Integration
Provision users automatically via SCIM
Create a SCIM token and let your IdP manage users and groups via the SCIM 2.0 API.
LiveCommand
SCIM Provisioning
Automated user and group provisioning for enterprise IdPs.
Role-based group mappings (Owners/Admins/Members)
Provisioning audit events
How it works
What happens behind the scenes once you enable the integration.
- 1Admins create a SCIM token in Workspace.
- 2IdP sends SCIM requests to the API.
- 3Users and groups are created or deactivated automatically.
Setup checklist
Steps your admin takes to get the integration live.
- Workspace -> Integrations -> SCIM tokens.
- Create a token and store it securely.
- Configure your IdP SCIM connector with the bearer token.
- Map groups to roles (Owners/Admins/Members).
Technical reference
Endpoints and sample requests to hand to your engineering team.
Endpoints
- GET /scim/v2/ServiceProviderConfig
- GET /scim/v2/Users
- POST /scim/v2/Users
- PATCH /scim/v2/Users/{id}
- GET /scim/v2/Groups
- POST /scim/v2/Groups
Sample request
curl -H "Authorization: Bearer <scim_token>" \ "https://api.tenders.indexbox.io/scim/v2/Users"
Notes
- SCIM tokens are scoped per organization.
- Provisioning events are logged for audit.
FAQ
Quick answers to common integration questions.
Which identity providers work with SCIM?
Any SCIM 2.0 provider, including Okta, Azure AD, and Google Workspace.
What objects are supported?
Users and groups are supported, with group-to-role mapping for access control.
How do I secure the SCIM token?
Create the token in Workspace, store it securely, and revoke it immediately if needed.
Security & compliance
Controls that keep data safe and auditable.
- Tokens can be revoked instantly.
- Only Command entitlements allow SCIM.