Skip to main content

System for Cross-domain Identity Management (SCIM)

This page covers the technical SCIM protocol details. To create SCIM mappings in the Cedar Admin Portal, see SCIM in the Admin Portal.
SCIM (System for Cross-domain Identity Management) is an open standard that allows for the automation of user provisioning. By configuring SCIM, your identity provider (IdP) can automatically create, update, and deactivate users and groups in Cedar.AI, ensuring your user directory stays in sync with your organization’s central identity source. SCIM requires enrollment in Admin v2.

Supported Features

Cedar.AI supports the following SCIM 2.0 operations:
  • ServiceProviderConfig: Retrieve compliance and supported feature sets.
  • ResourceTypes: Discover supported resource schemas (Users, Groups).
  • Users:
    • Create: Provision new users.
    • Read: Retrieve user details or list users with filtering (e.g., by userName, email).
    • Update: Modify user attributes (e.g., displayName). Supports replace and add patch operations.
    • Delete: Deactivate users (soft delete).
  • Groups:
    • Create: Create new groups.
    • Read: Retrieve group details or list groups with filtering (e.g., by displayName).
    • Update: Rename groups or update memberships (add/remove members).
    • Delete: Remove groups.

Getting Started

1

Create a SCIM mapping in the Admin Portal

Go to the Admin Portal SCIM page and create a mapping. You’ll get the Client ID and Client Secret needed for your identity provider.
2

Configure your identity provider

Use the guides below to set up SCIM in your identity provider using the credentials from the Admin Portal.
3

Test and monitor

After setup, monitor the Users page in the Admin Portal to verify provisioning is working.

Configuration Guides

Select your identity provider to view specific configuration instructions:

Microsoft Entra ID (Azure AD)

Configure SCIM with Azure AD

Admin Portal: SCIM

Create and manage SCIM mappings