SCIM & RBAC

SCIM (System for Cross-domain Identity Management) automates admin provisioning and role management for your Siit console. Connect your identity provider to automatically create, update, and suspend user accounts—no manual account management needed.

What you get:

• Automatic user provisioning – new employees get Siit access as soon as they're added to your directory

• Real-time attribute sync – job titles, phone numbers, and languages stay current

• Group-to-role mapping – assign Siit permissions based on your existing IdP groups

• Instant deprovisioning – suspended or deleted accounts lose access immediately

SCIM ensures your team's access stays perfectly in sync with your organization's directory, reducing security risks and IT overhead.

How it works

When SCIM is enabled, your identity provider becomes the source of truth for Siit access:

1. User lifecycle – accounts are created when users are assigned the Siit app in your IdP, updated when attributes change, and deactivated when unassigned

2. Attribute sync – user details (name, email, title, phone, language) sync automatically from your directory

3. Role mapping – link IdP groups to Siit roles so permissions are assigned automatically based on group membership

Supported providers:

• Okta (full setup guide available)

• Jumpcloud (Setup Guide)

• Other SCIM 2.0 compatible providers

What syncs

SCIM synchronizes these user attributes from your identity provider:

• Username

• Email address

• Job title

• Primary phone number

• Preferred language

Role assignments sync through group mappings you configure in your IdP.