1Password SCIM Provisioning allows to create account in a simplified way and link 1Password SCIM users' account to their existing or new apps. 1Password SCIM Provisioning automates user provisioning with their identities.
Provisioning saves time when setting up new users and teams, and also manages access privileges through the user lifecycle. miniOrange can create, read, and update user accounts for new or existing users, remove accounts for deactivated users, and synchronize attributes across multiple user stores.
miniOrange SCIM User provisioning and deprovisioning actions are bi-directional, so you can create accounts inside an external application and import them into miniOrange, or alternatively create the accounts in miniOrange and then push them out to any linked external applications.
1Password SCIM Deprovisioning means deleting a user and removing their access from multiple applications and network systems at once. Deprovisioning action is triggered when an employee leaves a company or changes roles within the organization. The deprovisioning features increase your organization's security profile by removing access to sensitive applications and content from people who leave your organization.
Provisioning & Deprovisioning Scenarios
miniOrange provides Provisioning solutions for all scenarios of user management (provisioning), which includes AD Integration, LDAP Integration and automated provisioning for all External Applications such as 1Password SCIM, Google Workspace, Workday, etc
Follow the Step-by-Step Guide given below to setup 1Password SCIM Provisioning
Inside User Provisioning section, click on Azure AD.
Select Cloud deployment or Custom deployment as per your convenience.
Download the scimsession file and copy the Bearer token for later use.
Now, next step is to setup and deploy the SCIM bridge. Follow the steps given in this link to do the same.
Once the SCIM bridge is successfully deployed, click on Integrations tab and inside user provisioning, click on Manage.
In Health monitoring, click on Manage. Provide the correct URL where your SCIM bridge is deployed and Save it.
2. Add SCIM Configuration for 1Password in miniOrange
If you are using any external IDP and just want to enable provisioning through us:
Go to Apps >> Provisioning >> SCIM Server (Destination) for 1Password.
If you want to enable SAML authentication + SCIM both:
Go to Apps >> SAML >> 1Password.
In the Provisioning section, enter the SCIM Base URL and Bearer Token that you got in this step.
3. Add Attribute Mapping
Now in the Add Attribute Mapping, choose the required Target Attributes with their specific miniOrange Attributes. You can select either Default User Profile Attribute or Custom User Profile Attribute.
Note: The givenName, familyName, userName, and displayName and email fields are required.
In Enable Provisioning Features, you can enable any feature below.
Click on Save button.
4. Create Group
Go to Groups > Create Group. Enter the Group Name and click on Create Group button and the group will be created.
5. Add Policy
In the Policies section, navigate to Add Policy tab.
In Select Application section, select the application you have created in step2.
In Configure Settings section, select the group you have created in step4 and enter the policy name with the required login method.
Click on Save button.
6. Add Users
Go to Users > Add User.
Enter the Users Details and the user will be created.
7. Assign Users
Go to Groups.
Assign the users to the Group you have created in step4.
Go to 1Password and check if user is created.
You have successfully configured provisioning for 1Password.