How can I provision my employee directory through SSO SCIM?
You can provision your employee directory by enabling SCIM (System for Cross-domain Identity Management). This allows automatic synchronization of your users and their statuses between your identity provider (IdP) and the Partner Platform. Once configured, any user added to or removed from your IdP directory will be automatically synced in the Partner Platform.
What does SCIM do?
SCIM (System for Cross-domain Identity Management) automates the process of user management by synchronizing user details and roles from your identity provider to the Partner Platform. This means you don't need to manually manage users when they join or leave the company.
How does SCIM synchronization work?
SCIM automatically syncs user details and roles, including activating or deactivating users, whenever changes are made in your identity provider. Each time you update your identity provider, the changes are reflected in the Airalo Partner Platform.
Are there any special requirements for using SCIM with Google Workspace?
Yes, if you're using Google Workspace, it requires a different level of integration via Google APIs for automated provisioning.
Do I need to configure anything in my identity provider to enable SCIM?
Depending on your identity provider, you may need to configure specific mappings in the SCIM configuration to correctly provision your directory with their respective roles.
How do I configure role mappings in SCIM for my identity provider?
This depends on your identity provider — you may need to configure specific role mappings in the SCIM settings to ensure your directory is provisioned correctly.
For example, if you’re using Okta:
- Step 1 (Optional): In Okta, set up the following mappings in the SCIM configuration to assign the correct roles to users in the Partner Platform. This ensures that users are provisioned with their appropriate roles when synced from Okta to the Partner Platform.
This is the expected format request from the identity provider to the Airalo Partner Platform:
Step 2: Paste the SCIM endpoint URLs from the Airalo app into your identity provider’s configuration.