Provision Users with SCIM
This guide is designed to help enterprise administrators setup SCIM on their existing SSO config.
You can provision and manage users on enterprise-enabled Poggio workspaces through System for Cross-domain Identity Management (SCIM) API standard.
Overview
Poggio supports the SCIM 2.0 standard and the following operations:
User provisioning and management
Create and remove members in your workspace.
Prerequisites
You must have a Poggio enterprise.
Your IdP must support SAML 2.0.
Step 1: Generate a SCIM API Key
In the enterprise settings page, enterprise admins have the ability to generate a SCIM key. You can access this page via Settings -> SSO (under the Enterprise section)
.
Hit the Create key
button to generate the API key.
This key grants access to the Poggio SCIM endpoints for that enterprise.
Step 2: Configure the IdP
Okta
In the
Sign-on Options
view, selectEmail
for theApplication username
format on theSign On application
tab.Under the
Provisioning
tab, selectConfigure API integration
, and click on theEnable API integration
checkbox.Enter the SCIM API token you copied in Step 1 into the
API Token
text box, and selectSave
.Click
Edit
next toProvisioning to App
, and enable your preferred features, then clickSave
.
Attributes
Poggio supports the following attribute mappings:
User
email
: this represents the email of the user.emailType
: this is always "work".userName
: this also represents the email of the user.displayName
: this is typically the users’ full name.Poggio also supports
name.formatted
for the same information ifdisplayName
is not present.
Known Issues
Poggio does not currently track names in piecemeal (e.g first and last names). Within Poggio givenName
and familyName
are always tracked together under displayName
.
Last updated