![dependabot[bot]](/assets/img/avatar_default.png) 3996bdac33
			
		
	
	3996bdac33
	
	
	
		
			
			* website: Bump prettier from 3.3.3 to 3.4.1 in /website Bumps [prettier](https://github.com/prettier/prettier) from 3.3.3 to 3.4.1. - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](https://github.com/prettier/prettier/compare/3.3.3...3.4.1) --- updated-dependencies: - dependency-name: prettier dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * update formatting Signed-off-by: Jens Langhammer <jens@goauthentik.io> * sigh Signed-off-by: Jens Langhammer <jens@goauthentik.io> * disable flaky test Signed-off-by: Jens Langhammer <jens@goauthentik.io> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Jens Langhammer <jens@goauthentik.io> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jens Langhammer <jens@goauthentik.io>
		
			
				
	
	
	
		
			2.6 KiB
		
	
	
	
	
	
	
	
			
		
		
	
	title
| title | 
|---|
| SCIM Source | 
Preview
The SCIM source allows other applications to directly create users and groups within authentik. SCIM provides predefined schema for users and groups, with a RESTful API, to enable automatic user provisioning and deprovisioning, SCIM is supported by applications such as Microsoft Entra ID, Google Workspace, and Okta.
The base SCIM URL is in the format of https://authentik.company/source/scim/<source-slug>/v2. Authentication is done via Bearer tokens that are generated by authentik. When an SCIM source is created, a service account is created and a matching token is provided.
First steps
To set up an SCIM source, log in as an administrator into authentik. Navigate to Directory->Federation & Social login, and click on Create. Select the SCIM Source type in the wizard, and give the source a name.
After the source is created, click on the name of the source in the list, and you will see the SCIM Base URL which is used by the SCIM client. Use the Click to copy token button to copy the token which is used by the client to authenticate SCIM requests.
Supported Options & Resource types
/v2/Users
Endpoint to list, create, update and delete users.
/v2/Groups
Endpoint to list, create, update and delete groups.
There is also the /v2/ServiceProviderConfig and /v2/ResourceTypes, which is used by SCIM-enabled applications to find out which features authentik supports.
SCIM source property mappings
See the overview for information on how property mappings work.
Expression data
Each top level SCIM attribute is available as a variable in the expression. For example given an SCIM request with the payload of
{
    "schemas": [
        "urn:scim:schemas:core:2.0",
        "urn:scim:schemas:extension:enterprise:2.0"
    ],
    "userName": "foo.bar",
    "name": {
        "familyName": "bar",
        "givenName": "foo",
        "formatted": "foo.bar"
    },
    "emails": [
        {
            "value": "foo.bar@authentik.company",
            "type": "work",
            "primary": true
        }
    ],
    "title": "",
    "urn:scim:schemas:extension:enterprise:2.0": {
        "department": ""
    }
}
The following variables are available in the expression:
- 
schemasas a list of strings
- 
userNameas a string
- 
nameas a dictionary
- 
emailsas a dictionary
- 
titleas a string
- 
urn_scim_schemas_extension_enterprise_2_0as a dictionary:::info Top-level keys which include symbols not allowed in python syntax are converted to _. :::