Login   Sign Up Contact Us
Meet us at GISEC | Team'24 | RSA | DrupalCon Conferences to explore our solutions. Know More
Hello there!

Need Help? We are right here!
miniOrange Email Support
success

Thanks for your Enquiry.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Insightly Provisioning and Deprovisioning

Insightly SCIM Provisioning allows to create account in a simplified way and link Insightly SCIM users' account to their existing or new apps. Insightly SCIM Provisioning automates user provisioning with their identities.

Provisioning saves time when setting up new users and teams, and also manages access privileges through the user lifecycle. miniOrange can create, read, and update user accounts for new or existing users, remove accounts for deactivated users, and synchronize attributes across multiple user stores.

miniOrange SCIM User provisioning and deprovisioning actions are bi-directional, so you can create accounts inside an external application and import them into miniOrange, or alternatively create the accounts in miniOrange and then push them out to any linked external applications.

Insightly SCIM Deprovisioning means deleting a user and removing their access from multiple applications and network systems at once. Deprovisioning action is triggered when an employee leaves a company or changes roles within the organization. The deprovisioning features increase your organization's security profile by removing access to sensitive applications and content from people who leave your organization.


Provisioning & Deprovisioning Scenarios


miniOrange provides Provisioning solutions for all scenarios of user management (provisioning), which includes AD Integration, LDAP Integration and automated provisioning for all External Applications such as Insightly SCIM, Google Workspace, Workday, etc



Follow the Step-by-Step Guide given below to setup Insightly SCIM Provisioning

Prerequisites

  • SCIM integration cannot be setup without SAML integration being enabled and setup.
    To setup SAML integration, please refer to Insightly single sign on documentation.
  • Product licenses are not assigned when provisioning users via SCIM. An administrator has to manually assign licenses to each user from within the Insightly app after provisioning.

1. Setup Provisioning for Insightly SCIM

  • After enabling SAML, to enable SCIM integration, check the Enable SCIM Provisioning checkbox and click Save to generate a SCIM Token and reveal the SCIM URL.
  • Once the page is saved and reloads, the SCIM Token and SCIM URL fields will be populated. Copy the SCIM token and SCIM URL by clicking the copy to clipboard buttons to the right of each field.

    • To regenerate the SCIM token, the Regenerate button can be clicked. This will invalidate any previously generated tokens. Once regenerated, Save does not have to be clicked as the new token will be instantly saved.

  • After users have been provisioned via SCIM, a System Admin will need to manually assign licenses to each user by navigating to System Settings > Users > User List.
  • Via the three dot menu for a user, select the Edit User Settings action.
  • Via the Product User Licenses section, enable the checkboxes for each license that should be added to the user and click Save User Details to implement the assignment of licenses.

2. Add SCIM Configuration for Insightly in miniOrange

  • If you are using any external IDP and just want to enable provisioning through us:
    • Go to Apps >> Provisioning >> SCIM Server (Destination) for Insightly.
      • AWS SCIM Provisioning Select Provisioning

      AWS SCIM Provisioning Configuration

Add Attribute Mapping

  • Now in the Add Attribute Mapping, choose the required Target Attributes with their specific miniOrange Attributes. You can select either Default User Profile Attribute or Custom User Profile Attribute.

    Note: The givenName, familyName, userName, and displayName and email fields are required.
    • Attribute Mapping

  • In Enable Provisioning Features, you can enable any feature below.
    • Enable Provisioning Features

  • Click on Save button.

3. Create Group

  • Go to Groups > Create Group. Enter the Group Name and click on Create Group button and the group will be created.
    • aws provisioning create group

4. Add Policy

  • In the Policies section, navigate to Add Policy tab.
  • In Select Application section, select the application you have created in step2.
  • In Configure Settings section, select the group you have created in step4 and enter the policy name with the required login method.
    • aws Provisioning Add policy

  • Click on Save button.

5. Add Users

  • Go to Users > Add User.
  • Enter the Users Details and the user will be created.
    • aws Provisioning Add User

6. Assign Users

  • Go to Groups.
  • Assign the users to the Group you have created in step4.
    • aws provisioning assign users

  • Go to Insightly and check if user is created.
  • You have successfully configured provisioning for Insightly.

Troubleshooting

Which SCIM Operations are supported by Insightly?

Operation Description Notes
GET /Users Gets a list of users Returns both active and inactive users. Paging per SCIM spec.
GET /Users/{id} Gets a single user Returns a user whether active or inactive
GET /Users?filter=userName eq "user@example.com" Get users by query Returns both active and inactive users that match the filter. Insightly only supports the “userName eq” filter.
POST /Users Creates a user
PUT /Users/{id} Updates a user
name.givenName User.FIRST_NAME
PATCH /Users/{id} Updates fields included in the request only. Insightly only supports the “replace” operation.
DELETE /Users/{id} Deactivates a user Insightly does not support hard deleting users. This operation is equivalent to setting active=false.
GET /Schemas Returns attributes supported by Insightly.

What are the SCIM User Attributes & Field Mappings?

SCIM Attribute Insightly Field Notes
id (readonly) User.USER_ID Insightly generated unique identifier of a User.
meta.resourceType (readonly) “User”
meta.created (readonly) User.DATE_CREATED_UTC Insightly generated.
meta.lastModified (readonly) User.DATE_UPDATED_UTC Insightly generated.
active User.ACTIVE Editable, but set to “true” when creating a new User.
name.givenName User.FIRST_NAME
name.familyName User.LAST_NAME
emails (readonly) User.EMAIL_ADDRESS Contains a single email address with type=work

External References

Want To Schedule A Demo?

Request a Demo
  



Our Other Identity & Access Management Products

Single Sign-On

Seamless login for workforce and customer identity to cloud or on-premise apps

Learn more

Multi-factor Authentication

Secure access for identities with an additional layer of authentication

Learn more

Adaptive Authentication

Block or grant user access based on IP, Device, Time & Location

Learn more

Lifecycle Management

Manage & automate user provisioning and deprovisioning to apps

Learn More