All Collections
Administration of Ardoq
SSO Management
Keeping the List of Users up to Date With SCIM
Keeping the List of Users up to Date With SCIM

Learn what SCIM is and how it can help you automatically sync users across systems.

Kristine Marhilevica avatar
Written by Kristine Marhilevica
Updated over a week ago

With SCIM you can sync changes made to users and groups across multiple platforms. To generate a SCIM token in Ardoq for Azure AD, follow the steps in this KB article.

Table of contents:

What Is SCIM?

System for Cross-domain Identity Management (SCIM) is a protocol that two systems can use to talk to each other about users and groups. The goal of this protocol is to reduce the workload of administrators in keeping lists of users and groups in sync across multiple systems.

How Does SCIM Work?

With SCIM you can have one source of truth for users and groups and then have messages get sent automatically to other systems whenever the state of a user or group changes.

Typically the system owning the users will be a Single Sign-on (SSO) system like Azure Active Directory (Azure AD), Okta or OneLogin. These systems are SCIM clients. These clients will then send messages to one or more SCIM servers, whenever there's a material change. Example SCIM servers are Ardoq, Notion or Dropbox. A typical use-case is when someone joins the company. A new user record is created for this user in the SSO system and they're granted access to e.g. Ardoq and Dropbox. The SSO will then send messages to both of these systems (using the SCIM protocol) asking them to create an account for the user in these systems. Through the magic of SCIM the new employee is spared from signing up everywhere on their first day and can instead log in to pre-created accounts and get to work.

Good To Know

SCIM is a well-documented standard and any two systems supporting SCIM should be able to talk to one another successfully. However, in practice the situation is a bit more complicated. The standard is non-trivial in size and scope opening the door for friction caused by misunderstandings, mistakes, or different interpretations in unclear areas. For this reason we will roll out official support for various SCIM clients successively.

Getting started

Currently, we only support SCIM for Azure AD to sync user changes across platforms. Learn how to configure user provisioning through SCIM with our Azure Active Directory App Gallery App here.

Did this answer your question?