SCIM Provisioning¶
VaultStream supports automated user lifecycle management via the System for Cross-domain Identity Management (SCIM) 2.0 protocol.
Supported Operations¶
| Operation | Description |
|---|---|
| Create User | Provision new users |
| Update User | Modify user attributes (name, role, teams) |
| Deactivate User | Suspend access (audit history preserved) |
| Sync Groups | Push groups/teams from IdP |
Configuration¶
- In the Partner Portal, navigate to Settings → Provisioning → SCIM
- Generate a SCIM bearer token
- Configure your IdP (Entra ID, Okta) with:
- SCIM endpoint:
https://api.cyfr.technology/v1/scim/v2 - Authentication: Bearer token
- Map attributes:
userName→ emaildisplayName→ nameactive→ account statusgroups→ team membership
Supported IdPs¶
- Microsoft Entra ID (Azure AD)
- Okta
- OneLogin