SCIM

SCIM (System for Cross-domain Identity Management) is an open standard protocol that allows for easy management of user identities and their associated attributes across different systems and domains.

Used in association with the security standard SAML (Security Assertion Markup Language), SCIM automates the management of user information between an identity provider (IdP) and a service provider (SP). In our case, the IdP can be Microsoft Entra ID, Okta, Google, etc. and the service provider is Witco.

Thanks to the seamless synchronization offered through the SCIM protocol, managing users is facilitated in terms of:

- creation: adding a new user to the system.
- reading: retrieving user information from the system.
- update: modifying user attributes.
- deletion: removing a user from the system.

Users can be provisioned individually, but groups can also be provisioned to match the departments of the My Organization service in Witco, which allows managers to set groups of employees by department, team or community.

Once the SCIM synchronization is set up between Witco and a client’s IdP:
- users are automatically created on Witco with all their attributes (Email, first name, last name, external ID, building ID and preferred language),
- any update made in the client’s IdP is automatically replicated on Witco,
- users deleted in the IdP are also deleted on Witco,
- through the group provisioning, users can be automatically added and removed from the departments.

Trust a protocol widely used in cloud-based services, such as Software-as-a-Service (SaaS) applications and other platforms, to make user provisioning and management secure and GDPR-compliant.

Centralize control over user access and attributes with SCIM to streamline the integration of various systems, reduce administrative overhead, and enhance security.

Opt for a modern identity and access management strategy, simplifying user lifecycle management in heterogeneous environments.

‍