53f8699deb
* website/docs: 2024.4 release notes WIP Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix .next Signed-off-by: Jens Langhammer <jens@goauthentik.io> * reword Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add python api client Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix consistency Signed-off-by: Jens Langhammer <jens@goauthentik.io> * expand scim docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add release notes to sidebar Signed-off-by: Jens Langhammer <jens@goauthentik.io> * update release notes and add disclaimer Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add disclaimer to template Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add list of API Clients to developer docs Signed-off-by: Jens Langhammer <jens@goauthentik.io> * add performance improvements Signed-off-by: Jens Langhammer <jens@goauthentik.io> * fix build Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: Jens Langhammer <jens@goauthentik.io>
30 lines
1.6 KiB
Markdown
30 lines
1.6 KiB
Markdown
---
|
|
title: SCIM Source
|
|
---
|
|
|
|
:::info
|
|
This feature is in technical preview, so please report any bugs on [GitHub](https://github.com/goauthentik/authentik/issues).
|
|
:::
|
|
|
|
The SCIM source allows other applications to directly create users and groups within authentik. SCIM provides predefined schema for users and groups, with a RESTful API, to enable automatic user provisioning and deprovisioning, SCIM is supported by applications such as Microsoft Entra ID, Google Workspace, and Okta.
|
|
|
|
The base SCIM URL is in the format of `https://authentik.company/source/scim/<source-slug>/v2`. Authentication is done via Bearer tokens that are generated by authentik. When an SCIM source is created, a service account is created and a matching token is provided.
|
|
|
|
## First steps
|
|
|
|
To set up an SCIM source, log in as an administrator into authentik. Navigate to **Directory->Federation & Social login**, and click on **Create**. Select the **SCIM Source** type in the wizard, and give the source a name.
|
|
|
|
After the source is created, click on the name of the source in the list, and you will see the **SCIM Base URL** which is used by the SCIM client. Use the **Click to copy token** button to copy the token which is used by the client to authenticate SCIM requests.
|
|
|
|
## Supported Options & Resource types
|
|
|
|
### `/v2/Users`
|
|
|
|
Endpoint to list, create, update and delete users.
|
|
|
|
### `/v2/Groups`
|
|
|
|
Endpoint to list, create, update and delete groups.
|
|
|
|
There is also the `/v2/ServiceProviderConfig` and `/v2/ResourceTypes`, which is used by SCIM-enabled applications to find out which features authentik supports.
|