SCIM integration with Portkey.
SCIM Integration Guide
Portkey supports SCIM (System for Cross-domain Identity Management) to automate user provisioning and deprovisioning. This guide will walk you through integrating SCIM with your identity provider to manage users and workspaces seamlessly.
Table of Contents
- What is SCIM?
- SCIM Base URL
- Authentication
- Supported Operations
- Required Configuration
- Identity Provider Setup
- Troubleshooting
What is SCIM?
SCIM is an open standard that allows organizations to automate the management of user identities and groups across applications. By integrating with SCIM, you can:
- Automatically provision and update user accounts.
- Deprovision users when they leave your organization.
- Sync user attributes and workspace memberships.
SCIM Base URL
To integrate SCIM with our platform, get the SCIM Base URL from Portkey Control Plane.
Admin Settings > Authentication Settings > SCIM Provisioning > SCIM URL
Authentication
We use Bearer Token Authentication for SCIM requests.
You need to generate an API token from Portkey Control Plane (“Admin Settings > Authentication Settings > SCIM Provisioning`) and use it as a bearer token in the SCIM requests.
You need to include the following header in the SCIM requests:
Supported Operations
Our SCIM implementation supports the following operations:
| Operation | Supported |
|---|---|
| User Provisioning | ✅ |
| User Deprovisioning | ✅ |
| User Updates | ✅ |
| Group (Workspace) Provisioning | ✅ |
| Group (Workspace) Updates | ✅ |
| Group (Workspace) Deprovisioning | ✅ |
Required Configuration
Before integrating SCIM, ensure you have the following details:
- SCIM Base URL: Provided above.
- Bearer Token: Generate this token from our platform’s API Settings section.
You will need to provide these details in your identity provider’s SCIM configuration section.
Identity Provider Setup
Follow your identity provider’s documentation to set up SCIM integration. Below are the key fields you’ll need to configure:
| Field | Value |
|---|---|
| SCIM Base URL | <SCIM Base URL> |
| Bearer Token | <your-api-token> |
Currently, we support SCIM provisioning for the following identity providers:
Troubleshooting
Common Issues
- Invalid Token: Ensure the bearer token is correctly generated and included in the request header.
- 403 Forbidden: Check if the provided SCIM Base URL and token are correct.
- User Not Provisioned: Ensure the user attributes meet our platform’s requirements.
For further assistance, please contact our support team at [email protected].
Was this page helpful?