Login  
Hello there!

Need Help? We are right here!

Support Icon
miniOrange Email Support
success

Thanks for your Enquiry. Our team will soon reach out to you.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Contents

How to add a SCIM Server App

miniOrange SCIM Server application is used for outbound provisioning using SCIM protocol. In outbound provisioning, A user gets provisioned from miniOrange to another application using SCIM protocol.


Steps to setup provisioning from miniOrange to SCIM supported app


  • Login into miniOrange Admin Console.
  • Click on Apps. It shows a list of all configured applications and option to modify them. Click on Add Application.
    • miniOrange Identity Platform Admin Handbook: Add Application

  • Select Provisioning from the All Apps dropdown.
    • miniOrange Identity Platform Admin Handbook: Provisioning app type

  • Search for your application from the list, if your application is not found. Search for SCIM Server and you can set up your app via SCIM Server (Destination).
    • miniOrange Identity Platform Platform Admin Handbook: Search SCIM Server

  • Under Basic Settings, enter Display Application Name and click the Save button to add the app.
    • miniOrange Identity Platform Platform Admin Handbook: Add Display Application Name

  • In the Authorization Configuration section, enter the SCIM Base URL and Bearer Token that you copied from the application.
  • Click the Test Connection button to verify details.
    • SCIM Provisioning Configuration

  • Then, click Save & Next button.

2. Attribute Mapping

  • Navigate to the Attributes Mapping tab in your application SCIM Provisioning configuration.
  • Under this tab, you'll find two sections: Users and Groups, where you can map miniOrange attributes to SCIM Server attributes for synchronization.
    • miniOrange Identity Platform Admin Handbook: SCIM Provisioning Add Attribute Mapping

    Users Mapping:

    Note: The userName, name.givenName, name.familyName, emails[type eq \"work\"].value, displayName and active fields are required for SCIM integration.

    • In the Users section, map the attributes from miniOrange Attributes to the corresponding SCIM Server Attributes.
      • miniOrange Identity Platform Admin Handbook: SCIM Provisioning Users Attribute Mapping

    • Once all required mappings are configured, click the Save & Next button to proceed.

    Groups Mapping:

    Note: If you don't need group provisioning, skip this step.

    • Click on the Groups tab.
    • Click Add A Row to add a new mapping.
      • miniOrange Identity Platform Admin Handbook: SCIM Provisioning Switch to Group tab, click on Add A Row link

    • From the miniOrange Attributes dropdown, choose an attribute (like Group Name).
    • In the SCIM Server (Destination) Attributes field, type the attribute (like displayName).
      • miniOrange Identity Platform Admin Handbook: SCIM Provisioning Select miniOrange Attribute from dropdown

    • Click Save & Next when done.

3. miniOrange to SCIM Server (Destination)

  • In the miniOrange to SCIM Server (Destination) tab, there are two sections: Users and Groups. Each section contains a list of attributes and their functions when enabled. You can enable or disable them as needed.
    • miniOrange Identity Platform Admin Handbook: SCIM Provisioning Enable appropriate option for users creation

    Attribute Description
    Users Create Users Enabling this option will create the user in the selected application upon user creation in miniOrange.
    Update Users Enabling this option will update the user profile in the selected application if updated in miniOrange.
    Delete Users Enabling this option will delete the user from the selected application if the user is deleted from the miniOrange.

    Attribute Description
    Groups Create Group Enabling this option will create the Group in the selected application upon Group creation in miniOrange.
    Delete Group Enabling this option will delete the Group from the selected application if the Group is deleted from the miniOrange.
    Add/Remove Group membership of User Enabling this option will add/remove the Group membership of a user from the selected application if the respective user group membership is updated from the miniOrange.
    Update Group Enabling this option will update the Group in the selected application upon Group updation in miniOrange.

    SCIM Provisioning Enable appropriate option for groups creation

  • Click Save to apply these changes.

4. Add Policy

  • Go to the App Authentication Policy section under Policies, and click Add Policy.
    • SCIM Provisioning : Navigate to Policies and click App Login Policy

  • In Select Application section, select the application you have created in Step 1.
  • Select the group name from which you want to provision the users. Select Group Name as Default if you want to provision all the users from miniOrange
  • Click on Submit button to create a policy.
    • Adding App Authentication Policy for SCIM Provisioning

  • You will receive a success notification upon policy creation, and the policy will be displayed in the App Login Policy section of the Policies tab.

5. Add Users

  • Go to Users > View Direct End-Users and click Add User.
  • Enter the Users Details and the user will be created.
    • Provisioning Add User

6. Deprovisioning the user

To De-provision any user you can either delete the user from the miniOrange or remove the user from the group associated with the application.

  • Steps to remove a user from the Group
    • Go to the Groups section in the left navigation panel > Manage Groups.
    • Click on the Users field for the group, you have created previously.
    • Select the user you want to remove from the group.
    • Click on Select Action.
    • Select Remove from the Group.
    • Click on Apply.
  • Steps to delete a user in miniOrange
    • Go to the Users section in the left navigation panel > User List.
    • Click on the select option for the user you want to remove.
    • Click on Delete in the drop-down menu.