Skip to main content

Configure SCIM provisioning for AWS

Use this guide to configure SCIM provisioning for AWS in SecureAuth® Identity Platform.

Prerequisites

  • Identity Platform release 22.12 or later, cloud or hybrid deployment

  • Identity Platform application integrated with AWS via SAML

    For more information on integrating applications in the Identity Platform, see Application Manager overview.

  • AWS administrator account

Step A: Enable automatic provisioning in AWS

In this section, you will enable automatic provisioning (SCIM) in AWS and obtain necessary information for Identity Platform configuration.

  1. Log in to AWS as an administrator.

  2. In the Management Console, go to IAM Identity Center > Settings.

  3. In the Automatic provisioning section, click Enable.

    aws_scim_001.png

  4. On the Inbound automatic provisioning, do the following:

    1. Copy the SCIM endpoint.

      You will need this information for Identity Platform configuration.

    2. Click Show token and copy the Access token.

      You will need this information for Identity Platform configuration.

    aws_scim_002.png

Step B: Create SCIM server in Identity Platform

In this section, you will create a SCIM server in the Identity Platform and assign it to your integrated AWS application.

  1. On the left side of the Identity Platform, click SCIM Servers.

  2. Click Add Server.

    scim_add_server.png

  3. In the Connection Settings section, set the following:

    Server Name

    Enter a unique name.

    For example, AWS SCIM Server.

    Description

    Enter a description.

    Server URL

    Enter the SCIM endpoint copied from AWS in the previous section.

    Server Type

    Select AWS.

    A notice appears that it will autocomplete and overwrite the authentication settings, SCIM attributes, and static attributes, based on the selected Server Type. Click Continue.

    aws_scim_003.png

  4. In the Authentication Settings section, set the following:

    Authentication Scheme

    Set to Access Token.

    Access Token

    Enter the Access token copied from AWS in the previous section.

    aws_scim_004.png

  5. Click Create.

  6. On the left side of the Identity Platform, click Application Manager.

  7. Click the pencil icon next to the AWS application you will assign SCIM to.

  8. In the SCIM Server section, click the pencil icon.

    scim_edit_server.png

  9. Select the SCIM server to apply to this application.

    scim_select_server.png

  10. Click Update Settings.

In this section: