What SCIM does
SCIM lets your identity provider create, update, and deactivate team members on its own. When someone joins, changes, or leaves your company, your provider keeps your Scribble Maps team in sync. You set it up on the SCIM page. Only owners and admins can open it. The page title reads SCIM User Provisioning.
SCIM works with any identity provider that supports SCIM 2.0, including Okta, Microsoft Entra ID (Azure AD), OneLogin, Google Workspace, JumpCloud, and Ping Identity.
Step 1: Enable SCIM
Use the switch at the top. When it is on, the label reads SCIM provisioning enabled. The page reminds you: "When enabled, your Identity Provider can automatically create, update, and deactivate users."
You can enable SCIM before you make a token, but provisioning will not work until a token exists.
Step 2: Generate a bearer token
Your identity provider uses a bearer token to sign in to Scribble Maps.
- In the Bearer Token card, click Generate Token.
- A box appears titled Copy Your Token: "This token will only be shown once. Copy it now and store it securely."
- Click Copy to copy the token, then Hide Token.
If you lose the token, click Regenerate Token to make a new one. This warns you that it "will generate a new token and invalidate the existing one. Your IdP will need to be reconfigured." Click Revoke Token to turn the current token off right away.
Step 3: Configure your identity provider
In your provider's SCIM setup, enter:
- SCIM Endpoint URL (Base URL): copy it from the SCIM Configuration card. Your provider may call this the Tenant URL or SCIM connector base URL.
- Authentication: HTTP Header. Your provider may call this an OAuth Bearer Token.
- Token: the bearer token you generated.
Then use your provider's test feature and assign users or groups to provision them.
Auto-assign a seat
Open the Auto-Assign Product card to give each new user a seat as they are provisioned. Pick a Default Product:
- None (manual assignment)
- Viewer
- Pro Basic
- Pro Business
A seat is only assigned if one is free. If your pool is empty, provisioned users get no seat until you buy more.
What happens to provisioned users
Users added through SCIM appear in your team's Users list. They receive an invitation email to set up their account.
Comments
0 comments
Please sign in to leave a comment.