choose the identity-provider recipe that matches the system you administer. Provider interfaces and behavior can change; treat each recipe as a starting point and complete the validation guide before production.

Need Guide
Understand lifecycle behavior, prerequisites, tokens, mapping, and security Concepts and shared setup
Configure Okta Okta recipe
Configure Microsoft Entra ID (formerly Azure AD) Microsoft Entra ID recipe
Configure OneLogin OneLogin recipe
Test lifecycle and endpoint behavior Validation
Diagnose connection, provisioning, or synchronization failures Troubleshooting

Published-anchor compatibility

The original overview remains the stable entry point. The headings below retain its published fragment identifiers and point to the focused replacement pages.

What is SCIM?

Continue in the focused guide.

Prerequisites

Continue in the focused guide.

Step 1: Generate a SCIM Token

Continue in the focused guide.

Using the SDK

Continue in the focused guide.

Using the API Directly

Continue in the focused guide.

Step 2: Configure Your Identity Provider

Choose a provider recipe above.

Option A: Okta Integration

Continue in the focused guide.

1. Create SCIM Token

Continue in the focused guide.

2. Configure Okta Application

Continue in the focused guide.

3. SCIM Connection Settings

Continue in the focused guide.

4. Test Connection

Continue in the focused guide.

5. Enable Provisioning Features

Continue in the focused guide.

6. Configure Attribute Mappings

Continue in the focused guide.

7. Assign Users and Groups

Continue in the focused guide.

8. Verify Provisioning

Continue in the focused guide.

Option B: Azure AD Integration

Continue in the focused guide.

1. Create SCIM Token

Continue in the focused guide.

2. Configure Azure AD Provisioning

Continue in the focused guide.

3. Provisioning Configuration

Continue in the focused guide.

4. Test Connection

Continue in the focused guide.

5. Configure Mappings

Continue in the focused guide.

6. Configure Scoping

Continue in the focused guide.

7. Save and Start Provisioning

Continue in the focused guide.

8. Monitor Provisioning

Continue in the focused guide.

Option C: OneLogin Integration

Continue in the focused guide.

1. Create SCIM Token

Continue in the focused guide.

2. Configure OneLogin Application

Continue in the focused guide.

3. SCIM Configuration

Continue in the focused guide.

4. Enable Operations

Continue in the focused guide.

5. Configure Entitlements

Continue in the focused guide.

6. Apply Provisioning Rules

Continue in the focused guide.

7. Test and Enable

Continue in the focused guide.

Step 3: Verify Provisioning

Continue in the focused guide.

Manual Verification

Continue in the focused guide.

Check User Creation

Continue in the focused guide.

Monitor SCIM Token Usage

Continue in the focused guide.

Testing Scenarios

Continue in the focused guide.

Test 1: User Creation

Continue in the focused guide.

Test 2: User Update

Continue in the focused guide.

Test 3: User Deactivation

Continue in the focused guide.

Test 4: Group Membership

Continue in the focused guide.

Advanced Configuration

Continue in the focused guide.

Automatic Token Rotation

Continue in the focused guide.

Custom Attribute Mapping

Continue in the focused guide.

Handling Provisioning Conflicts

Continue in the focused guide.

Filtering Users for Provisioning

Continue in the focused guide.

Monitoring and Troubleshooting

Continue in the focused guide.

Common Issues

Continue in the focused guide.

Issue: “Invalid SCIM token” Error

Continue in the focused guide.

Issue: Users Not Provisioning

Continue in the focused guide.

Issue: “User already exists” (409 Conflict)

Continue in the focused guide.

Issue: Slow Synchronization

Continue in the focused guide.

Monitoring Best Practices

Continue in the focused guide.

Track Token Usage

Continue in the focused guide.

Monitor Provisioning Events

Continue in the focused guide.

Debugging Tips

Continue in the focused guide.

Enable Verbose Logging in IdP

Continue in the focused guide.

Test SCIM Endpoints Directly

Continue in the focused guide.

Validate the implemented SCIM behavior

Continue in the focused guide.

Security Best Practices

Continue in the focused guide.

Token Management

Continue in the focused guide.

Access Control

Continue in the focused guide.

Data Protection

Continue in the focused guide.

Pages