LogoLogo
  • Poggio Overview
  • Concepts
    • Poggio 101
    • The Poggio Enterprise Model
  • Journeys
    • Getting Started with Poggio
    • Workspace Tailoring
    • SSO Configuration Using SAML 2.0 for Enterprise Admins
    • Provision Users with SCIM
  • AI Products Q&A
  • Security FAQ
  • Slack App
  • ⚖️Legal
    • Terms of Service
    • Acceptable Use Policy
    • Privacy Policy
    • Data Processing Addendum
  • 🤖API
    • Robots
Powered by GitBook
On this page
  • Overview
  • User provisioning and management
  • Prerequisites
  • Step 1: Generate a SCIM API Key
  • Step 2: Configure the IdP
  • Okta
  • Attributes
  • User
  • Known Issues
  1. Journeys

Provision Users with SCIM

This guide is designed to help enterprise administrators setup SCIM on their existing SSO config.

Last updated 16 days ago

You can provision and manage users on enterprise-enabled Poggio workspaces through System for Cross-domain Identity Management (SCIM) API standard.

Overview

Poggio supports the and the following operations:

User provisioning and management

  • Create and remove members in your workspace.

Prerequisites

  • You must have a .

  • Your IdP must support SAML 2.0.

Step 1: Generate a SCIM API Key

In the enterprise settings page, enterprise admins have the ability to generate a SCIM key. You can access this page via Settings -> SSO (under the Enterprise section).

Hit the Create key button to generate the API key.

This key grants access to the Poggio SCIM endpoints for that enterprise.

Step 2: Configure the IdP

Okta

  1. In the Sign-on Options view, select Email for the Application username format on the Sign On application tab.

  2. Under the Provisioning tab, select Configure API integration, and click on the Enable API integration checkbox.

  3. Enter the SCIM API token you copied in Step 1 into the API Token text box, and select Save.

  4. Click Edit next to Provisioning to App, and enable your preferred features, then click Save.

Attributes

Poggio supports the following attribute mappings:

User

  • email: this represents the email of the user.

  • emailType: this is always "work".

  • userName: this also represents the email of the user.

  • displayName: this is typically the users’ full name.

    • Poggio also supports name.formatted for the same information if displayName is not present.

Known Issues

Poggio does not currently track names in piecemeal (e.g first and last names). Within Poggio givenName and familyName are always tracked together under displayName.

SCIM 2.0 standard
Poggio enterprise
You have the Poggio already configured for SAML 2.0 on your IdP.