SmartSuite
Roadmap
Feature Requests
Changelog
Back to changelog
Powered by Canny

new

Enterprise

Signature

Access & Security

SSO: Support for SCIM Provisioning

Whats New page - SCIM
We’re excited to release our latest update that simplifies user role management with SCIM. With this enhancement, administrators can now assign roles like admin, solution_manager, general, or guest directly via SCIM. This feature is designed for workspaces with SSO enabled and aligns closely with industry best practices similar to those used by Airtable.
Key Highlights
  • Role Assignment via SCIM: Easily set member roles (admin, solution_manager, general, guest) during user provisioning.
  • Flexible Group Management: A new feature flag – “behave_like_patch” – lets you control whether the PUT method adds to or replaces existing group members, accommodating differences in identity provider behavior.
  • Improved User Lifecycle: Automatically manage onboarding and offboarding with SCIM-driven updates while keeping user profiles synced with your IdP.
  • Data Integrity for Teams: SCIM actions do not affect the special Everyone team, ensuring team integrity stays intact.
  • Read-Only SCIM Data on UI: Fields mapped from SCIM are now locked from editing in the interface, so your central identity settings remain consistent.
  • Transparent Activity Logs: View detailed logs of user and team events such as creations, updates, and deletions, making it simpler to track changes across your workspace.
  • Performance Checks: Ongoing monitoring of system load during the bulk import of users and groups helps maintain a smooth experience even under heavy load.
How It Works
  • Enable SCIM in your workspace with SSO support, and configure endpoints, authentication credentials, and attribute mappings through the admin console.
  • Use our workspace-level feature flag to control the PUT behavior for group updates, ensuring that your preferred method for handling group assignments is followed.
  • Once set up, user onboarding, offboarding, and profile updates are automatically managed via SCIM, and all non-editable user data is synchronized with your IdP.
  • Administrators can review activity logs for user and team changes directly in SmartSuite, helping to quickly pinpoint and resolve any issues.
Learn more